* org.onap.dmaap
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ *
+ * Modifications Copyright (C) 2019 IBM.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
import javax.ws.rs.core.Response.Status;
+import org.onap.dmaap.dbcapi.aaf.AafNamespace;
+import org.onap.dmaap.dbcapi.aaf.AafRole;
import org.onap.dmaap.dbcapi.aaf.AafService;
+import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
import org.onap.dmaap.dbcapi.database.DatabaseClass;
private Map<String, Topic> mr_topics = DatabaseClass.getTopics();
private static DmaapService dmaapSvc = new DmaapService();
- private static Dmaap dmaap = new DmaapService().getDmaap();
private MR_ClientService clientService = new MR_ClientService();
private MR_ClusterService clusters = new MR_ClusterService();
private DcaeLocationService locations = new DcaeLocationService();
}
private List<Topic> getAllTopics( Boolean withClients ) {
- ArrayList<Topic> topics = new ArrayList<Topic>(mr_topics.values());
+ ArrayList<Topic> topics = new ArrayList<>(mr_topics.values());
if ( withClients ) {
for( Topic topic: topics ) {
topic.setClients( clientService.getAllMrClients(topic.getFqtn()));
apiError.setCode(Status.OK.getStatusCode());
return t;
}
+
+ private void aafTopicSetup(Topic topic, ApiError err ) {
+
+ String t = dmaapSvc.getTopicPerm();
+ if ( t == null ) {
+ err.setCode(500);
+ err.setMessage("Unable to establish AAF namespace root: (check /dmaap object)" );
+ err.setFields("topicNsRoot");
+ return;
+ }
+
+ // establish AAF Connection using TopicMgr identity
+ AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
+
+
+
+ // create AAF namespace for this topic
+ AafNamespace ns = new AafNamespace( topic.getFqtn(), aaf.getIdentity());
+ {
+ int rc = aaf.addNamespace( ns );
+ if ( rc != 201 && rc != 409 ) {
+ err.setCode(500);
+ err.setMessage("Unexpected response from AAF:" + rc );
+ err.setFields("namespace:" + topic.getFqtn() + " identity="+ aaf.getIdentity());
+ return;
+ }
+ }
+
+ // create AAF Roles for MR clients of this topic
+ String rn = "publisher";
+ AafRole pubRole = new AafRole( topic.getFqtn(), rn );
+ int rc = aaf.addRole( pubRole );
+ if ( rc != 201 && rc != 409 ) {
+ err.setCode(500);
+ err.setMessage("Unexpected response from AAF:" + rc );
+ err.setFields("topic:" + topic.getFqtn() + " role="+ rn);
+ return;
+ }
+ topic.setPublisherRole( pubRole.getFullyQualifiedRole() );
+
+ rn = "subscriber";
+ AafRole subRole = new AafRole( topic.getFqtn(), rn );
+ rc = aaf.addRole( subRole );
+ if ( rc != 201 && rc != 409 ) {
+ err.setCode(500);
+ err.setMessage("Unexpected response from AAF:" + rc );
+ err.setFields("topic:" + topic.getFqtn() + " role="+ rn);
+ return;
+ }
+ topic.setSubscriberRole( subRole.getFullyQualifiedRole() );
+
+
+ // create AAF perms checked by MR
+ String instance = ":topic." + topic.getFqtn();
+ String[] actions = { "pub", "sub", "view" };
+ for ( String action : actions ){
+ DmaapPerm perm = new DmaapPerm( t, instance, action );
+ rc = aaf.addPerm( perm );
+ if ( rc != 201 && rc != 409 ) {
+ err.setCode(500);
+ err.setMessage("Unexpected response from AAF:" + rc );
+ err.setFields("t="+t + " instance="+ instance + " action="+ action);
+ return;
+ }
+ // Grant perms to our default Roles
+ if ( action.equals( "pub") || action.equals( "view") ) {
+ DmaapGrant g = new DmaapGrant( perm, pubRole.getFullyQualifiedRole() );
+ rc = aaf.addGrant( g );
+ if ( rc != 201 && rc != 409 ) {
+ err.setCode(rc);
+ err.setMessage( "Grant of " + perm.toString() + " failed for " + pubRole.getFullyQualifiedRole() );
+ logger.warn( err.getMessage());
+ return;
+ }
+ }
+ if ( action.equals( "sub") || action.equals( "view") ) {
+ DmaapGrant g = new DmaapGrant( perm, subRole.getFullyQualifiedRole() );
+ rc = aaf.addGrant( g );
+ if ( rc != 201 && rc != 409 ) {
+ err.setCode(rc);
+ err.setMessage( "Grant of " + perm.toString() + " failed for " + subRole.getFullyQualifiedRole() );
+ logger.warn( err.getMessage());
+ return;
+ }
+ }
+
+ }
+ }
public Topic addTopic( Topic topic, ApiError err, Boolean useExisting ) {
logger.info( "Entry: addTopic");
topic.setFqtn( nFqtn );
- AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
-
- String t = dmaapSvc.getTopicPerm();
-
- String instance = ":topic." + topic.getFqtn();
+ aafTopicSetup( topic, err );
+ if ( err.getCode() >= 400 ) {
+ return null;
+ }
- String[] actions = { "pub", "sub", "view" };
- for ( String action : actions ){
- DmaapPerm perm = new DmaapPerm( t, instance, action );
- int rc = aaf.addPerm( perm );
- if ( rc != 201 && rc != 409 ) {
- err.setCode(500);
- err.setMessage("Unexpected response from AAF:" + rc );
- err.setFields("t="+t + " instance="+ instance + " action="+ action);
- return null;
- }
- }
if ( topic.getReplicationCase().involvesGlobal() ) {
if ( topic.getGlobalMrURL() == null ) {
topic.setGlobalMrURL(defaultGlobalMrHost);
logger.info( "c fqtn=" + c.getFqtn() + " ID=" + c.getMrClientId() + " url=" + c.getTopicURL());
MR_Client nc = new MR_Client( c.getDcaeLocationName(), topic.getFqtn(), c.getClientRole(), c.getAction());
nc.setFqtn(topic.getFqtn());
+ nc.setClientIdentity( c.getClientIdentity());
logger.info( "nc fqtn=" + nc.getFqtn() + " ID=" + nc.getMrClientId() + " url=" + nc.getTopicURL());
clients2.add( clientService.addMr_Client(nc, topic, err));
if ( ! err.is2xx()) {