X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-cass%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fdao%2Fhl%2FPermLookup.java;h=b068062138db1212c8e795d9237a110ab4d1af1d;hb=d06a4ccf3ec7c74ed5393b8f8fd1ed74ccd60117;hp=6bb440ad6a53f7d33fa4859e2da3a75d4017bd99;hpb=4b5a7d721d994a49057e9bfb403c7bff1b376660;p=aaf%2Fauthz.git diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java index 6bb440ad..b0680621 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java @@ -27,6 +27,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Set; +import java.util.TreeMap; import java.util.TreeSet; import org.onap.aaf.auth.dao.cass.PermDAO; @@ -44,7 +45,7 @@ import org.onap.aaf.auth.layer.Result; * */ // Package on purpose -class PermLookup { +public class PermLookup { private AuthzTrans trans; private String user; private Question q; @@ -55,7 +56,7 @@ class PermLookup { private PermLookup() {} - static PermLookup get(AuthzTrans trans, Question q, String user) { + public static PermLookup get(AuthzTrans trans, Question q, String user) { PermLookup lp=null; Map permMap = trans.get(Question.PERMS, null); if (permMap == null) { @@ -75,17 +76,17 @@ class PermLookup { } public Result> getUserRoles() { - if(userRoles==null) { - userRoles = q.userRoleDAO.readByUser(trans,user); - if(userRoles.isOKhasData()) { + if (userRoles==null) { + userRoles = q.userRoleDAO().readByUser(trans,user); + if (userRoles.isOKhasData()) { List lurdd = new ArrayList<>(); Date now = new Date(); - for(UserRoleDAO.Data urdd : userRoles.value) { - if(urdd.expires.after(now)) { // Remove Expired + for (UserRoleDAO.Data urdd : userRoles.value) { + if (urdd.expires.after(now)) { // Remove Expired lurdd.add(urdd); } } - if(lurdd.size()==0) { + if (lurdd.size()==0) { return userRoles = Result.err(Status.ERR_UserNotFound, "%s not found or not associated with any Roles: ", user); @@ -101,18 +102,18 @@ class PermLookup { } public Result> getRoles() { - if(roles==null) { + if (roles==null) { Result> rur = getUserRoles(); - if(rur.isOK()) { + if (rur.isOK()) { List lrdd = new ArrayList<>(); for (UserRoleDAO.Data urdata : rur.value) { // Gather all permissions from all Roles - if(urdata.ns==null || urdata.rname==null) { + if (urdata.ns==null || urdata.rname==null) { return Result.err(Status.ERR_BadData,"DB Content Error: nulls in User Role %s %s", urdata.user,urdata.role); } else { - Result> rlrd = q.roleDAO.read( + Result> rlrd = q.roleDAO().read( trans, urdata.ns, urdata.rname); - if(rlrd.isOK()) { + if (rlrd.isOK()) { lrdd.addAll(rlrd.value); } } @@ -127,7 +128,7 @@ class PermLookup { } public Result> getPermNames() { - if(permNames==null) { + if (permNames==null) { Result> rlrd = getRoles(); if (rlrd.isOK()) { Set pns = new TreeSet<>(); @@ -144,21 +145,40 @@ class PermLookup { } public Result> getPerms(boolean lookup) { - if(perms==null) { + if (perms==null) { // Note: It should be ok for a Valid user to have no permissions - // Jonathan 8/12/2013 Result> rss = getPermNames(); - if(rss.isOK()) { + if (rss.isOK()) { List lpdd = new ArrayList<>(); for (String perm : rss.value) { - if(lookup) { + if (lookup) { + Map mspdd = new TreeMap<>(); Result ap = PermDAO.Data.decodeToArray(trans, q, perm); - if(ap.isOK()) { + if (ap.isOK()) { - Result> rlpd = q.permDAO.read(perm,trans,ap.value); + Result> rlpd = q.permDAO().read(perm,trans,ap.value); if (rlpd.isOKhasData()) { for (PermDAO.Data pData : rlpd.value) { - lpdd.add(pData); + // ONLY add perms/roles which are related to this lookup + for(String pdr : pData.roles(false)) { + for(RoleDAO.Data r : roles.value) { + if(pdr.equals(r.encode())) { + PermDAO.Data pdd = mspdd.get(pData.fullPerm()); + if(pdd==null) { + pdd = new PermDAO.Data(); + pdd.ns = pData.ns; + pdd.type = pData.type; + pdd.instance = pData.instance; + pdd.action = pData.action; + pdd.description = pData.description; + lpdd.add(pdd); + } + pdd.roles(true).add(pdr); + break; + } + } + } } } } else {