X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-gui%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fgui%2Fpages%2FRequestDetail.java;h=b6a6a0161d52ac4b8026b811f36803edbdde5b26;hb=bc018fa2138f417e650ba81bd8f74c023be1df01;hp=0d0d03ad72dd74282080858338679ff5c0e24456;hpb=4b5a7d721d994a49057e9bfb403c7bff1b376660;p=aaf%2Fauthz.git diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java index 0d0d03ad..b6a6a016 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -28,6 +28,9 @@ import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.UUID; +import javax.servlet.http.HttpServletRequest; + +import org.onap.aaf.auth.common.Define; import org.onap.aaf.auth.env.AuthzEnv; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.auth.gui.AAF_GUI; @@ -65,12 +68,12 @@ public class RequestDetail extends Page { /** * Implement the table content for Request Detail - * + * * @author Jeremiah * */ private static class Model extends TableData { - final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L; + static final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L; private Slot sTicket; public Model(AuthzEnv env) { sTicket = env.slot(NAME+".ticket"); @@ -80,7 +83,7 @@ public class RequestDetail extends Page { public Cells get(final AuthzTrans trans, final AAF_GUI gui) { Cells rv=Cells.EMPTY; final String ticket = trans.get(sTicket, null); - if(ticket!=null) { + if (ticket!=null) { try { rv = gui.clientAsUser(trans.getUserPrincipal(), new Retryable() { @Override @@ -89,13 +92,22 @@ public class RequestDetail extends Page { ArrayList rv = new ArrayList<>(); try { Future fa = client.read( - "/authz/approval/ticket/"+ticket, + "/authz/approval/ticket/"+ticket, gui.getDF(Approvals.class) ); - - if(fa.get(AAF_GUI.TIMEOUT)) { - if (!trans.user().equals(fa.value.getApprovals().get(0).getUser())) { + + if (fa.get(AAF_GUI.TIMEOUT)) { + Approval app = fa.value.getApprovals().get(0); + if(app==null) { return Cells.EMPTY; + } else { + if (!(trans.user().equals(app.getUser()) || + trans.user().equals(app.getApprover()))) { + HttpServletRequest req = trans.get(gui.slot_httpServletRequest,null); + if(req==null || !req.isUserInRole(Define.ROOT_NS()+"|access|*|*")) { + return Cells.EMPTY; + } + } } tt.done(); tt = trans.start("Load Data", Env.SUB); @@ -106,39 +118,39 @@ public class RequestDetail extends Page { if (first) { DateFormat createdDF = new SimpleDateFormat(DATE_TIME_FORMAT); UUID id = UUID.fromString(approval.getId()); - + rv.add(new AbsCell[]{new TextCell("Ticket ID:"),new TextCell(approval.getTicket(),"colspan=3")}); rv.add(new AbsCell[]{new TextCell("Memo:"),new TextCell(approval.getMemo(),"colspan=3")}); - rv.add(new AbsCell[]{new TextCell("Requested On:"), + rv.add(new AbsCell[]{new TextCell("Requested On:"), new TextCell(createdDF.format((id.timestamp() - NUM_100NS_INTERVALS_SINCE_UUID_EPOCH)/10000),"colspan=3") }); rv.add(new AbsCell[]{new TextCell("Operation:"),new TextCell(decodeOp(approval.getOperation()),"colspan=3")}); String user = approval.getUser(); rv.add(new AbsCell[]{new TextCell("User:"),new TextCell(user,"colspan=3")}); - + // headers for listing each approver rv.add(new AbsCell[]{new TextCell(" ","colspan=4","class=blank_line")}); rv.add(new AbsCell[]{AbsCell.Null, - new TextCell("Approver","class=bold"), - new TextCell("Type","class=bold"), + new TextCell("Approver","class=bold"), + new TextCell("Type","class=bold"), new TextCell("Status","class=bold")}); approverLine[0] = new TextCell("Approvals:"); - + first = false; } else { approverLine[0] = AbsCell.Null; } - + approverLine[1] = new TextCell(approval.getApprover()); String type = approval.getType(); if ("owner".equalsIgnoreCase(type)) { type = "resource owner"; } - + approverLine[2] = new TextCell(type); approverLine[3] = new TextCell(approval.getStatus()); rv.add(approverLine); - + } } else { rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});