X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-locate%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Flocate%2Fservice%2FLocateServiceImpl.java;h=afaef837dadc540f578b2f75a1ea4247a94a4184;hb=f5fdc4f2d1f87001364ccf462c1398a10e84fdcf;hp=d0aae466894bac5b07564016dec7a6a926151702;hpb=4b5a7d721d994a49057e9bfb403c7bff1b376660;p=aaf%2Fauthz.git

diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
index d0aae466..afaef837 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
@@ -7,9 +7,9 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *      http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -22,7 +22,6 @@
 package org.onap.aaf.auth.locate.service;
 
 import java.util.List;
-import java.util.UUID;
 
 import org.onap.aaf.auth.dao.cass.ConfigDAO;
 import org.onap.aaf.auth.dao.cass.ConfigDAO.Data;
@@ -33,7 +32,6 @@ import org.onap.aaf.auth.locate.AAF_Locate;
 import org.onap.aaf.auth.locate.mapper.Mapper;
 import org.onap.aaf.auth.locate.validation.LocateValidator;
 import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.misc.env.APIException;
 
 import locate.v1_0.Endpoints;
 import locate.v1_0.MgmtEndpoint;
@@ -41,20 +39,20 @@ import locate.v1_0.MgmtEndpoints;
 import locate.v1_1.Configuration;
 import locate.v1_1.Configuration.Props;
 
-public class LocateServiceImpl<IN,OUT,ERROR> 
+public class LocateServiceImpl<IN,OUT,ERROR>
       implements LocateService<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> {
         private Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper;
         protected LocateDAO locateDAO;
         private ConfigDAO configDAO;
         private boolean permToRegister;
-    
-        public LocateServiceImpl(AuthzTrans trans, AAF_Locate locate, Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper) throws APIException {
+
+        public LocateServiceImpl(AuthzTrans trans, AAF_Locate locate, Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper){
             this.mapper = mapper;
             this.locateDAO = locate.locateDAO;
             this.configDAO = locate.configDAO;
             permToRegister = false; //TODO Setup a Configuration for this
         }
-        
+
         public Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper() {return mapper;}
 
         @Override
@@ -68,31 +66,35 @@ public class LocateServiceImpl<IN,OUT,ERROR>
         @Override
         public Result<Void> putMgmtEndPoints(AuthzTrans trans, MgmtEndpoints meps) {
             LocateValidator v = new LocateValidator().mgmt_endpoints(meps, false);
-            if(v.err()) {
+            if (v.err()) {
                 return Result.err(Result.ERR_BadData,v.errs());
             }
             int count = 0;
-            for(MgmtEndpoint me : meps.getMgmtEndpoint()) {
-                if(permToRegister) { 
+            StringBuilder denied = null;
+            for (MgmtEndpoint me : meps.getMgmtEndpoint()) {
+                if (permToRegister) {
                     int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
-                    AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getName(),"write"); 
-                    if(trans.fish(p)) {
-                        LocateDAO.Data data = mapper.locateData(me);
-                        locateDAO.update(trans, data, true);
-                        ++count;
-                    } else {
-                        return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
+                    AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
+                    if (!trans.fish(p)) {
+                        if(denied==null) {
+                            denied = new StringBuilder("May not register service(s):");
+                        }
+
+                        denied.append("\n\t");
+                        denied.append(p.getKey());
+                        denied.append(')');
+                        continue;
                     }
-                } else { //TODO if(MechID is part of Namespace) { 
-                    LocateDAO.Data data = mapper.locateData(me);
-                    locateDAO.update(trans, data, true);
-                    ++count;
                 }
+                LocateDAO.Data data = mapper.locateData(me);
+                locateDAO.update(trans, data, true);
+                ++count;
             }
-            if(count>0) {
+            if (count>0) {
                 return Result.ok();
             } else {
-                return Result.err(Result.ERR_NotFound, "No endpoints found");
+                return denied==null?Result.err(Result.ERR_NotFound, "No endpoints found")
+                        :Result.err(Result.ERR_Security,denied.toString());
             }
         }
 
@@ -102,32 +104,43 @@ public class LocateServiceImpl<IN,OUT,ERROR>
         @Override
         public Result<Void> removeMgmtEndPoints(AuthzTrans trans, MgmtEndpoints meps) {
             LocateValidator v = new LocateValidator().mgmt_endpoint_key(meps);
-            if(v.err()) {
+            if (v.err()) {
                 return Result.err(Result.ERR_BadData,v.errs());
             }
             int count = 0;
-            for(MgmtEndpoint me : meps.getMgmtEndpoint()) {
-                int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
-                AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write"); 
-                if(trans.fish(p)) {
-                    LocateDAO.Data data = mapper.locateData(me);
-                    data.port_key = UUID.randomUUID();
-                    locateDAO.delete(trans, data, false);
-                    ++count;
-                } else {
-                    return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
-                }
+            StringBuilder denied = null;
+            for (MgmtEndpoint me : meps.getMgmtEndpoint()) {
+                 if (permToRegister) {
+                     int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
+                     AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
+                     if (!trans.fish(p)) {
+                         if(denied==null) {
+                             denied = new StringBuilder("May not deregister service(s):");
+                         }
+
+                         denied.append("\n\t");
+                         denied.append(p.getKey());
+                         denied.append(')');
+                         continue;
+                     }
+                 }
+                 LocateDAO.Data data = mapper.locateData(me);
+                 locateDAO.delete(trans, data, true);
+                 ++count;
             }
-            if(count>0) {
+            if (count>0) {
                 return Result.ok();
             } else {
-                return Result.err(Result.ERR_NotFound, "No endpoints found");
+                return denied==null?Result.err(Result.ERR_NotFound, "No endpoints found")
+                        :Result.err(Result.ERR_Security,denied.toString());
             }
         }
 
         /////   ADDED v1_1
         /* (non-Javadoc)
          * @see org.onap.aaf.auth.locate.service.LocateService#getConfig(org.onap.aaf.auth.env.AuthzTrans, java.lang.String, java.lang.String)
+         *
+         * Note: "id" is put in, in case we need to filter, or direct data change in the future by Permission
          */
         @Override
         public Result<Configuration> getConfig(AuthzTrans trans, String id, String type) {
@@ -135,9 +148,9 @@ public class LocateServiceImpl<IN,OUT,ERROR>
             Configuration c = new Configuration();
             c.setName(type);
             Props p;
-            
-            if(dr.isOKhasData()) {
-                for(ConfigDAO.Data data : dr.value) {
+
+            if (dr.isOKhasData()) {
+                for (ConfigDAO.Data data : dr.value) {
                     p = new Props();
                     p.setTag(data.tag);
                     p.setValue(data.value);
@@ -145,7 +158,6 @@ public class LocateServiceImpl<IN,OUT,ERROR>
                 }
             }
             return Result.ok(c);
-            //return Result.err(Result.ERR_NotImplemented,"not done yet");
         }