X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-deforg%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Forg%2FDefaultOrg.java;h=70b3324a5c23e501741641e14b58fcb5591c91ab;hb=1672188a5a2fe589ce42b1e9ef43e17279859df0;hp=50b65ffe4f638b8b04af134aedd851e6d00388bf;hpb=08755cae37030d74d8fcadf38f9919c9d9fd21c0;p=aaf%2Fauthz.git

diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
index 50b65ffe..70b3324a 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
@@ -48,7 +48,7 @@ public class DefaultOrg implements Organization {
     final String domain;
     final String atDomain;
     final String realm;
-	
+
     private final String root_ns;
 
     private final String NAME;
@@ -65,7 +65,7 @@ public class DefaultOrg implements Organization {
         atDomain = '@'+domain;
         NAME=env.getProperty(realm + ".name","Default Organization");
         root_ns = env.getProperty(Config.AAF_ROOT_NS,Config.AAF_ROOT_NS_DEF);
-        
+
         try {
             String defFile;
             String temp=env.getProperty(defFile = (getClass().getName()+".file"));
@@ -84,7 +84,7 @@ public class DefaultOrg implements Organization {
                         }
                         fIdentities.createNewFile();
                     }
-                    
+
                 }
             } else {
                 fIdentities = new File(temp);
@@ -112,17 +112,17 @@ public class DefaultOrg implements Organization {
                 temp = env.getProperty(AAF_DATA_DIR);
                 if (temp!=null) {
                     File dir = new File(temp);
-                	fRevoked=new File(dir,"revoked.dat");
+                    fRevoked=new File(dir,"revoked.dat");
                 }
             } else {
-            	fRevoked = new File(temp);
+                fRevoked = new File(temp);
             }
             if (fRevoked!=null && fRevoked.exists()) {
                 revoked = new Identities(fRevoked);
             } else {
-            	revoked = null;
+                revoked = null;
             }
-            
+
         } catch (IOException e) {
             throw new OrganizationException(e);
         }
@@ -172,54 +172,54 @@ public class DefaultOrg implements Organization {
      * If the ID isn't in the revoked file, if it exists, it is revoked.
      */
     @Override
-	public boolean isRevoked(AuthzTrans trans, String key) {
-    	if(revoked!=null) {
+    public boolean isRevoked(AuthzTrans trans, String key) {
+        if(revoked!=null) {
             try {
-            	revoked.open(trans, DefaultOrgIdentity.TIMEOUT);
-            	try {
-	                Reuse r = revoked.reuse();
-	                int at = key.indexOf(domain);
-	                String search;
-	                if (at>=0) {
-	                    search = key.substring(0,at);
-	                } else {
-	                    search = key;
-	                }
-	                return revoked.find(search, r)!=null;
+                revoked.open(trans, DefaultOrgIdentity.TIMEOUT);
+                try {
+                    Reuse r = revoked.reuse();
+                    int at = key.indexOf(domain);
+                    String search;
+                    if (at>=0) {
+                        search = key.substring(0,at);
+                    } else {
+                        search = key;
+                    }
+                    return revoked.find(search, r)!=null;
                 } finally {
                     revoked.close(trans);
                 }
-			} catch (IOException e) {
-				trans.error().log(e);
+            } catch (IOException e) {
+                trans.error().log(e);
             }
-    	}
-		return false;
-	}
+        }
+        return false;
+    }
 
-	/* (non-Javadoc)
-	 * @see org.onap.aaf.auth.org.Organization#getEsclaations(org.onap.aaf.auth.env.AuthzTrans, java.lang.String, int)
-	 */
-	@Override
-	public List<Identity> getIDs(AuthzTrans trans, String user, int escalate) throws OrganizationException {
-		List<Identity> rv = new ArrayList<>();
-		int end = Math.min(3,Math.abs(escalate));
-		Identity id = null;
-		for(int i=0;i<end;++i) {
-			if(id==null) {
-				id = getIdentity(trans,user);
-			} else {
-				id = id.responsibleTo();
-			}
-			if(id==null) {
-				break;
-			} else {
-				rv.add(id);
-			}
-		}
-		return rv;
-	}
+    /* (non-Javadoc)
+     * @see org.onap.aaf.auth.org.Organization#getEsclaations(org.onap.aaf.auth.env.AuthzTrans, java.lang.String, int)
+     */
+    @Override
+    public List<Identity> getIDs(AuthzTrans trans, String user, int escalate) throws OrganizationException {
+        List<Identity> rv = new ArrayList<>();
+        int end = Math.min(3,Math.abs(escalate));
+        Identity id = null;
+        for(int i=0;i<end;++i) {
+            if(id==null) {
+                id = getIdentity(trans,user);
+            } else {
+                id = id.responsibleTo();
+            }
+            if(id==null) {
+                break;
+            } else {
+                rv.add(id);
+            }
+        }
+        return rv;
+    }
 
-	// Note: Return a null if found; return a String Message explaining why not found.
+    // Note: Return a null if found; return a String Message explaining why not found.
     @Override
     public String isValidID(final AuthzTrans trans, final String id) {
         try {
@@ -262,11 +262,11 @@ public class DefaultOrg implements Organization {
     /**
      *  (                # Start of group
      *  (?=.*[a-z,A-Z])    #   must contain one character
-     *  
-     *  (?=.*\d)        #   must contain one digit from 0-9 
+     *
+     *  (?=.*\d)        #   must contain one digit from 0-9
      *        OR
      *  (?=.*[@#$%])    #   must contain one special symbols in the list SPEC_CHARS
-     *  
+     *
      *            .        #     match anything with previous condition checking
      *          {6,20}    #        length at least 6 characters and maximum of 20
      *  )                # End of group
@@ -569,7 +569,7 @@ public class DefaultOrg implements Organization {
 
     @Override
     public String validate(AuthzTrans trans, Policy policy, Executor executor, String... vars) throws OrganizationException {
-    	String user;
+        String user;
         switch(policy) {
             case OWNS_MECHID:
             case CREATE_MECHID:
@@ -595,11 +595,11 @@ public class DefaultOrg implements Organization {
             case CREATE_MECHID_BY_PERM_ONLY:
                 return getName() + " only allows sponsors to create MechIDs";
 
-			case MAY_EXTEND_CRED_EXPIRES:
-				// If parm, use it, otherwise, trans
-				user = vars.length>1?vars[1]:trans.user();
-				return executor.hasPermission(user, root_ns,"password", root_ns , "extend")
-						?null:user + " does not have permission to extend passwords at " + getName();
+            case MAY_EXTEND_CRED_EXPIRES:
+                // If parm, use it, otherwise, trans
+                user = vars.length>1?vars[1]:trans.user();
+                return executor.hasPermission(user, root_ns,"password", root_ns , "extend")
+                        ?null:user + " does not have permission to extend passwords at " + getName();
 
             default:
                 return policy.name() + " is unsupported at " + getName();
@@ -637,6 +637,25 @@ public class DefaultOrg implements Organization {
         }
         return false;
     }
+    
+	@Override
+	public String supportedDomain(String user) {
+		if(user!=null) {
+			int after_at = user.indexOf('@')+1;
+			if(after_at<user.length()) {
+				String ud = FQI.reverseDomain(user);
+				if(ud.startsWith(getDomain())) {
+					return getDomain();
+				}
+				for(String s : supportedRealms) {
+					if(ud.startsWith(s)) {
+						return FQI.reverseDomain(s);
+					}
+				}
+			}
+		}
+		return null;
+	}
 
     @Override
     public synchronized void addSupportedRealm(final String r) {
@@ -647,7 +666,7 @@ public class DefaultOrg implements Organization {
     public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList, String subject, String body,
             Boolean urgent) throws OrganizationException {
         if (mailer!=null) {
-        	String mailFrom = mailer.mailFrom();
+            String mailFrom = mailer.mailFrom();
             List<String> to = new ArrayList<>();
             for (String em : toList) {
                 if (em.indexOf('@')<0) {