X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-gui%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fgui%2Fpages%2FCMArtiChangeAction.java;h=06db81c1155acc9acd0f4db29515ad1237880876;hb=deb396a3d53a84b2eb5a46d40122b4902d72c601;hp=d32c7dc38ead2b9f5393b730c8f2728c35bfca76;hpb=7e966914050e66219689001ff4ab601a49eef0ac;p=aaf%2Fauthz.git diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java index d32c7dc3..06db81c1 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -32,17 +32,18 @@ import org.onap.aaf.auth.gui.NamedCode; import org.onap.aaf.auth.gui.Page; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.client.Future; -import org.onap.aaf.cadi.client.Holder; +import org.onap.aaf.cadi.util.Holder; import org.onap.aaf.cadi.client.Rcli; import org.onap.aaf.cadi.client.Retryable; import org.onap.aaf.cadi.util.Vars; import org.onap.aaf.misc.env.APIException; -import org.onap.aaf.misc.env.Slot; import org.onap.aaf.misc.env.Data.TYPE; +import org.onap.aaf.misc.env.Slot; import org.onap.aaf.misc.env.util.IPValidator; import org.onap.aaf.misc.env.util.Split; import org.onap.aaf.misc.xgen.Cache; import org.onap.aaf.misc.xgen.DynamicCode; +import org.onap.aaf.misc.xgen.Mark; import org.onap.aaf.misc.xgen.html.HTMLGen; import aaf.v2_0.Error; @@ -66,13 +67,13 @@ public class CMArtiChangeAction extends Page { final Slot sOther = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[9]); final Slot sType = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[10]); final Slot sSans = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[11]); - + @Override public void code(final Cache cache, final HTMLGen hgen) throws APIException, IOException { cache.dynamic(hgen, new DynamicCode() { @Override public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache cache, final HTMLGen hgen) throws APIException, IOException { -trans.info().log("Step 1"); + trans.info().log("Step 1"); final Artifact arti = new Artifact(); final String machine = trans.get(sMachine,null); final String ca = trans.get(sCA, null); @@ -82,34 +83,31 @@ trans.info().log("Step 1"); arti.getSans().add(s); } } - // Disallow IP entries, except by special Permission - if (!trans.fish(getPerm(ca,"ip"))) { - boolean ok=true; - if (IPValidator.ip(machine)) { - ok=false; - } - if (ok) { - for (String s: arti.getSans()) { - if (IPValidator.ip(s)) { - ok=false; - break; + + // These checks to not apply to deletions + if(!CMArtiChangeForm.DELETE.equals(trans.get(sCmd, ""))) { + // Disallow IP entries, except by special Permission + if (!trans.fish(getPerm(ca,"ip"))) { + boolean ok=true; + if (IPValidator.ip(machine)) { + ok=false; + } + if (ok) { + for (String s: arti.getSans()) { + if (IPValidator.ip(s)) { + ok=false; + break; + } } } + if (!ok) { + hgen.p("Policy Failure: IPs in certificates are only allowed by Exception."); + return; + } } - if (!ok) { - hgen.p("Policy Failure: IPs in certificates are only allowed by Exception."); - return; - } - } - - // Disallow Domain based Definitions without exception - if (machine.startsWith("*")) { // Domain set - if (!trans.fish(getPerm(ca, "domain"))) { - hgen.p("Policy Failure: Domain Artifact Declarations are only allowed by Exception."); - return; - } + } - + arti.setMechid((String)trans.get(sID,null)); arti.setMachine(machine); arti.setNs((String)trans.get(sNS,null)); @@ -130,11 +128,11 @@ trans.info().log("Step 1"); hgen.p("Data Entry Failure: Please enter a valid ID, including domain."); // VALIDATE OTHERS? } else { // everything else is checked by Server - + try { final Artifacts artifacts = new Artifacts(); artifacts.getArtifact().add(arti); - final Holder ok = new Holder(false); + final Holder ok = new Holder(false); final Holder deleted = new Holder(false); Future f = gui.cmClientAsUser(trans.getUserPrincipal(), new Retryable>() { @Override @@ -151,7 +149,8 @@ trans.info().log("Step 1"); break; case CMArtiChangeForm.UPDATE: Future fu = client.update("/cert/artifacts", gui.artifactsDF, artifacts); - if ((rv=fu).get(AAFcli.timeout())) { + rv=fu; + if(rv.get(AAFcli.timeout())) { hgen.p("Artifact " + arti.getMechid() + " on " + arti.getMachine() + " is updated"); ok.set(true); } @@ -189,9 +188,24 @@ trans.info().log("Step 1"); if (f==null) { hgen.p("Unknown Command"); } else { - if (f.body().contains("%")) { + if (f.code() > 201) { Error err = gui.getDF(Error.class).newData().in(TYPE.JSON).load(f.body()).asObject(); - hgen.p(Vars.convert(err.getText(),err.getVariables())); + if(f.body().contains("%") ) { + hgen.p(Vars.convert(err.getText(),err.getVariables())); + } else { + int colon = err.getText().indexOf(':'); + if(colon>0) { + hgen.p(err.getMessageId() + ": " + err.getText().substring(0, colon)); + Mark bq = new Mark(); + hgen.incr(bq,"blockquote"); + for(String em : Split.splitTrim('\n', err.getText().substring(colon+1))) { + hgen.p(em); + } + hgen.end(bq); + } else { + hgen.p(err.getMessageId() + ": " + err.getText()); + } + } } else { hgen.p(arti.getMechid() + " on " + arti.getMachine() + ": " + f.body()); } @@ -208,7 +222,7 @@ trans.info().log("Step 1"); hgen.p("Unknown Error"); e.printStackTrace(); } - + } hgen.br(); }