X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-cmd%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fcmd%2Fperm%2FGrant.java;h=f27a26096915f9b06d9ffa3404e335bedd819cca;hb=ff1417ff60baee231a28272f9a16ef2c9c8ea0a2;hp=d4b26a84ef2050551d1b0d0b7144502108fafae5;hpb=ceda6e8bc270202bcb24340b86617110289c902e;p=aaf%2Fauthz.git diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java index d4b26a84..f27a2609 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java @@ -3,6 +3,8 @@ * org.onap.aaf * =========================================================================== * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * + * Modifications Copyright (C) 2018 IBM. * =========================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -41,110 +43,89 @@ import aaf.v2_0.RolePermRequest; * */ public class Grant extends Cmd { - private final static String[] options = {"grant","ungrant","setTo"}; - - public Grant(Perm parent) { - super(parent,null, - new Param(optionsToString(options),true), - new Param("type",true), - new Param("instance",true), - new Param("action",true), - new Param("role[,role]* (!REQ S)",false) - ); - } + private static final String[] options = {"grant","ungrant"}; - @Override - public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { - return same(new Retryable() { - @Override - public Integer code(Rcli client) throws CadiException, APIException { - int idx = index; - String action = args[idx++]; - int option = whichOption(options, action); - - RolePermRequest rpr = new RolePermRequest(); - Pkey pk = new Pkey(); - pk.setType(args[idx++]); - pk.setInstance(args[idx++]); - pk.setAction(args[idx++]); - rpr.setPerm(pk); - setStartEnd(rpr); - - Future frpr = null; - - if (option != 2) { - String[] roles = args[idx++].split(","); - String strA,strB; - for(String role : roles) { - rpr.setRole(role); - if(option==0) { - // You can request to Grant Permission to a Role - setQueryParamsOn(client); - frpr = client.create( - "/authz/role/perm", - getDF(RolePermRequest.class), - rpr - ); - strA = "Granted Permission ["; - strB = "] to Role ["; - } else { - // You can request to UnGrant Permission to a Role - setQueryParamsOn(client); - frpr = client.delete( - "/authz/role/" + role + "/perm", - getDF(RolePermRequest.class), - rpr - ); - strA = "UnGranted Permission ["; - strB = "] from Role ["; - } - if(frpr.get(AAFcli.timeout())) { - pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction() - + strB + role +']'); - } else { - if (frpr.code()==202) { - pw().print("Permission Role "); - pw().print(option==0?"Granted":"Ungranted"); - pw().println(" Accepted, but requires Approvals before actualizing"); - } else { - error(frpr); - idx=Integer.MAX_VALUE; - } - } - } - } else { - String allRoles = ""; - if (idx < args.length) - allRoles = args[idx++]; - - rpr.setRole(allRoles); - frpr = client.update( - "/authz/role/perm", - getDF(RolePermRequest.class), - rpr); - if(frpr.get(AAFcli.timeout())) { - pw().println("Set Permission's Roles to [" + allRoles + "]"); - } else { - error(frpr); - } - } - return frpr==null?0:frpr.code(); - } - }); - } + public Grant(Perm parent) { + super(parent,null, + new Param(optionsToString(options),true), + new Param("type",true), + new Param("instance",true), + new Param("action",true), + new Param("role[,role]*",false) + ); + } - @Override - public void detailedHelp(int indent, StringBuilder sb) { - detailLine(sb,indent,"Grant a Permission to a Role or Roles OR"); - detailLine(sb,indent,"Ungrant a Permission from a Role or Roles OR"); - detailLine(sb,indent,"Set a Permission's roles to roles supplied."); - detailLine(sb,indent+4,"WARNING: Roles supplied with setTo will be the ONLY roles attached to this permission"); - detailLine(sb,indent+8,"If no roles are supplied, permission's roles are reset."); - detailLine(sb,indent,"see Create for definitions of type,instance and action"); - api(sb,indent,HttpMethods.POST,"authz/role/perm",RolePermRequest.class,true); - api(sb,indent,HttpMethods.DELETE,"authz/role//perm",RolePermRequest.class,false); - api(sb,indent,HttpMethods.PUT,"authz/role/perm",RolePermRequest.class,false); + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable() { + @Override + public Integer code(Rcli client) throws CadiException, APIException { + int idx = index; + String action = args[idx++]; + int option = whichOption(options, action); + + RolePermRequest rpr = new RolePermRequest(); + Pkey pk = new Pkey(); + pk.setType(args[idx++]); + pk.setInstance(args[idx++]); + pk.setAction(args[idx++]); + rpr.setPerm(pk); + setStartEnd(rpr); + + Future frpr = null; + + String[] roles = args[idx++].split(","); + String strA; + String strB; + for (String role : roles) { + rpr.setRole(role); + if (option==0) { + // You can request to Grant Permission to a Role + setQueryParamsOn(client); + frpr = client.create( + "/authz/role/perm", + getDF(RolePermRequest.class), + rpr + ); + strA = "Granted Permission ["; + strB = "] to Role ["; + } else { + // You can request to UnGrant Permission to a Role + setQueryParamsOn(client); + frpr = client.delete( + "/authz/role/" + role + "/perm", + getDF(RolePermRequest.class), + rpr + ); + strA = "UnGranted Permission ["; + strB = "] from Role ["; + } + if (frpr.get(AAFcli.timeout())) { + pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction() + + strB + role +']'); + } else { + if (frpr.code()==202) { + pw().print("Permission Role "); + pw().print(option==0?"Granted":"Ungranted"); + pw().println(" Accepted, but requires Approvals before actualizing"); + } else { + error(frpr); + idx=Integer.MAX_VALUE; + } + } + } + return frpr==null?0:frpr.code(); + } + }); + } - } + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,"Grant a Permission to a Role or Roles OR"); + detailLine(sb,indent,"Ungrant a Permission from a Role or Roles"); + detailLine(sb,indent,"see Create for definitions of type,instance and action"); + api(sb,indent,HttpMethods.POST,"authz/role/perm",RolePermRequest.class,true); + api(sb,indent,HttpMethods.DELETE,"authz/role//perm",RolePermRequest.class,false); + } }