X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-batch%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fbatch%2Fhelpers%2FApproval.java;h=83d9cd5e618f3557b46b2d1b7f642f0b382c0857;hb=78ccdcc1d1c29760e4cf833f94df62e1c5aa733f;hp=acaf0d5886bcbb12922e14e0486957ca5f6a48f1;hpb=59ffb7d529245c3bd0233dbf6cb0ae9fe9ccb856;p=aaf%2Fauthz.git diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java index acaf0d58..83d9cd5e 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java @@ -4,12 +4,14 @@ * =========================================================================== * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. * =========================================================================== + * Modifications Copyright (C) 2019 IBM. + * =========================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -23,8 +25,10 @@ package org.onap.aaf.auth.batch.helpers; import java.util.ArrayList; import java.util.Date; -import java.util.Iterator; +import java.util.LinkedList; import java.util.List; +import java.util.Set; +import java.util.SortedMap; import java.util.TreeMap; import java.util.UUID; @@ -43,25 +47,77 @@ import com.datastax.driver.core.SimpleStatement; import com.datastax.driver.core.Statement; public class Approval implements CacheChange.Data { - public static final String RE_APPROVAL_IN_ROLE = "Re-Approval in Role '"; - public static final String RE_VALIDATE_ADMIN = "Re-Validate as Administrator for AAF Namespace '"; - public static final String RE_VALIDATE_OWNER = "Re-Validate Ownership for AAF Namespace '"; - - public static TreeMap> byApprover = new TreeMap<>(); - public static TreeMap> byUser = new TreeMap<>(); - public static TreeMap> byTicket = new TreeMap<>(); - private final static CacheChange cache = new CacheChange<>(); - + public static final String ADD_USER_TO_ROLE = "Add User ["; + public static final String RE_APPROVAL_IN_ROLE = "Extend access of User ["; + public static final String RE_VALIDATE_ADMIN = "Revalidate as Admin of AAF Namespace ["; + public static final String RE_VALIDATE_OWNER = "Revalidate as Owner of AAF Namespace ["; + + public static final SortedMap> byApprover = new TreeMap<>(); + public static final SortedMap> byUser = new TreeMap<>(); + public static final SortedMap> byTicket = new TreeMap<>(); + public static final List list = new LinkedList<>(); + private static final CacheChange cache = new CacheChange<>(); + public final ApprovalDAO.Data add; private String role; - - public Approval(UUID id, UUID ticket, String approver, Date last_notified, + + public static final Creator v2_0_17 = new Creator() { + @Override + public Approval create(Row row) { + return new Approval(row.getUUID(0), row.getUUID(1), row.getString(2), + row.getString(3),row.getString(4),row.getString(5),row.getString(6),row.getString(7), + row.getLong(8)/1000); + } + + @Override + public String select() { + return "select id,ticket,approver,user,memo,operation,status,type,WRITETIME(status) from authz.approval"; + } + }; + + public static final Visitor FullLoad = new Visitor() { + @Override + public void visit(Approval app) { + List ln; + list.add(app); + + String person = app.getApprover(); + if (person!=null) { + ln = byApprover.get(person); + if (ln==null) { + ln = new ArrayList<>(); + byApprover.put(app.getApprover(), ln); + } + ln.add(app); + } + + person = app.getUser(); + if (person!=null) { + ln = byUser.get(person); + if (ln==null) { + ln = new ArrayList<>(); + byUser.put(app.getUser(), ln); + } + ln.add(app); + } + UUID ticket = app.getTicket(); + if (ticket!=null) { + ln = byTicket.get(ticket); + if (ln==null) { + ln = new ArrayList<>(); + byTicket.put(app.getTicket(), ln); + } + ln.add(app); + } + } + }; + + public Approval(UUID id, UUID ticket, String approver,// Date last_notified, String user, String memo, String operation, String status, String type, long updated) { add = new ApprovalDAO.Data(); add.id = id; add.ticket = ticket; add.approver = approver; - add.last_notified = last_notified; add.user = user; add.memo = memo; add.operation = operation; @@ -70,129 +126,96 @@ public class Approval implements CacheChange.Data { add.updated = new Date(updated); role = roleFromMemo(memo); } - + public static String roleFromMemo(String memo) { if (memo==null) { return null; } - int first = memo.indexOf('\''); + int first = memo.indexOf('['); if (first>=0) { - int second = memo.indexOf('\'', ++first); + int second = memo.indexOf(']', ++first); if (second>=0) { String role = memo.substring(first, second); - if (memo.startsWith(RE_VALIDATE_ADMIN)) { - return role + ".admin"; - } else if (memo.startsWith(RE_VALIDATE_OWNER)) { - return role + ".owner"; - } else if (memo.startsWith(RE_APPROVAL_IN_ROLE)) { - return role; + return getRoleString(role, memo, second); + } + } + return null; + } + + public static String getRoleString(String role, String memo, int second) { + if (memo.startsWith(RE_VALIDATE_ADMIN)) { + return role + ".admin"; + } else if (memo.startsWith(RE_VALIDATE_OWNER)) { + return role + ".owner"; + } else { + int secondString = memo.indexOf('[',second); + if(secondString>=0) { + second = memo.indexOf(']', ++secondString); + if(second>=0 && (memo.startsWith(RE_APPROVAL_IN_ROLE) || + memo.startsWith(ADD_USER_TO_ROLE))) { + return memo.substring(secondString, second); } } } return null; } - public static void load(Trans trans, Session session, Creator creator, Visitor visitor) { - trans.info().log( "query: " + creator.select() ); - TimeTaken tt = trans.start("Read Approval", Env.REMOTE); - - ResultSet results; + public static int load(Trans trans, Session session, Creator creator, Visitor visitor) { + int count = 0; try { - Statement stmt = new SimpleStatement( creator.select() ); - results = session.execute(stmt); + count += call(trans,session,creator.query(null), creator, visitor); } finally { - tt.done(); + trans.info().log("Found",count,"Approval Records"); } + return count; + } + public static int load(Trans trans, Session session, Creator creator ) { int count = 0; try { - Iterator iter = results.iterator(); - Row row; - tt = trans.start("Load X509s", Env.SUB); - try { - while (iter.hasNext()) { - ++count; - row = iter.next(); - visitor.visit(creator.create(row)); - } - } finally { - tt.done(); - } + count += call(trans,session,creator.query(null), creator, FullLoad); } finally { - trans.info().log("Found",count,"X509 Certificates"); + trans.info().log("Found",count,"Approval Records"); } + return count; } - - public static void row(CSV.Writer cw, Approval app) { - cw.row("approval",app.add.id,app.add.ticket,app.add.user,app.role,app.add.memo); - } - - public static void load(Trans trans, Session session, Creator creator ) { - trans.info().log( "query: " + creator.select() ); - TimeTaken tt = trans.start("Load Notify", Env.REMOTE); - - ResultSet results; - try { - Statement stmt = new SimpleStatement(creator.select()); - results = session.execute(stmt); - } finally { - tt.done(); + + public static int loadUsers(Trans trans, Session session, Set users, Visitor visitor) { + int total = 0; + for(String user : users) { + total += call(trans,session,String.format("%s WHERE user='%s';",v2_0_17.select(), user),v2_0_17,visitor); } - int count = 0; - tt = trans.start("Process Notify", Env.SUB); + return total; + } + + public static void row(CSV.RowSetter crs, Approval app) { + crs.row("approval",app.add.id,app.add.ticket,app.add.user,app.role,app.add.memo); + } + private static int call(Trans trans, Session session, String query, Creator creator, Visitor visitor) { + TimeTaken tt = trans.start("DB Query", Env.REMOTE); + ResultSet results; try { - List ln; - for (Row row : results.all()) { - ++count; - try { - Approval app = creator.create(row); - String person = app.getApprover(); - if (person!=null) { - ln = byApprover.get(person); - if (ln==null) { - ln = new ArrayList<>(); - byApprover.put(app.getApprover(), ln); - } - ln.add(app); - } - - - person = app.getUser(); - if (person!=null) { - ln = byUser.get(person); - if (ln==null) { - ln = new ArrayList<>(); - byUser.put(app.getUser(), ln); - } - ln.add(app); - } - UUID ticket = app.getTicket(); - if (ticket!=null) { - ln = byTicket.get(ticket); - if (ln==null) { - ln = new ArrayList<>(); - byTicket.put(app.getTicket(), ln); - } - ln.add(app); - } - } finally { - tt.done(); - } - } + Statement stmt = new SimpleStatement( query ); + results = session.execute(stmt); + int count = 0; + for (Row row : results.all()) { + ++count; + visitor.visit(creator.create(row)); + } + return count; } finally { tt.done(); - trans.info().log("Found",count,"Approval Records"); } } - + @Override public void expunge() { List la = byApprover.get(getApprover()); if (la!=null) { la.remove(this); } - + la = byUser.get(getUser()); if (la!=null) { la.remove(this); @@ -206,41 +229,14 @@ public class Approval implements CacheChange.Data { } } - public void update(AuthzTrans trans, ApprovalDAO apprDAO, boolean dryRun) { - if (dryRun) { - trans.info().printf("Would update Approval %s, %s, last_notified %s",add.id,add.status,add.last_notified); - } else { - trans.info().printf("Update Approval %s, %s, last_notified %s",add.id,add.status,add.last_notified); - apprDAO.update(trans, add); - } + public static void clear() { + byApprover.clear(); + byUser.clear(); + byTicket.clear(); + list.clear(); + cache.resetLocalData(); } - public static Creator v2_0_17 = new Creator() { - @Override - public Approval create(Row row) { - return new Approval(row.getUUID(0), row.getUUID(1), row.getString(2), row.getTimestamp(3), - row.getString(4),row.getString(5),row.getString(6),row.getString(7),row.getString(8) - ,row.getLong(9)/1000); - } - - @Override - public String select() { - return "select id,ticket,approver,last_notified,user,memo,operation,status,type,WRITETIME(status) from authz.approval"; - } - }; - - /** - * @return the lastNotified - */ - public Date getLast_notified() { - return add.last_notified; - } - /** - * @param lastNotified the lastNotified to set - */ - public void setLastNotified(Date last_notified) { - add.last_notified = last_notified; - } /** * @return the status */ @@ -299,11 +295,11 @@ public class Approval implements CacheChange.Data { add.ticket=null; add.status="lapsed"; } - + public String getRole() { return role; } - + public String toString() { return getUser() + ' ' + getMemo(); } @@ -321,12 +317,12 @@ public class Approval implements CacheChange.Data { } } } - + public static void resetLocalData() { cache.resetLocalData(); } - + public static int sizeForDeletion() { return cache.cacheSize(); } @@ -343,10 +339,10 @@ public class Approval implements CacheChange.Data { return cache.contains(a); } - public static void deleteByIDBatch(StringBuilder sb, String id) { - sb.append("DELETE from authz.approval where id="); - sb.append(id); - sb.append(";\n"); - } + public static void deleteByIDBatch(StringBuilder sb, String id) { + sb.append("DELETE from authz.approval where id="); + sb.append(id); + sb.append(";\n"); + } }