X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-locate%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Flocate%2Fservice%2FLocateServiceImpl.java;h=afaef837dadc540f578b2f75a1ea4247a94a4184;hb=28ac160b0f8a7804a4222d00ff6e7e6ad4d32d1c;hp=b6e4dfa85c512eb2c7364926a41595d7feb41ae2;hpb=355b886d817295d2bca5af28f01576bf4a3ded18;p=aaf%2Fauthz.git

diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
index b6e4dfa8..afaef837 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
@@ -7,9 +7,9 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *      http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -22,7 +22,6 @@
 package org.onap.aaf.auth.locate.service;
 
 import java.util.List;
-import java.util.UUID;
 
 import org.onap.aaf.auth.dao.cass.ConfigDAO;
 import org.onap.aaf.auth.dao.cass.ConfigDAO.Data;
@@ -33,7 +32,6 @@ import org.onap.aaf.auth.locate.AAF_Locate;
 import org.onap.aaf.auth.locate.mapper.Mapper;
 import org.onap.aaf.auth.locate.validation.LocateValidator;
 import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.misc.env.APIException;
 
 import locate.v1_0.Endpoints;
 import locate.v1_0.MgmtEndpoint;
@@ -41,20 +39,20 @@ import locate.v1_0.MgmtEndpoints;
 import locate.v1_1.Configuration;
 import locate.v1_1.Configuration.Props;
 
-public class LocateServiceImpl<IN,OUT,ERROR> 
+public class LocateServiceImpl<IN,OUT,ERROR>
       implements LocateService<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> {
         private Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper;
         protected LocateDAO locateDAO;
         private ConfigDAO configDAO;
         private boolean permToRegister;
-    
-        public LocateServiceImpl(AuthzTrans trans, AAF_Locate locate, Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper) throws APIException {
+
+        public LocateServiceImpl(AuthzTrans trans, AAF_Locate locate, Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper){
             this.mapper = mapper;
             this.locateDAO = locate.locateDAO;
             this.configDAO = locate.configDAO;
             permToRegister = false; //TODO Setup a Configuration for this
         }
-        
+
         public Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper() {return mapper;}
 
         @Override
@@ -72,27 +70,31 @@ public class LocateServiceImpl<IN,OUT,ERROR>
                 return Result.err(Result.ERR_BadData,v.errs());
             }
             int count = 0;
+            StringBuilder denied = null;
             for (MgmtEndpoint me : meps.getMgmtEndpoint()) {
-                if (permToRegister) { 
+                if (permToRegister) {
                     int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
-                    AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getName(),"write"); 
-                    if (trans.fish(p)) {
-                        LocateDAO.Data data = mapper.locateData(me);
-                        locateDAO.update(trans, data, true);
-                        ++count;
-                    } else {
-                        return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
+                    AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
+                    if (!trans.fish(p)) {
+                        if(denied==null) {
+                            denied = new StringBuilder("May not register service(s):");
+                        }
+
+                        denied.append("\n\t");
+                        denied.append(p.getKey());
+                        denied.append(')');
+                        continue;
                     }
-                } else { //TODO if (MechID is part of Namespace) { 
-                    LocateDAO.Data data = mapper.locateData(me);
-                    locateDAO.update(trans, data, true);
-                    ++count;
                 }
+                LocateDAO.Data data = mapper.locateData(me);
+                locateDAO.update(trans, data, true);
+                ++count;
             }
             if (count>0) {
                 return Result.ok();
             } else {
-                return Result.err(Result.ERR_NotFound, "No endpoints found");
+                return denied==null?Result.err(Result.ERR_NotFound, "No endpoints found")
+                        :Result.err(Result.ERR_Security,denied.toString());
             }
         }
 
@@ -106,29 +108,38 @@ public class LocateServiceImpl<IN,OUT,ERROR>
                 return Result.err(Result.ERR_BadData,v.errs());
             }
             int count = 0;
+            StringBuilder denied = null;
             for (MgmtEndpoint me : meps.getMgmtEndpoint()) {
-                int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
-                AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write"); 
-                if (trans.fish(p)) {
-                    LocateDAO.Data data = mapper.locateData(me);
-                    data.port_key = UUID.randomUUID();
-                    locateDAO.delete(trans, data, false);
-                    ++count;
-                } else {
-                    return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
-                }
+                 if (permToRegister) {
+                     int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
+                     AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
+                     if (!trans.fish(p)) {
+                         if(denied==null) {
+                             denied = new StringBuilder("May not deregister service(s):");
+                         }
+
+                         denied.append("\n\t");
+                         denied.append(p.getKey());
+                         denied.append(')');
+                         continue;
+                     }
+                 }
+                 LocateDAO.Data data = mapper.locateData(me);
+                 locateDAO.delete(trans, data, true);
+                 ++count;
             }
             if (count>0) {
                 return Result.ok();
             } else {
-                return Result.err(Result.ERR_NotFound, "No endpoints found");
+                return denied==null?Result.err(Result.ERR_NotFound, "No endpoints found")
+                        :Result.err(Result.ERR_Security,denied.toString());
             }
         }
 
         /////   ADDED v1_1
         /* (non-Javadoc)
          * @see org.onap.aaf.auth.locate.service.LocateService#getConfig(org.onap.aaf.auth.env.AuthzTrans, java.lang.String, java.lang.String)
-         * 
+         *
          * Note: "id" is put in, in case we need to filter, or direct data change in the future by Permission
          */
         @Override
@@ -137,7 +148,7 @@ public class LocateServiceImpl<IN,OUT,ERROR>
             Configuration c = new Configuration();
             c.setName(type);
             Props p;
-            
+
             if (dr.isOKhasData()) {
                 for (ConfigDAO.Data data : dr.value) {
                     p = new Props();