* ============LICENSE_START==========================================
* ONAP Portal
* ===================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
* ===================================================================
*
* Unless otherwise specified, all software contained herein is licensed
import org.onap.portalapp.portal.transport.AppNameIdIsAdmin;
import org.onap.portalapp.portal.transport.AppWithRolesForUser;
import org.onap.portalapp.portal.transport.AppsListWithAdminRole;
+import org.onap.portalapp.portal.transport.EpNotificationItem;
+import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator;
import org.onap.portalapp.portal.transport.FieldsValidator;
import org.onap.portalapp.portal.transport.RoleInAppForUser;
import org.onap.portalapp.portal.transport.UserApplicationRoles;
import org.slf4j.MDC;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
+import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
HttpServletResponse response) {
EPUser user = EPUserUtils.getUserSession(request);
String searchResult = null;
- if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
+ if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
EcompPortalUtils.setBadPermissions(user, response, "getPhoneBookSearchResult");
} else {
searchString = searchString.trim();
}
}else{
logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleStateForUser: putAppsWithAdminRoleStateForUser result is null");
+ fieldsValidator.httpStatusCode = new Long(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
logger.info(EELFLoggerDelegate.errorLogger, newAppRoles.toString());
@RequestMapping(value = { "/portalApi/userAppRoles" }, method = {
RequestMethod.GET }, produces = "application/json")
public List<RoleInAppForUser> getAppRolesForUser(HttpServletRequest request, @RequestParam("user") String orgUserId,
- @RequestParam("app") Long appid, @RequestParam("externalRequest") Boolean extRequestValue,
+ @RequestParam("app") Long appid, @RequestParam("externalRequest") Boolean extRequestValue,@RequestParam("isSystemUser") Boolean isSystemUser,
HttpServletResponse response) {
EPUser user = EPUserUtils.getUserSession(request);
List<RoleInAppForUser> result = null;
String feErrorString = "";
- if (!adminRolesService.isAccountAdmin(user)) {
+ if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}", adminRolesService.isAccountAdmin(user) , adminRolesService.isRoleAdmin(user));
EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser");
feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus());
} else {
- if (EcompPortalUtils.legitimateUserId(orgUserId)) {
- result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue);
+ if ((!isSystemUser && EcompPortalUtils.legitimateUserId(orgUserId)) || isSystemUser) {
+ result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user);
+ logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}", result , appid);
int responseCode = EcompPortalUtils.getExternalAppResponseCode();
if (responseCode != 0 && responseCode != 200) {
// external error
@RequestMapping(value = { "/portalApi/userAppRoles" }, method = {
RequestMethod.PUT }, produces = "application/json")
- public FieldsValidator putAppWithUserRoleStateForUser(HttpServletRequest request,
+ public PortalRestResponse<String> putAppWithUserRoleStateForUser(HttpServletRequest request,
@RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
- FieldsValidator fieldsValidator = new FieldsValidator();
+ //FieldsValidator fieldsValidator = new FieldsValidator();
+ PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
StringBuilder sbUserApps = new StringBuilder();
if (newAppRolesForUser != null) {
- sbUserApps.append("User '" + newAppRolesForUser.orgUserId);
- if (newAppRolesForUser.appRoles != null && newAppRolesForUser.appRoles.size() >= 1) {
+ sbUserApps.append("User '" + newAppRolesForUser.getOrgUserId());
+ if (newAppRolesForUser.getAppId() != null && !newAppRolesForUser.getAppRoles().isEmpty()) {
sbUserApps.append("' has roles = { ");
- for (RoleInAppForUser appRole : newAppRolesForUser.appRoles) {
+ for (RoleInAppForUser appRole : newAppRolesForUser.getAppRoles()) {
if (appRole.isApplied) {
sbUserApps.append(appRole.roleName + " ,");
}
}
sbUserApps.deleteCharAt(sbUserApps.length() - 1);
- sbUserApps.append("} assigned for the app " + newAppRolesForUser.appId);
+ sbUserApps.append("} assigned for the app " + newAppRolesForUser.getAppId());
} else {
- sbUserApps.append("' has no roles assigned for app " + newAppRolesForUser.appId);
+ sbUserApps.append("' has no roles assigned for app " + newAppRolesForUser.getAppId());
}
}
logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}", sbUserApps.toString());
EPUser user = EPUserUtils.getUserSession(request);
- boolean changesApplied = false;
- if (!adminRolesService.isAccountAdmin(user)) {
+ //boolean changesApplied = false;
+ ExternalRequestFieldsValidator changesApplied = null;
+
+ if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser");
} else if(newAppRolesForUser==null){
logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleStateForUser: newAppRolesForUser is null");
} else{
- changesApplied = userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
- if (changesApplied) {
+ changesApplied= userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
+ try{
+ if (changesApplied.isResult()) {
logger.info(EELFLoggerDelegate.applicationLogger,
- "putAppWithUserRoleStateForUser: succeeded for app {}, user {}", newAppRolesForUser.appId,
- newAppRolesForUser.orgUserId);
+ "putAppWithUserRoleStateForUser: succeeded for app {}, user {}", newAppRolesForUser.getAppId(),
+ newAppRolesForUser.getAppId());
MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
AuditLog auditLog = new AuditLog();
auditLog.setUserId(user.getId());
auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_USER);
- auditLog.setAffectedRecordId(newAppRolesForUser.orgUserId);
+ auditLog.setAffectedRecordId(newAppRolesForUser.getOrgUserId());
auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(), PortalConstants.AUDIT_LOG_COMMENT_SIZE));
auditService.logActivity(auditLog, null);
logger.info(EELFLoggerDelegate.auditLogger,
EPLogUtil.formatAuditLogMessage("UserRolesController.putAppWithUserRoleStateForUser",
EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(),
- newAppRolesForUser.orgUserId, sbUserApps.toString()));
+ newAppRolesForUser.getOrgUserId(), sbUserApps.toString()));
MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
MDC.remove(SystemProperties.MDC_TIMER);
- } else {
+ portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK,"success",null);
+
+ }
+ if (!changesApplied.isResult())
+ throw new Exception(changesApplied.getDetailMessage());
+
+ }catch (Exception e){
logger.error(EELFLoggerDelegate.errorLogger,
- "putAppWithUserRoleStateForUser: failed for app {}, user {}", newAppRolesForUser.appId,
- newAppRolesForUser.orgUserId);
+ "putAppWithUserRoleStateForUser: failed for app {}, user {}", newAppRolesForUser.getAppId(),
+ newAppRolesForUser.getOrgUserId());
+ portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null);
}
}
EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied);
- return fieldsValidator;
+ return portalResponse;
}
-
+
+
@RequestMapping(value = { "/portalApi/updateRemoteUserProfile" }, method = {
RequestMethod.GET }, produces = "application/json")
public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request,
return result;
}
+ @RequestMapping(value = { "/portalApi/checkIfUserIsSuperAdmin" }, method = RequestMethod.GET, produces = "application/json")
+ public boolean checkIfUserIsSuperAdmin(HttpServletRequest request,
+ HttpServletResponse response) {
+ EPUser user = EPUserUtils.getUserSession(request);
+ boolean isSuperAdmin = false;
+ try {
+ isSuperAdmin = adminRolesService.isSuperAdmin(user) ;
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "checkIfUserIsSuperAdmin failed: " + e.getMessage());
+ }
+ return isSuperAdmin;
+ }
}
Code Review / portal.git / blobdiff