X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-gui%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fgui%2Fpages%2FCMArtiChangeAction.java;h=c19820d3459d45da057124e6d247fd61f0b77ba0;hb=f5fdc4f2d1f87001364ccf462c1398a10e84fdcf;hp=8088a700b2fca2244e6a721578d615ee814a8874;hpb=4b5a7d721d994a49057e9bfb403c7bff1b376660;p=aaf%2Fauthz.git diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java index 8088a700..c19820d3 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -37,12 +37,13 @@ import org.onap.aaf.cadi.client.Rcli; import org.onap.aaf.cadi.client.Retryable; import org.onap.aaf.cadi.util.Vars; import org.onap.aaf.misc.env.APIException; -import org.onap.aaf.misc.env.Slot; import org.onap.aaf.misc.env.Data.TYPE; +import org.onap.aaf.misc.env.Slot; import org.onap.aaf.misc.env.util.IPValidator; import org.onap.aaf.misc.env.util.Split; import org.onap.aaf.misc.xgen.Cache; import org.onap.aaf.misc.xgen.DynamicCode; +import org.onap.aaf.misc.xgen.Mark; import org.onap.aaf.misc.xgen.html.HTMLGen; import aaf.v2_0.Error; @@ -66,50 +67,47 @@ public class CMArtiChangeAction extends Page { final Slot sOther = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[9]); final Slot sType = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[10]); final Slot sSans = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[11]); - + @Override public void code(final Cache cache, final HTMLGen hgen) throws APIException, IOException { cache.dynamic(hgen, new DynamicCode() { @Override public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache cache, final HTMLGen hgen) throws APIException, IOException { -trans.info().log("Step 1"); + trans.info().log("Step 1"); final Artifact arti = new Artifact(); final String machine = trans.get(sMachine,null); final String ca = trans.get(sCA, null); final String sans = ((String)trans.get(sSans,null)); - if(sans!=null) { - for(String s: Split.splitTrim(',', sans)) { + if (sans!=null) { + for (String s: Split.splitTrim(',', sans)) { arti.getSans().add(s); } } - // Disallow IP entries, except by special Permission - if(!trans.fish(getPerm(ca,"ip"))) { - boolean ok=true; - if(IPValidator.ip(machine)) { - ok=false; - } - if(ok) { - for(String s: arti.getSans()) { - if(IPValidator.ip(s)) { - ok=false; - break; + + // These checks to not apply to deletions + if(!CMArtiChangeForm.DELETE.equals(trans.get(sCmd, ""))) { + // Disallow IP entries, except by special Permission + if (!trans.fish(getPerm(ca,"ip"))) { + boolean ok=true; + if (IPValidator.ip(machine)) { + ok=false; + } + if (ok) { + for (String s: arti.getSans()) { + if (IPValidator.ip(s)) { + ok=false; + break; + } } } + if (!ok) { + hgen.p("Policy Failure: IPs in certificates are only allowed by Exception."); + return; + } } - if(!ok) { - hgen.p("Policy Failure: IPs in certificates are only allowed by Exception."); - return; - } - } - - // Disallow Domain based Definitions without exception - if(machine.startsWith("*")) { // Domain set - if(!trans.fish(getPerm(ca, "domain"))) { - hgen.p("Policy Failure: Domain Artifact Declarations are only allowed by Exception."); - return; - } + } - + arti.setMechid((String)trans.get(sID,null)); arti.setMachine(machine); arti.setNs((String)trans.get(sNS,null)); @@ -119,8 +117,8 @@ trans.info().log("Step 1"); arti.setRenewDays(Integer.parseInt((String)trans.get(sRenewal, null))); arti.setNotification((String)trans.get(sNotify, null)); String[] checkbox = trans.get(sType,null); - for(int i=0;i ok = new Holder(false); + final Holder ok = new Holder(false); final Holder deleted = new Holder(false); Future f = gui.cmClientAsUser(trans.getUserPrincipal(), new Retryable>() { @Override @@ -144,14 +142,15 @@ trans.info().log("Step 1"); case CMArtiChangeForm.CREATE: Future fc; rv = fc = client.create("/cert/artifacts", gui.artifactsDF, artifacts); - if(fc.get(AAFcli.timeout())) { + if (fc.get(AAFcli.timeout())) { hgen.p("Created Artifact " + arti.getMechid() + " on " + arti.getMachine()); ok.set(true); } break; case CMArtiChangeForm.UPDATE: Future fu = client.update("/cert/artifacts", gui.artifactsDF, artifacts); - if((rv=fu).get(AAFcli.timeout())) { + rv=fu; + if(rv.get(AAFcli.timeout())) { hgen.p("Artifact " + arti.getMechid() + " on " + arti.getMachine() + " is updated"); ok.set(true); } @@ -159,12 +158,12 @@ trans.info().log("Step 1"); case CMArtiChangeForm.COPY: Future future = client.read("/cert/artifacts/"+arti.getMechid()+'/'+arti.getMachine(), gui.artifactsDF); rv = future; - if(future.get(AAFcli.timeout())) { - for(Artifact a : future.value.getArtifact()) { // only one, because these two are key - for(String newMachine :Split.split(',', trans.get(sOther, ""))) { + if (future.get(AAFcli.timeout())) { + for (Artifact a : future.value.getArtifact()) { // only one, because these two are key + for (String newMachine :Split.split(',', trans.get(sOther, ""))) { a.setMachine(newMachine); Future fup = client.update("/cert/artifacts", gui.artifactsDF, future.value); - if(fup.get(AAFcli.timeout())) { + if (fup.get(AAFcli.timeout())) { hgen.p("Copied to " + newMachine); ok.set(true); } @@ -175,7 +174,7 @@ trans.info().log("Step 1"); case CMArtiChangeForm.DELETE: Future fv; rv = fv = client.delete("/cert/artifacts/"+arti.getMechid()+"/"+arti.getMachine(),"application/json"); - if(fv.get(AAFcli.timeout())) { + if (fv.get(AAFcli.timeout())) { hgen.p("Deleted " + arti.getMechid() + " on " + arti.getMachine()); ok.set(true); deleted.set(true); @@ -185,13 +184,28 @@ trans.info().log("Step 1"); return rv; } }); - if(!ok.get()) { - if(f==null) { + if (!ok.get()) { + if (f==null) { hgen.p("Unknown Command"); } else { - if(f.body().contains("%")) { + if (f.code() > 201) { Error err = gui.getDF(Error.class).newData().in(TYPE.JSON).load(f.body()).asObject(); - hgen.p(Vars.convert(err.getText(),err.getVariables())); + if(f.body().contains("%") ) { + hgen.p(Vars.convert(err.getText(),err.getVariables())); + } else { + int colon = err.getText().indexOf(':'); + if(colon>0) { + hgen.p(err.getMessageId() + ": " + err.getText().substring(0, colon)); + Mark bq = new Mark(); + hgen.incr(bq,"blockquote"); + for(String em : Split.splitTrim('\n', err.getText().substring(colon+1))) { + hgen.p(em); + } + hgen.end(bq); + } else { + hgen.p(err.getMessageId() + ": " + err.getText()); + } + } } else { hgen.p(arti.getMechid() + " on " + arti.getMachine() + ": " + f.body()); } @@ -208,7 +222,7 @@ trans.info().log("Step 1"); hgen.p("Unknown Error"); e.printStackTrace(); } - + } hgen.br(); }