import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
-import org.json.simple.parser.JSONParser;
-import org.json.simple.parser.ParseException;
-import org.onap.aai.sa.searchdbabstraction.util.SearchDbConstants;
-import org.onap.aai.cl.api.Logger;
-import org.onap.aai.cl.eelf.LoggerFactory;
-
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.util.List;
import java.util.Map;
import java.util.Timer;
+import org.json.simple.parser.JSONParser;
+import org.json.simple.parser.ParseException;
+import org.onap.aai.cl.api.Logger;
+import org.onap.aai.cl.eelf.LoggerFactory;
+import org.onap.aai.sa.searchdbabstraction.util.SearchDbConstants;
public class SearchDbServiceAuthCore {
- private static Logger logger = LoggerFactory.getInstance()
- .getLogger(SearchDbServiceAuthCore.class.getName());
-
- private static String GlobalAuthFileName = SearchDbConstants.SDB_AUTH_CONFIG_FILENAME;
-
- private static enum HTTP_METHODS {
- POST, GET, PUT, DELETE
- }
-
- ;
+ private static Logger logger = LoggerFactory.getInstance().getLogger(SearchDbServiceAuthCore.class.getName());
- // Don't instantiate
- private SearchDbServiceAuthCore() {
- }
+ private static String authFileName = SearchDbConstants.SDB_AUTH_CONFIG_FILENAME;
- private static boolean usersInitialized = false;
- private static HashMap<String, SearchDbAuthUser> users;
- private static boolean timerSet = false;
- private static Timer timer = null;
-
- public synchronized static void init() {
-
-
- SearchDbServiceAuthCore.getConfigFile();
- SearchDbServiceAuthCore.reloadUsers();
-
- }
-
- public static void cleanup() {
- timer.cancel();
- }
-
- public static String getConfigFile() {
- if (GlobalAuthFileName == null) {
- String nc = SearchDbConstants.SDB_AUTH_CONFIG_FILENAME;
- if (nc == null) {
- nc = "/home/aaiadmin/etc/aaipolicy.json";
- }
-
- GlobalAuthFileName = nc;
+ private enum HTTP_METHODS {
+ POST,
+ GET,
+ PUT,
+ DELETE
}
- return GlobalAuthFileName;
- }
-
- public synchronized static void reloadUsers() {
- users = new HashMap<String, SearchDbAuthUser>();
-
-
- ObjectMapper mapper = new ObjectMapper(); // can reuse, share globally
- JSONParser parser = new JSONParser();
- try {
- Object obj = parser.parse(new FileReader(GlobalAuthFileName));
- // aailogger.debug(logline, "Reading from " + GlobalAuthFileName);
- JsonNode rootNode = mapper.readTree(new File(GlobalAuthFileName));
- JsonNode rolesNode = rootNode.path("roles");
-
- for (JsonNode roleNode : rolesNode) {
- String roleName = roleNode.path("name").asText();
-
- TabularAuthRole authRole = new TabularAuthRole();
- JsonNode usersNode = roleNode.path("users");
- JsonNode functionsNode = roleNode.path("functions");
- for (JsonNode functionNode : functionsNode) {
- String function = functionNode.path("name").asText();
- JsonNode methodsNode = functionNode.path("methods");
- boolean hasMethods = false;
- for (JsonNode methodNode : methodsNode) {
- String methodName = methodNode.path("name").asText();
- hasMethods = true;
- String thisFunction = methodName + ":" + function;
-
- authRole.addAllowedFunction(thisFunction);
- }
-
- if (hasMethods == false) {
- // iterate the list from HTTP_METHODS
- for (HTTP_METHODS meth : HTTP_METHODS.values()) {
- String thisFunction = meth.toString() + ":" + function;
-
- authRole.addAllowedFunction(thisFunction);
- }
- }
- }
- for (JsonNode userNode : usersNode) {
- // make the user lower case
- String username = userNode.path("username").asText().toLowerCase();
- SearchDbAuthUser authUser = null;
- if (users.containsKey(username)) {
- authUser = users.get(username);
- } else {
- authUser = new SearchDbAuthUser();
- }
-
-
- authUser.setUser(username);
- authUser.addRole(roleName, authRole);
- users.put(username, authUser);
- }
- }
- } catch (FileNotFoundException fnfe) {
- logger.debug("Failed to load the policy file ");
+ private static boolean usersInitialized = false;
+ private static HashMap<String, SearchDbAuthUser> users;
+ private static Timer timer = null;
- } catch (ParseException e) {
- logger.debug("Failed to Parse the policy file ");
+ // Don't instantiate
+ private SearchDbServiceAuthCore() {}
- } catch (JsonProcessingException e) {
- logger.debug("JSON processing error while parsing policy file: " + e.getMessage());
+ public static synchronized void init() {
+ if (SearchDbServiceAuthCore.authFileName == null) {
+ SearchDbServiceAuthCore.authFileName = "/home/aaiadmin/etc/aaipolicy.json";
+ }
+ SearchDbServiceAuthCore.reloadUsers();
+ }
- } catch (IOException e) {
- logger.debug("IO Exception while parsing policy file: " + e.getMessage());
+ public static void cleanup() {
+ timer.cancel();
}
- usersInitialized = true;
+ public static synchronized void reloadUsers() {
+ users = new HashMap<>();
+ ObjectMapper mapper = new ObjectMapper(); // can reuse, share globally
+ JSONParser parser = new JSONParser();
+ try {
+ parser.parse(new FileReader(authFileName));
+ JsonNode rootNode = mapper.readTree(new File(authFileName));
+ JsonNode rolesNode = rootNode.path("roles");
+
+ for (JsonNode roleNode : rolesNode) {
+ String roleName = roleNode.path("name").asText();
+
+ TabularAuthRole authRole = new TabularAuthRole();
+ JsonNode usersNode = roleNode.path("users");
+ JsonNode functionsNode = roleNode.path("functions");
+ for (JsonNode functionNode : functionsNode) {
+ String function = functionNode.path("name").asText();
+ JsonNode methodsNode = functionNode.path("methods");
+ boolean hasMethods = false;
+ for (JsonNode methodNode : methodsNode) {
+ String methodName = methodNode.path("name").asText();
+ hasMethods = true;
+ String thisFunction = methodName + ":" + function;
+
+ authRole.addAllowedFunction(thisFunction);
+ }
+
+ if (!hasMethods) {
+ // iterate the list from HTTP_METHODS
+ for (HTTP_METHODS meth : HTTP_METHODS.values()) {
+ String thisFunction = meth.toString() + ":" + function;
+ authRole.addAllowedFunction(thisFunction);
+ }
+ }
+
+ }
+ for (JsonNode userNode : usersNode) {
+ String username = userNode.path("username").asText().toLowerCase();
+ SearchDbAuthUser authUser = null;
+ if (users.containsKey(username)) {
+ authUser = users.get(username);
+ } else {
+ authUser = new SearchDbAuthUser();
+ }
+
+ authUser.setUser(username);
+ authUser.addRole(roleName, authRole);
+ users.put(username, authUser);
+ }
+ }
+ } catch (FileNotFoundException fnfe) {
+ logger.debug("Failed to load the policy file ");
- }
+ } catch (ParseException e) {
+ logger.debug("Failed to Parse the policy file ");
- public static class SearchDbAuthUser {
- public SearchDbAuthUser() {
- this.roles = new HashMap<String, TabularAuthRole>();
- }
+ } catch (JsonProcessingException e) {
+ logger.debug("JSON processing error while parsing policy file: " + e.getMessage());
- private String username;
- private HashMap<String, TabularAuthRole> roles;
+ } catch (IOException e) {
+ logger.debug("IO Exception while parsing policy file: " + e.getMessage());
+ }
- public String getUser() {
- return this.username;
+ usersInitialized = true;
}
- public HashMap<String, TabularAuthRole> getRoles() {
- return this.roles;
- }
+ public static class SearchDbAuthUser {
+ public SearchDbAuthUser() {
+ this.roles = new HashMap<>();
+ }
- public void addRole(String roleName, TabularAuthRole authRole) {
- this.roles.put(roleName, authRole);
- }
+ private String username;
+ private HashMap<String, TabularAuthRole> roles;
- public boolean checkAllowed(String checkFunc) {
- for (Map.Entry<String, TabularAuthRole> roleEntry : this.roles.entrySet()) {
- TabularAuthRole role = roleEntry.getValue();
- if (role.hasAllowedFunction(checkFunc)) {
- // break out as soon as we find it
- return true;
+ public String getUser() {
+ return this.username;
}
- }
- // we would have got positive confirmation had it been there
- return false;
- }
-
- public void setUser(String myuser) {
- this.username = myuser;
- }
- }
+ public Map<String, TabularAuthRole> getRoles() {
+ return this.roles;
+ }
- public static class TabularAuthRole {
- public TabularAuthRole() {
- this.allowedFunctions = new ArrayList<String>();
- }
+ public void addRole(String roleName, TabularAuthRole authRole) {
+ this.roles.put(roleName, authRole);
+ }
- private List<String> allowedFunctions;
+ public boolean checkAllowed(String checkFunc) {
+ for (Map.Entry<String, TabularAuthRole> roleEntry : this.roles.entrySet()) {
+ TabularAuthRole role = roleEntry.getValue();
+ if (role.hasAllowedFunction(checkFunc)) {
+ return true;
+ }
+ }
+ return false;
+ }
- public void addAllowedFunction(String func) {
- this.allowedFunctions.add(func);
+ public void setUser(String myuser) {
+ this.username = myuser;
+ }
}
- public void delAllowedFunction(String delFunc) {
- if (this.allowedFunctions.contains(delFunc)) {
- this.allowedFunctions.remove(delFunc);
- }
- }
+ public static class TabularAuthRole {
+ public TabularAuthRole() {
+ this.allowedFunctions = new ArrayList<>();
+ }
- public boolean hasAllowedFunction(String afunc) {
- if (this.allowedFunctions.contains(afunc)) {
- return true;
- } else {
- return false;
- }
- }
- }
+ private List<String> allowedFunctions;
- public static HashMap<String, SearchDbAuthUser> getUsers(String key) {
- if (!usersInitialized || (users == null)) {
- reloadUsers();
- }
- return users;
- }
+ public void addAllowedFunction(String func) {
+ this.allowedFunctions.add(func);
+ }
- public static boolean authorize(String username, String authFunction) {
- // logline.init(component, transId, fromAppId, "authorize()");
+ public void delAllowedFunction(String delFunc) {
+ if (this.allowedFunctions.contains(delFunc)) {
+ this.allowedFunctions.remove(delFunc);
+ }
+ }
- if (!usersInitialized || (users == null)) {
- init();
+ public boolean hasAllowedFunction(String afunc) {
+ return this.allowedFunctions.contains(afunc);
+ }
}
- if (users.containsKey(username)) {
- if (users.get(username).checkAllowed(authFunction) == true) {
- return true;
- } else {
-
-
- return false;
- }
- } else {
+ public static Map<String, SearchDbAuthUser> getUsers() {
+ if (!usersInitialized || (users == null)) {
+ reloadUsers();
+ }
+ return users;
+ }
- return false;
+ public static boolean authorize(String username, String authFunction) {
+ if (!usersInitialized || (users == null)) {
+ init();
+ }
+ if (users.containsKey(username)) {
+ return users.get(username).checkAllowed(authFunction);
+ } else {
+ return false;
+ }
}
- }
}