* ===================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
* ===================================================================
- * Modifications Copyright (c) 2019 Samsung
+ * Modifications Copyright (c) 2019 Samsung
* ===================================================================
+ * Modifications Copyright (c) 2020 IBM
+ * ===================================================================
*
* Unless otherwise specified, all software contained herein is licensed
- * under the Apache License, Version 2.0 (the "License");
+ * under the Apache License, Version 2.0 (the "License");
* you may not use this software except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
+ * Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
-
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-
import javax.validation.ConstraintViolation;
import javax.validation.Valid;
import javax.validation.Validation;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;
-
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
* @throws Exception
*/
- @RequestMapping(value = { "/portalApi/get_roles/{appId}" }, method = RequestMethod.GET)
+ @GetMapping(value = { "/portalApi/get_roles/{appId}" })
public void getRoles(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId)
throws Exception {
try {
EPApp requestedApp = appService.getApp(appId);
if (isAuthorizedUser(user, requestedApp)) {
fieldsValidation(requestedApp);
- if (requestedApp.getCentralAuth()) {
+ if (requestedApp.getRolesInAAF()) {
List<CentralV2Role> answer = null;
Map<String, Object> model = new HashMap<>();
ObjectMapper mapper = new ObjectMapper();
}
}
- @RequestMapping(value = { "/portalApi/role_list/toggleRole/{appId}/{roleId}" }, method = RequestMethod.POST)
+ @PostMapping(value = { "/portalApi/role_list/toggleRole/{appId}/{roleId}" })
public Map<String, Object> toggleRole(HttpServletRequest request, HttpServletResponse response,
@PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception {
EPApp requestedApp = null;
return responseMap;
}
- @RequestMapping(value = { "/portalApi/role_list/removeRole/{appId}/{roleId}" }, method = RequestMethod.POST)
+ @PostMapping(value = { "/portalApi/role_list/removeRole/{appId}/{roleId}" })
public Map<String, Object> removeRole(HttpServletRequest request, HttpServletResponse response,
@PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception {
requestedApp = appService.getApp(appId);
if (isAuthorizedUser(user, requestedApp)) {
fieldsValidation(requestedApp);
- if (requestedApp.getCentralAuth()) {
+ if (requestedApp.getRolesInAAF()) {
externalRequestFieldsValidator = externalAccessRolesService.deleteDependencyRoleRecord(roleId,
requestedApp.getUebKey(), user.getOrgUserId());
boolean deleteResponse = externalRequestFieldsValidator.isResult();
"Deleted role for app:" + app.getId() + " and role:'" + roleId + "'",
PortalConstants.AUDIT_LOG_COMMENT_SIZE));
auditService.logActivity(auditLog, null);
- MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- EcompPortalUtils.calculateDateTimeDifferenceForLog(
- MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
- MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
- logger.info(EELFLoggerDelegate.auditLogger,
- EPLogUtil.formatAuditLogMessage("RoleManageController.removeRole",
- EcompAuditLog.CD_ACTIVITY_EXTERNAL_AUTH_DELETE_ROLE,
- String.valueOf(requestedUser.getId()), requestedUser.getOrgUserId(),
- roleId.toString()));
- MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
- MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
- MDC.remove(SystemProperties.MDC_TIMER);
+ String auditMessageInfo = EPLogUtil.formatAuditLogMessage("RoleManageController.removeRole",
+ EcompAuditLog.CD_ACTIVITY_EXTERNAL_AUTH_DELETE_ROLE,
+ String.valueOf(requestedUser.getId()), requestedUser.getOrgUserId(),
+ roleId.toString());
+
+ EPLogUtil.logAuditMessage(logger, auditMessageInfo);
+
} else {
restCallStatus = "Remove Role failed";
responseMap.put("error", externalRequestFieldsValidator.getDetailMessage());
return responseMap;
}
- @RequestMapping(value = { "/portalApi/role/saveRole/{appId}" }, method = RequestMethod.POST)
+ @PostMapping(value = { "/portalApi/role/saveRole/{appId}" })
public Map<String, Object> saveRole(HttpServletRequest request, HttpServletResponse response,
@PathVariable("appId") Long appId) throws Exception {
EPUser user = EPUserUtils.getUserSession(request);
EPApp requestedApp = appService.getApp(appId);
if (isAuthorizedUser(user, requestedApp)) {
fieldsValidation(requestedApp);
- if (requestedApp != null && requestedApp.getCentralAuth().equals(true)) {
+ if (requestedApp != null && requestedApp.getRolesInAAF().equals(true)) {
ObjectMapper mapper = new ObjectMapper();
mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
JsonNode root = mapper.readTree(request.getReader());
if (existRole.getName().equalsIgnoreCase(role.getName()))
throw new DuplicateRecordException("Role already exists: " + existRole.getName());
- domainRole = new CentralV2Role();
+ domainRole = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role();
domainRole.setName(role.getName());
domainRole.setPriority(role.getPriority());
domainRole.setActive(role.getActive());
PortalConstants.AUDIT_LOG_COMMENT_SIZE));
auditLog.setAffectedRecordId(user.getOrgUserId());
auditService.logActivity(auditLog, null);
- MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- EcompPortalUtils.calculateDateTimeDifferenceForLog(
- MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
- MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
- logger.info(EELFLoggerDelegate.auditLogger,
- EPLogUtil.formatAuditLogMessage("RoleManageController.saveRole", activityCode,
- String.valueOf(user.getId()), user.getOrgUserId(), role.getName()));
- MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
- MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
- MDC.remove(SystemProperties.MDC_TIMER);
+ String auditMessageInfo = EPLogUtil.formatAuditLogMessage("RoleManageController.saveRole", activityCode,
+ String.valueOf(user.getId()), user.getOrgUserId(), role.getName());
+
+ EPLogUtil.logAuditMessage(logger, auditMessageInfo);
+
responseMap.put("status", "Success");
responseMap.put("role", domainRole);
} else {
return responseMap;
}
- @RequestMapping(value = { "/portalApi/role/removeRoleFunction" }, method = RequestMethod.POST)
+ @PostMapping(value = { "/portalApi/role/removeRoleFunction" })
public ModelAndView removeRoleRoleFunction(HttpServletRequest request, HttpServletResponse response)
throws Exception {
return getRoleController().removeRoleFunction(request, response);
}
- @RequestMapping(value = { "/portalApi/role/addRoleFunction" }, method = RequestMethod.POST)
+ @PostMapping(value = { "/portalApi/role/addRoleFunction" })
public ModelAndView addRoleRoRoleFunction(HttpServletRequest request, HttpServletResponse response)
throws Exception {
return getRoleController().addRoleFunction(request, response);
}
- @RequestMapping(value = { "/portalApi/role/removeChildRole" }, method = RequestMethod.POST)
+ @PostMapping(value = { "/portalApi/role/removeChildRole" })
public ModelAndView removeChildRole(HttpServletRequest request, HttpServletResponse response) throws Exception {
return getRoleController().removeChildRole(request, response);
}
- @RequestMapping(value = { "/portalApi/role/addChildRole" }, method = RequestMethod.POST)
+ @PostMapping(value = { "/portalApi/role/addChildRole" })
public ModelAndView addChildRole(HttpServletRequest request, HttpServletResponse response) throws Exception {
return getRoleController().addChildRole(request, response);
}
- @RequestMapping(value = { "/portalApi/get_role/{appId}/{roleId}" }, method = RequestMethod.GET)
+ @GetMapping(value = { "/portalApi/get_role/{appId}/{roleId}" })
public void getRole(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId,
@PathVariable("roleId") Long roleId) throws Exception {
try {
EPApp requestedApp = appService.getApp(appId);
if (isAuthorizedUser(user, requestedApp)) {
fieldsValidation(requestedApp);
- if (requestedApp.getCentralAuth()) {
+ if (requestedApp.getRolesInAAF()) {
CentralV2Role answer = externalAccessRolesService.getRoleInfo(roleId, requestedApp.getUebKey());
logger.info(EELFLoggerDelegate.applicationLogger, "role_id" + roleId);
Map<String, Object> model = new HashMap<>();
}
}
- @RequestMapping(value = { "/portalApi/get_role_functions/{appId}" }, method = RequestMethod.GET)
+ @GetMapping(value = { "/portalApi/get_role_functions/{appId}" })
public void getRoleFunctionList(HttpServletRequest request, HttpServletResponse response,
@PathVariable("appId") Long appId) throws Exception {
try {
EPApp requestedApp = appService.getApp(appId);
if (isAuthorizedUser(user, requestedApp)) {
fieldsValidation(requestedApp);
- if (requestedApp.getCentralAuth()) {
+ if (requestedApp.getRolesInAAF()) {
List<CentralV2RoleFunction> answer = null;
Map<String, Object> model = new HashMap<>();
ObjectMapper mapper = new ObjectMapper();
}
}
- @RequestMapping(value = { "/portalApi/role_function_list/saveRoleFunction/{appId}" }, method = RequestMethod.POST)
+ @PostMapping(value = { "/portalApi/role_function_list/saveRoleFunction/{appId}" })
public PortalRestResponse<String> saveRoleFunction(HttpServletRequest request, HttpServletResponse response, @Valid @RequestBody CentralV2RoleFunction roleFunc,
@PathVariable("appId") Long appId) throws Exception {
if (roleFunc!=null) {
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Data is not valid", "ERROR");
}
}
+
EPUser user = EPUserUtils.getUserSession(request);
boolean saveOrUpdateResponse = false;
try {
EPApp requestedApp = appService.getApp(appId);
if (isAuthorizedUser(user, requestedApp)) {
fieldsValidation(requestedApp);
- if (requestedApp.getCentralAuth()) {
+ if (requestedApp.getRolesInAAF() && roleFunc!=null) {
String code = roleFunc.getType() + PIPE + roleFunc.getCode() + PIPE + roleFunc.getAction();
CentralV2RoleFunction domainRoleFunction = externalAccessRolesService.getRoleFunction(code,
requestedApp.getUebKey());
"saveRoleFunction role for app:" + app.getId() + " and function:'" + code + "'",
PortalConstants.AUDIT_LOG_COMMENT_SIZE));
auditService.logActivity(auditLog, null);
- MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- EcompPortalUtils.calculateDateTimeDifferenceForLog(MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
- MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
- logger.info(EELFLoggerDelegate.auditLogger,
- EPLogUtil.formatAuditLogMessage("RoleManageController.saveRoleFunction", activityCode,
- String.valueOf(requestedUser.getId()), requestedUser.getOrgUserId(), code));
- MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
- MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
- MDC.remove(SystemProperties.MDC_TIMER);
+ String auditMessageInfo = EPLogUtil.formatAuditLogMessage("RoleManageController.saveRoleFunction", activityCode,
+ String.valueOf(requestedUser.getId()), requestedUser.getOrgUserId(), code);
+
+ EPLogUtil.logAuditMessage(logger, auditMessageInfo);
}
private void addIfTypeActionDoesNotExits(CentralV2RoleFunction domainRoleFunction) {
}
}
- @RequestMapping(value = { "/portalApi/role_function_list/removeRoleFunction/{appId}" }, method = RequestMethod.POST)
+ @PostMapping(value = { "/portalApi/role_function_list/removeRoleFunction/{appId}" })
public PortalRestResponse<String> removeRoleFunction(HttpServletRequest request, HttpServletResponse response,
@RequestBody String roleFunc, @PathVariable("appId") Long appId) throws Exception {
EPUser user = EPUserUtils.getUserSession(request);
EPApp requestedApp = appService.getApp(appId);
if (isAuthorizedUser(user, requestedApp)) {
fieldsValidation(requestedApp);
- if (requestedApp.getCentralAuth()) {
+ if (requestedApp.getRolesInAAF()) {
ObjectMapper mapper = new ObjectMapper();
String data = roleFunc;
boolean getDelFuncResponse = false;
+ domainRoleFunction.getCode() + "'",
PortalConstants.AUDIT_LOG_COMMENT_SIZE));
auditService.logActivity(auditLog, null);
- MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- EcompPortalUtils.calculateDateTimeDifferenceForLog(
- MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
- MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
- logger.info(EELFLoggerDelegate.auditLogger,
- EPLogUtil.formatAuditLogMessage("RoleManageController.removeRoleFunction",
- EcompAuditLog.CD_ACTIVITY_EXTERNAL_AUTH_DELETE_FUNCTION,
- String.valueOf(user.getId()), user.getOrgUserId(),
- domainRoleFunction.getCode()));
- MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
- MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
- MDC.remove(SystemProperties.MDC_TIMER);
+ String auditMessageInfo = EPLogUtil.formatAuditLogMessage("RoleManageController.removeRoleFunction",
+ EcompAuditLog.CD_ACTIVITY_EXTERNAL_AUTH_DELETE_FUNCTION,
+ String.valueOf(user.getId()), user.getOrgUserId(),
+ domainRoleFunction.getCode());
+
+ EPLogUtil.logAuditMessage(logger, auditMessageInfo);
logger.info(EELFLoggerDelegate.auditLogger,
"Remove role function " + domainRoleFunction.getName());
}
return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Deleted Successfully!", "Success");
}
- @RequestMapping(value = { "/portalApi/centralizedApps" }, method = RequestMethod.GET)
- public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) throws IOException {
+ @GetMapping(value = { "/portalApi/centralizedApps" })
+ public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) {
if(userId!=null) {
SecureString secureString = new SecureString(userId);
return null;
}
}
+
EPUser user = EPUserUtils.getUserSession(request);
List<CentralizedApp> applicationsList = null;
if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user)
this.roleController = roleController;
}
- @RequestMapping(value = { "/portalApi/syncRoles" }, method = RequestMethod.POST, produces = "application/json")
+ @PostMapping(value = { "/portalApi/syncRoles" }, produces = "application/json")
public PortalRestResponse<String> syncRoles(HttpServletRequest request, HttpServletResponse response,
@RequestBody Long appId) {
EPUser user = EPUserUtils.getUserSession(request);
return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Sync roles completed successfully!", "Success");
}
- @RequestMapping(value = { "/portalApi/syncFunctions" }, method = RequestMethod.POST, produces = "application/json")
+ @PostMapping(value = { "/portalApi/syncFunctions" }, produces = "application/json")
public PortalRestResponse<String> syncFunctions(HttpServletRequest request, HttpServletResponse response,
@RequestBody Long appId) {
EPUser user = EPUserUtils.getUserSession(request);
throw new InvalidApplicationException("Invalid credentials");
}
if (!appInfo.isEmpty() && EcompPortalUtils.checkIfRemoteCentralAccessAllowed()
- && appInfo.get(0).getCentralAuth()) {
+ && appInfo.get(0).getRolesInAAF()) {
ResponseEntity<String> response = externalAccessRolesService.getNameSpaceIfExists(appInfo.get(0));
if (response.getStatusCode().value() == HttpServletResponse.SC_NOT_FOUND)
throw new InvalidApplicationException("Invalid NameSpace");
private boolean isAuthorizedUser(EPUser user, EPApp requestedApp) {
if (user != null && (adminRolesService.isAccountAdminOfApplication(user, requestedApp)
- || (adminRolesService.isSuperAdmin(user) && requestedApp.getId() == PortalConstants.PORTAL_APP_ID)))
+ || (adminRolesService.isSuperAdmin(user) && requestedApp.getId().equals(PortalConstants.PORTAL_APP_ID))))
return true;
return false;
}
response.getWriter().write("Unauthorized User");
}
- @RequestMapping(value = {
- "/portalApi/uploadRoleFunction/{appId}" }, method = RequestMethod.POST, produces = "application/json")
+ @PostMapping(value = {
+ "/portalApi/uploadRoleFunction/{appId}" }, produces = "application/json")
public PortalRestResponse<String> bulkUploadRoleFunc(HttpServletRequest request, HttpServletResponse response,
@RequestBody UploadRoleFunctionExtSystem data, @PathVariable("appId") Long appId) {
EPUser user = EPUserUtils.getUserSession(request);
Code Review / portal.git / blobdiff