* ============LICENSE_START==========================================
* ONAP Portal
* ===================================================================
- * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
* ===================================================================
*
* Unless otherwise specified, all software contained herein is licensed
client = new EPUser();
client.setOrgUserId(userId);
client.setSystemUser(true);
- client.setFirstName(userId.substring(0,userId.indexOf("@")));
+ if (userId.indexOf("@") != -1) {
+ client.setFirstName(userId.substring(0,userId.indexOf("@")));
+ }
+ else {
+ client.setFirstName(userId);
+ }
}
if (client == null) {
String msg = "createLocalUserIfNecessary: cannot create user " + userId
.setParameter("appId",appId)
.list();
for (EPRole role : roles) {
- if (!extRequestValue && app.getCentralAuth()) {
+ if (!extRequestValue && app.getRolesInAAF()) {
rolesMap.put(role.getId(), role);
} else {
rolesMap.put(role.getAppRoleId(), role);
}
}
}
-
applyChangesToUserAppRolesForMyLoginsRequest(user, appId);
- boolean systemUser = newAppRolesForUser.isSystemUser();
+ Boolean systemUser = (newAppRolesForUser.getIsSystemUser() != null ? newAppRolesForUser.getIsSystemUser() : false);
- if ((app.getCentralAuth() || app.getId().equals(PortalConstants.PORTAL_APP_ID)) && systemUser) {
+ if ((app.getRolesInAAF() || app.getId().equals(PortalConstants.PORTAL_APP_ID)) && systemUser) {
Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper,
applicationsRestClientService, appId, userId);
result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, "Portal",
systemUser,rolesGotDeletedByApprover,false);
- }else if (!app.getCentralAuth() && systemUser)
+ }else if (!app.getRolesInAAF() && systemUser)
{
throw new Exception("For non-centralized application we cannot add systemUser");
}
else{ // if centralized app
- if (app.getCentralAuth()) {
- if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
+ if (app.getRolesInAAF()) {
+
+ if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && (app.getAppAck() != null && app.getAppAck())) {
+ logger.debug(EELFLoggerDelegate.debugLogger,"setAppWithUserRoleStateForUser: calling pushRemoteUser method for Central application");
+ logger.debug(EELFLoggerDelegate.debugLogger,"setAppWithUserRoleStateForUser:"+app.getAppAck());
pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService,
applicationsRestClientService,false);
}
userRolesInLocalApp);
List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.roles;
if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
-
- // Apply changes in external Access system
+
+ // Apply changes in external Access system
updateUserRolesInExternalSystem(app, rolesInAppForUser.orgUserId, roleAppUserList,
epRequestValue,false,rolesGotDeletedFromApprover,checkIfUserisOnlyRoleAdmin);
}
result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, "Portal", systemUser,rolesGotDeletedFromApprover,checkIfUserisOnlyRoleAdmin);
}
// In case if portal is not centralized then follow existing approach
- else if(!app.getCentralAuth() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){
+ else if(!app.getRolesInAAF() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){
Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper,
applicationsRestClientService, appId, userId);
RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId,
result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, "Portal",false,rolesGotDeletedByApprover,false);
} else{// remote app
EPUser remoteAppUser = null;
- if(!app.getCentralAuth() && !app.getId().equals(PortalConstants.PORTAL_APP_ID)){
+ if(!app.getRolesInAAF() && !app.getId().equals(PortalConstants.PORTAL_APP_ID)){
remoteAppUser = checkIfRemoteUserExits(userId, app, applicationsRestClientService);
* @param roleInAppUser Contains list of active roles
*/
@SuppressWarnings("unchecked")
- private void updateUserRolesInExternalSystem(EPApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser, boolean isPortalRequest,boolean isSystemUser,Set<EcompRole> deletedRolesByApprover,boolean isLoggedInUserRoleAdminofApp) throws Exception
+ private void updateUserRolesInExternalSystem(EPApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser, boolean isPortalRequest,boolean nonHumanUserId,Set<EcompRole> deletedRolesByApprover,boolean isLoggedInUserRoleAdminofApp) throws Exception
{
try {
// check if user exists
userParams.put("orgUserIdValue", orgUserId);
List<EPUser> userInfo = checkIfUserExists(userParams);
if (userInfo.isEmpty()) {
- createLocalUserIfNecessary(orgUserId, isSystemUser);
+ createLocalUserIfNecessary(orgUserId, nonHumanUserId);
}
String name = "";
if (EPCommonSystemProperties
- .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) && !isSystemUser) {
- name = orgUserId
- + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+ .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) && !nonHumanUserId) {
+ if(orgUserId.indexOf("@") ==-1) {
+ name = orgUserId + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+ }else {
+ name = orgUserId;
+ }
} else {
name = orgUserId;
+ if(nonHumanUserId && orgUserId!=null) {
+ if(orgUserId.indexOf("@") ==-1) {
+ name = orgUserId + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+ }
+ }
}
ObjectMapper mapper = new ObjectMapper();
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
}
//If Non-Centralized app make sure you sync app roles before assigning to user
- if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && !app.getCentralAuth()) {
+ if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && !app.getRolesInAAF()) {
logger.debug(EELFLoggerDelegate.debugLogger, "setExternalRequestUserAppRole: Starting GET roles for app {}",app.getId());
EcompRole[] appRoles = applicationsRestClientService.get(EcompRole[].class, app.getId(), "/roles");
logger.debug(EELFLoggerDelegate.debugLogger, "setExternalRequestUserAppRole: Finshed GET roles for app {} and payload {}",app.getId(), appRoles);
.anyMatch(roleList -> roleList.getRoleId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID));
}
// if Centralized app
- if (app.getCentralAuth()) {
+ if (app.getRolesInAAF()) {
// We should add If user does not exist in remote application
try {
// If adding just account admin role dont make remote application user call or
result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest, reqType,false,rolesGotDeletedByApprover,false);
}
// If local application is not centralized
- else if(!app.getCentralAuth() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){
+ else if(!app.getRolesInAAF() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){
Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper,
applicationsRestClientService, app.getId(), orgUserId);
RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId, app.getId(),
// for onap portal app, no need to make a remote call
List<Role> roleList = new ArrayList<>();
if (appId == PortalConstants.PORTAL_APP_ID) {
- if(app.getCentralAuth()){
+ if(app.getRolesInAAF()){
List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey());
for(CentralV2Role cenRole : cenRoleList){
Role role = new Role();
EcompRole[] appRoles = null;
boolean checkIfUserisApplicationAccAdmin = false;
List<EcompRole> roles = new ArrayList<>();
- if (app.getCentralAuth()) {
+ if (app.getRolesInAAF()) {
final Map<String, Long> appParams = new HashMap<>();
appParams.put("appId", app.getId());
List<EPRole> applicationRoles = dataAccessService.executeNamedQuery("getActiveRolesOfApplication",
// If there is an exception in the rest client api, then null will
// be returned.
if (appRoles != null) {
- if(!app.getCentralAuth()) {
+ if(!app.getRolesInAAF()) {
syncAppRoles(sessionFactory, appId, appRoles);
}
EcompRole[] userAppRoles = null;
try {
try {
- if(app.getCentralAuth()){
+ if(app.getRolesInAAF()){
final Map<String, String> params = new HashMap<>();
final Map<String, Long> userParams = new HashMap<>();
params.put("orgUserIdValue", userId);
EPApp app = appsService.getApp(appId);
//If local or centralized application
- if (appId == PortalConstants.PORTAL_APP_ID || app.getCentralAuth()) {
+ if (appId == PortalConstants.PORTAL_APP_ID || app.getRolesInAAF()) {
+ Map<String, Object> params = new HashMap<>();
+ params.put("id", app.getId());
+ params.put("active", true);
@SuppressWarnings("unchecked")
- List<EPUser> userList = (List<EPUser>) dataAccessService.executeNamedQuery("getActiveUsers", null, null);
+ //List<EPUser> userList = (List<EPUser>) dataAccessService.executeNamedQuery("getActiveUsers", null, null);
+ //List<Object[]> userList = (List<Object[]>) dataAccessService.executeNamedQuery("getActiveUsersForApp", params, null);
+ List<EPUser> userList = (List<EPUser>) dataAccessService.executeNamedQuery("getActiveUsersForApp", params, null);
for (EPUser user : userList) {
- UserApplicationRoles userWithAppRoles = convertToUserApplicationRoles(appId, user, app);
+ UserApplicationRoles userWithAppRoles = convertToUserApplicationRoles(user, app.getId());
if (userWithAppRoles.getRoles() != null && userWithAppRoles.getRoles().size() > 0)
userApplicationRoles.add(userWithAppRoles);
}
return userApplicationRoles;
}
+ /**
+ *
+ * @param user
+ * @param app_id
+ * @return
+ */
+ private UserApplicationRoles convertToUserApplicationRoles(EPUser user, Long appId) {
+ UserApplicationRoles userWithRemoteAppRoles = new UserApplicationRoles();
+ userWithRemoteAppRoles.setAppId(appId);
+ userWithRemoteAppRoles.setOrgUserId(user.getOrgUserId());
+ userWithRemoteAppRoles.setFirstName(user.getFirstName());
+ userWithRemoteAppRoles.setLastName(user.getLastName());
+ List<RemoteRole> roleList = new ArrayList<RemoteRole>();
+ for(EPUserApp userApp :user.getEPUserApps()) {
+ RemoteRole remoteRole = new RemoteRole();
+ remoteRole.setName(userApp.getRole().getName());
+ remoteRole.setId(userApp.getRole().getId());
+ roleList.add(remoteRole);
+ }
+ userWithRemoteAppRoles.setRoles(roleList);
+ return userWithRemoteAppRoles;
+ }
+
/**
*
* @param appId