--- /dev/null
+/*******************************************************************************\r
+ * ============LICENSE_START====================================================\r
+ * * org.onap.aaf\r
+ * * ===========================================================================\r
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
+ * * ===========================================================================\r
+ * * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * * you may not use this file except in compliance with the License.\r
+ * * You may obtain a copy of the License at\r
+ * * \r
+ * * http://www.apache.org/licenses/LICENSE-2.0\r
+ * * \r
+ * * Unless required by applicable law or agreed to in writing, software\r
+ * * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * * See the License for the specific language governing permissions and\r
+ * * limitations under the License.\r
+ * * ============LICENSE_END====================================================\r
+ * *\r
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
+ * *\r
+ ******************************************************************************/\r
+package org.onap.aaf.authz.service;\r
+\r
+import java.util.Date;\r
+\r
+import javax.servlet.http.HttpServletRequest;\r
+\r
+import org.onap.aaf.authz.env.AuthzTrans;\r
+import org.onap.aaf.authz.layer.Result;\r
+import org.onap.aaf.authz.service.mapper.Mapper;\r
+import org.onap.aaf.dao.DAOException;\r
+import org.onap.aaf.dao.aaf.cass.NsType;\r
+\r
+public interface AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> {\r
+ public Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper();\r
+ \r
+/***********************************\r
+ * NAMESPACE \r
+ ***********************************/\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @param ns\r
+ * @return\r
+ * @throws DAOException \r
+ * @throws \r
+ */\r
+ public Result<Void> createNS(AuthzTrans trans, REQUEST request, NsType type);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @return\r
+ */\r
+ public Result<Void> addAdminNS(AuthzTrans trans, String ns, String id);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @return\r
+ */\r
+ public Result<Void> delAdminNS(AuthzTrans trans, String ns, String id);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @param id\r
+ * @return\r
+ */\r
+ public Result<Void> addResponsibleNS(AuthzTrans trans, String ns, String id);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @param id\r
+ * @return\r
+ */\r
+ public Result<Void> delResponsibleNS(AuthzTrans trans, String ns, String id);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @param key\r
+ * @param value\r
+ * @return\r
+ */\r
+ public Result<Void> createNsAttrib(AuthzTrans trans, String ns, String key, String value);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @param key\r
+ * @param value\r
+ * @return\r
+ */\r
+ public Result<?> updateNsAttrib(AuthzTrans trans, String ns, String key, String value);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @param key\r
+ * @return\r
+ */\r
+ public Result<Void> deleteNsAttrib(AuthzTrans trans, String ns, String key);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @param key\r
+ * @return\r
+ */\r
+ public Result<KEYS> readNsByAttrib(AuthzTrans trans, String key);\r
+\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @return\r
+ */\r
+ public Result<NSS> getNSbyName(AuthzTrans trans, String ns);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @return\r
+ */\r
+ public Result<NSS> getNSbyAdmin(AuthzTrans trans, String user, boolean full);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @return\r
+ */\r
+ public Result<NSS> getNSbyResponsible(AuthzTrans trans, String user, boolean full);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @return\r
+ */\r
+ public Result<NSS> getNSbyEither(AuthzTrans trans, String user, boolean full);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param parent\r
+ * @return\r
+ */\r
+ public Result<NSS> getNSsChildren(AuthzTrans trans, String parent);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param req\r
+ * @return\r
+ */\r
+ public Result<Void> updateNsDescription(AuthzTrans trans, REQUEST req);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @param user\r
+ * @return\r
+ * @throws DAOException\r
+ */\r
+ public Result<Void> deleteNS(AuthzTrans trans, String ns);\r
+\r
+/***********************************\r
+ * PERM \r
+ ***********************************/\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param rreq\r
+ * @return\r
+ * @throws DAOException \r
+ * @throws MappingException\r
+ */\r
+ public Result<Void> createPerm(AuthzTrans trans, REQUEST rreq);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param childPerm\r
+ * @return\r
+ * @throws DAOException \r
+ */\r
+ public Result<PERMS> getPermsByType(AuthzTrans trans, String perm);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param type\r
+ * @param instance\r
+ * @param action\r
+ * @return\r
+ */\r
+ public Result<PERMS> getPermsByName(AuthzTrans trans, String type,\r
+ String instance, String action);\r
+\r
+ /**\r
+ * Gets all the permissions for a user across all the roles it is assigned to\r
+ * @param userName\r
+ * @return\r
+ * @throws Exception \r
+ * @throws Exception\r
+ */\r
+ public Result<PERMS> getPermsByUser(AuthzTrans trans, String userName);\r
+\r
+ /**\r
+ * Gets all the permissions for a user across all the roles it is assigned to\r
+ * \r
+ * Add AAF Perms representing the "MayUser" calls if\r
+ * 1) Allowed\r
+ * 2) User has equivalent permission\r
+ * \r
+ * @param userName\r
+ * @return\r
+ * @throws Exception \r
+ * @throws Exception\r
+ */\r
+ public Result<PERMS> getPermsByUser(AuthzTrans trans, PERMS perms, String userName);\r
+\r
+ /**\r
+ * \r
+ * Gets all the permissions for a user across all the roles it is assigned to\r
+ * \r
+ * @param roleName\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ public Result<PERMS> getPermsByRole(AuthzTrans trans, String roleName);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @return\r
+ */\r
+ public Result<PERMS> getPermsByNS(AuthzTrans trans, String ns);\r
+\r
+ /**\r
+ * rename permission\r
+ * \r
+ * @param trans\r
+ * @param rreq\r
+ * @param isRename\r
+ * @param origType\r
+ * @param origInstance\r
+ * @param origAction\r
+ * @return\r
+ */\r
+ public Result<Void> renamePerm(AuthzTrans trans, REQUEST rreq, String origType, String origInstance, String origAction);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param req\r
+ * @return\r
+ */\r
+ public Result<Void> updatePermDescription(AuthzTrans trans, REQUEST req);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param from\r
+ * @return\r
+ */\r
+ public Result<Void> resetPermRoles(AuthzTrans trans, REQUEST from);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param from\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ public Result<Void> deletePerm(AuthzTrans trans, REQUEST from);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @param perm\r
+ * @param type\r
+ * @param action\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ Result<Void> deletePerm(AuthzTrans trans, String perm, String type, String action);\r
+\r
+/***********************************\r
+ * ROLE \r
+ ***********************************/\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @param role\r
+ * @param approvers\r
+ * @return\r
+ * @throws DAOException \r
+ * @throws Exception\r
+ */\r
+ public Result<Void> createRole(AuthzTrans trans, REQUEST req);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param role\r
+ * @return\r
+ */\r
+ public Result<ROLES> getRolesByName(AuthzTrans trans, String role);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @return\r
+ * @throws DAOException \r
+ */\r
+ public Result<ROLES> getRolesByUser(AuthzTrans trans, String user);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @return\r
+ */\r
+ public Result<ROLES> getRolesByNS(AuthzTrans trans, String user);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param name\r
+ * @return\r
+ */\r
+ public Result<ROLES> getRolesByNameOnly(AuthzTrans trans, String name);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param type\r
+ * @param instance\r
+ * @param action\r
+ * @return\r
+ */\r
+ public Result<ROLES> getRolesByPerm(AuthzTrans trans, String type, String instance, String action);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param req\r
+ * @return\r
+ */\r
+ public Result<Void> updateRoleDescription(AuthzTrans trans, REQUEST req);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param rreq\r
+ * @return\r
+ * @throws DAOException\r
+ */\r
+ public Result<Void> addPermToRole(AuthzTrans trans, REQUEST rreq);\r
+ \r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param rreq\r
+ * @return\r
+ * @throws DAOException\r
+ */\r
+ Result<Void> delPermFromRole(AuthzTrans trans, REQUEST rreq);\r
+\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @param role\r
+ * @return\r
+ * @throws DAOException \r
+ * @throws MappingException \r
+ */\r
+ public Result<Void> deleteRole(AuthzTrans trans, String role);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param req\r
+ * @return\r
+ */\r
+ public Result<Void> deleteRole(AuthzTrans trans, REQUEST req);\r
+\r
+/***********************************\r
+ * CRED \r
+ ***********************************/\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param from\r
+ * @return\r
+ */\r
+ Result<Void> createUserCred(AuthzTrans trans, REQUEST from);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param from\r
+ * @return\r
+ */\r
+ Result<Void> changeUserCred(AuthzTrans trans, REQUEST from);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param from\r
+ * @param days\r
+ * @return\r
+ */\r
+ Result<Void> extendUserCred(AuthzTrans trans, REQUEST from, String days);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ns\r
+ * @return\r
+ */\r
+ public Result<USERS> getCredsByNS(AuthzTrans trans, String ns);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param id\r
+ * @return\r
+ */\r
+ public Result<USERS> getCredsByID(AuthzTrans trans, String id);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param req\r
+ * @param id\r
+ * @return\r
+ */\r
+ public Result<CERTS> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, String id);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param credReq\r
+ * @return\r
+ */\r
+ public Result<Void> deleteUserCred(AuthzTrans trans, REQUEST credReq);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ public Result<Date> doesCredentialMatch(AuthzTrans trans, REQUEST credReq);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param basicAuth\r
+ * @return\r
+ */\r
+ public Result<Date> validateBasicAuth(AuthzTrans trans, String basicAuth);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param role\r
+ * @return\r
+ */\r
+ public Result<USERS> getUsersByRole(AuthzTrans trans, String role);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param role\r
+ * @return\r
+ */\r
+ public Result<USERS> getUserInRole(AuthzTrans trans, String user, String role);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param type\r
+ * @param instance\r
+ * @param action\r
+ * @return\r
+ */\r
+ public Result<USERS> getUsersByPermission(AuthzTrans trans,String type, String instance, String action);\r
+ \r
+ \r
+\r
+\r
+/***********************************\r
+ * USER-ROLE \r
+ ***********************************/\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @param request\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ public Result<Void> createUserRole(AuthzTrans trans, REQUEST request);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param role\r
+ * @return\r
+ */\r
+ public Result<USERROLES> getUserRolesByRole(AuthzTrans trans, String role);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param role\r
+ * @return\r
+ */\r
+ public Result<USERROLES> getUserRolesByUser(AuthzTrans trans, String user);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param from\r
+ * @return\r
+ */\r
+ public Result<Void> resetRolesForUser(AuthzTrans trans, REQUEST from);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param from\r
+ * @return\r
+ */\r
+ public Result<Void> resetUsersForRole(AuthzTrans trans, REQUEST from);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @param role\r
+ * @return\r
+ */\r
+ public Result<Void> extendUserRole(AuthzTrans trans, String user,\r
+ String role);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @param usr\r
+ * @param role\r
+ * @return\r
+ * @throws DAOException \r
+ */\r
+ public Result<Void> deleteUserRole(AuthzTrans trans, String usr, String role);\r
+\r
+\r
+\r
+/***********************************\r
+ * HISTORY \r
+ ***********************************/ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @param yyyymm\r
+ * @return\r
+ */\r
+ public Result<HISTORY> getHistoryByUser(AuthzTrans trans, String user, int[] yyyymm, int sort);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param subj\r
+ * @param yyyymm\r
+ * @param sort\r
+ * @return\r
+ */\r
+ public Result<HISTORY> getHistoryByRole(AuthzTrans trans, String subj, int[] yyyymm, int sort);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param subj\r
+ * @param yyyymm\r
+ * @param sort\r
+ * @return\r
+ */\r
+ public Result<HISTORY> getHistoryByPerm(AuthzTrans trans, String subj, int[] yyyymm, int sort);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param subj\r
+ * @param yyyymm\r
+ * @param sort\r
+ * @return\r
+ */\r
+ public Result<HISTORY> getHistoryByNS(AuthzTrans trans, String subj, int[] yyyymm, int sort);\r
+\r
+/***********************************\r
+ * DELEGATE \r
+ ***********************************/\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param delegates\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ public Result<Void> createDelegate(AuthzTrans trans, REQUEST reqDelegate);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param delegates\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ public Result<Void> updateDelegate(AuthzTrans trans, REQUEST reqDelegate);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param userName\r
+ * @param delegate\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ public Result<Void> deleteDelegate(AuthzTrans trans, REQUEST reqDelegate);\r
+ \r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param userName\r
+ * @return\r
+ */\r
+ public Result<Void> deleteDelegate(AuthzTrans trans, String userName);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @return\r
+ * @throws Exception\r
+ */\r
+ public Result<DELGS> getDelegatesByUser(AuthzTrans trans, String user);\r
+ \r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param delegate\r
+ * @return\r
+ */\r
+ public Result<DELGS> getDelegatesByDelegate(AuthzTrans trans, String delegate);\r
+\r
+/***********************************\r
+ * APPROVAL \r
+ ***********************************/\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @param approver\r
+ * @param status\r
+ * @return\r
+ */\r
+ public Result<Void> updateApproval(AuthzTrans trans, APPROVALS approvals);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param user\r
+ * @return\r
+ */\r
+ public Result<APPROVALS> getApprovalsByUser(AuthzTrans trans, String user);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param ticket\r
+ * @return\r
+ */\r
+ public Result<APPROVALS> getApprovalsByTicket(AuthzTrans trans, String ticket);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param approver\r
+ * @return\r
+ */\r
+ public Result<APPROVALS> getApprovalsByApprover(AuthzTrans trans, String approver);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param cname\r
+ * @return\r
+ */\r
+ public Result<Void> cacheClear(AuthzTrans trans, String cname);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ * @param cname\r
+ * @param segment\r
+ * @return\r
+ */\r
+ public Result<Void> cacheClear(AuthzTrans trans, String cname, int[] segment);\r
+\r
+ /**\r
+ * \r
+ * @param trans\r
+ */\r
+ public void dbReset(AuthzTrans trans);\r
+\r
+\r
+}\r
Code Review / aaf / authz.git / blobdiff