--- /dev/null
+/*******************************************************************************\r
+ * ============LICENSE_START====================================================\r
+ * * org.onap.aaf\r
+ * * ===========================================================================\r
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
+ * * ===========================================================================\r
+ * * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * * you may not use this file except in compliance with the License.\r
+ * * You may obtain a copy of the License at\r
+ * * \r
+ * * http://www.apache.org/licenses/LICENSE-2.0\r
+ * * \r
+ * * Unless required by applicable law or agreed to in writing, software\r
+ * * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * * See the License for the specific language governing permissions and\r
+ * * limitations under the License.\r
+ * * ============LICENSE_END====================================================\r
+ * *\r
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
+ * *\r
+ ******************************************************************************/\r
+package org.onap.aaf.authz.facade;\r
+\r
+import static org.onap.aaf.authz.layer.Result.ERR_ActionNotCompleted;\r
+import static org.onap.aaf.authz.layer.Result.ERR_Backend;\r
+import static org.onap.aaf.authz.layer.Result.ERR_BadData;\r
+import static org.onap.aaf.authz.layer.Result.ERR_ConflictAlreadyExists;\r
+import static org.onap.aaf.authz.layer.Result.ERR_Denied;\r
+import static org.onap.aaf.authz.layer.Result.ERR_NotFound;\r
+import static org.onap.aaf.authz.layer.Result.ERR_NotImplemented;\r
+import static org.onap.aaf.authz.layer.Result.ERR_Policy;\r
+import static org.onap.aaf.authz.layer.Result.ERR_Security;\r
+import static org.onap.aaf.authz.layer.Result.OK;\r
+import static org.onap.aaf.dao.aaf.cass.Status.ERR_ChoiceNeeded;\r
+import static org.onap.aaf.dao.aaf.cass.Status.ERR_DelegateNotFound;\r
+import static org.onap.aaf.dao.aaf.cass.Status.ERR_DependencyExists;\r
+import static org.onap.aaf.dao.aaf.cass.Status.ERR_FutureNotRequested;\r
+import static org.onap.aaf.dao.aaf.cass.Status.ERR_InvalidDelegate;\r
+import static org.onap.aaf.dao.aaf.cass.Status.ERR_NsNotFound;\r
+import static org.onap.aaf.dao.aaf.cass.Status.ERR_PermissionNotFound;\r
+import static org.onap.aaf.dao.aaf.cass.Status.ERR_RoleNotFound;\r
+import static org.onap.aaf.dao.aaf.cass.Status.ERR_UserNotFound;\r
+import static org.onap.aaf.dao.aaf.cass.Status.ERR_UserRoleNotFound;\r
+\r
+import java.io.IOException;\r
+import java.lang.reflect.Method;\r
+import java.util.Date;\r
+\r
+import javax.servlet.http.HttpServletRequest;\r
+import javax.servlet.http.HttpServletResponse;\r
+\r
+import org.onap.aaf.authz.env.AuthzEnv;\r
+import org.onap.aaf.authz.env.AuthzTrans;\r
+import org.onap.aaf.authz.layer.FacadeImpl;\r
+import org.onap.aaf.authz.layer.Result;\r
+import org.onap.aaf.authz.service.AuthzCassServiceImpl;\r
+import org.onap.aaf.authz.service.AuthzService;\r
+import org.onap.aaf.authz.service.mapper.Mapper;\r
+import org.onap.aaf.authz.service.mapper.Mapper.API;\r
+import org.onap.aaf.cssa.rserv.RServlet;\r
+import org.onap.aaf.cssa.rserv.RouteReport;\r
+import org.onap.aaf.cssa.rserv.doc.ApiDoc;\r
+import org.onap.aaf.dao.aaf.cass.NsType;\r
+import org.onap.aaf.dao.aaf.cass.Status;\r
+import org.onap.aaf.dao.aaf.hl.Question;\r
+\r
+import org.onap.aaf.cadi.aaf.client.Examples;\r
+import org.onap.aaf.inno.env.APIException;\r
+import org.onap.aaf.inno.env.Data;\r
+import org.onap.aaf.inno.env.Data.TYPE;\r
+import org.onap.aaf.inno.env.Env;\r
+import org.onap.aaf.inno.env.TimeTaken;\r
+import org.onap.aaf.inno.env.util.Chrono;\r
+import org.onap.aaf.rosetta.Marshal;\r
+import org.onap.aaf.rosetta.env.RosettaDF;\r
+import org.onap.aaf.rosetta.env.RosettaData;\r
+\r
+import aaf.v2_0.Api;\r
+\r
+/**\r
+ * AuthzFacade\r
+ * \r
+ * This Service Facade encapsulates the essence of the API Service can do, and provides\r
+ * a single created object for elements such as RosettaDF.\r
+ *\r
+ * The Responsibilities of this class are to:\r
+ * 1) Interact with the Service Implementation (which might be supported by various kinds of Backend Storage)\r
+ * 2) Validate incoming data (if applicable)\r
+ * 3) Convert the Service response into the right Format, and mark the Content Type\r
+ * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.\r
+ * 4) Log Service info, warnings and exceptions as necessary\r
+ * 5) When asked by the API layer, this will create and write Error content to the OutputStream\r
+ * \r
+ * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be \r
+ * clearly coordinated with the API Documentation\r
+ * \r
+ *\r
+ */\r
+public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> extends FacadeImpl implements AuthzFacade \r
+ {\r
+ private static final String FORBIDDEN = "Forbidden";\r
+ private static final String NOT_FOUND = "Not Found";\r
+ private static final String NOT_ACCEPTABLE = "Not Acceptable";\r
+ private static final String GENERAL_SERVICE_ERROR = "General Service Error";\r
+ private static final String NO_DATA = "***No Data***";\r
+ private AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> service = null;\r
+ private final RosettaDF<NSS> nssDF;\r
+ private final RosettaDF<PERMS> permsDF;\r
+ private final RosettaDF<ROLES> roleDF;\r
+ private final RosettaDF<USERS> usersDF;\r
+ private final RosettaDF<USERROLES> userrolesDF;\r
+ private final RosettaDF<CERTS> certsDF;\r
+ private final RosettaDF<DELGS> delgDF;\r
+ private final RosettaDF<REQUEST> permRequestDF;\r
+ private final RosettaDF<REQUEST> roleRequestDF;\r
+ private final RosettaDF<REQUEST> userRoleRequestDF;\r
+ private final RosettaDF<REQUEST> rolePermRequestDF;\r
+ private final RosettaDF<REQUEST> nsRequestDF;\r
+ private final RosettaDF<REQUEST> credRequestDF;\r
+ private final RosettaDF<REQUEST> delgRequestDF;\r
+ private final RosettaDF<HISTORY> historyDF;\r
+ private final RosettaDF<KEYS> keysDF;\r
+\r
+ private final RosettaDF<ERR> errDF;\r
+ private final RosettaDF<APPROVALS> approvalDF;\r
+ // Note: Api is not different per Version\r
+ private final RosettaDF<Api> apiDF;\r
+\r
+\r
+ @SuppressWarnings("unchecked")\r
+ public AuthzFacadeImpl(AuthzEnv env, AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> service, Data.TYPE dataType) throws APIException {\r
+ this.service = service;\r
+ (nssDF = env.newDataFactory(service.mapper().getClass(API.NSS))).in(dataType).out(dataType);\r
+ (permRequestDF = env.newDataFactory(service.mapper().getClass(API.PERM_REQ))).in(dataType).out(dataType);\r
+ (permsDF = env.newDataFactory(service.mapper().getClass(API.PERMS))).in(dataType).out(dataType);\r
+// (permKeyDF = env.newDataFactory(service.mapper().getClass(API.PERM_KEY))).in(dataType).out(dataType);\r
+ (roleDF = env.newDataFactory(service.mapper().getClass(API.ROLES))).in(dataType).out(dataType);\r
+ (roleRequestDF = env.newDataFactory(service.mapper().getClass(API.ROLE_REQ))).in(dataType).out(dataType);\r
+ (usersDF = env.newDataFactory(service.mapper().getClass(API.USERS))).in(dataType).out(dataType);\r
+ (userrolesDF = env.newDataFactory(service.mapper().getClass(API.USER_ROLES))).in(dataType).out(dataType);\r
+ (certsDF = env.newDataFactory(service.mapper().getClass(API.CERTS))).in(dataType).out(dataType)\r
+ .rootMarshal((Marshal<CERTS>) service.mapper().getMarshal(API.CERTS));\r
+ ;\r
+ (userRoleRequestDF = env.newDataFactory(service.mapper().getClass(API.USER_ROLE_REQ))).in(dataType).out(dataType);\r
+ (rolePermRequestDF = env.newDataFactory(service.mapper().getClass(API.ROLE_PERM_REQ))).in(dataType).out(dataType);\r
+ (nsRequestDF = env.newDataFactory(service.mapper().getClass(API.NS_REQ))).in(dataType).out(dataType);\r
+ (credRequestDF = env.newDataFactory(service.mapper().getClass(API.CRED_REQ))).in(dataType).out(dataType);\r
+ (delgRequestDF = env.newDataFactory(service.mapper().getClass(API.DELG_REQ))).in(dataType).out(dataType);\r
+ (historyDF = env.newDataFactory(service.mapper().getClass(API.HISTORY))).in(dataType).out(dataType);\r
+ ( keysDF = env.newDataFactory(service.mapper().getClass(API.KEYS))).in(dataType).out(dataType);\r
+ (delgDF = env.newDataFactory(service.mapper().getClass(API.DELGS))).in(dataType).out(dataType);\r
+ (approvalDF = env.newDataFactory(service.mapper().getClass(API.APPROVALS))).in(dataType).out(dataType);\r
+ (errDF = env.newDataFactory(service.mapper().getClass(API.ERROR))).in(dataType).out(dataType);\r
+ (apiDF = env.newDataFactory(Api.class)).in(dataType).out(dataType);\r
+ }\r
+ \r
+ public Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper() {\r
+ return service.mapper();\r
+ }\r
+ \r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#error(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, int)\r
+ * \r
+ * Note: Conforms to AT&T TSS RESTful Error Structure\r
+ */\r
+ @Override\r
+ public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {\r
+ String msg = result.details==null?"%s":"%s - " + result.details.trim();\r
+ String msgId;\r
+ String[] detail;\r
+ if(result.variables==null) {\r
+ detail = new String[1];\r
+ } else {\r
+ int l = result.variables.length;\r
+ detail=new String[l+1];\r
+ System.arraycopy(result.variables, 0, detail, 1, l);\r
+ }\r
+ //int httpstatus;\r
+ \r
+ switch(result.status) {\r
+ case ERR_ActionNotCompleted:\r
+ msgId = "SVC1202";\r
+ detail[0] = "Accepted, Action not complete";\r
+ response.setStatus(/*httpstatus=*/202);\r
+ break;\r
+\r
+ case ERR_Policy:\r
+ msgId = "SVC3403";\r
+ detail[0] = FORBIDDEN;\r
+ response.setStatus(/*httpstatus=*/403);\r
+ break;\r
+ case ERR_Security:\r
+ msgId = "SVC2403";\r
+ detail[0] = FORBIDDEN;\r
+ response.setStatus(/*httpstatus=*/403);\r
+ break;\r
+ case ERR_Denied:\r
+ msgId = "SVC1403";\r
+ detail[0] = FORBIDDEN;\r
+ response.setStatus(/*httpstatus=*/403);\r
+ break;\r
+ // This is still forbidden to directly impact, but can be Requested when passed\r
+ // with "request=true" query Param\r
+ case ERR_FutureNotRequested:\r
+ msgId = "SVC2403";\r
+ detail[0] = msg;\r
+ response.setStatus(/*httpstatus=*/403);\r
+ break;\r
+ \r
+ case ERR_NsNotFound:\r
+ msgId = "SVC2404";\r
+ detail[0] = NOT_FOUND;\r
+ response.setStatus(/*httpstatus=*/404);\r
+ break;\r
+ case ERR_RoleNotFound:\r
+ msgId = "SVC3404";\r
+ detail[0] = NOT_FOUND;\r
+ response.setStatus(/*httpstatus=*/404);\r
+ break;\r
+ case ERR_PermissionNotFound:\r
+ msgId = "SVC4404";\r
+ detail[0] = NOT_FOUND;\r
+ response.setStatus(/*httpstatus=*/404);\r
+ break;\r
+ case ERR_UserNotFound:\r
+ msgId = "SVC5404";\r
+ detail[0] = NOT_FOUND;\r
+ response.setStatus(/*httpstatus=*/404);\r
+ break;\r
+ case ERR_UserRoleNotFound:\r
+ msgId = "SVC6404";\r
+ detail[0] = NOT_FOUND;\r
+ response.setStatus(/*httpstatus=*/404);\r
+ break;\r
+ case ERR_DelegateNotFound:\r
+ msgId = "SVC7404";\r
+ detail[0] = NOT_FOUND;\r
+ response.setStatus(/*httpstatus=*/404);\r
+ break;\r
+ case ERR_NotFound:\r
+ msgId = "SVC1404";\r
+ detail[0] = NOT_FOUND;\r
+ response.setStatus(/*httpstatus=*/404);\r
+ break;\r
+\r
+ case ERR_InvalidDelegate:\r
+ msgId="SVC2406";\r
+ detail[0] = NOT_ACCEPTABLE;\r
+ response.setStatus(/*httpstatus=*/406);\r
+ break;\r
+ case ERR_BadData:\r
+ msgId="SVC1406";\r
+ detail[0] = NOT_ACCEPTABLE;\r
+ response.setStatus(/*httpstatus=*/406);\r
+ break;\r
+ \r
+ case ERR_ConflictAlreadyExists:\r
+ msgId = "SVC1409";\r
+ detail[0] = "Conflict Already Exists";\r
+ response.setStatus(/*httpstatus=*/409);\r
+ break;\r
+ \r
+ case ERR_DependencyExists:\r
+ msgId = "SVC1424";\r
+ detail[0] = "Failed Dependency";\r
+ response.setStatus(/*httpstatus=*/424);\r
+ break;\r
+ \r
+ case ERR_NotImplemented:\r
+ msgId = "SVC1501";\r
+ detail[0] = "Not Implemented"; \r
+ response.setStatus(/*httpstatus=*/501);\r
+ break;\r
+ \r
+ case Status.ACC_Future:\r
+ msgId = "SVC1202";\r
+ detail[0] = "Accepted for Future, pending Approvals";\r
+ response.setStatus(/*httpstatus=*/202);\r
+ break;\r
+ case ERR_ChoiceNeeded:\r
+ msgId = "SVC1300";\r
+ detail = result.variables;\r
+ response.setStatus(/*httpstatus=*/300);\r
+ break;\r
+ case ERR_Backend: \r
+ msgId = "SVC2500";\r
+ detail[0] = GENERAL_SERVICE_ERROR;\r
+ response.setStatus(/*httpstatus=*/500);\r
+ break;\r
+\r
+ default: \r
+ msgId = "SVC1500";\r
+ detail[0] = GENERAL_SERVICE_ERROR;\r
+ response.setStatus(/*httpstatus=*/500);\r
+ break;\r
+ }\r
+\r
+ try {\r
+ StringBuilder holder = new StringBuilder();\r
+ errDF.newData(trans).load(\r
+ service.mapper()\r
+ .errorFromMessage(holder,msgId,msg,detail))\r
+ .to(response.getOutputStream());\r
+ trans.checkpoint(\r
+ holder.toString(),\r
+// String.format("ErrResp [" + msgId + "] " + msg,(Object[])detail),\r
+ Env.ALWAYS);\r
+ } catch (Exception e) {\r
+ trans.error().log(e,"unable to send response for",msg);\r
+ }\r
+ }\r
+ \r
+ ///////////////////////////\r
+ // Namespace\r
+ ///////////////////////////\r
+ public static final String CREATE_NS = "createNamespace";\r
+ public static final String ADD_NS_ADMIN = "addNamespaceAdmin";\r
+ public static final String DELETE_NS_ADMIN = "delNamespaceAdmin";\r
+ public static final String ADD_NS_RESPONSIBLE = "addNamespaceResponsible";\r
+ public static final String DELETE_NS_RESPONSIBLE = "delNamespaceResponsible";\r
+ public static final String GET_NS_BY_NAME = "getNamespaceByName";\r
+ public static final String GET_NS_BY_ADMIN = "getNamespaceByAdmin";\r
+ public static final String GET_NS_BY_RESPONSIBLE = "getNamespaceByResponsible";\r
+ public static final String GET_NS_BY_EITHER = "getNamespaceByEither";\r
+ public static final String GET_NS_CHILDREN = "getNamespaceChildren";\r
+ public static final String UPDATE_NS_DESC = "updateNamespaceDescription";\r
+ public static final String DELETE_NS = "deleteNamespace";\r
+ \r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#createNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
+ */\r
+ @Override\r
+ public Result<Void> requestNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, NsType type) {\r
+ TimeTaken tt = trans.start(CREATE_NS, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST request;\r
+ try {\r
+ Data<REQUEST> rd = nsRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,rd.asString());\r
+ }\r
+ request = rd.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,CREATE_NS);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+ }\r
+ \r
+ Result<Void> rp = service.createNS(trans,request,type);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,nsRequestDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,CREATE_NS);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#addAdminToNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> addAdminToNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
+ TimeTaken tt = trans.start(ADD_NS_ADMIN + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<Void> rp = service.addAdminNS(trans,ns,id);\r
+ switch(rp.status) {\r
+ case OK: \r
+ //TODO Perms??\r
+ setContentType(resp,nsRequestDF.getOutType());\r
+ resp.getOutputStream().println();\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,ADD_NS_ADMIN);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#delAdminFromNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> delAdminFromNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
+ TimeTaken tt = trans.start(DELETE_NS_ADMIN + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<Void> rp = service.delAdminNS(trans, ns, id);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,nsRequestDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_NS_ADMIN);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#addAdminToNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> addResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
+ TimeTaken tt = trans.start(ADD_NS_RESPONSIBLE + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<Void> rp = service.addResponsibleNS(trans,ns,id);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,nsRequestDF.getOutType());\r
+ resp.getOutputStream().println();\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,ADD_NS_RESPONSIBLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#delAdminFromNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> delResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
+ TimeTaken tt = trans.start(DELETE_NS_RESPONSIBLE + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<Void> rp = service.delResponsibleNS(trans, ns, id);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,nsRequestDF.getOutType());\r
+ resp.getOutputStream().println();\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_NS_RESPONSIBLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByName(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getNSsByName(AuthzTrans trans, HttpServletResponse resp, String ns) {\r
+ TimeTaken tt = trans.start(GET_NS_BY_NAME + ' ' + ns, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<NSS> rp = service.getNSbyName(trans, ns);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,nssDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_NS_BY_NAME);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+// TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByAdmin(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getNSsByAdmin(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){\r
+ TimeTaken tt = trans.start(GET_NS_BY_ADMIN + ' ' + user, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<NSS> rp = service.getNSbyAdmin(trans, user, full);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,nssDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_NS_BY_ADMIN);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+// TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getNSsByResponsible(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){\r
+ TimeTaken tt = trans.start(GET_NS_BY_RESPONSIBLE + ' ' + user, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<NSS> rp = service.getNSbyResponsible(trans, user, full);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+\r
+ setContentType(resp,nssDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_NS_BY_RESPONSIBLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getNSsByEither(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){\r
+ TimeTaken tt = trans.start(GET_NS_BY_EITHER + ' ' + user, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<NSS> rp = service.getNSbyEither(trans, user, full);\r
+ \r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+\r
+ setContentType(resp,nssDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_NS_BY_EITHER);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getNSsChildren(AuthzTrans trans, HttpServletResponse resp, String parent){\r
+ TimeTaken tt = trans.start(GET_NS_CHILDREN + ' ' + parent, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<NSS> rp = service.getNSsChildren(trans, parent);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,nssDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_NS_CHILDREN);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> updateNsDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(UPDATE_NS_DESC, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = nsRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,UPDATE_NS_DESC);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+\r
+ }\r
+ Result<Void> rp = service.updateNsDescription(trans, rreq);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,nsRequestDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,UPDATE_NS_DESC);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ /*\r
+ * (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#requestNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
+ */\r
+ @Override\r
+ public Result<Void> deleteNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String ns) {\r
+ TimeTaken tt = trans.start(DELETE_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<Void> rp = service.deleteNS(trans,ns);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,nsRequestDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_NS);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ private final static String NS_CREATE_ATTRIB = "nsCreateAttrib";\r
+ private final static String NS_UPDATE_ATTRIB = "nsUpdateAttrib";\r
+ private final static String READ_NS_BY_ATTRIB = "readNsByAttrib";\r
+ private final static String NS_DELETE_ATTRIB = "nsDeleteAttrib";\r
+ \r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#createAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> createAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value) {\r
+ TimeTaken tt = trans.start(NS_CREATE_ATTRIB + ' ' + ns + ':'+key+':'+value, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<?> rp = service.createNsAttrib(trans,ns,key,value);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp, keysDF.getOutType());\r
+ resp.getOutputStream().println();\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,NS_CREATE_ATTRIB);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#readAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> readNsByAttrib(AuthzTrans trans, HttpServletResponse resp, String key) {\r
+ TimeTaken tt = trans.start(READ_NS_BY_ATTRIB + ' ' + key, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<KEYS> rp = service.readNsByAttrib(trans, key);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<KEYS> data = keysDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,keysDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,READ_NS_BY_ATTRIB);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#updAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> updAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value) {\r
+ TimeTaken tt = trans.start(NS_UPDATE_ATTRIB + ' ' + ns + ':'+key+':'+value, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<?> rp = service.updateNsAttrib(trans,ns,key,value);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp, keysDF.getOutType());\r
+ resp.getOutputStream().println();\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,NS_UPDATE_ATTRIB);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#delAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> delAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key) {\r
+ TimeTaken tt = trans.start(NS_DELETE_ATTRIB + ' ' + ns + ':'+key, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<?> rp = service.deleteNsAttrib(trans,ns,key);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp, keysDF.getOutType());\r
+ resp.getOutputStream().println();\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,NS_DELETE_ATTRIB);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+//\r
+// PERMISSION\r
+//\r
+ public static final String CREATE_PERMISSION = "createPermission";\r
+ public static final String GET_PERMS_BY_TYPE = "getPermsByType";\r
+ public static final String GET_PERMS_BY_NAME = "getPermsByName";\r
+ public static final String GET_PERMISSIONS_BY_USER = "getPermissionsByUser";\r
+ public static final String GET_PERMISSIONS_BY_USER_WITH_QUERY = "getPermissionsByUserWithQuery";\r
+ public static final String GET_PERMISSIONS_BY_ROLE = "getPermissionsByRole";\r
+ public static final String GET_PERMISSIONS_BY_NS = "getPermissionsByNS";\r
+ public static final String UPDATE_PERMISSION = "updatePermission";\r
+ public static final String UPDATE_PERM_DESC = "updatePermissionDescription";\r
+ public static final String SET_PERMISSION_ROLES_TO = "setPermissionRolesTo";\r
+ public static final String DELETE_PERMISSION = "deletePermission";\r
+ \r
+ /*\r
+ * (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#createOrUpdatePerm(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean, java.lang.String, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> createPerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start( CREATE_PERMISSION, Env.SUB|Env.ALWAYS); \r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject(); \r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,CREATE_PERMISSION);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+ }\r
+ \r
+ Result<Void> rp = service.createPerm(trans,rreq);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,CREATE_PERMISSION);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getChildPerms(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getPermsByType(AuthzTrans trans, HttpServletResponse resp, String perm) {\r
+ TimeTaken tt = trans.start(GET_PERMS_BY_TYPE + ' ' + perm, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ \r
+ Result<PERMS> rp = service.getPermsByType(trans, perm);\r
+ switch(rp.status) {\r
+ case OK:\r
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_PERMS_BY_TYPE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> getPermsByName(AuthzTrans trans, HttpServletResponse resp, \r
+ String type, String instance, String action) {\r
+ \r
+ TimeTaken tt = trans.start(GET_PERMS_BY_NAME + ' ' + type\r
+ + '|' + instance + '|' + action, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ \r
+ Result<PERMS> rp = service.getPermsByName(trans, type, instance, action);\r
+ switch(rp.status) {\r
+ case OK:\r
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_PERMS_BY_TYPE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getPermsByUser(AuthzTrans trans, HttpServletResponse resp, String user) {\r
+ TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<PERMS> rp = service.getPermsByUser(trans, user);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_PERMISSIONS_BY_USER, user);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getPermsByUserWithAAFQuery(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String user) {\r
+ TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER_WITH_QUERY + ' ' + user, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ PERMS perms;\r
+ try {\r
+ RosettaData<PERMS> data = permsDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ perms = data.asObject(); \r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,CREATE_PERMISSION);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+ }\r
+\r
+ Result<PERMS> rp = service.getPermsByUser(trans, perms, user);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_PERMISSIONS_BY_USER_WITH_QUERY , user);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getPermissionsForRole(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getPermsForRole(AuthzTrans trans, HttpServletResponse resp, String roleName) {\r
+ TimeTaken tt = trans.start(GET_PERMISSIONS_BY_ROLE + ' ' + roleName, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<PERMS> rp = service.getPermsByRole(trans, roleName);\r
+ switch(rp.status) {\r
+ case OK:\r
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_PERMISSIONS_BY_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> getPermsByNS(AuthzTrans trans,HttpServletResponse resp,String ns) {\r
+ TimeTaken tt = trans.start(GET_PERMISSIONS_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<PERMS> rp = service.getPermsByNS(trans, ns);\r
+ switch(rp.status) {\r
+ case OK:\r
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_PERMISSIONS_BY_NS);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /*\r
+ * (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#createOrUpdatePerm(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean, java.lang.String, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> renamePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp,\r
+ String origType, String origInstance, String origAction) {\r
+ String cmdDescription = UPDATE_PERMISSION;\r
+ TimeTaken tt = trans.start( cmdDescription + ' ' + origType + ' ' + origInstance + ' ' + origAction, Env.SUB|Env.ALWAYS); \r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject(); \r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,cmdDescription);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+ }\r
+ \r
+ Result<Void> rp = service.renamePerm(trans,rreq, origType, origInstance, origAction);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,cmdDescription);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> updatePermDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(UPDATE_PERM_DESC, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,UPDATE_PERM_DESC);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+\r
+ }\r
+ Result<Void> rp = service.updatePermDescription(trans, rreq);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permRequestDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,UPDATE_PERM_DESC);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ \r
+ @Override\r
+ public Result<Void> resetPermRoles(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(SET_PERMISSION_ROLES_TO, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN, SET_PERMISSION_ROLES_TO);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+ }\r
+ \r
+ Result<Void> rp = service.resetPermRoles(trans, rreq);\r
+ \r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,SET_PERMISSION_ROLES_TO);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> deletePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(DELETE_PERMISSION, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,DELETE_PERMISSION);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+\r
+ }\r
+\r
+ Result<Void> rp = service.deletePerm(trans,rreq);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_PERMISSION);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> deletePerm(AuthzTrans trans, HttpServletResponse resp, String type, String instance, String action) {\r
+ TimeTaken tt = trans.start(DELETE_PERMISSION + type + ' ' + instance + ' ' + action, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<Void> rp = service.deletePerm(trans,type,instance,action);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_PERMISSION);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ public static final String CREATE_ROLE = "createRole";\r
+ public static final String GET_ROLES_BY_USER = "getRolesByUser";\r
+ public static final String GET_ROLES_BY_NS = "getRolesByNS";\r
+ public static final String GET_ROLES_BY_NAME_ONLY = "getRolesByNameOnly";\r
+ public static final String GET_ROLES_BY_NAME = "getRolesByName";\r
+ public static final String GET_ROLES_BY_PERM = "getRolesByPerm";\r
+ public static final String UPDATE_ROLE_DESC = "updateRoleDescription"; \r
+ public static final String ADD_PERM_TO_ROLE = "addPermissionToRole";\r
+ public static final String DELETE_PERM_FROM_ROLE = "deletePermissionFromRole";\r
+ public static final String UPDATE_MGTPERM_ROLE = "updateMgtPermRole";\r
+ public static final String DELETE_ROLE = "deleteRole";\r
+ public static final String GET_CERT_BY_ID = "getCertByID";\r
+\r
+ @Override\r
+ public Result<Void> createRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(CREATE_ROLE, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,CREATE_ROLE);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+\r
+ }\r
+ Result<Void> rp = service.createRole(trans, rreq);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,roleRequestDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,CREATE_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByName(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getRolesByName(AuthzTrans trans, HttpServletResponse resp, String role) {\r
+ TimeTaken tt = trans.start(GET_ROLES_BY_NAME + ' ' + role, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<ROLES> rp = service.getRolesByName(trans, role);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,roleDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_ROLES_BY_NAME);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getRolesByUser(AuthzTrans trans,HttpServletResponse resp, String user) {\r
+ TimeTaken tt = trans.start(GET_ROLES_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<ROLES> rp = service.getRolesByUser(trans, user);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,roleDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_ROLES_BY_USER, user);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getRolesByNS(AuthzTrans trans,HttpServletResponse resp, String ns) {\r
+ TimeTaken tt = trans.start(GET_ROLES_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<ROLES> rp = service.getRolesByNS(trans, ns);\r
+ switch(rp.status) {\r
+ case OK: \r
+ if(!rp.isEmpty()) {\r
+ RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ } else {\r
+ Question.logEncryptTrace(trans, NO_DATA);\r
+ }\r
+ setContentType(resp,roleDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_ROLES_BY_NS);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByNameOnly(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getRolesByNameOnly(AuthzTrans trans,HttpServletResponse resp, String nameOnly) {\r
+ TimeTaken tt = trans.start(GET_ROLES_BY_NAME_ONLY + ' ' + nameOnly, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<ROLES> rp = service.getRolesByNameOnly(trans, nameOnly);\r
+ switch(rp.status) {\r
+ case OK: \r
+ if(!rp.isEmpty()) {\r
+ RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ } else {\r
+ Question.logEncryptTrace(trans, NO_DATA);\r
+ }\r
+ setContentType(resp,roleDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_ROLES_BY_NAME_ONLY);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getRolesByPerm(AuthzTrans trans,HttpServletResponse resp, String type, String instance, String action) {\r
+ TimeTaken tt = trans.start(GET_ROLES_BY_PERM + type +' '+instance+' '+action, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<ROLES> rp = service.getRolesByPerm(trans, type,instance,action);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,roleDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_ROLES_BY_PERM);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /*\r
+ * (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#updateDescription(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
+ */\r
+ @Override\r
+ public Result<Void> updateRoleDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(UPDATE_ROLE_DESC, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,UPDATE_ROLE_DESC);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+\r
+ }\r
+ Result<Void> rp = service.updateRoleDescription(trans, rreq);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,roleRequestDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return rp;\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,UPDATE_ROLE_DESC);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> addPermToRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(ADD_PERM_TO_ROLE, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,ADD_PERM_TO_ROLE);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+\r
+ }\r
+ Result<Void> rp = service.addPermToRole(trans, rreq);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ resp.getOutputStream().println();\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,ADD_PERM_TO_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> delPermFromRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(DELETE_PERM_FROM_ROLE, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,DELETE_PERM_FROM_ROLE);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+\r
+ }\r
+ Result<Void> rp = service.delPermFromRole(trans, rreq);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ resp.getOutputStream().println();\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_PERM_FROM_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> deleteRole(AuthzTrans trans, HttpServletResponse resp, String role) {\r
+ TimeTaken tt = trans.start(DELETE_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<Void> rp = service.deleteRole(trans, role);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> deleteRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(DELETE_ROLE, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN,CREATE_ROLE);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+ }\r
+\r
+ Result<Void> rp = service.deleteRole(trans, rreq);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ public static final String CREATE_CRED = "createUserCred";\r
+ private static final String GET_CREDS_BY_NS = "getCredsByNS";\r
+ private static final String GET_CREDS_BY_ID = "getCredsByID";\r
+ public static final String UPDATE_CRED = "updateUserCred";\r
+ public static final String EXTEND_CRED = "extendUserCred";\r
+ public static final String DELETE_CRED = "deleteUserCred";\r
+ public static final String DOES_CRED_MATCH = "doesCredMatch";\r
+ public static final String VALIDATE_BASIC_AUTH = "validateBasicAuth";\r
+\r
+\r
+\r
+ @Override\r
+ /**\r
+ * Create Credential\r
+ * \r
+ */\r
+ public Result<Void> createUserCred(AuthzTrans trans, HttpServletRequest req) {\r
+ TimeTaken tt = trans.start(CREATE_CRED, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ return service.createUserCred(trans, data.asObject());\r
+ } catch(APIException e) {\r
+ trans.error().log(e,"Bad Input data");\r
+ return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,CREATE_CRED);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> changeUserCred(AuthzTrans trans, HttpServletRequest req) {\r
+ TimeTaken tt = trans.start(UPDATE_CRED, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ return service.changeUserCred(trans, data.asObject());\r
+ } catch(APIException e) {\r
+ trans.error().log(e,"Bad Input data");\r
+ return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,UPDATE_CRED);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#extendUserCred(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, int)\r
+ */\r
+ @Override\r
+ public Result<Void> extendUserCred(AuthzTrans trans, HttpServletRequest req, String days) {\r
+ TimeTaken tt = trans.start(EXTEND_CRED, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ return service.extendUserCred(trans, data.asObject(), days);\r
+ } catch(APIException e) {\r
+ trans.error().log(e,"Bad Input data");\r
+ return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,EXTEND_CRED);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> getCredsByNS(AuthzTrans trans, HttpServletResponse resp, String ns) {\r
+ TimeTaken tt = trans.start(GET_CREDS_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
+ \r
+ try {\r
+ Result<USERS> ru = service.getCredsByNS(trans,ns);\r
+ switch(ru.status) {\r
+ case OK: \r
+ RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
+ if(Question.willSpecialLog(trans,trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,usersDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(ru);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_CREDS_BY_NS);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ \r
+ }\r
+ \r
+ \r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getCredsByID(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getCredsByID(AuthzTrans trans, HttpServletResponse resp, String id) {\r
+ TimeTaken tt = trans.start(GET_CREDS_BY_ID + ' ' + id, Env.SUB|Env.ALWAYS);\r
+ \r
+ try {\r
+ Result<USERS> ru = service.getCredsByID(trans,id);\r
+ switch(ru.status) {\r
+ case OK: \r
+ RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,usersDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(ru);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_CREDS_BY_ID);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ \r
+ }\r
+\r
+ @Override\r
+ public Result<Void> deleteUserCred(AuthzTrans trans, HttpServletRequest req) {\r
+ TimeTaken tt = trans.start(DELETE_CRED, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ return service.deleteUserCred(trans, data.asObject());\r
+ } catch(APIException e) {\r
+ trans.error().log(e,"Bad Input data");\r
+ return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_CRED);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ } \r
+ }\r
+ \r
+ \r
+ @Override\r
+ public Result<Date> doesCredentialMatch(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(DOES_CRED_MATCH, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ return service.doesCredentialMatch(trans, data.asObject());\r
+ } catch(APIException e) {\r
+ trans.error().log(e,"Bad Input data");\r
+ return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
+ } catch (IOException e) {\r
+ trans.error().log(e,IN,DOES_CRED_MATCH);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ } \r
+ }\r
+\r
+\r
+ @Override\r
+ public Result<Void> validBasicAuth(AuthzTrans trans, HttpServletResponse resp, String basicAuth) {\r
+ TimeTaken tt = trans.start(VALIDATE_BASIC_AUTH, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<Date> result = service.validateBasicAuth(trans,basicAuth);\r
+ switch(result.status){\r
+ case OK:\r
+ resp.getOutputStream().write(Chrono.utcStamp(result.value).getBytes());\r
+ return Result.ok();\r
+ }\r
+ return Result.err(result);\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,VALIDATE_BASIC_AUTH);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getCertInfoByID(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String id) {\r
+ TimeTaken tt = trans.start(GET_CERT_BY_ID, Env.SUB|Env.ALWAYS);\r
+ try { \r
+ Result<CERTS> rci = service.getCertInfoByID(trans,req,id);\r
+ \r
+ switch(rci.status) {\r
+ case OK: \r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ RosettaData<CERTS> data = certsDF.newData(trans).load(rci.value);\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ data.to(resp.getOutputStream());\r
+ } else {\r
+ certsDF.direct(trans, rci.value, resp.getOutputStream());\r
+ }\r
+ setContentType(resp,certsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rci);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_CERT_BY_ID);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ public static final String CREATE_DELEGATE = "createDelegate";\r
+ public static final String UPDATE_DELEGATE = "updateDelegate";\r
+ public static final String DELETE_DELEGATE = "deleteDelegate";\r
+ public static final String GET_DELEGATE_USER = "getDelegatesByUser";\r
+ public static final String GET_DELEGATE_DELG = "getDelegatesByDelegate";\r
+ \r
+ @Override\r
+ public Result<Void> createDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(CREATE_DELEGATE, Env.SUB|Env.ALWAYS);\r
+ try { \r
+ Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ return service.createDelegate(trans, data.asObject());\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,CREATE_DELEGATE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> updateDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(UPDATE_DELEGATE, Env.SUB|Env.ALWAYS);\r
+ try { \r
+ Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ return service.updateDelegate(trans, data.asObject());\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,UPDATE_DELEGATE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> deleteDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(DELETE_DELEGATE, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ return service.deleteDelegate(trans, data.asObject());\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_DELEGATE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> deleteDelegate(AuthzTrans trans, String userName) {\r
+ TimeTaken tt = trans.start(DELETE_DELEGATE + ' ' + userName, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ return service.deleteDelegate(trans, userName);\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_DELEGATE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> getDelegatesByUser(AuthzTrans trans, String user, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(GET_DELEGATE_USER, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<DELGS> rd = service.getDelegatesByUser(trans, user);\r
+ \r
+ switch(rd.status) {\r
+ case OK: \r
+ RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,delgDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rd);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_DELEGATE_USER);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> getDelegatesByDelegate(AuthzTrans trans, String delegate, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(GET_DELEGATE_DELG, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<DELGS> rd = service.getDelegatesByDelegate(trans, delegate);\r
+ switch(rd.status) {\r
+ case OK: \r
+ RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,delgDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rd);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_DELEGATE_DELG);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ private static final String REQUEST_USER_ROLE = "createUserRole";\r
+ private static final String GET_USERROLES = "getUserRoles";\r
+ private static final String GET_USERROLES_BY_ROLE = "getUserRolesByRole";\r
+ private static final String GET_USERROLES_BY_USER = "getUserRolesByUser";\r
+ private static final String SET_ROLES_FOR_USER = "setRolesForUser";\r
+ private static final String SET_USERS_FOR_ROLE = "setUsersForRole";\r
+ private static final String EXTEND_USER_ROLE = "extendUserRole";\r
+ private static final String DELETE_USER_ROLE = "deleteUserRole";\r
+ @Override\r
+ public Result<Void> requestUserRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(REQUEST_USER_ROLE, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST request;\r
+ try {\r
+ Data<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ request = data.asObject();\r
+ } catch(APIException e) {\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+ }\r
+ \r
+ Result<Void> rp = service.createUserRole(trans,request);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,REQUEST_USER_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> getUserInRole(AuthzTrans trans, HttpServletResponse resp, String user, String role) {\r
+ TimeTaken tt = trans.start(GET_USERROLES + ' ' + user + '|' + role, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<USERS> ru = service.getUserInRole(trans,user,role);\r
+ switch(ru.status) {\r
+ case OK: \r
+ RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,usersDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(ru);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_USERROLES);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> getUserRolesByUser(AuthzTrans trans, HttpServletResponse resp, String user) {\r
+ TimeTaken tt = trans.start(GET_USERROLES_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<USERROLES> ru = service.getUserRolesByUser(trans,user);\r
+ switch(ru.status) {\r
+ case OK: \r
+ RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,usersDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(ru);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_USERROLES_BY_USER);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> getUserRolesByRole(AuthzTrans trans, HttpServletResponse resp, String role) {\r
+ TimeTaken tt = trans.start(GET_USERROLES_BY_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<USERROLES> ru = service.getUserRolesByRole(trans,role);\r
+ switch(ru.status) {\r
+ case OK: \r
+ RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,usersDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(ru);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_USERROLES_BY_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+\r
+ }\r
+ \r
+\r
+ @Override\r
+ public Result<Void> resetUsersForRole(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req) {\r
+ TimeTaken tt = trans.start(SET_USERS_FOR_ROLE, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN, SET_USERS_FOR_ROLE);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+ }\r
+ \r
+ Result<Void> rp = service.resetUsersForRole(trans, rreq);\r
+ \r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,SET_USERS_FOR_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ \r
+ }\r
+\r
+ @Override\r
+ public Result<Void> resetRolesForUser(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req) {\r
+ TimeTaken tt = trans.start(SET_ROLES_FOR_USER, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ REQUEST rreq;\r
+ try {\r
+ RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ rreq = data.asObject();\r
+ } catch(APIException e) {\r
+ trans.error().log("Invalid Input",IN, SET_ROLES_FOR_USER);\r
+ return Result.err(Status.ERR_BadData,"Invalid Input");\r
+ }\r
+ \r
+ Result<Void> rp = service.resetRolesForUser(trans, rreq);\r
+ \r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,SET_ROLES_FOR_USER);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ \r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#extendUserRoleExpiration(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> extendUserRoleExpiration(AuthzTrans trans, HttpServletResponse resp, String user, String role) {\r
+ TimeTaken tt = trans.start(EXTEND_USER_ROLE + ' ' + user + ' ' + role, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ return service.extendUserRole(trans,user,role);\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,EXTEND_USER_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> deleteUserRole(AuthzTrans trans, HttpServletResponse resp, String user, String role) {\r
+ TimeTaken tt = trans.start(DELETE_USER_ROLE + ' ' + user + ' ' + role, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<Void> rp = service.deleteUserRole(trans,user,role);\r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,DELETE_USER_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ private static final String UPDATE_APPROVAL = "updateApproval";\r
+ private static final String GET_APPROVALS_BY_USER = "getApprovalsByUser.";\r
+ private static final String GET_APPROVALS_BY_TICKET = "getApprovalsByTicket.";\r
+ private static final String GET_APPROVALS_BY_APPROVER = "getApprovalsByApprover.";\r
+ \r
+ @Override\r
+ public Result<Void> updateApproval(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
+ TimeTaken tt = trans.start(UPDATE_APPROVAL, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Data<APPROVALS> data = approvalDF.newData().load(req.getInputStream());\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ Result<Void> rp = service.updateApproval(trans, data.asObject());\r
+ \r
+ switch(rp.status) {\r
+ case OK: \r
+ setContentType(resp,approvalDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,UPDATE_APPROVAL);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ public Result<Void> getApprovalsByUser(AuthzTrans trans, HttpServletResponse resp, String user) {\r
+ TimeTaken tt = trans.start(GET_APPROVALS_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<APPROVALS> rp = service.getApprovalsByUser(trans, user);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+ data.to(resp.getOutputStream());\r
+ \r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_APPROVALS_BY_USER, user);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> getApprovalsByApprover(AuthzTrans trans, HttpServletResponse resp, String approver) {\r
+ TimeTaken tt = trans.start(GET_APPROVALS_BY_APPROVER + ' ' + approver, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<APPROVALS> rp = service.getApprovalsByApprover(trans, approver);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_APPROVALS_BY_APPROVER,approver);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ @Override\r
+ public Result<Void> getApprovalsByTicket(AuthzTrans trans, HttpServletResponse resp, String ticket) {\r
+ TimeTaken tt = trans.start(GET_APPROVALS_BY_TICKET, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<APPROVALS> rp = service.getApprovalsByTicket(trans, ticket);\r
+ switch(rp.status) {\r
+ case OK: \r
+ RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,permsDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rp);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_APPROVALS_BY_TICKET);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+\r
+ \r
+ public static final String GET_USERS_PERMISSION = "getUsersByPermission";\r
+ public static final String GET_USERS_ROLE = "getUsersByRole";\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getUsersByRole(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getUsersByRole(AuthzTrans trans, HttpServletResponse resp, String role) {\r
+ TimeTaken tt = trans.start(GET_USERS_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<USERS> ru = service.getUsersByRole(trans,role);\r
+ switch(ru.status) {\r
+ case OK: \r
+ RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,usersDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(ru);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_USERS_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getUsersByPermission(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getUsersByPermission(AuthzTrans trans, HttpServletResponse resp, \r
+ String type, String instance, String action) {\r
+ TimeTaken tt = trans.start(GET_USERS_PERMISSION + ' ' + type + ' ' + instance + ' ' +action, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<USERS> ru = service.getUsersByPermission(trans,type,instance,action);\r
+ switch(ru.status) {\r
+ case OK: \r
+ RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,usersDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(ru);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_USERS_PERMISSION);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ \r
+ public static final String GET_HISTORY_USER = "getHistoryByUser";\r
+ public static final String GET_HISTORY_ROLE = "getHistoryByRole";\r
+ public static final String GET_HISTORY_PERM = "getHistoryByPerm";\r
+ public static final String GET_HISTORY_NS = "getHistoryByNS";\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
+ */\r
+ @Override\r
+ public Result<Void> getHistoryByUser(AuthzTrans trans, HttpServletResponse resp, String user, int[] yyyymm, final int sort) {\r
+ StringBuilder sb = new StringBuilder();\r
+ sb.append(GET_HISTORY_USER);\r
+ sb.append(' ');\r
+ sb.append(user);\r
+ sb.append(" for ");\r
+ boolean first = true;\r
+ for(int i : yyyymm) {\r
+ if(first) {\r
+ first = false;\r
+ } else {\r
+ sb.append(',');\r
+ }\r
+ sb.append(i);\r
+ }\r
+ TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
+\r
+ try {\r
+ Result<HISTORY> rh = service.getHistoryByUser(trans,user,yyyymm,sort);\r
+ switch(rh.status) {\r
+ case OK: \r
+ RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,historyDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rh);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_HISTORY_USER);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByRole(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])\r
+ */\r
+ @Override\r
+ public Result<Void> getHistoryByRole(AuthzTrans trans, HttpServletResponse resp, String role, int[] yyyymm, final int sort) {\r
+ StringBuilder sb = new StringBuilder();\r
+ sb.append(GET_HISTORY_ROLE);\r
+ sb.append(' ');\r
+ sb.append(role);\r
+ sb.append(" for ");\r
+ boolean first = true;\r
+ for(int i : yyyymm) {\r
+ if(first) {\r
+ first = false;\r
+ } else {\r
+ sb.append(',');\r
+ }\r
+ sb.append(i);\r
+ }\r
+ TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<HISTORY> rh = service.getHistoryByRole(trans,role,yyyymm,sort);\r
+ switch(rh.status) {\r
+ case OK: \r
+ RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,historyDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rh);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_HISTORY_ROLE);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])\r
+ */\r
+ @Override\r
+ public Result<Void> getHistoryByNS(AuthzTrans trans, HttpServletResponse resp, String ns, int[] yyyymm, final int sort) {\r
+ StringBuilder sb = new StringBuilder();\r
+ sb.append(GET_HISTORY_NS);\r
+ sb.append(' ');\r
+ sb.append(ns);\r
+ sb.append(" for ");\r
+ boolean first = true;\r
+ for(int i : yyyymm) {\r
+ if(first) {\r
+ first = false;\r
+ } else {\r
+ sb.append(',');\r
+ }\r
+ sb.append(i);\r
+ }\r
+ TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<HISTORY> rh = service.getHistoryByNS(trans,ns,yyyymm,sort);\r
+ switch(rh.status) {\r
+ case OK: \r
+ RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,historyDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rh);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_HISTORY_NS);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByPerm(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])\r
+ */\r
+ @Override\r
+ public Result<Void> getHistoryByPerm(AuthzTrans trans, HttpServletResponse resp, String perm, int[] yyyymm, final int sort) {\r
+ StringBuilder sb = new StringBuilder();\r
+ sb.append(GET_HISTORY_PERM);\r
+ sb.append(' ');\r
+ sb.append(perm);\r
+ sb.append(" for ");\r
+ boolean first = true;\r
+ for(int i : yyyymm) {\r
+ if(first) {\r
+ first = false;\r
+ } else {\r
+ sb.append(',');\r
+ }\r
+ sb.append(i);\r
+ }\r
+ TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
+ try {\r
+ Result<HISTORY> rh = service.getHistoryByPerm(trans,perm,yyyymm,sort);\r
+ switch(rh.status) {\r
+ case OK: \r
+ RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,historyDF.getOutType());\r
+ return Result.ok();\r
+ default:\r
+ return Result.err(rh);\r
+ }\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,GET_HISTORY_PERM);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ public final static String CACHE_CLEAR = "cacheClear "; \r
+// public final static String CACHE_VALIDATE = "validateCache";\r
+ \r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#cacheClear(org.onap.aaf.authz.env.AuthzTrans, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> cacheClear(AuthzTrans trans, String cname) {\r
+ TimeTaken tt = trans.start(CACHE_CLEAR + cname, Env.SUB|Env.ALWAYS);\r
+ try {\r
+ return service.cacheClear(trans,cname);\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,CACHE_CLEAR);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#cacheClear(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.Integer)\r
+ */\r
+ @Override\r
+ public Result<Void> cacheClear(AuthzTrans trans, String cname, String segments) {\r
+ TimeTaken tt = trans.start(CACHE_CLEAR + cname + ", segments[" + segments + ']', Env.SUB|Env.ALWAYS);\r
+ try {\r
+ String[] segs = segments.split("\\s*,\\s*");\r
+ int isegs[] = new int[segs.length];\r
+ for(int i=0;i<segs.length;++i) {\r
+ try {\r
+ isegs[i] = Integer.parseInt(segs[i]);\r
+ } catch(NumberFormatException nfe) {\r
+ isegs[i] = -1;\r
+ }\r
+ }\r
+ return service.cacheClear(trans,cname, isegs);\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,CACHE_CLEAR);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#dbReset(org.onap.aaf.authz.env.AuthzTrans)\r
+ */\r
+ @Override\r
+ public void dbReset(AuthzTrans trans) {\r
+ service.dbReset(trans);\r
+ }\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getAPI(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse)\r
+ */\r
+ public final static String API_REPORT = "apiReport";\r
+ @Override\r
+ public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet) {\r
+ TimeTaken tt = trans.start(API_REPORT, Env.SUB);\r
+ try {\r
+ Api api = new Api();\r
+ Api.Route ar;\r
+ Method[] meths = AuthzCassServiceImpl.class.getDeclaredMethods();\r
+ for(RouteReport rr : rservlet.routeReport()) {\r
+ api.getRoute().add(ar = new Api.Route());\r
+ ar.setMeth(rr.meth.name());\r
+ ar.setPath(rr.path);\r
+ ar.setDesc(rr.desc);\r
+ ar.getContentType().addAll(rr.contextTypes);\r
+ for(Method m : meths) {\r
+ ApiDoc ad;\r
+ if((ad = m.getAnnotation(ApiDoc.class))!=null &&\r
+ rr.meth.equals(ad.method()) &&\r
+ rr.path.equals(ad.path())) {\r
+ for(String param : ad.params()) {\r
+ ar.getParam().add(param);\r
+ }\r
+ for(String text : ad.text()) {\r
+ ar.getComments().add(text);\r
+ }\r
+ ar.setExpected(ad.expectedCode());\r
+ for(int ec : ad.errorCodes()) {\r
+ ar.getExplicitErr().add(ec);\r
+ }\r
+ }\r
+ }\r
+ }\r
+ RosettaData<Api> data = apiDF.newData(trans).load(api);\r
+ if(Question.willSpecialLog(trans, trans.user())) {\r
+ Question.logEncryptTrace(trans,data.asString());\r
+ }\r
+\r
+ data.to(resp.getOutputStream());\r
+ setContentType(resp,apiDF.getOutType());\r
+ return Result.ok();\r
+\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,API_REPORT);\r
+ return Result.err(e);\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+ \r
+\r
+ public final static String API_EXAMPLE = "apiExample";\r
+\r
+ /* (non-Javadoc)\r
+ * @see org.onap.aaf.authz.facade.AuthzFacade#getAPIExample(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
+ */\r
+ @Override\r
+ public Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String nameOrContentType, boolean optional) {\r
+ TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB);\r
+ try {\r
+ String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional); \r
+ resp.getOutputStream().print(content);\r
+ setContentType(resp,content.contains("<?xml")?TYPE.XML:TYPE.JSON);\r
+ return Result.ok();\r
+ } catch (Exception e) {\r
+ trans.error().log(e,IN,API_EXAMPLE);\r
+ return Result.err(Status.ERR_NotImplemented,e.getMessage());\r
+ } finally {\r
+ tt.done();\r
+ }\r
+ }\r
+\r
+}\r