X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-service%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fservice%2Fvalidation%2FServiceValidator.java;h=fb7556ed38e5753e81e028a42bb939f8e0b198fe;hb=a77e3d6e9180c1722a9d18f7717034bb0650a130;hp=4a088abc31035c27a3f603769dbf745217233493;hpb=4b5a7d721d994a49057e9bfb403c7bff1b376660;p=aaf%2Fauthz.git diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java index 4a088abc..fb7556ed 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java @@ -44,7 +44,7 @@ import org.onap.aaf.auth.validation.Validator; */ public class ServiceValidator extends Validator { public ServiceValidator perm(Result rpd) { - if(rpd.notOK()) { + if (rpd.notOK()) { msg(rpd.details); } else { perm(rpd.value); @@ -54,20 +54,22 @@ public class ServiceValidator extends Validator { public ServiceValidator perm(PermDAO.Data pd) { - if(pd==null) { + if (pd==null) { msg("Perm Data is null."); } else { - ns(pd.ns); + if(!pd.ns.contains("@")) { + ns(pd.ns); + } permType(pd.type,pd.ns); permInstance(pd.instance); permAction(pd.action); - if(pd.roles!=null) { - for(String role : pd.roles) { + if (pd.roles!=null) { + for (String role : pd.roles) { role(role); } } - if(pd.roles!=null) { - for(String r : pd.roles) { + if (pd.roles!=null) { + for (String r : pd.roles) { role(r); } } @@ -77,7 +79,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator role(Result rrd) { - if(rrd.notOK()) { + if (rrd.notOK()) { msg(rrd.details); } else { role(rrd.value); @@ -86,15 +88,15 @@ public class ServiceValidator extends Validator { } public ServiceValidator role(RoleDAO.Data pd) { - if(pd==null) { + if (pd==null) { msg("Role Data is null."); } else { ns(pd.ns); role(pd.name); - if(pd.perms!=null) { - for(String perm : pd.perms) { + if (pd.perms!=null) { + for (String perm : pd.perms) { String[] ps = perm.split("\\|"); - if(ps.length!=3) { + if (ps.length!=3) { msg("Perm [" + perm + "] in Role [" + pd.fullName() + "] is not correctly separated with '|'"); } else { permType(ps[0],null); @@ -109,7 +111,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator delegate(Organization org, Result rdd) { - if(rdd.notOK()) { + if (rdd.notOK()) { msg(rdd.details); } else { delegate(org, rdd.value); @@ -118,7 +120,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator delegate(Organization org, DelegateDAO.Data dd) { - if(dd==null) { + if (dd==null) { msg("Delegate Data is null."); } else { user(org,dd.user); @@ -129,7 +131,7 @@ public class ServiceValidator extends Validator { public ServiceValidator cred(AuthzTrans trans, Organization org, Result rcd, boolean isNew) { - if(rcd.notOK()) { + if (rcd.notOK()) { msg(rcd.details); } else { cred(trans, org,rcd.value,isNew); @@ -138,30 +140,31 @@ public class ServiceValidator extends Validator { } public ServiceValidator cred(AuthzTrans trans, Organization org, CredDAO.Data cd, boolean isNew) { - if(cd==null) { + if (cd==null) { msg("Cred Data is null."); } else { - if(!org.isValidCred(trans, cd.id)) { + if (!org.isValidCred(trans, cd.id)) { msg("ID [" + cd.id + "] is invalid in " + org.getName()); } String str = cd.id; int idx = str.indexOf('@'); - if(idx>0) { + if (idx>0) { str = str.substring(0,idx); } - if(org.supportsRealm(cd.id)) { + if (org.supportsRealm(cd.id)) { String resp = org.isValidID(trans, str); - if(isNew && (resp!=null && resp.length()>0)) { + if (isNew && (resp!=null && resp.length()>0)) { msg(cd.id,str); } } - if(cd.type==null) { + if (cd.type==null) { msg("Credential Type must be set"); } else { switch(cd.type) { case CredDAO.BASIC_AUTH_SHA256: + case CredDAO.FQI: // ok break; default: @@ -174,7 +177,7 @@ public class ServiceValidator extends Validator { public ServiceValidator user(Organization org, String user) { - if(nob(user,ID_CHARS)) { + if (nob(user,ID_CHARS)) { msg("User [",user,"] is invalid."); } return this; @@ -188,25 +191,25 @@ public class ServiceValidator extends Validator { public ServiceValidator ns(Namespace ns) { ns(ns.name); - for(String s : ns.admin) { - if(nob(s,ID_CHARS)) { + for (String s : ns.admin) { + if (nob(s,ID_CHARS)) { msg("Admin [" + s + "] is invalid."); } } - for(String s : ns.owner) { - if(nob(s,ID_CHARS)) { + for (String s : ns.owner) { + if (nob(s,ID_CHARS)) { msg("Responsible [" + s + "] is invalid."); } } - if(ns.attrib!=null) { - for(Pair at : ns.attrib) { - if(nob(at.x,NAME_CHARS)) { + if (ns.attrib!=null) { + for (Pair at : ns.attrib) { + if (nob(at.x,NAME_CHARS)) { msg("Attribute tag [" + at.x + "] is invalid."); } - if(nob(at.x,NAME_CHARS)) { + if (nob(at.x,NAME_CHARS)) { msg("Attribute value [" + at.y + "] is invalid."); } } @@ -217,7 +220,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator user_role(UserRoleDAO.Data urdd) { - if(urdd==null) { + if (urdd==null) { msg("UserRole is null"); } else { role(urdd.role); @@ -228,7 +231,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator nullOrBlank(PermDAO.Data pd) { - if(pd==null) { + if (pd==null) { msg("Permission is null"); } else { nullOrBlank("NS",pd.ns). @@ -240,7 +243,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator nullOrBlank(RoleDAO.Data rd) { - if(rd==null) { + if (rd==null) { msg("Role is null"); } else { nullOrBlank("NS",rd.ns).