X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-cmd%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fcmd%2Fperm%2FGrant.java;h=3770a58c05fc7343bae2856dd3a05a18e4e816a4;hb=6470f23997c98997c76ba9161bac68ea685550d8;hp=ca958c20bcdb926d94f1fd4657e7b698a26c17f3;hpb=db821a31efd79fa0f7b9a30b4d5550efdc1476bd;p=aaf%2Fauthz.git diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java index ca958c20..3770a58c 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java @@ -9,9 +9,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -38,12 +38,12 @@ import aaf.v2_0.Pkey; import aaf.v2_0.RolePermRequest; /** - * + * * @author Jonathan * */ public class Grant extends Cmd { - private static final String[] options = {"grant","ungrant","setTo"}; + private static final String[] options = {"grant","ungrant"}; public Grant(Perm parent) { super(parent,null, @@ -51,8 +51,8 @@ public class Grant extends Cmd { new Param("type",true), new Param("instance",true), new Param("action",true), - new Param("role[,role]* (!REQ S)",false) - ); + new Param("role[,role]*",false) + ); } @Override @@ -63,7 +63,7 @@ public class Grant extends Cmd { int idx = index; String action = args[idx++]; int option = whichOption(options, action); - + RolePermRequest rpr = new RolePermRequest(); Pkey pk = new Pkey(); pk.setType(args[idx++]); @@ -71,66 +71,48 @@ public class Grant extends Cmd { pk.setAction(args[idx++]); rpr.setPerm(pk); setStartEnd(rpr); - + Future frpr = null; - - if (option != 2) { - String[] roles = args[idx++].split(","); - String strA; - String strB; - for (String role : roles) { - rpr.setRole(role); - if (option==0) { - // You can request to Grant Permission to a Role - setQueryParamsOn(client); - frpr = client.create( - "/authz/role/perm", - getDF(RolePermRequest.class), - rpr - ); - strA = "Granted Permission ["; - strB = "] to Role ["; - } else { - // You can request to UnGrant Permission to a Role - setQueryParamsOn(client); - frpr = client.delete( - "/authz/role/" + role + "/perm", - getDF(RolePermRequest.class), - rpr - ); - strA = "UnGranted Permission ["; - strB = "] from Role ["; - } - if (frpr.get(AAFcli.timeout())) { - pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction() - + strB + role +']'); - } else { - if (frpr.code()==202) { - pw().print("Permission Role "); - pw().print(option==0?"Granted":"Ungranted"); - pw().println(" Accepted, but requires Approvals before actualizing"); - } else { - error(frpr); - idx=Integer.MAX_VALUE; - } - } + + String[] roles = args[idx].split(","); + String strA; + String strB; + for (String role : roles) { + rpr.setRole(role); + if (option==0) { + // You can request to Grant Permission to a Role + setQueryParamsOn(client); + frpr = client.create( + "/authz/role/perm", + getDF(RolePermRequest.class), + rpr + ); + strA = "Granted Permission ["; + strB = "] to Role ["; + } else { + // You can request to UnGrant Permission to a Role + setQueryParamsOn(client); + frpr = client.delete( + "/authz/role/" + role + "/perm", + getDF(RolePermRequest.class), + rpr + ); + strA = "UnGranted Permission ["; + strB = "] from Role ["; } - } else { - String allRoles = ""; - if (idx < args.length) - allRoles = args[idx++]; - - rpr.setRole(allRoles); - frpr = client.update( - "/authz/role/perm", - getDF(RolePermRequest.class), - rpr); if (frpr.get(AAFcli.timeout())) { - pw().println("Set Permission's Roles to [" + allRoles + "]"); + pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction() + + strB + role +']'); } else { - error(frpr); - } - } + if (frpr.code()==202) { + pw().print("Permission Role "); + pw().print(option==0?"Granted":"Ungranted"); + pw().println(" Accepted, but requires Approvals before actualizing"); + } else { + error(frpr); + } + } + } return frpr==null?0:frpr.code(); } }); @@ -138,16 +120,11 @@ public class Grant extends Cmd { @Override public void detailedHelp(int indent, StringBuilder sb) { - detailLine(sb,indent,"Grant a Permission to a Role or Roles OR"); - detailLine(sb,indent,"Ungrant a Permission from a Role or Roles OR"); - detailLine(sb,indent,"Set a Permission's roles to roles supplied."); - detailLine(sb,indent+4,"WARNING: Roles supplied with setTo will be the ONLY roles attached to this permission"); - detailLine(sb,indent+8,"If no roles are supplied, permission's roles are reset."); + detailLine(sb,indent,"Grant a Permission to a Role or Roles OR"); + detailLine(sb,indent,"Ungrant a Permission from a Role or Roles"); detailLine(sb,indent,"see Create for definitions of type,instance and action"); api(sb,indent,HttpMethods.POST,"authz/role/perm",RolePermRequest.class,true); api(sb,indent,HttpMethods.DELETE,"authz/role//perm",RolePermRequest.class,false); - api(sb,indent,HttpMethods.PUT,"authz/role/perm",RolePermRequest.class,false); - } }