+++ /dev/null
-/*-
- * ================================================================================
- * eCOMP Portal
- * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ================================================================================
- */
-package org.openecomp.portalapp.portal.service;
-
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-import java.util.TreeSet;
-
-import javax.annotation.PostConstruct;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.cxf.transport.http.HTTPException;
-import org.hibernate.Query;
-import org.hibernate.Session;
-import org.hibernate.SessionFactory;
-import org.hibernate.Transaction;
-import org.openecomp.portalapp.portal.domain.EPApp;
-import org.openecomp.portalapp.portal.domain.EPRole;
-import org.openecomp.portalapp.portal.domain.EPUser;
-import org.openecomp.portalapp.portal.domain.EPUserApp;
-import org.openecomp.portalapp.portal.logging.aop.EPMetricsLog;
-import org.openecomp.portalapp.portal.logging.format.EPAppMessagesEnum;
-import org.openecomp.portalapp.portal.logging.logic.EPLogUtil;
-import org.openecomp.portalapp.portal.transport.AppWithRolesForUser;
-import org.openecomp.portalapp.portal.transport.FunctionalMenuItem;
-import org.openecomp.portalapp.portal.transport.FunctionalMenuRole;
-import org.openecomp.portalapp.portal.transport.RemoteUserWithRoles;
-import org.openecomp.portalapp.portal.transport.RoleInAppForUser;
-import org.openecomp.portalapp.portal.transport.RolesInAppForUser;
-import org.openecomp.portalapp.portal.transport.UserApplicationRoles;
-import org.openecomp.portalapp.portal.utils.EPSystemProperties;
-import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
-import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
-import org.openecomp.portalsdk.core.restful.domain.EcompRole;
-import org.openecomp.portalsdk.core.service.DataAccessService;
-import org.openecomp.portalsdk.core.service.UserProfileService;
-import org.openecomp.portalsdk.core.util.SystemProperties;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.EnableAspectJAutoProxy;
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.ObjectMapper;
-
-@Service("userRolesService")
-@Transactional
-@org.springframework.context.annotation.Configuration
-@EnableAspectJAutoProxy
-@EPMetricsLog
-public class UserRolesServiceImpl implements UserRolesService {
- private static Long ACCOUNT_ADMIN_ROLE_ID = 999L;
-
- private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserRolesServiceImpl.class);
-
- @Autowired
- private SessionFactory sessionFactory;
- @Autowired
- private DataAccessService dataAccessService;
- @Autowired
- SearchService searchService;
- @Autowired
- EPAppService appsService;
- @Autowired
- EPLdapService ldapService;
- @Autowired
- ApplicationsRestClientService applicationsRestClientService;
- @Autowired
- EPRoleService epRoleService;
- @Autowired
- UserProfileService userProfileService;
-
- @PostConstruct
- private void init() {
- try {
- ACCOUNT_ADMIN_ROLE_ID = Long.valueOf(SystemProperties.getProperty(EPSystemProperties.ACCOUNT_ADMIN_ROLE_ID));
- } catch(Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));
- }
- }
-
- private static HashMap<Long, EcompRole> hashMapFromEcompRoles(EcompRole[] ecompRoles) {
- HashMap<Long, EcompRole> result = new HashMap<Long, EcompRole>();
- if (ecompRoles!=null) {
- for (int i = 0; i < ecompRoles.length; i++) {
- if (ecompRoles[i].getId() != null) {
- result.put(ecompRoles[i].getId(), ecompRoles[i]);
- }
- }
- }
- return result;
- }
-
- private void createLocalUserIfNecessary(String orgUserId) {
- if (StringUtils.isEmpty(orgUserId)) {
- logger.error(EELFLoggerDelegate.errorLogger, "createLocalUserIfNecessary : empty orgUserId!");
- return;
- }
- Session localSession = null;
- Transaction transaction = null;
- try {
- localSession = sessionFactory.openSession();
- transaction = localSession.beginTransaction();
- @SuppressWarnings("unchecked")
- List<EPUser> userList = localSession.createQuery("from " + EPUser.class.getName() + " where org_user_id='" + orgUserId + "'").list();
- if (userList.size() == 0) {
- EPUser client = searchService.searchUserByUserId(orgUserId);
- if (client == null) {
- String msg = "cannot create user " + orgUserId + ", because he cannot be found in phonebook";
- logger.error(EELFLoggerDelegate.errorLogger, msg);
- } else {
- client.setLoginId(orgUserId);
- client.setActive(true);
- localSession.save(client);
- }
- }
- transaction.commit();
- } catch (Exception e) {
- EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
- EcompPortalUtils.rollbackTransaction(transaction, "searchOrCreateUser rollback, exception = " + e);
- } finally {
- EcompPortalUtils.closeLocalSession(localSession, "searchOrCreateUser");
- }
- }
-
- private static void syncUserRoles(SessionFactory sessionFactory, String orgUserId, Long appId, EcompRole[] userAppRoles) throws Exception {
- HashMap<Long, EcompRole> newUserAppRolesMap = hashMapFromEcompRoles(userAppRoles);
- boolean result = false;
- Session localSession = null;
- Transaction transaction = null;
-
- try {
- localSession = sessionFactory.openSession();
- transaction = localSession.beginTransaction();
- @SuppressWarnings("unchecked")
- List<EPUser> userList = localSession.createQuery("from " + EPUser.class.getName() + " where org_user_id='" + orgUserId + "'").list();
- if (userList.size() > 0) {
- EPUser client = userList.get(0);
- @SuppressWarnings("unchecked")
- List<EPUserApp> userRoles = localSession
- .createQuery("from " + EPUserApp.class.getName() + " where app.id=" + appId + " and userId=" + client.getId()).list();
- for (EPUserApp userRole : userRoles) {
- if (! userRole.getRoleId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
-
- Long userAppRoleId = userRole.getAppRoleId();
- if (!newUserAppRolesMap.containsKey(userAppRoleId)) {
- localSession.delete(userRole);
- } else {
- newUserAppRolesMap.remove(userAppRoleId);
- }
- }
- }
- Collection<EcompRole> newRolesToAdd = newUserAppRolesMap.values();
- if (newRolesToAdd.size() > 0) {
- EPApp app = (EPApp) localSession.get(EPApp.class, appId);
- @SuppressWarnings("unchecked")
- List<EPRole> roles = localSession.createQuery("from " + EPRole.class.getName() + " where appId=" + appId).list();
- HashMap<Long, EPRole> rolesMap = new HashMap<Long, EPRole>();
- for (EPRole role : roles) {
- rolesMap.put(role.getAppRoleId(), role);
- }
- for (EcompRole userRole : newRolesToAdd) {
- EPUserApp userApp = new EPUserApp();
- userApp.setUserId(client.getId());
- userApp.setApp(app);
- userApp.setRole(rolesMap.get(userRole.getId()));
- localSession.save(userApp);
- }
- }
- }
- transaction.commit();
- result = true;
- } catch (Exception e) {
- EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
- EcompPortalUtils.rollbackTransaction(transaction, "Exception occurred in syncUserRoles, Details: " + EcompPortalUtils.getStackTrace(e));
- } finally {
- localSession.close();
- if (!result) {
- throw new Exception("Exception occurred in syncUserRoles while closing database session for app: '" + appId + "'.");
- }
- }
- }
-
- // Called when getting the list of roles for the user
- private List<RoleInAppForUser> constructRolesInAppForUserGet(EcompRole[] appRoles, EcompRole[] userAppRoles) {
- List<RoleInAppForUser> rolesInAppForUser = new ArrayList<RoleInAppForUser>();
-
- Set<Long> userAppRolesMap = new HashSet<Long>();
- if (userAppRoles!=null) {
- for (EcompRole ecompRole : userAppRoles) {
- userAppRolesMap.add(ecompRole.getId());
- }
- } else {
- String message = String.format("UserRolesServiceImpl.constructRolesInAppForUserGet has received userAppRoles list empty.");
- logger.info(EELFLoggerDelegate.errorLogger, message);
- }
-
- if (appRoles!=null) {
- for (EcompRole ecompRole : appRoles) {
- RoleInAppForUser roleForUser = new RoleInAppForUser(ecompRole.getId(), ecompRole.getName());
- roleForUser.isApplied = userAppRolesMap.contains(ecompRole.getId());
- rolesInAppForUser.add(roleForUser);
- }
- } else {
- String message = String.format("UserRolesServiceImpl.constructRolesInAppForUser has received appRoles list empty.");
- logger.info(EELFLoggerDelegate.errorLogger, message);
- }
- return rolesInAppForUser;
- }
- public List<RoleInAppForUser> getAppRolesForUser(Long appId, String orgUserId) {
- List<RoleInAppForUser> rolesInAppForUser = null;
- try {
- EcompRole[] appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles");
-
- // Test this error case, for generating an internal Ecomp Portal error
-// EcompRole[] appRoles = null;
- // If there is an exception in the rest client api, then null will be returned.
- if (appRoles != null) {
- syncAppRoles(sessionFactory, appId, appRoles);
- EcompRole[] userAppRoles;
- try {
- userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId, String.format("/user/%s/roles", orgUserId));
- if (userAppRoles == null) {
- if (EcompPortalUtils.getExternalAppResponseCode() == 400) {
- EcompPortalUtils.setExternalAppResponseCode(200);
- logger.error(EELFLoggerDelegate.errorLogger, "400 returned from /user/{userid}/roles, assuming user doesn't exist, app is framework SDK based, and things are ok. Overriding to 200 until framework SDK returns a useful response.");
- logger.debug(EELFLoggerDelegate.debugLogger, "400 returned from /user/{userid}/roles, assuming user doesn't exist, app is framework SDK based, and things are ok. Overriding to 200 until framework SDK returns a useful response.");
- }
- }
- // If the remote application isn't down we MUST to sync user roles here in case we have this user here!
- syncUserRoles(sessionFactory, orgUserId, appId, userAppRoles);
- } catch (Exception e) {
- // TODO: we may need to check if user exists, maybe remote app is down.
- logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));
- logger.error(EELFLoggerDelegate.errorLogger, "LR: user " + orgUserId + " does not exist in remote application: " + appId + ".");
- userAppRoles = new EcompRole[0];
- }
- rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles);
- // Test this error case, for generating an external app error
-// EcompPortalUtils.setResponseCode(404);
- }
- } catch (Exception e) {
- String message = String.format("Received an exception while performing getAppRolesForUser for the User %s, and for the AppId %s, Details: %s",
- orgUserId, Long.toString(appId), EcompPortalUtils.getStackTrace(e));
- logger.error(EELFLoggerDelegate.errorLogger, message);
- }
- return rolesInAppForUser;
-
- }
-
- // copies of methods in GetAppsWithUserRoleState
- private void syncAppRoles(SessionFactory sessionFactory, Long appId, EcompRole[] appRoles) throws Exception {
- logger.debug(EELFLoggerDelegate.debugLogger, "entering syncAppRoles for appId: "+appId);
- HashMap<Long, EcompRole> newRolesMap = hashMapFromEcompRoles(appRoles);
- boolean result = false;
- Session localSession = null;
- Transaction transaction = null;
-
- try {
- localSession = sessionFactory.openSession();
- transaction = localSession.beginTransaction();
- // Attention! All roles from remote application supposed to be active!
- @SuppressWarnings("unchecked")
- List<EPRole> currentAppRoles = localSession.createQuery("from " + EPRole.class.getName() + " where appId=" + appId).list();
- List<EPRole> obsoleteRoles = new ArrayList<EPRole>();
- for (int i = 0; i < currentAppRoles.size(); i++) {
- EPRole oldAppRole = currentAppRoles.get(i);
- if (oldAppRole.getAppRoleId() != null) {
- EcompRole role = null;
- role = newRolesMap.get(oldAppRole.getAppRoleId());
- if (role != null) {
- if (!(role.getName() == null || oldAppRole.getName().equals(role.getName()))) {
- oldAppRole.setName(role.getName());
- localSession.update(oldAppRole);
- }
- newRolesMap.remove(oldAppRole.getAppRoleId());
- } else {
- obsoleteRoles.add(oldAppRole);
- }
- } else {
- obsoleteRoles.add(oldAppRole);
- }
- }
- Collection<EcompRole> newRolesToAdd = newRolesMap.values();
- for (EcompRole role : newRolesToAdd) {
- logger.debug(EELFLoggerDelegate.debugLogger, "about to add missing role: "+role.toString());
- EPRole newRole = new EPRole();
- // Attention! All roles from remote application supposed to be active!
- newRole.setActive(true);
- newRole.setName(role.getName());
- newRole.setAppId(appId);
- newRole.setAppRoleId(role.getId());
- localSession.save(newRole);
- }
- if (obsoleteRoles.size() > 0) {
- logger.debug(EELFLoggerDelegate.debugLogger, "we have obsolete roles to delete");
- for (EPRole role : obsoleteRoles) {
- logger.debug(EELFLoggerDelegate.debugLogger, "obsolete role: "+role.toString());
- Long roleId = role.getId();
- // delete obsolete roles here
- // Must delete all records with foreign key constraints on fn_role:
- // fn_user_role, fn_role_composite, fn_role_function, fn_user_pseudo_role, fn_menu_functional_roles.
- // And for fn_menu_functional, if no other roles for that menu item, remove the url.
-
- // Delete from fn_user_role
- @SuppressWarnings("unchecked")
- List<EPUserApp> userRoles = localSession
- .createQuery("from " + EPUserApp.class.getName() + " where app.id=" + appId + " and role_id=" + roleId).list();
-
- logger.debug(EELFLoggerDelegate.debugLogger, "number of userRoles to delete: "+userRoles.size());
- for (EPUserApp userRole : userRoles) {
- logger.debug(EELFLoggerDelegate.debugLogger, "about to delete userRole: "+userRole.toString());
- localSession.delete(userRole);
- logger.debug(EELFLoggerDelegate.debugLogger, "finished deleting userRole: "+userRole.toString());
- }
-
- // Delete from fn_menu_functional_roles
- @SuppressWarnings("unchecked")
- List<FunctionalMenuRole> funcMenuRoles = localSession
- .createQuery("from " + FunctionalMenuRole.class.getName() + " where roleId=" + roleId).list();
- int numMenuRoles = funcMenuRoles.size();
- logger.debug(EELFLoggerDelegate.debugLogger, "number of funcMenuRoles for roleId: "+roleId+": "+numMenuRoles);
- for (FunctionalMenuRole funcMenuRole : funcMenuRoles) {
- Long menuId = funcMenuRole.menuId;
- // If this is the only role for this menu item, then the app and roles will be gone,
- // so must null out the url too, to be consistent
- @SuppressWarnings("unchecked")
- List<FunctionalMenuRole> funcMenuRoles2 = localSession
- .createQuery("from " + FunctionalMenuRole.class.getName() + " where menuId=" + menuId).list();
- int numMenuRoles2 = funcMenuRoles2.size();
- logger.debug(EELFLoggerDelegate.debugLogger, "number of funcMenuRoles for menuId: "+menuId+": "+numMenuRoles2);
- localSession.delete(funcMenuRole);
- if (numMenuRoles2 == 1) {
- // If this is the only role for this menu item, then the app and roles will be gone,
- // so must null out the url too, to be consistent
- logger.debug(EELFLoggerDelegate.debugLogger, "There is exactly 1 menu item for this role, so emptying the url");
- @SuppressWarnings("unchecked")
- List<FunctionalMenuItem> funcMenuItems = localSession
- .createQuery("from " + FunctionalMenuItem.class.getName() + " where menuId=" + menuId).list();
- if (funcMenuItems.size() > 0) {
- logger.debug(EELFLoggerDelegate.debugLogger, "got the menu item");
- FunctionalMenuItem funcMenuItem = funcMenuItems.get(0);
- funcMenuItem.url = "";
- localSession.update(funcMenuItem);
- }
- }
- }
-
- // Delete from fn_role_function
- String sql = "DELETE FROM fn_role_function WHERE role_id="+roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- Query query = localSession.createSQLQuery(sql);
- query.executeUpdate();
-
- // Delete from fn_role_composite
- sql = "DELETE FROM fn_role_composite WHERE parent_role_id="+roleId+" OR child_role_id="+roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
-
- // Delete from fn_user_pseudo_role
- sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id="+roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
-
- logger.debug(EELFLoggerDelegate.debugLogger, "about to delete the role: "+role.toString());
- localSession.delete(role);
- logger.debug(EELFLoggerDelegate.debugLogger, "deleted the role");
- }
- }
- logger.debug(EELFLoggerDelegate.debugLogger, "about to commit the transaction");
- transaction.commit();
- logger.debug(EELFLoggerDelegate.debugLogger, "committed the transaction");
- result = true;
- } catch (Exception e) {
- EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
- EcompPortalUtils.rollbackTransaction(transaction, "Exception occurred in syncAppRoles, Details: " + EcompPortalUtils.getStackTrace(e));
- } finally {
- localSession.close();
- if (!result) {
- throw new Exception("Exception occurred in syncAppRoles while closing database session for app: '" + appId + "'.");
- }
- }
- }
-
- // Called when updating the list of roles for the user
- private RolesInAppForUser constructRolesInAppForUserUpdate(String orgUserId, Long appId, Set<EcompRole> userRolesInRemoteApp) {
- RolesInAppForUser result;
- result = new RolesInAppForUser();
- result.appId = appId;
- result.orgUserId = orgUserId;
- for (EcompRole role : userRolesInRemoteApp) {
- RoleInAppForUser roleInAppForUser = new RoleInAppForUser();
- roleInAppForUser.roleId = role.getId();
- roleInAppForUser.roleName = role.getName();
- roleInAppForUser.isApplied = new Boolean(true);
- result.roles.add(roleInAppForUser);
- }
- return result;
- }
-
- private EPUser getUserFromRemoteApp(String orgUserId, EPApp app, ApplicationsRestClientService applicationsRestClientService) throws HTTPException {
- EPUser user = applicationsRestClientService.get(EPUser.class, app.getId(), String.format("/user/%s", orgUserId));
- return user;
- }
-
- private boolean remoteUserShouldBeCreated(List<RoleInAppForUser> roleInAppForUserList) {
- for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
- if (roleInAppForUser.isApplied.booleanValue()) {
- return true;
- }
- }
- return false;
- }
-
- private Set<EcompRole> postUsersRolesToRemoteApp(List<RoleInAppForUser> roleInAppForUserList, ObjectMapper mapper,
- ApplicationsRestClientService applicationsRestClientService, Long appId, String orgUserId) throws JsonProcessingException, HTTPException {
- Set<EcompRole> updatedUserRoles = constructUsersEcompRoles(roleInAppForUserList);
- String userRolesAsString = mapper.writeValueAsString(updatedUserRoles);
- applicationsRestClientService.post(EcompRole.class, appId, userRolesAsString, String.format("/user/%s/roles", orgUserId));
- // TODO: We should add code that verifies that the post operation did succeed. Because the SDK may still return 200 OK with an html page even when it fails!
- return updatedUserRoles;
- }
-
- private Set<EcompRole> constructUsersEcompRoles(List<RoleInAppForUser> roleInAppForUserList) {
- Set<EcompRole> existingUserRoles = new TreeSet<EcompRole>();
- for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
- if (roleInAppForUser.isApplied) {
- EcompRole ecompRole = new EcompRole();
- ecompRole.setId(roleInAppForUser.roleId);
- ecompRole.setName(roleInAppForUser.roleName);
- existingUserRoles.add(ecompRole);
- }
- }
- return existingUserRoles;
- }
-
- private static void createNewUserOnRemoteApp(String orgUserId, EPApp app, ApplicationsRestClientService applicationsRestClientService,
- SearchService searchService, ObjectMapper mapper) throws Exception {
- EPUser client = searchService.searchUserByUserId(orgUserId);
- if (client == null) {
- String msg = "cannot create user " + orgUserId + ", because he/she cannot be found in phonebook.";
- logger.error(EELFLoggerDelegate.errorLogger, msg);
- throw new Exception(msg);
- }
- client.setLoginId(orgUserId);
- client.setActive(true);
- // The remote doesn't care about other apps, and this has caused serialization problems - infinite recursion.
- client.getEPUserApps().clear();
- mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
- String userAsString = mapper.writeValueAsString(client);
- logger.debug(EELFLoggerDelegate.debugLogger, "about to post new client to remote application, users json = " + userAsString);
- applicationsRestClientService.post(EPUser.class, app.getId(), userAsString, String.format("/user", orgUserId));
- }
-
- public String updateRemoteUserProfile(String orgUserId, Long appId){
-
- ObjectMapper mapper = new ObjectMapper();
- mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
- EPUser client = searchService.searchUserByUserId(orgUserId);
- EPUser newUser = new EPUser();
- newUser.setActive(client.getActive());
- newUser.setFirstName(client.getFirstName());
- newUser.setLastName(client.getLastName());
- newUser.setLoginId(client.getLoginId());
- newUser.setLoginPwd(client.getLoginPwd());
- newUser.setMiddleInitial(client.getMiddleInitial());
- newUser.setEmail(client.getEmail());
- newUser.setOrgUserId(client.getLoginId());
- try {
- String userAsString = mapper.writeValueAsString(newUser);
- List<EPApp> appList = appsService.getUserRemoteApps(client.getId().toString());
- //applicationsRestClientService.post(EPUser.class, appId, userAsString, String.format("/user", orgUserId));
- for(EPApp eachApp : appList){
- try{
- applicationsRestClientService.post(EPUser.class, eachApp.getId(), userAsString, String.format("/user/%s", orgUserId));
- }catch(Exception e){
- logger.error(EELFLoggerDelegate.errorLogger, "Failed to update user: " + client.getOrgUserId() + " in remote app. appId = " + eachApp.getId());
- }
- }
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- return "failure";
- }
-
- return "success";
-
- }
-
- private static final Object syncRests = new Object();
-
- @Override
- public boolean setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser) {
- boolean result = false;
- String orgUserId = "";
- if (newAppRolesForUser != null && newAppRolesForUser.orgUserId != null) {
- orgUserId = newAppRolesForUser.orgUserId.trim();
- }
- Long appId = newAppRolesForUser.appId;
- List<RoleInAppForUser> roleInAppForUserList = newAppRolesForUser.appRoles;
- if (orgUserId.length() > 0) {
- ObjectMapper mapper = new ObjectMapper();
- mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
-
- try {
- EPApp app = appsService.getApp(appId);
- EPUser remoteAppUser = getUserFromRemoteApp(orgUserId, app, applicationsRestClientService);
- if (remoteAppUser == null) {
- if (remoteUserShouldBeCreated(roleInAppForUserList)) {
- createNewUserOnRemoteApp(orgUserId, app, applicationsRestClientService, searchService, mapper);
- // If we succeed, we know that the new user was persisted on remote app.
- remoteAppUser = getUserFromRemoteApp(orgUserId, app, applicationsRestClientService);
- if (remoteAppUser == null) {
- logger.error(EELFLoggerDelegate.errorLogger, "Failed to persist new user: " + orgUserId + " in remote app. appId = " + appId);
-// return null;
- }
- }
- }
- if (remoteAppUser != null) {
- Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper, applicationsRestClientService, appId, orgUserId);
- RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId, appId, userRolesInRemoteApp);
- result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser);
- }
- } catch (Exception e) {
- String message = String.format("Failed to create user or update user roles for the User %s, and for the AppId %s, Details: %s",
- orgUserId, Long.toString(appId), EcompPortalUtils.getStackTrace(e));
- logger.error(EELFLoggerDelegate.errorLogger, message);
- result = false;
- }
-
- }
- return result;
- }
-
- // This is for a single app
- private boolean applyChangesInUserRolesForAppToEcompDB(RolesInAppForUser rolesInAppForUser) {
- boolean result = false;
- String orgUserId = rolesInAppForUser.orgUserId;
- Long appId = rolesInAppForUser.appId;
- synchronized (syncRests) {
- if (rolesInAppForUser != null) {
- createLocalUserIfNecessary(orgUserId);
- }
-
- if (rolesInAppForUser != null) {
- EcompRole[] userAppRoles = new EcompRole[rolesInAppForUser.roles.size()];
- for (int i = 0; i < rolesInAppForUser.roles.size(); i++) {
- RoleInAppForUser roleInAppForUser = rolesInAppForUser.roles.get(i);
- EcompRole role = new EcompRole();
- role.setId(roleInAppForUser.roleId);
- role.setName(roleInAppForUser.roleName);
- userAppRoles[i] = role;
- }
- try {
- syncUserRoles(sessionFactory, orgUserId, appId, userAppRoles);
- result = true;
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "applyChangesInUserRolesForAppToEcompDB syncUserRoles, orgUserId = " + orgUserId);
- logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));
- }
- }
- }
- return result;
- }
-
- @Override
- public List<UserApplicationRoles> getUsersFromAppEndpoint(Long appId) throws HTTPException {
- RemoteUserWithRoles[] remoteUsers = applicationsRestClientService.get(RemoteUserWithRoles[].class, appId, "/users");
- ArrayList<UserApplicationRoles> userApplicationRoles = new ArrayList<UserApplicationRoles>();
- for (RemoteUserWithRoles remoteUser : remoteUsers) {
- UserApplicationRoles userWithRemoteAppRoles = convertToUserApplicationRoles(appId, remoteUser);
- if(userWithRemoteAppRoles.roles!=null && userWithRemoteAppRoles.roles.size()>0) {
- userApplicationRoles.add(userWithRemoteAppRoles);
- } else {
- logger.debug(EELFLoggerDelegate.debugLogger, "User " + userWithRemoteAppRoles.orgUserId + " doesn't have any roles assigned to any app.");
- }
- }
-
- return userApplicationRoles;
- }
-
- private UserApplicationRoles convertToUserApplicationRoles(Long appId, RemoteUserWithRoles remoteUser) {
- UserApplicationRoles userWithRemoteAppRoles = new UserApplicationRoles();
- userWithRemoteAppRoles.appId = appId;
- userWithRemoteAppRoles.orgUserId = remoteUser.loginId;
- userWithRemoteAppRoles.firstName = remoteUser.firstName;
- userWithRemoteAppRoles.lastName = remoteUser.lastName;
- userWithRemoteAppRoles.roles = remoteUser.roles;
- return userWithRemoteAppRoles;
- }
-
- public static void persistExternalRoleInEcompDb(EPRole externalAppRole, Long appId, EPRoleService roleService) {
- externalAppRole.setAppId(appId);
- externalAppRole.setAppRoleId(externalAppRole.getId());
- externalAppRole.setId(null); // We will persist a new role, with ecomp role id which will be different than external app role id.
-
- roleService.saveRole(externalAppRole);
- logger.debug(EELFLoggerDelegate.debugLogger, String.format("ECOMP persists role from app:%d, app roleId: %d, roleName: %s", appId, externalAppRole.getAppRoleId(), externalAppRole.getName()));
- }
-
- @Override
- public List<EPRole> importRolesFromRemoteApplication(Long appId) throws HTTPException {
- EPRole[] appRolesFull = applicationsRestClientService.get(EPRole[].class, appId, "/rolesFull");
- List<EPRole> rolesList = Arrays.asList(appRolesFull);
- for (EPRole externalAppRole : rolesList) {
-
- // Try to find an existing extern role for the app in the local ecomp DB. If so, then use its id to update the existing external application role record.
- Long externAppId = externalAppRole.getId();
- EPRole existingAppRole = epRoleService.getRole(appId, externAppId);
- if (existingAppRole != null) {
- logger.debug(EELFLoggerDelegate.debugLogger, String.format("ecomp role already exists for app=%s; appRoleId=%s. No need to import this one.", appId, externAppId));
- continue;
- }
- // persistExternalRoleInEcompDb(externalAppRole, appId, roleService);
- }
-
- return rolesList;
- }
-
- @Override
- public List<EPUserApp> getCachedAppRolesForUser(Long appId, Long userId) {
- // Find the records for this user-app combo, if any
- String filter = " where user_id = " + Long.toString(userId) + " and app_id = " + Long.toString(appId);
- @SuppressWarnings("unchecked")
- List<EPUserApp> roleList = dataAccessService.getList(EPUserApp.class, filter, null, null);
- logger.debug(EELFLoggerDelegate.debugLogger, "getCachedAppRolesForUser: list size is {}",
- roleList.size());
- return roleList;
- }
-
-}