* ===================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
* ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
*
* Unless otherwise specified, all software contained herein is licensed
* under the Apache License, Version 2.0 (the "License");
*
* ============LICENSE_END============================================
*
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ *
*/
package org.onap.portalapp.portal.service;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import java.util.SortedSet;
+import java.util.TreeSet;
+import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import org.hibernate.Transaction;
import org.json.JSONArray;
import org.json.JSONObject;
+import org.onap.portalapp.portal.domain.CentralV2RoleFunction;
import org.onap.portalapp.portal.domain.EPApp;
import org.onap.portalapp.portal.domain.EPRole;
import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.domain.EPUserApp;
import org.onap.portalapp.portal.domain.UserIdRoleId;
import org.onap.portalapp.portal.domain.UserRole;
+import org.onap.portalapp.portal.exceptions.RoleFunctionException;
import org.onap.portalapp.portal.logging.aop.EPMetricsLog;
import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
import org.onap.portalapp.portal.logging.logic.EPLogUtil;
import org.onap.portalapp.portal.transport.AppNameIdIsAdmin;
import org.onap.portalapp.portal.transport.AppsListWithAdminRole;
+import org.onap.portalapp.portal.transport.EPUserAppCurrentRoles;
import org.onap.portalapp.portal.transport.ExternalAccessUser;
import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
import org.onap.portalapp.portal.utils.EcompPortalUtils;
import org.onap.portalapp.portal.utils.PortalConstants;
+import org.onap.portalapp.util.EPUserUtils;
+import org.onap.portalsdk.core.domain.RoleFunction;
+import org.onap.portalsdk.core.domain.User;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.onap.portalsdk.core.service.DataAccessService;
import org.onap.portalsdk.core.util.SystemProperties;
import org.springframework.beans.factory.annotation.Autowired;
private Long SYS_ADMIN_ROLE_ID = 1L;
private Long ACCOUNT_ADMIN_ROLE_ID = 999L;
private Long ECOMP_APP_ID = 1L;
+ public static final String TYPE_APPROVER = "approver";
private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesServiceImpl.class);
private SearchService searchService;
@Autowired
private EPAppService appsService;
+ @Autowired
+ private ExternalAccessRolesService externalAccessRolesService;
private RestTemplate template = new RestTemplate();
try {
userList = dataAccessService.executeNamedQuery("getEPUserByOrgUserId", userParams, null);
} catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "getEPUserByOrgUserId failed", e);
+ logger.error(EELFLoggerDelegate.errorLogger, "getEPUserByOrgUserId failed", e);
}
-
+
HashMap<Long, Long> appsUserAdmin = new HashMap<Long, Long>();
if (userList!= null && userList.size() > 0) {
EPUser user = userList.get(0);
appsListWithAdminRole.orgUserId = orgUserId;
List<EPApp> appsList = null;
try {
- appsList = dataAccessService.getList(EPApp.class,
- " where ( enabled = 'Y' or id = " + ECOMP_APP_ID + ")", null, null);
+// appsList = dataAccessService.getList(EPApp.class,
+// null, null, null);
+
+ appsList = dataAccessService.getList(EPApp.class, null);
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "getAppsWithAdminRoleStateForUser 2 failed", e);
EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
List<EPApp> apps = appsService.getAppsFullList();
HashMap<Long, EPApp> enabledApps = new HashMap<Long, EPApp>();
for (EPApp app : apps) {
- if (app.getEnabled().booleanValue() || app.getId() == ECOMP_APP_ID) {
+// if (app.getEnabled().booleanValue() || app.getId() == ECOMP_APP_ID) {
enabledApps.put(app.getId(), app);
- }
+// }
}
List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin = new ArrayList<AppNameIdIsAdmin>();
for (AppNameIdIsAdmin adminRole : newAppsListWithAdminRoles.appsRoles) {
if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
// Add user admin role for list of centralized applications in external system
addAdminRoleInExternalSystem(user, localSession, newAppsWhereUserIsAdmin);
- }
+ result = true;
+ }
} catch (Exception e) {
EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
logger.error(EELFLoggerDelegate.errorLogger,
@SuppressWarnings("unchecked")
@Override
public boolean isSuperAdmin(EPUser user) {
- if ((user != null) /* && (user.getId() == null) */ && (user.getOrgUserId() != null)) {
+ if ((user != null) && (user.getOrgUserId() != null)) {
String sql = "SELECT user.USER_ID, user.org_user_id, userrole.ROLE_ID, userrole.APP_ID FROM fn_user_role userrole "
+ "INNER JOIN fn_user user ON user.USER_ID = userrole.USER_ID " + "WHERE user.org_user_id = '"
+ user.getOrgUserId() + "' " + "AND userrole.ROLE_ID = '" + SYS_ADMIN_ROLE_ID + "' "
"Exception occurred while executing isSuperAdmin operation", e);
}
}
- // else
- // {
- // User currentUser = user != null ? (User)
- // dataAccessService.getDomainObject(User.class, user.getId(), null) :
- // null;
- // if (currentUser != null && currentUser.getId() != null) {
- // for (UserApp userApp : currentUser.getUserApps()) {
- // if (userApp.getApp().getId().equals(ECOMP_APP_ID) &&
- // userApp.getRole().getId().equals(SYS_ADMIN_ROLE_ID)) {
- // // Super Administrator role is global, no need to keep iterating
- // return true;
- // }
- // }
- // }
- // }
return false;
}
public boolean isAccountAdmin(EPUser user) {
try {
- EPUser currentUser = user != null
- ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null)
- : null;
+ if (user == null) {
+ return false;
+ }
+
+ EPUser currentUser = (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null);
+
+ final Map<String, Long> userParams = new HashMap<>();
+ userParams.put("userId", user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId());
+ List<Integer> userAdminApps = new ArrayList<>();
+
+ userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}", user.getOrgUserId(), userAdminApps.size());
+
+
if (currentUser != null && currentUser.getId() != null) {
for (EPUserApp userApp : currentUser.getEPUserApps()) {
- if (// !userApp.getApp().getId().equals(ECOMP_APP_ID)
- // &&
- userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
+
+
+ if (userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)||(userAdminApps.size()>1)) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found Id {}", user.getOrgUserId(), userApp.getRole().getId());
// Account Administrator sees only the applications
// he/she is Administrator
return true;
return false;
}
+
+ public boolean isRoleAdmin(EPUser user) {
+ try {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access");
+
+ final Map<String, Long> userParams = new HashMap<>();
+ userParams.put("userId", user.getId());
+ List getRoleFuncListOfUser = dataAccessService.executeNamedQuery("getRoleFunctionsOfUserforAlltheApplications", userParams, null);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser" , getRoleFuncListOfUser);
+ Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser);
+ Set<String> getRoleFuncListOfPortalSet1=new HashSet<>();
+ Set<String> roleFunSet = new HashSet<>();
+ roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")).collect(Collectors.toSet());
+ if (roleFunSet.size() > 0)
+ for (String roleFunction : roleFunSet) {
+ String type = externalAccessRolesService.getFunctionCodeType(roleFunction);
+ getRoleFuncListOfPortalSet1.add(type);
+ }
+
+ boolean checkIfFunctionsExits = getRoleFuncListOfPortalSet1.stream()
+ .anyMatch(roleFunction -> roleFunction.equalsIgnoreCase("Approver"));
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction" , checkIfFunctionsExits);
+
+ return checkIfFunctionsExits;
+
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isRoleAdmin operation",
+ e);
+ }
+ return false;
+ }
+
public boolean isUser(EPUser user) {
try {
EPUser currentUser = user != null
@Override
public boolean isAccountAdminOfApplication(EPUser user, EPApp app) {
+ Boolean isApplicationAccountAdmin=false;
try {
- EPUser currentUser = user != null
- ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null;
- if (currentUser != null && currentUser.getId() != null) {
- SortedSet<EPUserApp> userApps = currentUser.getEPUserApps();
- EPUserApp userApp = userApps.stream()
- .filter(x -> x.getRole().getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)
- && x.getApp().getId().equals(app.getId()))
- .findAny().orElse(null);
- if (userApp != null) {
- return true;
- }
+ final Map<String, Long> userParams = new HashMap<>();
+ userParams.put("userId", user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId());
+ List<Integer> userAdminApps = new ArrayList<>();
+ userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null);
+ if(userAdminApps.size()>=1){
+ isApplicationAccountAdmin=userAdminApps.contains((int) (long) app.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(),app.getId());
+ }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while executing isAccountAdminOfApplication operation", e);
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger, "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin, user.getOrgUserId());
+ return isApplicationAccountAdmin;
+
+ }
+
+ @Override
+ public Set<String> getAllAppsFunctionsOfUser(String OrgUserId) throws RoleFunctionException {
+ final Map<String, String> params = new HashMap<>();
+ params.put("userId", OrgUserId);
+ List getRoleFuncListOfPortal = dataAccessService.executeNamedQuery("getAllAppsFunctionsOfUser", params, null);
+ Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfPortal);
+ Set<String> roleFunSet = new HashSet<>();
+ roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")).collect(Collectors.toSet());
+ if (roleFunSet.size() > 0)
+ for (String roleFunction : roleFunSet) {
+ String roleFun = EcompPortalUtils.getFunctionCode(roleFunction);
+ getRoleFuncListOfPortalSet.remove(roleFunction);
+ getRoleFuncListOfPortalSet.add(roleFun);
}
- } catch (Exception e) {
+
+ Set<String> finalRoleFunctionSet = new HashSet<>();
+ for (String roleFn : getRoleFuncListOfPortalSet) {
+ finalRoleFunctionSet.add(EPUserUtils.decodeFunctionCode(roleFn));
+ }
+
+// List<String> functionsOfUser = new ArrayList<>(getRoleFuncListOfPortal);
+ return finalRoleFunctionSet;
+ }
+
+
+ @Override
+ public boolean isAccountAdminOfAnyActiveorInactiveApplication(EPUser user, EPApp app) {
+ Boolean isApplicationAccountAdmin=false;
+ try {
+ final Map<String, Long> userParams = new HashMap<>();
+ userParams.put("userId", user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId());
+ List<Integer> userAdminApps = new ArrayList<>();
+ userAdminApps =dataAccessService.executeNamedQuery("getAllAdminAppsofTheUser", userParams, null);
+ if(userAdminApps.size()>=1){
+ isApplicationAccountAdmin=userAdminApps.contains((int) (long) app.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(),app.getId());
+ }
+ } catch (Exception e) {
EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
logger.error(EELFLoggerDelegate.errorLogger,
"Exception occurred while executing isAccountAdminOfApplication operation", e);
}
- return false;
+ logger.debug(EELFLoggerDelegate.debugLogger, "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin, user.getOrgUserId());
+ return isApplicationAccountAdmin;
+
}
}