X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-deforg%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Forg%2FDefaultOrg.java;h=92db46945288e8637fecbeba34b9e8e368a516e0;hb=d86e3224e6a5af2bd2b713f93bea5e6677d3ebc2;hp=4f2d96765c3abaf9e91e3884fe19bd03c6d7262c;hpb=7e966914050e66219689001ff4ab601a49eef0ac;p=aaf%2Fauthz.git

diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
index 4f2d9676..92db4694 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
@@ -37,21 +37,24 @@ import org.onap.aaf.auth.org.Executor;
 import org.onap.aaf.auth.org.Mailer;
 import org.onap.aaf.auth.org.Organization;
 import org.onap.aaf.auth.org.OrganizationException;
+import org.onap.aaf.cadi.config.Config;
 import org.onap.aaf.cadi.util.FQI;
 import org.onap.aaf.misc.env.Env;
 
 public class DefaultOrg implements Organization {
     private static final String AAF_DATA_DIR = "aaf_data_dir";
-    private static final String PROPERTY_IS_REQUIRED = " property is Required";
     // Package on Purpose
     final String domain;
     final String atDomain;
     final String realm;
+	
+    private final String root_ns;
 
-    private final String NAME,mailHost,mailFrom;
+    private final String NAME;
     private final Set<String> supportedRealms;
 
 
+
     public DefaultOrg(Env env, String realm) throws OrganizationException {
 
         this.realm = realm;
@@ -59,31 +62,9 @@ public class DefaultOrg implements Organization {
         supportedRealms.add(realm);
         domain=FQI.reverseDomain(realm);
         atDomain = '@'+domain;
-        String s;
         NAME=env.getProperty(realm + ".name","Default Organization");
-        mailHost = env.getProperty(s=(realm + ".mailHost"), null);
-        if (mailHost==null) {
-            throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
-        }
-        mailFrom = env.getProperty(s=(realm + ".mailFrom"), null);
-        if (mailFrom==null) {
-            throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
-        }
+        root_ns = env.getProperty(Config.AAF_ROOT_NS,Config.AAF_ROOT_NS_DEF);
         
-        // Note: This code is to avoid including javax.mail into ONAP, because there are security/licence 
-        // exceptions
-        try {
-            Class.forName("javax.mail.Session"); // ensure package is loaded
-            @SuppressWarnings("unchecked")
-            Class<Mailer> minst = (Class<Mailer>)Class.forName("org.onap.aaf.org.JavaxMailer");
-            mailer = minst.newInstance();
-        } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e1) {
-            env.warn().log("JavaxMailer not loaded. Mailing disabled");
-        }
-
-        System.getProperties().setProperty("mail.smtp.host",mailHost);
-        System.getProperties().setProperty("mail.user", mailFrom);
-
         try {
             String defFile;
             String temp=env.getProperty(defFile = (getClass().getName()+".file"));
@@ -117,7 +98,7 @@ public class DefaultOrg implements Organization {
                 identities = new Identities(fIdentities);
             } else {
                 if (fIdentities==null) {
-                    throw new OrganizationException("No Identities");
+                    throw new OrganizationException("No Identities: set \"" + AAF_DATA_DIR + '"');
                 } else {
                     throw new OrganizationException(fIdentities.getCanonicalPath() + " does not exist.");
                 }
@@ -166,7 +147,30 @@ public class DefaultOrg implements Organization {
         return new DefaultOrgIdentity(trans,at<0?id:id.substring(0, at),this);
     }
 
-    // Note: Return a null if found; return a String Message explaining why not found.
+    /* (non-Javadoc)
+	 * @see org.onap.aaf.auth.org.Organization#getEsclaations(org.onap.aaf.auth.env.AuthzTrans, java.lang.String, int)
+	 */
+	@Override
+	public List<Identity> getIDs(AuthzTrans trans, String user, int escalate) throws OrganizationException {
+		List<Identity> rv = new ArrayList<>();
+		int end = Math.min(3,Math.abs(escalate));
+		Identity id = null;
+		for(int i=0;i<end;++i) {
+			if(id==null) {
+				id = getIdentity(trans,user);
+			} else {
+				id = id.responsibleTo();
+			}
+			if(id==null) {
+				break;
+			} else {
+				rv.add(id);
+			}
+		}
+		return rv;
+	}
+
+	// Note: Return a null if found; return a String Message explaining why not found.
     @Override
     public String isValidID(final AuthzTrans trans, final String id) {
         try {
@@ -516,6 +520,7 @@ public class DefaultOrg implements Organization {
 
     @Override
     public String validate(AuthzTrans trans, Policy policy, Executor executor, String... vars) throws OrganizationException {
+    	String user;
         switch(policy) {
             case OWNS_MECHID:
             case CREATE_MECHID:
@@ -541,6 +546,12 @@ public class DefaultOrg implements Organization {
             case CREATE_MECHID_BY_PERM_ONLY:
                 return getName() + " only allows sponsors to create MechIDs";
 
+			case MAY_EXTEND_CRED_EXPIRES:
+				// If parm, use it, otherwise, trans
+				user = vars.length>1?vars[1]:trans.user();
+				return executor.hasPermission(user, root_ns,"password", root_ns , "extend")
+						?null:user + " does not have permission to extend passwords at " + getName();
+
             default:
                 return policy.name() + " is unsupported at " + getName();
         }
@@ -587,6 +598,7 @@ public class DefaultOrg implements Organization {
     public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList, String subject, String body,
             Boolean urgent) throws OrganizationException {
         if (mailer!=null) {
+        	String mailFrom = mailer.mailFrom();
             List<String> to = new ArrayList<>();
             for (String em : toList) {
                 if (em.indexOf('@')<0) {
@@ -615,9 +627,15 @@ public class DefaultOrg implements Organization {
                 }
             }
 
-            return mailer.sendEmail(trans,dryRun,mailFrom,to,cc,subject,body,urgent);
+            return mailer.sendEmail(trans,dryRun?"DefaultOrg":null,to,cc,subject,body,urgent)?0:1;
         } else {
             return 0;
         }
     }
+
+	@Override
+	public boolean mayAutoDelete(AuthzTrans trans, String user) {
+		// provide a corresponding feed that indicates that an ID has been intentionally removed from identities.dat table.
+		return false;
+	}
 }