X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-core%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Forg%2FOrganization.java;h=95f37859d8fac5425aa05bbccb783bb8da56b3a1;hb=3ca2e6964bf2aab93394cf542b6354ca735703c0;hp=597f269626e3044de2f8170fbfe02cca02a3e096;hpb=d86e3224e6a5af2bd2b713f93bea5e6677d3ebc2;p=aaf%2Fauthz.git diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java index 597f2696..95f37859 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -32,13 +32,13 @@ import org.onap.aaf.auth.env.AuthzTrans; /** * Organization - * + * * There is Organizational specific information required which we have extracted to a plugin - * + * * It supports using Company Specific User Directory lookups, as well as supporting an * Approval/Validation Process to simplify control of Roles and Permissions for large organizations - * in lieu of direct manipulation by a set of Admins. - * + * in lieu of direct manipulation by a set of Admins. + * * @author Jonathan * */ @@ -55,7 +55,7 @@ public interface Organization { public String fullName(); public String firstName(); /** - * If Responsible entity, then String returned is "null" meaning "no Objection". + * If Responsible entity, then String returned is "null" meaning "no Objection". * If String exists, it is the Policy objection text setup by the entity. * @return */ @@ -65,17 +65,17 @@ public interface Organization { public Organization org(); // Organization of Identity - public static String mixedCase(String in) { - StringBuilder sb = new StringBuilder(); - for(int i=0;i getIdentityTypes(); @@ -200,30 +207,31 @@ public interface Organization { ERR_UserNotExist, ERR_NotificationFailure, }; - + public enum Expiration { Password, - TempPassword, + TempPassword, Future, UserInRole, - UserDelegate, - ExtendPassword + UserDelegate, + ExtendPassword, + RevokedGracePeriodEnds } - + public enum Policy { - CHANGE_JOB, - LEFT_COMPANY, - CREATE_MECHID, + CHANGE_JOB, + LEFT_COMPANY, + CREATE_MECHID, CREATE_MECHID_BY_PERM_ONLY, OWNS_MECHID, - AS_RESPONSIBLE, + AS_RESPONSIBLE, MAY_EXTEND_CRED_EXPIRES, MAY_APPLY_DEFAULT_REALM } - + /** * Notify a User of Action or Info - * + * * @param type * @param url * @param users (separated by commas) @@ -235,7 +243,7 @@ public interface Organization { /** * (more) generic way to send an email - * + * * @param toList * @param ccList * @param subject @@ -247,36 +255,36 @@ public interface Organization { /** * whenToValidate - * + * * Authz support services will ask the Organization Object at startup when it should - * kickoff Validation processes given particular types. - * + * kickoff Validation processes given particular types. + * * This allows the Organization to express Policy - * + * * Turn off Validation behavior by returning "null" - * + * */ public Date whenToValidate(Notify type, Date lastValidated); - + /** * Expiration - * + * * Given a Calendar item of Start (or now), set the Expiration Date based on the Policy * based on type. - * + * * For instance, "Passwords expire in 3 months" - * + * * The Extra Parameter is used by certain Orgs. - * + * * For Password, the extra is UserID, so it can check the User Type - * + * * @param gc * @param exp * @return */ public GregorianCalendar expiration(GregorianCalendar gc, Expiration exp, String ... extra); - + /** * Get Email Warning timing policies * @return @@ -284,7 +292,7 @@ public interface Organization { public EmailWarnings emailWarningPolicy(); /** - * + * * @param trans * @param user * @return @@ -297,23 +305,23 @@ public interface Organization { * 2 = expects both self and immediate responsible party * 3 = expects self, immediate report and any higher that the Organization wants to escalate to in the * hierarchy. - * + * * Note: this is used to notify of imminent danger of Application's Cred or Role expirations. */ public List getIDs(AuthzTrans trans, String user, int escalate) throws OrganizationException ; - + /* - * + * * @param user * @param type * @param users * @return public Response notifyRequest(AuthzTrans trans, String user, Approval type, List approvers); */ - + /** - * + * * @return */ public String getApproverType(); @@ -321,7 +329,7 @@ public interface Organization { /* * startOfDay - define for company what hour of day business starts (specifically for password and other expiration which * were set by Date only.) - * + * * @return */ public int startOfDay(); @@ -335,12 +343,12 @@ public interface Organization { * @return */ public boolean canHaveMultipleCreds(String id); - + boolean isTestEnv(); public void setTestMode(boolean dryRun); - public static final Organization NULL = new Organization() + public static final Organization NULL = new Organization() { private final GregorianCalendar gc = new GregorianCalendar(1900, 1, 1); private final List nullList = new ArrayList<>(); @@ -357,27 +365,27 @@ public interface Organization { public String mayOwn() { return N_A; // negative case } - + @Override public boolean isFound() { return false; } - + @Override public String id() { return N_A; } - + @Override public String fullID() { return N_A; } - + @Override public String email() { return N_A; } - + @Override public List delegate() { return nullUser; @@ -408,12 +416,12 @@ public interface Organization { public String getName() { return N_A; } - + @Override public String getRealm() { return N_A; } - + @Override public boolean supportsRealm(String r) { return false; @@ -422,92 +430,97 @@ public interface Organization { @Override public void addSupportedRealm(String r) { } + + @Override + public String supportedDomain(String r) { + return null; + } @Override public String getDomain() { return N_A; } - + @Override public Identity getIdentity(AuthzTrans trans, String id) { return nullIdentity; } - + @Override public String isValidID(final AuthzTrans trans, String id) { return N_A; } - + @Override public String isValidPassword(final AuthzTrans trans, final String user, final String password, final String... prev) { return N_A; } - + @Override public Set getIdentityTypes() { return nullStringSet; } - + @Override public Response notify(AuthzTrans trans, Notify type, String url, String[] users, String[] ccs, String summary, Boolean urgent) { return Response.ERR_NotImplemented; } - + @Override public int sendEmail(AuthzTrans trans, List toList, List ccList, String subject, String body, Boolean urgent) throws OrganizationException { return 0; } - + @Override public Date whenToValidate(Notify type, Date lastValidated) { return gc.getTime(); } - + @Override public GregorianCalendar expiration(GregorianCalendar gc, Expiration exp, String... extra) { return gc; } - + @Override public List getApprovers(AuthzTrans trans, String user) throws OrganizationException { return nullList; } - + @Override public String getApproverType() { return ""; } - + @Override public int startOfDay() { return 0; } - + @Override public boolean canHaveMultipleCreds(String id) { return false; } - + @Override public boolean isValidCred(final AuthzTrans trans, final String id) { return false; } - + @Override public String validate(AuthzTrans trans, Policy policy, Executor executor, String ... vars) throws OrganizationException { return "Null Organization rejects all Policies"; } - + @Override public boolean isTestEnv() { return false; } - + @Override public void setTestMode(boolean dryRun) { } @@ -521,24 +534,24 @@ public interface Organization { { return 604800000L; // 7 days in millis 1000 * 86400 * 7 } - + @Override public long roleEmailInterval() { return 604800000L; // 7 days in millis 1000 * 86400 * 7 } - + @Override public long apprEmailInterval() { return 259200000L; // 3 days in millis 1000 * 86400 * 3 } - + @Override public long credExpirationWarning() { return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds } - + @Override public long roleExpirationWarning() { @@ -552,26 +565,26 @@ public interface Organization { } }; - + } @Override public String[] getPasswordRules() { - return nullStringArray; + return nullStringArray; + } + + @Override + public boolean isRevoked(AuthzTrans trans, String id) { + // provide a corresponding feed that indicates that an ID has been intentionally removed from identities.dat table. + return false; + } + + @Override + public List getIDs(AuthzTrans trans, String user, int escalate) throws OrganizationException { + // TODO Auto-generated method stub + return null; } - - @Override - public boolean mayAutoDelete(AuthzTrans trans, String id) { - // provide a corresponding feed that indicates that an ID has been intentionally removed from identities.dat table. - return false; - } - - @Override - public List getIDs(AuthzTrans trans, String user, int escalate) throws OrganizationException { - // TODO Auto-generated method stub - return null; - } }; }