* ============LICENSE_START==========================================
* ONAP Portal
* ===================================================================
- * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
* ===================================================================
*
* Unless otherwise specified, all software contained herein is licensed
import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
import org.onap.portalapp.portal.logging.aop.EPAuditLog;
import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice;
+import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
import org.onap.portalapp.portal.logging.logic.EPLogUtil;
import org.onap.portalapp.portal.service.AdminRolesService;
import org.onap.portalapp.portal.service.ApplicationsRestClientService;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.onap.portalsdk.core.service.AuditService;
+import org.onap.portalsdk.core.service.DataAccessService;
import org.onap.portalsdk.core.util.SystemProperties;
import org.slf4j.MDC;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
private ApplicationsRestClientService applicationsRestClientService;
@Autowired
private AuditService auditService;
+ @Autowired
+ private DataAccessService dataAccessService;
private static final String FAILURE = "failure";
* @param response HttpServletResponse
* @return array of found users as json
*/
- @RequestMapping(value = { "/portalApi/queryUsers" }, method = RequestMethod.GET, produces = "application/json")
+ @GetMapping(value = { "/portalApi/queryUsers" }, produces = "application/json")
public String getPhoneBookSearchResult(HttpServletRequest request, @RequestParam("search") String searchString,
HttpServletResponse response) {
EPUser user = EPUserUtils.getUserSession(request);
* @param response HttpServletResponse
* @return for GET: array of all applications with boolean isAdmin=true/false for each application
*/
- @RequestMapping(value = { "/portalApi/adminAppsRoles" }, method = {
- RequestMethod.GET }, produces = "application/json")
+ @GetMapping(value = { "/portalApi/adminAppsRoles" }, produces = "application/json")
public AppsListWithAdminRole getAppsWithAdminRoleStateForUser(HttpServletRequest request,
@RequestParam("user") String orgUserId, HttpServletResponse response) {
* @param response HttpServletResponse
* @return FieldsValidator
*/
- @RequestMapping(value = { "/portalApi/adminAppsRoles" }, method = {
- RequestMethod.PUT }, produces = "application/json")
+ @PutMapping(value = { "/portalApi/adminAppsRoles" }, produces = "application/json")
public FieldsValidator putAppsWithAdminRoleStateForUser(HttpServletRequest request,
@RequestBody AppsListWithAdminRole newAppsListWithAdminRoles, HttpServletResponse response) {
auditLog.setComments(
EcompPortalUtils.truncateString(newAppRoles.toString(), PortalConstants.AUDIT_LOG_COMMENT_SIZE));
auditService.logActivity(auditLog, null);
+ String auditMessageInfo = EPLogUtil.formatAuditLogMessage("UserRolesController.putAppsWithAdminRoleStateForUser",
+ EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN, user.getOrgUserId(),
+ newAppsListWithAdminRoles.orgUserId, newAppRoles.toString());
- MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- EcompPortalUtils.calculateDateTimeDifferenceForLog(
- MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
- MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
- if (newAppsListWithAdminRoles != null) {
- logger.info(EELFLoggerDelegate.auditLogger,
- EPLogUtil.formatAuditLogMessage("UserRolesController.putAppsWithAdminRoleStateForUser",
- EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN, user.getOrgUserId(),
- newAppsListWithAdminRoles.orgUserId, newAppRoles.toString()));
- }
- MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
- MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
- MDC.remove(SystemProperties.MDC_TIMER);
+ EPLogUtil.logAuditMessage(logger, auditMessageInfo);
+
}
EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "put result =", changesApplied);
* @param extRequestValue set to false if request is from users page otherwise true
* @return List<RoleInAppForUser>
*/
- @RequestMapping(value = { "/portalApi/userAppRoles" }, method = {
- RequestMethod.GET }, produces = "application/json")
+ @GetMapping(value = { "/portalApi/userAppRoles" }, produces = "application/json")
public List<RoleInAppForUser> getAppRolesForUser(HttpServletRequest request, @RequestParam("user") String orgUserId,
@RequestParam("app") Long appid, @RequestParam("externalRequest") Boolean extRequestValue,
@RequestParam("isSystemUser") Boolean isSystemUser,
EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser");
feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus());
} else {
+ try {
+ if(orgUserId!=null) {
+ EPUser localUser = getUserInfo(orgUserId,applicationsRestClientService);
+ if(localUser !=null) {
+ if(localUser.isSystemUser()) {
+ isSystemUser = true;
+ }
+ }
+ }
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "isSystemUser update failed", e);
+ }
if ((!isSystemUser && EcompPortalUtils.legitimateUserId(orgUserId)) || isSystemUser) {
result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user);
logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}", result, appid);
return result;
}
- @RequestMapping(value = { "/portalApi/userAppRoles" }, method = {
- RequestMethod.PUT }, produces = "application/json")
+ @PutMapping(value = { "/portalApi/userAppRoles" }, produces = "application/json")
public PortalRestResponse<String> putAppWithUserRoleStateForUser(HttpServletRequest request,
@RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
// FieldsValidator fieldsValidator = new FieldsValidator();
auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(),
PortalConstants.AUDIT_LOG_COMMENT_SIZE));
auditService.logActivity(auditLog, null);
+ String auditMessageInfo = EPLogUtil.formatAuditLogMessage("UserRolesController.putAppWithUserRoleStateForUser",
+ EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(),
+ newAppRolesForUser.getOrgUserId(), sbUserApps.toString());
- MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- EcompPortalUtils.calculateDateTimeDifferenceForLog(
- MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
- MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
- logger.info(EELFLoggerDelegate.auditLogger,
- EPLogUtil.formatAuditLogMessage("UserRolesController.putAppWithUserRoleStateForUser",
- EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(),
- newAppRolesForUser.getOrgUserId(), sbUserApps.toString()));
- MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
- MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
- MDC.remove(SystemProperties.MDC_TIMER);
- portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null);
+ EPLogUtil.logAuditMessage(logger, auditMessageInfo);
+
+ portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null);
}
if (!changesApplied.isResult())
return portalResponse;
}
- @RequestMapping(value = { "/portalApi/updateRemoteUserProfile" }, method = {
- RequestMethod.GET }, produces = "application/json")
+ @GetMapping(value = { "/portalApi/updateRemoteUserProfile" }, produces = "application/json")
public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request,
HttpServletResponse response) {
}
- @RequestMapping(value = { "/portalApi/app/{appId}/users" }, method = {
- RequestMethod.GET }, produces = "application/json")
+ @GetMapping(value = { "/portalApi/app/{appId}/users" }, produces = "application/json")
public List<UserApplicationRoles> getUsersFromAppEndpoint(HttpServletRequest request,
@PathVariable("appId") Long appId) throws HTTPException {
try {
}
}
- @RequestMapping(value = { "/portalApi/app/{appId}/roles" }, method = {
- RequestMethod.GET }, produces = "application/json")
+ @GetMapping(value = { "/portalApi/app/{appId}/roles" }, produces = "application/json")
public List<EcompRole> testGetRoles(HttpServletRequest request, @PathVariable("appId") Long appId)
throws HTTPException {
EcompRole[] appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles");
return rolesList;
}
- @RequestMapping(value = { "/portalApi/admin/import/app/{appId}/roles" }, method = {
- RequestMethod.GET }, produces = "application/json")
+ @GetMapping(value = { "/portalApi/admin/import/app/{appId}/roles" }, produces = "application/json")
public List<EPRole> importRolesFromRemoteApplication(HttpServletRequest request, @PathVariable("appId") Long appId)
throws HTTPException {
List<EPRole> rolesList = userRolesService.importRolesFromRemoteApplication(appId);
return rolesList;
}
- @RequestMapping(value = { "/portalApi/app/{appId}/user/{orgUserId}/roles" }, method = {
- RequestMethod.GET }, produces = "application/json")
+ @GetMapping(value = { "/portalApi/app/{appId}/user/{orgUserId}/roles" }, produces = "application/json")
public EcompRole testGetRoles(HttpServletRequest request, @PathVariable("appId") Long appId,
@PathVariable("orgUserId") String orgUserId) throws Exception {
if (!EcompPortalUtils.legitimateUserId(orgUserId)) {
return roles[0];
}
- @RequestMapping(value = { "/portalApi/saveUserAppRoles" }, method = {
- RequestMethod.PUT }, produces = "application/json")
+ @PutMapping(value = { "/portalApi/saveUserAppRoles" }, produces = "application/json")
public FieldsValidator putAppWithUserRoleRequest(HttpServletRequest request,
@RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
FieldsValidator fieldsValidator = null;
return fieldsValidator;
}
- @RequestMapping(value = { "/portalApi/appCatalogRoles" }, method = {
- RequestMethod.GET }, produces = "application/json")
+ @GetMapping(value = { "/portalApi/appCatalogRoles" }, produces = "application/json")
public List<EPUserAppCatalogRoles> getUserAppCatalogRoles(HttpServletRequest request,
@RequestParam("appName") String appName) {
EPUser user = EPUserUtils.getUserSession(request);
}
};
- @RequestMapping(value = "/portalApi/externalRequestAccessSystem", method = RequestMethod.GET,
+ @GetMapping(value = "/portalApi/externalRequestAccessSystem",
produces = "application/json")
public ExternalSystemAccess readExternalRequestAccess(HttpServletRequest request) {
ExternalSystemAccess result = null;
return result;
}
- @RequestMapping(value = { "/portalApi/checkIfUserIsSuperAdmin" }, method = RequestMethod.GET,
- produces = "application/json")
+ @GetMapping(value = { "/portalApi/checkIfUserIsSuperAdmin" }, produces = "application/json")
public boolean checkIfUserIsSuperAdmin(HttpServletRequest request,
HttpServletResponse response) {
EPUser user = EPUserUtils.getUserSession(request);
}
return isSuperAdmin;
}
+
+ /**
+ *
+ * @param userId
+ * @param app
+ * @param applicationsRestClientService
+ * @return EPUser
+ * @throws HTTPException
+ */
+ protected EPUser getUserInfo(String userId, ApplicationsRestClientService applicationsRestClientService)
+ throws HTTPException {
+ @SuppressWarnings("unchecked")
+ List<EPUser> userList = (List<EPUser>) dataAccessService
+ .executeQuery("from EPUser where orgUserId='" + userId + "'", null);
+ if (userList != null && !userList.isEmpty())
+ return userList.get(0);
+ else
+ return null;
+ }
}
Code Review / portal.git / blobdiff