package org.openecomp.sdc.be.user;
import fj.data.Either;
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.lang3.StringUtils;
import org.apache.tinkerpop.gremlin.structure.Edge;
-import org.openecomp.sdc.be.config.BeEcompErrorManager;
+import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException;
import org.openecomp.sdc.be.dao.api.ActionStatus;
-import org.openecomp.sdc.be.dao.neo4j.GraphPropertiesDictionary;
-import org.openecomp.sdc.be.dao.janusgraph.JanusGraphGenericDao;
import org.openecomp.sdc.be.dao.utils.UserStatusEnum;
+import org.openecomp.sdc.be.facade.operations.UserOperation;
import org.openecomp.sdc.be.impl.ComponentsUtils;
import org.openecomp.sdc.be.model.LifecycleStateEnum;
import org.openecomp.sdc.be.model.User;
-import org.openecomp.sdc.be.model.operations.api.IUserAdminOperation;
-import org.openecomp.sdc.be.model.operations.api.StorageOperationStatus;
+import org.openecomp.sdc.be.model.operations.impl.UserAdminOperation;
import org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum;
import org.openecomp.sdc.common.api.UserRoleEnum;
-import org.openecomp.sdc.common.log.wrappers.Logger;
+import org.openecomp.sdc.common.datastructure.UserContext;
import org.openecomp.sdc.common.kpi.api.ASDCKpiApi;
+import org.openecomp.sdc.common.log.enums.EcompLoggerErrorCode;
+import org.openecomp.sdc.common.log.wrappers.Logger;
+import org.openecomp.sdc.common.util.ThreadLocalsHolder;
import org.openecomp.sdc.exception.ResponseFormat;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-import javax.annotation.Resource;
import java.util.ArrayList;
-import java.util.HashMap;
+import java.util.Arrays;
+import java.util.HashSet;
import java.util.List;
-import java.util.Map;
+import java.util.Objects;
+import java.util.stream.Collectors;
+
+import static org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum.ADD_USER;
+import static org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum.GET_USERS_LIST;
+import static org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum.UPDATE_USER;
-@Component("userBusinessLogic")
-public class UserBusinessLogic implements IUserBusinessLogic {
+@org.springframework.stereotype.Component
+public class UserBusinessLogic {
private static final Logger log = Logger.getLogger(UserBusinessLogic.class);
+ private static final String IN_CERTIFICATION_CHECKED_OUT = "in-certification/checked-out";
+ private static final String UNKNOWN = "UNKNOWN";
private static UserAdminValidator userAdminValidator = UserAdminValidator.getInstance();
- @Resource
- private IUserAdminOperation userAdminOperation;
- @Resource
- private ComponentsUtils componentsUtils;
- @Autowired
- private JanusGraphGenericDao janusGraphDao;
+ private final UserAdminOperation userAdminOperation;
+ private final ComponentsUtils componentsUtils;
+ private final UserOperation facadeUserOperation;
- @Override
- public Either<User, ActionStatus> getUser(String userId, boolean inTransaction) {
- return userAdminOperation.getUserData(userId, inTransaction);
+ public UserBusinessLogic(UserAdminOperation userAdminOperation, ComponentsUtils componentsUtils, UserOperation facadeUserOperation) {
+ this.userAdminOperation = userAdminOperation;
+ this.componentsUtils = componentsUtils;
+ this.facadeUserOperation = facadeUserOperation;
}
- @Override
- public Either<User, ResponseFormat> createUser(User modifier, User newUser) {
-
- ResponseFormat responseFormat;
- String modifierUserId = modifier.getUserId();
-
- if (modifierUserId == null) {
- modifier.setUserId("UNKNOWN");
- log.debug("createUser method - user header is missing");
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER);
- return Either.right(responseFormat);
+ public User getUser(String userId, boolean inTransaction) {
+ Either<User, ActionStatus> result = userAdminOperation.getUserData(userId, inTransaction);
+ if (result.isRight()) {
+ handleUserAccessAuditing(userId, result.right().value());
+ throw new ByActionStatusComponentException(result.right().value(), userId);
}
-
- Either<User, ActionStatus> eitherCreator = getUser(modifierUserId, false);
- if (eitherCreator.isRight() || eitherCreator.left().value() == null) {
- log.debug("createUser method - user is not listed. userId = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER);
- return Either.right(responseFormat);
+ User user = result.left().value();
+ if (user == null) {
+ handleUserAccessAuditing(userId, ActionStatus.GENERAL_ERROR);
+ throw new ByActionStatusComponentException(ActionStatus.GENERAL_ERROR);
}
+ return user;
+ }
- modifier = eitherCreator.left().value();
- if (!modifier.getRole().equals(UserRoleEnum.ADMIN.getName())) {
- log.debug("createUser method - user is not admin = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER);
- return Either.right(responseFormat);
+ public User getUser(String userId) {
+ UserContext userContext = ThreadLocalsHolder.getUserContext();
+ if (Objects.isNull(userContext) || Objects.isNull(userContext.getUserId())) {
+ log.info("USER_NOT_FOUND, user=" + userId);
+ handleUserAccessAuditing(userId, ActionStatus.USER_NOT_FOUND);
+ throw new ByActionStatusComponentException(ActionStatus.USER_NOT_FOUND, userId);
+ }
+ if (Objects.isNull(userContext.getUserRoles())){
+ userContext.setUserRoles(new HashSet<>());
}
+ return convertUserContextToUser(userContext);
+ }
- // verify user not exist
- User userFromDb = new User();
- Either<User, ActionStatus> eitherUserInDB = getUser(newUser.getUserId(), false);
- if (eitherUserInDB.isRight()) {
- ActionStatus status = eitherUserInDB.right().value();
- if (!ActionStatus.USER_NOT_FOUND.equals(status) && !ActionStatus.USER_INACTIVE.equals(status)) {
- responseFormat = componentsUtils.getResponseFormat(eitherUserInDB.right().value(), newUser.getUserId());
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER);
- return Either.right(responseFormat);
- }
- } else {// User exist in DB
- userFromDb = eitherUserInDB.left().value();
- if (userFromDb.getStatus() == UserStatusEnum.ACTIVE) {
- responseFormat = componentsUtils.getResponseFormatByUserId(ActionStatus.USER_ALREADY_EXIST, newUser.getUserId());
- log.debug("createUser method - user with id {} already exist with id: {}", modifier.getUserId(), userFromDb.getUserId());
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER);
- return Either.right(responseFormat);
- }
+ protected User convertUserContextToUser(UserContext userContext) {
+ User user = new User();
+ user.setUserId(userContext.getUserId());
+ user.setFirstName(userContext.getFirstName());
+ user.setLastName(userContext.getLastName());
+ boolean userHasRoles = userContext.getUserRoles().iterator().hasNext();
+ user.setRole(!userHasRoles ? null : userContext.getUserRoles().iterator().next());
+ user.setStatus(userHasRoles ? UserStatusEnum.ACTIVE : UserStatusEnum.INACTIVE);
+ return user;
+ }
+
+ public boolean hasActiveUser(String userId) {
+ UserContext userContext = ThreadLocalsHolder.getUserContext();
+ if (Objects.isNull(userContext) || Objects.isNull(userContext.getUserId()) ) {
+ handleUserAccessAuditing(userId, ActionStatus.USER_NOT_FOUND);
+ return false;
+ }
+ if (Objects.isNull(userContext.getUserRoles()) || userContext.getUserRoles().isEmpty()){
+ handleUserAccessAuditing(userId, ActionStatus.USER_INACTIVE);
+ return false;
}
+ return true;
+ }
+ public User createUser(String modifierUserId, User newUser) {
+
+ User modifier = getValidModifier(modifierUserId, newUser.getUserId(), AuditingActionEnum.ADD_USER);
+
+ // verify user not exist
+ String newUserId = newUser.getUserId();
+ Either<User, ActionStatus> eitherUserInDB = verifyNewUser(newUserId);
newUser.setStatus(UserStatusEnum.ACTIVE);
- // validate Email
- if (newUser.getEmail() != null && !userAdminValidator.validateEmail(newUser.getEmail())) {
- log.debug("createUser method - user has invalid email = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.INVALID_EMAIL_ADDRESS, newUser.getEmail());
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER);
- return Either.right(responseFormat);
- }
+ validateEmail(newUser);
- // validate Role
- if (newUser.getRole() == null || newUser.getRole().length() == 0) {
- newUser.setRole(Role.DESIGNER.name());
- } else {
- if (!userAdminValidator.validateRole(newUser.getRole())) {
- log.debug("createUser method - user has invalid role = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.INVALID_ROLE, newUser.getRole());
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER);
- return Either.right(responseFormat);
- }
- }
+ validateRole(newUser);
// handle last login if user is import
if (newUser.getLastLoginTime() == null) {
newUser.setLastLoginTime(0L);
}
- Either<User, StorageOperationStatus> addOrUpdateUserReq;
-
- if (ActionStatus.USER_INACTIVE.equals(eitherUserInDB.right().value())) { // user
- // exist
- // with
- // inactive
- // state
- // -
- // update
- // user
- // data
+ User createdUser;
+ if (ActionStatus.USER_INACTIVE.equals(eitherUserInDB.right().value())) { // user inactive - update state // exist
newUser.setLastLoginTime(0L);
- addOrUpdateUserReq = userAdminOperation.updateUserData(newUser);
-
- } else { // user not exist - create new user
-
- if (newUser.getUserId() != null && !userAdminValidator.validateUserId(newUser.getUserId())) {
- log.debug("createUser method - user has invalid userId = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.INVALID_USER_ID, newUser.getUserId());
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER);
- return Either.right(responseFormat);
+ createdUser = userAdminOperation.updateUserData(newUser);
+ } else { // user does not exist - create new user
+ if (!userAdminValidator.validateUserId(newUserId)) {
+ log.debug("createUser method - user has invalid userId = {}", newUser.getUserId());
+ throw new ByActionStatusComponentException(ActionStatus.INVALID_USER_ID, newUserId);
}
- addOrUpdateUserReq = userAdminOperation.saveUserData(newUser);
- }
-
- if (addOrUpdateUserReq.isRight() || addOrUpdateUserReq.left().value() == null) {
- log.debug("createUser method - failed to create user");
- Either.right(componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponse(addOrUpdateUserReq.right().value())));
+ createdUser = userAdminOperation.saveUserData(newUser);
}
- log.debug("createUser method - user created");
- User createdUser = addOrUpdateUserReq.left().value();
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.CREATED);
+ ResponseFormat responseFormat = componentsUtils.getResponseFormat(ActionStatus.CREATED);
handleAuditing(modifier, null, createdUser, responseFormat, AuditingActionEnum.ADD_USER);
- return Either.left(createdUser);
+ getFacadeUserOperation().updateUserCache(UserOperationEnum.CREATE, createdUser.getUserId(), createdUser.getRole());
+ return createdUser;
}
- @Override
- public Either<User, ResponseFormat> updateUserRole(User modifier, String userIdToUpdate, String userRole) {
-
- ResponseFormat responseFormat;
- String modifierUserId = modifier.getUserId();
-
- if (modifierUserId == null) {
- modifier.setUserId("UNKNOWN");
- log.debug("updateUserRole method - user header is missing");
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER);
- return Either.right(responseFormat);
+ private void validateRole(User newUser) {
+ if (newUser.getRole() == null || newUser.getRole().length() == 0) {
+ newUser.setRole(Role.DESIGNER.name());
+ } else {
+ if (!userAdminValidator.validateRole(newUser.getRole())) {
+ log.debug("createUser method - user has invalid role = {}", newUser.getUserId());
+ throw new ByActionStatusComponentException(ActionStatus.INVALID_ROLE, newUser.getRole());
+ }
}
+ }
- Either<User, ActionStatus> eitherCreator = getUser(modifierUserId, false);
- if (eitherCreator.isRight() || eitherCreator.left().value() == null) {
- log.debug("updateUserRole method - user is not listed. userId = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER);
- return Either.right(responseFormat);
+ private void validateEmail(User newUser) {
+ if (newUser.getEmail() != null && !userAdminValidator.validateEmail(newUser.getEmail())) {
+ log.debug("createUser method - user has invalid email = {}", newUser.getUserId());
+ throw new ByActionStatusComponentException(ActionStatus.INVALID_EMAIL_ADDRESS, newUser.getEmail());
}
+ }
- modifier = eitherCreator.left().value();
- if (!modifier.getRole().equals(UserRoleEnum.ADMIN.getName())) {
- log.debug("updateUserRole method - user is not admin. userId = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER);
- return Either.right(responseFormat);
+ private Either<User, ActionStatus> verifyNewUser(String newUserId) {
+ Either<User, ActionStatus> eitherUserInDB = getUserData(newUserId);
+ if (eitherUserInDB.isRight()) {
+ ActionStatus status = eitherUserInDB.right().value();
+ if (!ActionStatus.USER_NOT_FOUND.equals(status) && !ActionStatus.USER_INACTIVE.equals(status)) {
+ componentsUtils.auditAdminUserActionAndThrowException(ADD_USER, null, null, null, status, newUserId);
+ }
+ } else {// User exist in DB
+ User userFromDb = eitherUserInDB.left().value();
+ if (userFromDb.getStatus() == UserStatusEnum.ACTIVE) {
+ log.debug("createUser method - user with id {} already exist with id: {}", newUserId, userFromDb.getUserId());
+ componentsUtils.auditAdminUserActionAndThrowException(ADD_USER, null, null, null, ActionStatus.USER_ALREADY_EXIST, newUserId);
+ }
}
+ return eitherUserInDB;
+ }
- if (modifier.getUserId().equals(userIdToUpdate)) {
- log.debug("updateUserRole method - admin role can only be updated by other admin. userId = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.UPDATE_USER_ADMIN_CONFLICT);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER);
- return Either.right(responseFormat);
+ public Either<User, ActionStatus> verifyNewUserForPortal(String newUserId) {
+ Either<User, ActionStatus> eitherUserInDB = getUserData(newUserId);
+ if (eitherUserInDB.isRight()) {
+ ActionStatus status = eitherUserInDB.right().value();
+ if (!ActionStatus.USER_NOT_FOUND.equals(status) && !ActionStatus.USER_INACTIVE.equals(status)) {
+ componentsUtils.auditAdminUserActionAndThrowException(ADD_USER, null, null, null, status, newUserId);
+ }
}
- Either<User, ActionStatus> userToUpdateReq = getUser(userIdToUpdate, false);
- if (userToUpdateReq.isRight() || userToUpdateReq.left().value() == null) {
- log.debug("updateUserRole method - user not found. userId = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.USER_NOT_FOUND, userIdToUpdate);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER);
- return Either.right(responseFormat);
+ return eitherUserInDB;
+ }
+
+ private Either<User, ActionStatus> getUserData(String newUserId) {
+ if (newUserId == null) {
+ log.error(EcompLoggerErrorCode.DATA_ERROR, "", "","Create user - new user id is missing");
+ throw new ByActionStatusComponentException(ActionStatus.MISSING_INFORMATION);
}
- if (!userAdminValidator.validateRole(userRole)) {
- log.debug("updateUserRole method - user has invalid role = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.INVALID_ROLE, userRole);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER);
- return Either.right(responseFormat);
+ return userAdminOperation.getUserData(newUserId, false);
+ }
+
+ public User updateUserRole(String modifierUserId, String userIdToUpdate, String userRole) {
+
+ User modifier = getValidModifier(modifierUserId, userIdToUpdate, UPDATE_USER);
+ User userToUpdate = getUser(userIdToUpdate, false);
+ validateChangeRoleToAllowedRoles(userRole);
+
+ List<Edge> userPendingTasks = userAdminOperation.getUserPendingTasksList(userToUpdate, getChangeRoleStateLimitations(userToUpdate));
+ if (!userPendingTasks.isEmpty()) {
+ log.debug("updateUserRole method - User cannot be updated, user have pending projects userId {}", userIdToUpdate);
+ String userInfo = userToUpdate.getFirstName() + " " + userToUpdate.getLastName() + '(' + userToUpdate.getUserId() + ')';
+ componentsUtils.auditAdminUserActionAndThrowException(UPDATE_USER, modifier, userToUpdate, null, ActionStatus.CANNOT_UPDATE_USER_WITH_ACTIVE_ELEMENTS, userInfo, IN_CERTIFICATION_CHECKED_OUT);
}
+ Role newRole = Role.valueOf(userRole);
User newUser = new User();
- newUser.setRole(userRole);
+ newUser.setRole(newRole.name());
newUser.setUserId(userIdToUpdate);
- User userToUpdate = userToUpdateReq.left().value();
- // if(!userRole.equals(UserRoleEnum.ADMIN.getName())){ //this is in
- // comment until admin will be able to do do check-in/check-out from the
- // UI
- Either<List<Edge>, StorageOperationStatus> userPendingTasksReq = getPendingUserPendingTasksWithCommit(userToUpdate);
- if (userPendingTasksReq.isRight()) {
- log.debug("updateUserRole method - failed to get user pending tasks list userId {}", userIdToUpdate);
- return Either.right(componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponse(userPendingTasksReq.right().value())));
- }
+ User updatedUser = userAdminOperation.updateUserData(newUser);
+ handleAuditing(modifier, userToUpdate, updatedUser, componentsUtils.getResponseFormat(ActionStatus.OK), UPDATE_USER);
+ getFacadeUserOperation().updateUserCache(UserOperationEnum.CHANGE_ROLE, updatedUser.getUserId(), updatedUser.getRole());
+ return updatedUser;
+ }
- List<Edge> userPendingTasks = userPendingTasksReq.left().value();
- if (!userPendingTasks.isEmpty()) {
- log.debug("updateUserRole method - User canot be updated, user have pending projects userId {}", userIdToUpdate);
+ private void validateChangeRoleToAllowedRoles(String userRole) {
+ List<String> allowedRoles = Arrays.asList(UserRoleEnum.DESIGNER.getName(), UserRoleEnum.ADMIN.getName());
+ if (!allowedRoles.contains(userRole)){
+ throw new ByActionStatusComponentException(ActionStatus.INVALID_ROLE, userRole);
+ }
+ }
- String userTasksStatusForErrorMessage = getUserPendingTaskStatusByRole(UserRoleEnum.valueOf(userToUpdate.getRole()));
- String userInfo = userToUpdate.getFirstName() + " " + userToUpdate.getLastName() + '(' + userToUpdate.getUserId() + ')';
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.CANNOT_UPDATE_USER_WITH_ACTIVE_ELEMENTS, userInfo, userTasksStatusForErrorMessage);
- handleAuditing(modifier, userToUpdate, userToUpdate, responseFormat, AuditingActionEnum.UPDATE_USER);
- return Either.right(responseFormat);
+ User getValidModifier(String modifierUserId, String userIdHandle, AuditingActionEnum actionEnum) {
+ if (modifierUserId == null) {
+ log.error(EcompLoggerErrorCode.DATA_ERROR, "", "", "user modifier is missing");
+ throw new ByActionStatusComponentException(ActionStatus.MISSING_INFORMATION);
}
- // }
- Either<User, StorageOperationStatus> updateUserReq = userAdminOperation.updateUserData(newUser);
- if (updateUserReq.isRight() || updateUserReq.left().value() == null) {
- log.debug("updateUser method - failed to update user data. userId = {}", modifier.getUserId());
- return Either.right(componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponse(updateUserReq.right().value())));
+ User modifier = getUser(modifierUserId, false);
+ if (!modifier.getRole().equals(UserRoleEnum.ADMIN.getName())) {
+ log.debug("user is not admin. Id = {}", modifier.getUserId());
+ componentsUtils.auditAdminUserActionAndThrowException(actionEnum, modifier, null, null, ActionStatus.RESTRICTED_OPERATION);
}
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK);
- User updatedUser = updateUserReq.left().value();
- handleAuditing(modifier, userToUpdate, updatedUser, responseFormat, AuditingActionEnum.UPDATE_USER);
- return Either.left(updatedUser);
+ if (modifier.getUserId().equals(userIdHandle)) {
+ log.debug("admin user cannot act on self. Id = {}", modifier.getUserId());
+ componentsUtils.auditAdminUserActionAndThrowException(actionEnum, modifier, null, null, ActionStatus.UPDATE_USER_ADMIN_CONFLICT);
+ }
+ return modifier;
}
- public Either<List<User>, ResponseFormat> getAllAdminUsers() {
+ public List<User> getAllAdminUsers() {
Either<List<User>, ActionStatus> response = userAdminOperation.getAllUsersWithRole(Role.ADMIN.name(), null);
-
if (response.isRight()) {
- ResponseFormat responseFormat = componentsUtils.getResponseFormat(response.right().value());
- return Either.right(responseFormat);
+ throw new ByActionStatusComponentException(response.right().value());
}
- return Either.left(response.left().value());
+ return response.left().value();
}
- @Override
- public Either<List<User>, ResponseFormat> getUsersList(String modifierAttId, List<String> roles, String rolesStr) {
- ResponseFormat responseFormat;
- User user = new User();
+ public List<User> getUsersList(String modifierAttId, List<String> roles, String rolesStr) {
if (modifierAttId == null) {
- user.setUserId("UNKNOWN");
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION);
- handleGetUsersListAuditing(user, responseFormat, rolesStr);
- return Either.right(responseFormat);
+ throw new ByActionStatusComponentException(ActionStatus.MISSING_INFORMATION);
}
- Either<User, ActionStatus> userResult = getUser(modifierAttId, false);
- if (userResult.isRight()) {
- user.setUserId(modifierAttId);
- if (userResult.right().value().equals(ActionStatus.USER_NOT_FOUND)) {
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION);
- } else {
- responseFormat = componentsUtils.getResponseFormat(userResult.right().value());
- }
- BeEcompErrorManager.getInstance().logBeUserMissingError("Get users per roles", modifierAttId);
-
- handleGetUsersListAuditing(user, responseFormat, rolesStr);
- return Either.right(responseFormat);
- }
- user = userResult.left().value();
- Either<List<User>, ResponseFormat> getResponse = null;
- List<User> resultList = new ArrayList<>();
- if (roles != null && !roles.isEmpty()) {
+ User user = getUser(modifierAttId, false);
+ Either<List<User>, ResponseFormat> getResponse;
+ List<User> userList = new ArrayList<>();
+ if (!CollectionUtils.isEmpty(roles)) {
for (String role : roles) {
if (!userAdminValidator.validateRole(role)) {
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.INVALID_ROLE, role);
- handleGetUsersListAuditing(user, responseFormat, rolesStr);
- return Either.right(responseFormat);
+ componentsUtils.auditAdminUserActionAndThrowException(GET_USERS_LIST, user, null, null, ActionStatus.INVALID_ROLE, role);
}
getResponse = getUsersPerRole(role, user, rolesStr);
- resultList.addAll(getResponse.left().value());
+ userList.addAll(getResponse.left().value());
}
} else {
rolesStr = "All";
getResponse = getUsersPerRole(null, user, rolesStr);
- resultList.addAll(getResponse.left().value());
+ userList.addAll(getResponse.left().value());
}
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK);
- handleGetUsersListAuditing(user, responseFormat, rolesStr);
- return Either.left(resultList);
+ handleGetUsersListAuditing(user, componentsUtils.getResponseFormat(ActionStatus.OK), rolesStr);
+ return userList;
}
- private Either<List<User>, ResponseFormat> getUsersPerRole(String role, User user, String rolesStr) {
+ Either<List<User>, ResponseFormat> getUsersPerRole(String role, User user, String rolesStr) {
ResponseFormat responseFormat;
Either<List<User>, ActionStatus> response = userAdminOperation.getAllUsersWithRole(role, UserStatusEnum.ACTIVE.name());
if (response.isRight()) {
handleGetUsersListAuditing(user, responseFormat, rolesStr);
return Either.right(responseFormat);
}
- return Either.left(response.left().value());
+ List<User> users = response.left().value()
+ .stream()
+ .filter(u-> StringUtils.isNotEmpty(u.getUserId()))
+ .collect(Collectors.toList());
+ return Either.left(users);
}
private void handleGetUsersListAuditing(User user, ResponseFormat responseFormat, String details) {
componentsUtils.auditGetUsersList(user, details, responseFormat);
}
- private void handleAuditing(User modifier, User userBefor, User userAfter, ResponseFormat responseFormat, AuditingActionEnum actionName) {
- componentsUtils.auditAdminUserAction(actionName, modifier, userBefor, userAfter, responseFormat);
+ private void handleAuditing(User modifier, User userBefore, User userAfter, ResponseFormat responseFormat, AuditingActionEnum actionName) {
+ componentsUtils.auditAdminUserAction(actionName, modifier, userBefore, userAfter, responseFormat);
}
private void handleUserAccessAuditing(User user, ResponseFormat responseFormat) {
componentsUtils.auditUserAccess(user, responseFormat);
}
- @Override
- public Either<User, ResponseFormat> deActivateUser(User modifier, String userUniuqeIdToDeactive) {
-
- ResponseFormat responseFormat;
- String userId = modifier.getUserId();
-
- if (userId == null) {
- modifier.setUserId("UNKNOWN");
- log.debug("deActivateUser method - user header is missing");
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER);
- return Either.right(responseFormat);
- }
-
- Either<User, ActionStatus> eitherCreator = getUser(userId, false);
- if (eitherCreator.isRight() || eitherCreator.left().value() == null) {
- log.debug("deActivateUser method - user is not listed. userId = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER);
- return Either.right(responseFormat);
- }
-
- modifier = eitherCreator.left().value();
-
- if (!modifier.getRole().equals(UserRoleEnum.ADMIN.getName())) {
- log.debug("deActivateUser method - user is not admin. userId = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER);
- return Either.right(responseFormat);
- }
-
- if (modifier.getUserId().equals(userUniuqeIdToDeactive)) {
- log.debug("deActivateUser deActivateUser - admin can only be deactivate by other admin. userId = {}", modifier.getUserId());
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.DELETE_USER_ADMIN_CONFLICT);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER);
- return Either.right(responseFormat);
- }
-
- Either<User, ActionStatus> getUserToDeleteResponse = getUser(userUniuqeIdToDeactive, false);
- if (getUserToDeleteResponse.isRight() || getUserToDeleteResponse.left().value() == null) {
- log.debug("deActivateUser method - failed to get user by id {}", userUniuqeIdToDeactive);
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.USER_NOT_FOUND, userUniuqeIdToDeactive);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER);
- return Either.right(componentsUtils.getResponseFormat(getUserToDeleteResponse.right().value(), userUniuqeIdToDeactive));
- }
-
- User userToDeactivate = getUserToDeleteResponse.left().value();
- if (userToDeactivate.getStatus().equals(UserStatusEnum.INACTIVE)) {
- log.debug("deActivateUser method - User already inactive", userUniuqeIdToDeactive);
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.USER_NOT_FOUND, userUniuqeIdToDeactive);
- handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER);
- return Either.right(responseFormat);
- }
-
- Either<List<Edge>, StorageOperationStatus> userPendingTasksReq = getPendingUserPendingTasksWithCommit(userToDeactivate);
- if (userPendingTasksReq.isRight()) {
- log.debug("deActivateUser method - failed to get user pending tasks list", userUniuqeIdToDeactive);
- return Either.right(componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponse(userPendingTasksReq.right().value())));
- }
-
- List<Edge> userPendingTasks = userPendingTasksReq.left().value();
- if (userPendingTasks.size() > 0) {
- log.debug("deActivateUser method - User canot be deleted, user have pending projects", userUniuqeIdToDeactive);
-
- String userTasksStatusForErrorMessage = getUserPendingTaskStatusByRole(UserRoleEnum.valueOf(userToDeactivate.getRole()));
- String userInfo = userToDeactivate.getFirstName() + " " + userToDeactivate.getLastName() + '(' + userToDeactivate.getUserId() + ')';
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.CANNOT_DELETE_USER_WITH_ACTIVE_ELEMENTS, userInfo, userTasksStatusForErrorMessage);
- handleAuditing(modifier, userToDeactivate, userToDeactivate, responseFormat, AuditingActionEnum.DELETE_USER);
- return Either.right(responseFormat);
- }
-
- Either<User, StorageOperationStatus> deactivateUserReq = userAdminOperation.deActivateUser(userToDeactivate);
- if (deactivateUserReq.isRight()) {
- log.debug("deActivateUser method - failed to deactivate user", userUniuqeIdToDeactive);
- return Either.right(componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponse(deactivateUserReq.right().value())));
- }
- User deactivateUser = deactivateUserReq.left().value();
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK);
- handleAuditing(modifier, userToDeactivate, null, responseFormat, AuditingActionEnum.DELETE_USER);
- return Either.left(deactivateUser);
+ private void handleUserAccessAuditing(String userId, ActionStatus status, String... params) {
+ componentsUtils.auditUserAccess(new User(userId), status, params);
}
- @Override
- public Either<User, ResponseFormat> authorize(User authUser) {
-
- ResponseFormat responseFormat;
-
+ public User authorize(User authUser) {
String userId = authUser.getUserId();
-
if (userId == null) {
- authUser.setUserId("UNKNOWN");
- log.debug("deActivateUser method - user header is missing");
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION);
- handleUserAccessAuditing(authUser, responseFormat);
- return Either.right(responseFormat);
+ log.debug("authorize method - user id is missing");
+ throw new ByActionStatusComponentException(ActionStatus.MISSING_INFORMATION);
}
- Either<User, ActionStatus> eitherCreator = getUser(userId, false);
- if (eitherCreator.isRight()) {
- if (eitherCreator.right().value() == ActionStatus.USER_NOT_FOUND || eitherCreator.right().value() == ActionStatus.USER_INACTIVE) {
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_ACCESS);
- handleUserAccessAuditing(authUser, responseFormat);
- return Either.right(responseFormat);
- } else {
- return Either.right(componentsUtils.getResponseFormatByUser(eitherCreator.right().value(), authUser));
- }
- } else {
- if (eitherCreator.left().value() == null) {
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.GENERAL_ERROR);
- return Either.right(responseFormat);
- }
- }
-
- User user = eitherCreator.left().value();
+ User user = getUser(userId, false);
String firstName = authUser.getFirstName();
if (firstName != null && !firstName.isEmpty() && !firstName.equals(user.getFirstName())) {
// last login time stamp handle
user.setLastLoginTime();
- Either<User, StorageOperationStatus> updateUserReq = userAdminOperation.updateUserData(user);
-
- if (updateUserReq.isRight()) {
- responseFormat = componentsUtils.getResponseFormatByUser(eitherCreator.right().value(), user);
- handleUserAccessAuditing(user, responseFormat);
- return Either.right(componentsUtils.getResponseFormatByUser(eitherCreator.right().value(), user));
- }
-
- User updatedUser = updateUserReq.left().value();
-
+ User updatedUser = userAdminOperation.updateUserData(user);
Long lastLoginTime = user.getLastLoginTime();
if (lastLoginTime != null) {
updatedUser.setLastLoginTime(lastLoginTime);
} else {
- updatedUser.setLastLoginTime(new Long(0));
+ updatedUser.setLastLoginTime(0L);
}
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK);
- handleUserAccessAuditing(updatedUser, responseFormat);
+ handleUserAccessAuditing(updatedUser.getUserId(), ActionStatus.OK);
ASDCKpiApi.countUsersAuthorizations();
- return Either.left(updatedUser);
+ return updatedUser;
}
/*
String userId = updatedUserCred.getUserId();
if (userId == null) {
- updatedUserCred.setUserId("UNKNOWN");
+ updatedUserCred.setUserId(UNKNOWN);
log.debug("updateUserCredentials method - user header is missing");
responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION);
handleUserAccessAuditing(updatedUserCred, responseFormat);
return Either.right(responseFormat);
}
- Either<User, ActionStatus> eitherCreator = getUser(userId, false);
- if (eitherCreator.isRight()) {
- ActionStatus status = eitherCreator.right().value();
- if (status == ActionStatus.USER_NOT_FOUND || status == ActionStatus.USER_INACTIVE) {
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_ACCESS);
- handleUserAccessAuditing(updatedUserCred, responseFormat);
- return Either.right(responseFormat);
- } else {
- return Either.right(componentsUtils.getResponseFormatByUser(status, updatedUserCred));
- }
- } else {
- if (eitherCreator.left().value() == null) {
- responseFormat = componentsUtils.getResponseFormat(ActionStatus.GENERAL_ERROR);
- return Either.right(responseFormat);
- }
- }
-
- User user = eitherCreator.left().value();
-
+ User user = getUser(userId, false);
String firstName = updatedUserCred.getFirstName();
if (firstName != null && !firstName.isEmpty() && !firstName.equals(user.getFirstName())) {
user.setFirstName(firstName);
user.setLastLoginTime(updatedUserCred.getLastLoginTime());
}
- Either<User, StorageOperationStatus> updateUserReq = userAdminOperation.updateUserData(user);
-
- if (updateUserReq.isRight()) {
- responseFormat = componentsUtils.getResponseFormatByUser(eitherCreator.right().value(), user);
- handleUserAccessAuditing(user, responseFormat);
- return Either.right(componentsUtils.getResponseFormatByUser(eitherCreator.right().value(), user));
- }
-
- User updatedUser = updateUserReq.left().value();
-
+ User updatedUser = userAdminOperation.updateUserData(user);
responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK);
handleUserAccessAuditing(updatedUser, responseFormat);
return Either.left(updatedUser);
}
- private Either<List<Edge>, StorageOperationStatus> getPendingUserPendingTasksWithCommit(User user) {
-
- Either<List<Edge>, StorageOperationStatus> result = null;
-
- try {
- UserRoleEnum userRole = UserRoleEnum.valueOf(user.getRole());
- Map<String, Object> properties = new HashMap<>();
- switch (userRole) {
+ private List<Object> getChangeRoleStateLimitations(User user) {
+ UserRoleEnum role = UserRoleEnum.valueOf(user.getRole());
+ List<Object> properties = new ArrayList<>();
+ switch (role) {
case DESIGNER:
case PRODUCT_STRATEGIST:
case PRODUCT_MANAGER:
- properties.put(GraphPropertiesDictionary.STATE.getProperty(), LifecycleStateEnum.NOT_CERTIFIED_CHECKOUT.name());
- return userAdminOperation.getUserPendingTasksList(user, properties);
- case TESTER:
- properties.put(GraphPropertiesDictionary.STATE.getProperty(), LifecycleStateEnum.CERTIFICATION_IN_PROGRESS.name());
- return userAdminOperation.getUserPendingTasksList(user, properties);
case ADMIN:
- properties.put(GraphPropertiesDictionary.STATE.getProperty(), LifecycleStateEnum.CERTIFICATION_IN_PROGRESS.name());
- properties.put(GraphPropertiesDictionary.STATE.getProperty(), LifecycleStateEnum.NOT_CERTIFIED_CHECKOUT.name());
- return userAdminOperation.getUserPendingTasksList(user, properties);
+ properties.add(LifecycleStateEnum.NOT_CERTIFIED_CHECKOUT.name());
+ break;
+ case TESTER:
+ // For tester we allow change role even if there are pending task (per US468155 in 1810)
default:
- return Either.left(new ArrayList<>());
- }
- } finally {
- // commit will be perform outside!!!
- if (result == null || result.isRight()) {
- log.debug("getUserPendingTasksList failed to perform fetching");
- janusGraphDao.rollback();
- } else {
- janusGraphDao.commit();
- }
}
+ return properties;
}
- private String getUserPendingTaskStatusByRole(UserRoleEnum role) {
-
- switch (role) {
- case DESIGNER:
- case PRODUCT_STRATEGIST:
- case PRODUCT_MANAGER:
- return "checked-out";
-
- case TESTER:
- return "in-certification";
- case ADMIN:
- return "in-certification/checked-out";
- default:
- return "";
- }
+ public UserOperation getFacadeUserOperation() {
+ return facadeUserOperation;
}
+
}
Code Review / sdc.git / blobdiff