X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-service%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fservice%2Fvalidation%2FServiceValidator.java;h=fb7556ed38e5753e81e028a42bb939f8e0b198fe;hb=a77e3d6e9180c1722a9d18f7717034bb0650a130;hp=61b5338b3e02ff509a3e3f61bbdcb4a8dfe1da18;hpb=4906c14f770e85452240fc8e04807b6114fab1ca;p=aaf%2Fauthz.git diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java index 61b5338b..fb7556ed 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java @@ -43,212 +43,212 @@ import org.onap.aaf.auth.validation.Validator; * */ public class ServiceValidator extends Validator { - public ServiceValidator perm(Result rpd) { - if(rpd.notOK()) { - msg(rpd.details); - } else { - perm(rpd.value); - } - return this; - } - - - public ServiceValidator perm(PermDAO.Data pd) { - if(pd==null) { - msg("Perm Data is null."); - } else { - ns(pd.ns); - permType(pd.type,pd.ns); - permInstance(pd.instance); - permAction(pd.action); - if(pd.roles!=null) { - for(String role : pd.roles) { - role(role); - } - } - if(pd.roles!=null) { - for(String r : pd.roles) { - role(r); - } - } - description("Perm",pd.description); - } - return this; - } - - public ServiceValidator role(Result rrd) { - if(rrd.notOK()) { - msg(rrd.details); - } else { - role(rrd.value); - } - return this; - } - - public ServiceValidator role(RoleDAO.Data pd) { - if(pd==null) { - msg("Role Data is null."); - } else { - ns(pd.ns); - role(pd.name); - if(pd.perms!=null) { - for(String perm : pd.perms) { - String[] ps = perm.split("\\|"); - if(ps.length!=3) { - msg("Perm [" + perm + "] in Role [" + pd.fullName() + "] is not correctly separated with '|'"); - } else { - permType(ps[0],null); - permInstance(ps[1]); - permAction(ps[2]); - } - } - } - description("Role",pd.description); - } - return this; - } - - public ServiceValidator delegate(Organization org, Result rdd) { - if(rdd.notOK()) { - msg(rdd.details); - } else { - delegate(org, rdd.value); - } - return this; - } - - public ServiceValidator delegate(Organization org, DelegateDAO.Data dd) { - if(dd==null) { - msg("Delegate Data is null."); - } else { - user(org,dd.user); - user(org,dd.delegate); - } - return this; - } - - - public ServiceValidator cred(AuthzTrans trans, Organization org, Result rcd, boolean isNew) { - if(rcd.notOK()) { - msg(rcd.details); - } else { - cred(trans, org,rcd.value,isNew); - } - return this; - } - - public ServiceValidator cred(AuthzTrans trans, Organization org, CredDAO.Data cd, boolean isNew) { - if(cd==null) { - msg("Cred Data is null."); - } else { - if(nob(cd.id,ID_CHARS)) { - msg("ID [" + cd.id + "] is invalid in " + org.getName()); - } - if(!org.isValidCred(trans, cd.id)) { - msg("ID [" + cd.id + "] is invalid for a cred in " + org.getName()); - } - String str = cd.id; - int idx = str.indexOf('@'); - if(idx>0) { - str = str.substring(0,idx); - } - - if(org.supportsRealm(cd.id)) { - String resp = org.isValidID(trans, str); - if(isNew && (resp!=null && resp.length()>0)) { - msg(cd.id,str); - } - } - - if(cd.type==null) { - msg("Credential Type must be set"); - } else { - switch(cd.type) { - case CredDAO.BASIC_AUTH_SHA256: - // ok - break; - default: - msg("Credential Type [",Integer.toString(cd.type),"] is invalid"); - } - } - } - return this; - } - - - public ServiceValidator user(Organization org, String user) { - if(nob(user,ID_CHARS)) { - msg("User [",user,"] is invalid."); - } - return this; - } - - public ServiceValidator ns(Result nsd) { - notOK(nsd); - ns(nsd.value); - return this; - } - - public ServiceValidator ns(Namespace ns) { - ns(ns.name); - for(String s : ns.admin) { - if(nob(s,ID_CHARS)) { - msg("Admin [" + s + "] is invalid."); - } - - } - for(String s : ns.owner) { - if(nob(s,ID_CHARS)) { - msg("Responsible [" + s + "] is invalid."); - } - - } - - if(ns.attrib!=null) { - for(Pair at : ns.attrib) { - if(nob(at.x,NAME_CHARS)) { - msg("Attribute tag [" + at.x + "] is invalid."); - } - if(nob(at.x,NAME_CHARS)) { - msg("Attribute value [" + at.y + "] is invalid."); - } - } - } - - description("Namespace",ns.description); - return this; - } - - public ServiceValidator user_role(UserRoleDAO.Data urdd) { - if(urdd==null) { - msg("UserRole is null"); - } else { - role(urdd.role); - nullOrBlank("UserRole.ns",urdd.ns); - nullOrBlank("UserRole.rname",urdd.rname); - } - return this; - } - - public ServiceValidator nullOrBlank(PermDAO.Data pd) { - if(pd==null) { - msg("Permission is null"); - } else { - nullOrBlank("NS",pd.ns). - nullOrBlank("Type",pd.type). - nullOrBlank("Instance",pd.instance). - nullOrBlank("Action",pd.action); - } - return this; - } - - public ServiceValidator nullOrBlank(RoleDAO.Data rd) { - if(rd==null) { - msg("Role is null"); - } else { - nullOrBlank("NS",rd.ns). - nullOrBlank("Name",rd.name); - } - return this; - } + public ServiceValidator perm(Result rpd) { + if (rpd.notOK()) { + msg(rpd.details); + } else { + perm(rpd.value); + } + return this; + } + + + public ServiceValidator perm(PermDAO.Data pd) { + if (pd==null) { + msg("Perm Data is null."); + } else { + if(!pd.ns.contains("@")) { + ns(pd.ns); + } + permType(pd.type,pd.ns); + permInstance(pd.instance); + permAction(pd.action); + if (pd.roles!=null) { + for (String role : pd.roles) { + role(role); + } + } + if (pd.roles!=null) { + for (String r : pd.roles) { + role(r); + } + } + description("Perm",pd.description); + } + return this; + } + + public ServiceValidator role(Result rrd) { + if (rrd.notOK()) { + msg(rrd.details); + } else { + role(rrd.value); + } + return this; + } + + public ServiceValidator role(RoleDAO.Data pd) { + if (pd==null) { + msg("Role Data is null."); + } else { + ns(pd.ns); + role(pd.name); + if (pd.perms!=null) { + for (String perm : pd.perms) { + String[] ps = perm.split("\\|"); + if (ps.length!=3) { + msg("Perm [" + perm + "] in Role [" + pd.fullName() + "] is not correctly separated with '|'"); + } else { + permType(ps[0],null); + permInstance(ps[1]); + permAction(ps[2]); + } + } + } + description("Role",pd.description); + } + return this; + } + + public ServiceValidator delegate(Organization org, Result rdd) { + if (rdd.notOK()) { + msg(rdd.details); + } else { + delegate(org, rdd.value); + } + return this; + } + + public ServiceValidator delegate(Organization org, DelegateDAO.Data dd) { + if (dd==null) { + msg("Delegate Data is null."); + } else { + user(org,dd.user); + user(org,dd.delegate); + } + return this; + } + + + public ServiceValidator cred(AuthzTrans trans, Organization org, Result rcd, boolean isNew) { + if (rcd.notOK()) { + msg(rcd.details); + } else { + cred(trans, org,rcd.value,isNew); + } + return this; + } + + public ServiceValidator cred(AuthzTrans trans, Organization org, CredDAO.Data cd, boolean isNew) { + if (cd==null) { + msg("Cred Data is null."); + } else { + if (!org.isValidCred(trans, cd.id)) { + msg("ID [" + cd.id + "] is invalid in " + org.getName()); + } + String str = cd.id; + int idx = str.indexOf('@'); + if (idx>0) { + str = str.substring(0,idx); + } + + if (org.supportsRealm(cd.id)) { + String resp = org.isValidID(trans, str); + if (isNew && (resp!=null && resp.length()>0)) { + msg(cd.id,str); + } + } + + if (cd.type==null) { + msg("Credential Type must be set"); + } else { + switch(cd.type) { + case CredDAO.BASIC_AUTH_SHA256: + case CredDAO.FQI: + // ok + break; + default: + msg("Credential Type [",Integer.toString(cd.type),"] is invalid"); + } + } + } + return this; + } + + + public ServiceValidator user(Organization org, String user) { + if (nob(user,ID_CHARS)) { + msg("User [",user,"] is invalid."); + } + return this; + } + + public ServiceValidator ns(Result nsd) { + notOK(nsd); + ns(nsd.value); + return this; + } + + public ServiceValidator ns(Namespace ns) { + ns(ns.name); + for (String s : ns.admin) { + if (nob(s,ID_CHARS)) { + msg("Admin [" + s + "] is invalid."); + } + + } + for (String s : ns.owner) { + if (nob(s,ID_CHARS)) { + msg("Responsible [" + s + "] is invalid."); + } + + } + + if (ns.attrib!=null) { + for (Pair at : ns.attrib) { + if (nob(at.x,NAME_CHARS)) { + msg("Attribute tag [" + at.x + "] is invalid."); + } + if (nob(at.x,NAME_CHARS)) { + msg("Attribute value [" + at.y + "] is invalid."); + } + } + } + + description("Namespace",ns.description); + return this; + } + + public ServiceValidator user_role(UserRoleDAO.Data urdd) { + if (urdd==null) { + msg("UserRole is null"); + } else { + role(urdd.role); + nullOrBlank("UserRole.ns",urdd.ns); + nullOrBlank("UserRole.rname",urdd.rname); + } + return this; + } + + public ServiceValidator nullOrBlank(PermDAO.Data pd) { + if (pd==null) { + msg("Permission is null"); + } else { + nullOrBlank("NS",pd.ns). + nullOrBlank("Type",pd.type). + nullOrBlank("Instance",pd.instance). + nullOrBlank("Action",pd.action); + } + return this; + } + + public ServiceValidator nullOrBlank(RoleDAO.Data rd) { + if (rd==null) { + msg("Role is null"); + } else { + nullOrBlank("NS",rd.ns). + nullOrBlank("Name",rd.name); + } + return this; + } }