X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fcontroller%2FExternalAccessRolesController.java;h=7d9f297c24f643f5e543ac040feb63137ec1c91c;hb=a3a04c5887779e9ca8024a3e87ece109b8d9b0c1;hp=ff254e85475b1f00b763e27b74db5de3d3cd56ee;hpb=3aa28e9dd68cce134644223505f326378b5d91a8;p=portal.git diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java index ff254e85..7d9f297c 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -33,7 +33,7 @@ * * ============LICENSE_END============================================ * - * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * */ package org.onap.portalapp.portal.controller; @@ -43,6 +43,8 @@ import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Set; +import java.util.TreeSet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -59,6 +61,7 @@ import org.onap.portalapp.portal.logging.aop.EPAuditLog; import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice; import org.onap.portalapp.portal.logging.logic.EPLogUtil; import org.onap.portalapp.portal.service.ExternalAccessRolesService; +import org.onap.portalsdk.core.service.UserService; import org.onap.portalapp.portal.transport.CentralRole; import org.onap.portalapp.portal.transport.CentralRoleFunction; import org.onap.portalapp.portal.transport.CentralUser; @@ -67,15 +70,15 @@ import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.portal.utils.PortalConstants; +import org.onap.portalapp.validation.DataValidator; +import org.onap.portalapp.validation.SecureString; import org.onap.portalsdk.core.domain.AuditLog; import org.onap.portalsdk.core.domain.Role; -import org.onap.portalsdk.core.domain.RoleFunction; import org.onap.portalsdk.core.domain.User; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.restful.domain.EcompRole; import org.onap.portalsdk.core.restful.domain.EcompUser; import org.onap.portalsdk.core.service.AuditService; -import org.onap.portalsdk.core.service.UserService; import org.onap.portalsdk.core.service.UserServiceCentalizedImpl; import org.onap.portalsdk.core.util.SystemProperties; import org.onap.portalsdk.core.web.support.UserUtils; @@ -89,7 +92,6 @@ import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; -import org.springframework.web.client.RestTemplate; import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.ObjectMapper; @@ -103,24 +105,18 @@ import io.swagger.annotations.ApiOperation; @EnableAspectJAutoProxy @EPAuditLog public class ExternalAccessRolesController implements BasicAuthenticationController { - private static final String ROLE_INVALID_CHARS = "%=():,\"\""; - private static final String SUCCESSFULLY_DELETED = "Successfully Deleted"; - - private static final String INVALID_UEB_KEY = "Invalid uebkey!"; - + private static final String INVALID_UEB_KEY = "Invalid credentials!"; private static final String LOGIN_ID = "LoginId"; - - RestTemplate template = new RestTemplate(); + private static final String UEBKEY = "uebkey"; + + private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesController.class); + private static final DataValidator DATA_VALIDATOR = new DataValidator(); @Autowired private AuditService auditService; - private static final String UEBKEY = "uebkey"; - - private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesController.class); - @Autowired private ExternalAccessRolesService externalAccessRolesService; @@ -132,7 +128,11 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl "/user/{loginId}" }, method = RequestMethod.GET, produces = "application/json") public CentralUser getUser(HttpServletRequest request, HttpServletResponse response, @PathVariable("loginId") String loginId) throws Exception { - + if (!DATA_VALIDATOR.isValid(new SecureString(loginId))){ + sendErrorResponse(response, new Exception("Data is not valid")); + logger.error(EELFLoggerDelegate.errorLogger, "getUser not valid data"); + return null; + } CentralUser answer = null; try { fieldsValidation(request); @@ -146,9 +146,14 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "Gets user roles for an application which is upgraded to newer version.", response = String.class, responseContainer="List") @RequestMapping(value = { - "/v2/user/{loginId}" }, method = RequestMethod.GET, produces = "application/json") + "/v1/user/{loginId}" }, method = RequestMethod.GET, produces = "application/json") public String getV2UserList(HttpServletRequest request, HttpServletResponse response, @PathVariable("loginId") String loginId) throws Exception { + if (!DATA_VALIDATOR.isValid(new SecureString(loginId))){ + sendErrorResponse(response, new Exception("Data is not valid")); + logger.error(EELFLoggerDelegate.errorLogger, "getV2UserList not valid data"); + return "Data is not valid"; + } String answer = null; try { fieldsValidation(request); @@ -170,7 +175,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl try { fieldsValidation(request); EPApp app = externalAccessRolesService.getApp(request.getHeader(UEBKEY)).get(0); - // Sync all roles from external system into Ecomp portal DB + // Sync all roles from external system into ONAP portal DB logger.debug(EELFLoggerDelegate.debugLogger, "getRolesForApp: Entering into syncApplicationRolesWithEcompDB"); externalAccessRolesService.syncApplicationRolesWithEcompDB(app); logger.debug(EELFLoggerDelegate.debugLogger, "getRolesForApp: Finished syncApplicationRolesWithEcompDB"); @@ -186,14 +191,14 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "Gets roles for an application which is upgraded to newer version.", response = CentralV2Role.class, responseContainer="Json") @RequestMapping(value = { - "/v2/roles" }, method = RequestMethod.GET, produces = "application/json") + "/v1/roles" }, method = RequestMethod.GET, produces = "application/json") public List getV2RolesForApp(HttpServletRequest request, HttpServletResponse response) throws Exception { logger.debug(EELFLoggerDelegate.debugLogger, "Request received for getV2RolesForApp"); List answer = null; try { fieldsValidation(request); EPApp app = externalAccessRolesService.getApp(request.getHeader(UEBKEY)).get(0); - // Sync all roles from external system into Ecomp portal DB + // Sync all roles from external system into ONAP portal DB logger.debug(EELFLoggerDelegate.debugLogger, "getV2RolesForApp: Entering into syncApplicationRolesWithEcompDB"); externalAccessRolesService.syncApplicationRolesWithEcompDB(app); logger.debug(EELFLoggerDelegate.debugLogger, "getV2RolesForApp: Finished syncApplicationRolesWithEcompDB"); @@ -209,15 +214,15 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "Gets all role functions for an application for older version.", response = CentralRoleFunction.class, responseContainer="Json") @RequestMapping(value = { "/functions" }, method = RequestMethod.GET, produces = "application/json") - public List getRoleFunctionsList(HttpServletRequest request, HttpServletResponse response) + public List getRoleFunctionsList(HttpServletRequest request, HttpServletResponse response) throws Exception { List answer = null; - List roleFuncList = null; + List roleFuncList = null; logger.debug(EELFLoggerDelegate.debugLogger, "Request received for getRoleFunctionsList"); try { fieldsValidation(request); EPApp app = externalAccessRolesService.getApp(request.getHeader(UEBKEY)).get(0); - // Sync all functions from external system into Ecomp portal DB + // Sync all functions from external system into ONAP portal DB logger.debug(EELFLoggerDelegate.debugLogger, "getRoleFunctionsList: Entering into syncRoleFunctionFromExternalAccessSystem"); externalAccessRolesService.syncRoleFunctionFromExternalAccessSystem(app); logger.debug(EELFLoggerDelegate.debugLogger, "getRoleFunctionsList: Finished syncRoleFunctionFromExternalAccessSystem"); @@ -233,7 +238,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "Gets all role functions for an application which is upgraded to newer version.", response = CentralV2RoleFunction.class, responseContainer="Json") @RequestMapping(value = { - "/v2/functions" }, method = RequestMethod.GET, produces = "application/json") + "/v1/functions" }, method = RequestMethod.GET, produces = "application/json") public List getV2RoleFunctionsList(HttpServletRequest request, HttpServletResponse response) throws Exception { List cenRoleFuncList = null; @@ -241,7 +246,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl try { fieldsValidation(request); EPApp app = externalAccessRolesService.getApp(request.getHeader(UEBKEY)).get(0); - // Sync all functions from external system into Ecomp portal DB + // Sync all functions from external system into ONAP portal DB logger.debug(EELFLoggerDelegate.debugLogger, "getV2RoleFunctionsList: Entering into syncRoleFunctionFromExternalAccessSystem"); externalAccessRolesService.syncRoleFunctionFromExternalAccessSystem(app); logger.debug(EELFLoggerDelegate.debugLogger, "getV2RoleFunctionsList: Finished syncRoleFunctionFromExternalAccessSystem"); @@ -253,6 +258,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl logger.debug(EELFLoggerDelegate.debugLogger, "Request completed for getV2RoleFunctionsList"); return cenRoleFuncList; } + @ApiOperation(value = "Gets role information for an application.", response = CentralRole.class, responseContainer="Json") @RequestMapping(value = { @@ -276,7 +282,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "Gets v2 role information for an application which is upgraded to newer version.", response = CentralV2Role.class, responseContainer="Json") @RequestMapping(value = { - "/v2/role/{role_id}" }, method = RequestMethod.GET, produces = "application/json") + "/v1/role/{role_id}" }, method = RequestMethod.GET, produces = "application/json") public CentralV2Role getV2RoleInfo(HttpServletRequest request, HttpServletResponse response, @PathVariable("role_id") Long roleId) throws Exception { CentralV2Role answer = null; @@ -298,6 +304,10 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @PathVariable("code") String code) throws Exception { CentralV2RoleFunction centralV2RoleFunction = null; CentralRoleFunction centralRoleFunction = new CentralRoleFunction(); + if(!DATA_VALIDATOR.isValid(new SecureString(code))){ + sendErrorResponse(response, new Exception("Data is not valid")); + logger.error(EELFLoggerDelegate.errorLogger, "getRoleFunction failed", new Exception("Data is not valid")); + } try { fieldsValidation(request); centralV2RoleFunction = externalAccessRolesService.getRoleFunction(code, request.getHeader(UEBKEY)); @@ -312,10 +322,14 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl } @ApiOperation(value = "Gets role information for an application provided by function code.", response = CentralV2RoleFunction.class, responseContainer = "Json") - @RequestMapping(value = { "/v2/function/{code}" }, method = RequestMethod.GET, produces = "application/json") + @RequestMapping(value = { "/v1/function/{code}" }, method = RequestMethod.GET, produces = "application/json") public CentralV2RoleFunction getV2RoleFunction(HttpServletRequest request, HttpServletResponse response, @PathVariable("code") String code) throws Exception { CentralV2RoleFunction centralV2RoleFunction = null; + if(!DATA_VALIDATOR.isValid(new SecureString(code))){ + sendErrorResponse(response, new Exception("Data is not valid")); + logger.error(EELFLoggerDelegate.errorLogger, "getV2RoleFunction failed", new Exception("Data is not valid")); + } try { fieldsValidation(request); centralV2RoleFunction = externalAccessRolesService.getRoleFunction(code, request.getHeader(UEBKEY)); @@ -332,19 +346,38 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "Saves role function for an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/roleFunction" }, method = RequestMethod.POST, produces = "application/json") public PortalRestResponse saveRoleFunction(HttpServletRequest request, HttpServletResponse response, - @RequestBody String roleFunc) throws Exception { + @RequestBody String roleFunc) { + String status = "Successfully saved!"; + if(!DATA_VALIDATOR.isValid(new SecureString(roleFunc))){ + logger.error(EELFLoggerDelegate.errorLogger, "saveRoleFunction failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, + "Failed to roleFunc, not valid data.", "Failed"); + } try { fieldsValidation(request); - String data = roleFunc; - ObjectMapper mapper = new ObjectMapper(); + ObjectMapper mapper = new ObjectMapper(); List applicationList = externalAccessRolesService.getApp(request.getHeader(UEBKEY)); EPApp requestedApp = applicationList.get(0); mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); - CentralV2RoleFunction availableRoleFunction = mapper.readValue(data, CentralV2RoleFunction.class); - CentralV2RoleFunction domainRoleFunction = externalAccessRolesService.getRoleFunction(availableRoleFunction.getCode(), - requestedApp.getUebKey()); + CentralV2RoleFunction availableRoleFunction = mapper.readValue(roleFunc, CentralV2RoleFunction.class); + CentralV2RoleFunction domainRoleFunction = null; + boolean isCentralV2Version = false; + if(availableRoleFunction.getType()!=null && availableRoleFunction.getAction()!= null) { + isCentralV2Version = true; + } + if(isCentralV2Version) { + String code = availableRoleFunction.getType()+"|"+availableRoleFunction.getCode()+"|"+availableRoleFunction.getAction(); + domainRoleFunction = externalAccessRolesService.getRoleFunction(code, + requestedApp.getUebKey()); + } else { + domainRoleFunction = externalAccessRolesService.getRoleFunction(availableRoleFunction.getCode(), + requestedApp.getUebKey()); + } + boolean saveOrUpdateResponse = false; - if (domainRoleFunction != null) { + if (domainRoleFunction != null && isCentralV2Version && domainRoleFunction.getCode().equals(availableRoleFunction.getCode()) + && domainRoleFunction.getType().equals(availableRoleFunction.getType()) + && domainRoleFunction.getAction().equals(availableRoleFunction.getAction())) { domainRoleFunction.setName(availableRoleFunction.getName()); saveOrUpdateResponse = externalAccessRolesService.saveCentralRoleFunction(domainRoleFunction, requestedApp); @@ -352,13 +385,15 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl availableRoleFunction.setAppId(requestedApp.getId()); saveOrUpdateResponse = externalAccessRolesService.saveCentralRoleFunction(availableRoleFunction, requestedApp); - } + } + + if(domainRoleFunction != null) { + status = "Successfully updated!"; + } if (saveOrUpdateResponse) { EPUser user = externalAccessRolesService.getUser(request.getHeader(LOGIN_ID)).get(0); EPApp app = externalAccessRolesService.getApp(request.getHeader(UEBKEY)).get(0); - CentralV2RoleFunction function = externalAccessRolesService - .getRoleFunction(availableRoleFunction.getCode(), request.getHeader(UEBKEY)); - String activityCode = (function.getCode() == null) + String activityCode = (!status.equals("Successfully updated!")) ? EcompAuditLog.CD_ACTIVITY_EXTERNAL_AUTH_ADD_FUNCTION : EcompAuditLog.CD_ACTIVITY_EXTERNAL_AUTH_UPDATE_FUNCTION; logger.info(EELFLoggerDelegate.applicationLogger, "saveRoleFunction: succeeded for app {}, function {}", @@ -386,25 +421,30 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl MDC.remove(SystemProperties.MDC_TIMER); } else { logger.error(EELFLoggerDelegate.errorLogger, "saveRoleFunction failed"); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, - "Failed to saveRoleFunction for '" + availableRoleFunction.getCode() + "'", "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, + "Failed to saveRoleFunction for '" + availableRoleFunction.getCode() + "'", "Failed"); } } catch (Exception e) { - if (e.getMessage().contains(INVALID_UEB_KEY)) { + if (e.getMessage() == null ||e.getMessage().contains(INVALID_UEB_KEY)) { response.setStatus(HttpServletResponse.SC_BAD_REQUEST); }else { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } logger.error(EELFLoggerDelegate.errorLogger, "saveRoleFunction failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, "Successfully Saved", "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, status, "Success"); } @ApiOperation(value = "Deletes role function for an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/roleFunction/{code}" }, method = RequestMethod.DELETE, produces = "application/json") public PortalRestResponse deleteRoleFunction(HttpServletRequest request, HttpServletResponse response, - @PathVariable("code") String code) throws Exception { + @PathVariable("code") String code) { + if(!DATA_VALIDATOR.isValid(new SecureString(code))){ + logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleFunction failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, + "Failed to deleteRoleFunction, not valid data.", "Failed"); + } try { fieldsValidation(request); EPUser user = externalAccessRolesService.getUser(request.getHeader(LOGIN_ID)).get(0); @@ -435,8 +475,8 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl MDC.remove(SystemProperties.MDC_TIMER); } else { logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleFunction failed"); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, - "Failed to deleteRoleFunction for '" + code + "'", "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, + "Failed to deleteRoleFunction for '" + code + "'", "Failed"); } } catch (Exception e) { if (e.getMessage().contains(INVALID_UEB_KEY)) { @@ -454,7 +494,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "Saves role for an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/role" }, method = RequestMethod.POST, produces = "application/json") public PortalRestResponse saveRole(HttpServletRequest request, HttpServletResponse response, - @RequestBody Role role) throws Exception { + @RequestBody Role role) { try { fieldsValidation(request); ExternalRequestFieldsValidator saveRoleResult = null; @@ -507,15 +547,20 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } logger.error(EELFLoggerDelegate.errorLogger, "saveRole failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, "Successfully Saved", "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully Saved", "Success"); } @ApiOperation(value = "Deletes role for an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/deleteRole/{code}" }, method = RequestMethod.DELETE, produces = "application/json") public PortalRestResponse deleteRole(HttpServletRequest request, HttpServletResponse response, - @PathVariable String code) throws Exception { + @PathVariable String code) { + if(!DATA_VALIDATOR.isValid(new SecureString(code))){ + logger.error(EELFLoggerDelegate.errorLogger, "deleteRole failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, + "Failed to deleteRole, not valid data.", "Failed"); + } try { fieldsValidation(request); boolean deleteResponse = externalAccessRolesService.deleteRoleForApplication(code, @@ -547,8 +592,8 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl MDC.remove(SystemProperties.MDC_TIMER); } else { logger.error(EELFLoggerDelegate.errorLogger, "deleteRole failed"); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, - "Failed to deleteRole for '" + code + "'", "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, + "Failed to deleteRole for '" + code + "'", "Failed"); } } catch (Exception e) { if (e.getMessage().contains(INVALID_UEB_KEY)) { @@ -557,21 +602,37 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl response.setStatus(HttpServletResponse.SC_BAD_REQUEST); } logger.error(EELFLoggerDelegate.errorLogger, "deleteRole failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, SUCCESSFULLY_DELETED, "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, SUCCESSFULLY_DELETED, "Success"); } - @ApiOperation(value = "Gets active roles for an application.", response = CentralV2Role.class, responseContainer = "Json") + @ApiOperation(value = "Gets active roles for an application.", response = CentralRole.class, responseContainer = "Json") @RequestMapping(value = { "/activeRoles" }, method = RequestMethod.GET, produces = "application/json") - public List getActiveRoles(HttpServletRequest request, HttpServletResponse response) throws Exception { + public List getActiveRoles(HttpServletRequest request, HttpServletResponse response) throws Exception { + List roles = null; + try { + fieldsValidation(request); + List cenRoles= externalAccessRolesService.getActiveRoles(request.getHeader(UEBKEY)); + roles = externalAccessRolesService.convertV2CentralRoleListToOldVerisonCentralRoleList(cenRoles); + } catch (Exception e) { + sendErrorResponse(response, e); + logger.error(EELFLoggerDelegate.errorLogger, "getActiveRoles failed", e); + } + return roles; + + } + + @ApiOperation(value = "Gets active roles for an application.", response = CentralV2Role.class, responseContainer = "Json") + @RequestMapping(value = { "/v1/activeRoles" }, method = RequestMethod.GET, produces = "application/json") + public List getV2ActiveRoles(HttpServletRequest request, HttpServletResponse response) throws Exception { List cenRole = null; try { fieldsValidation(request); cenRole = externalAccessRolesService.getActiveRoles(request.getHeader(UEBKEY)); } catch (Exception e) { sendErrorResponse(response, e); - logger.error(EELFLoggerDelegate.errorLogger, "getActiveRoles failed", e); + logger.error(EELFLoggerDelegate.errorLogger, "getV2ActiveRoles failed", e); } return cenRole; @@ -580,7 +641,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "deletes user roles for an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/deleteDependcyRoleRecord/{roleId}" }, method = RequestMethod.DELETE, produces = "application/json") public PortalRestResponse deleteDependencyRoleRecord(HttpServletRequest request, HttpServletResponse response, - @PathVariable("roleId") Long roleId) throws Exception { + @PathVariable("roleId") Long roleId) { ExternalRequestFieldsValidator removeResult = null; try { fieldsValidation(request); @@ -607,7 +668,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "deletes roles for an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/v2/deleteRole/{roleId}" }, method = RequestMethod.DELETE, produces = "application/json") public PortalRestResponse deleteRole(HttpServletRequest request, HttpServletResponse response, - @PathVariable("roleId") Long roleId) throws Exception { + @PathVariable("roleId") Long roleId) { ExternalRequestFieldsValidator removeResult = null; try { fieldsValidation(request); @@ -633,63 +694,63 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "Bulk upload functions for an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/upload/portal/functions" }, method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse bulkUploadFunctions(HttpServletRequest request, HttpServletResponse response) throws Exception { + public PortalRestResponse bulkUploadFunctions(HttpServletRequest request, HttpServletResponse response) { Integer result = 0; try { result = externalAccessRolesService.bulkUploadFunctions(request.getHeader(UEBKEY)); } catch (Exception e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadFunctions failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, "Failed to bulkUploadFunctions", "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadFunctions", "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, "Successfully added: "+result, "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added: " + result, "Success"); } @ApiOperation(value = "Bulk upload roles for an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/upload/portal/roles" }, method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse bulkUploadRoles(HttpServletRequest request, HttpServletResponse response) throws Exception { + public PortalRestResponse bulkUploadRoles(HttpServletRequest request, HttpServletResponse response) { Integer result = 0; try { result = externalAccessRolesService.bulkUploadRoles(request.getHeader(UEBKEY)); } catch (Exception e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoles failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoles", "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoles", "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, "Successfully added: "+result, "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added: " + result, "Success"); } @ApiOperation(value = "Bulk upload role functions for an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/upload/portal/roleFunctions" }, method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse bulkUploadRoleFunctions(HttpServletRequest request, HttpServletResponse response) throws Exception { + public PortalRestResponse bulkUploadRoleFunctions(HttpServletRequest request, HttpServletResponse response) { Integer result = 0; try { result = externalAccessRolesService.bulkUploadRolesFunctions(request.getHeader(UEBKEY)); } catch (Exception e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoleFunctions failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoleFunctions", "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoleFunctions", "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, "Successfully added: "+result, "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added: " + result, "Success"); } @ApiOperation(value = "Bulk upload user roles for an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/upload/portal/userRoles" }, method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse bulkUploadUserRoles(HttpServletRequest request, HttpServletResponse response) throws Exception { + public PortalRestResponse bulkUploadUserRoles(HttpServletRequest request, HttpServletResponse response) { Integer result = 0; try { result = externalAccessRolesService.bulkUploadUserRoles(request.getHeader(UEBKEY)); } catch (Exception e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadUserRoles failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, "Failed to bulkUploadUserRoles", "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadUserRoles", "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, "Successfully added: "+result, "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added: " + result, "Success"); } @ApiOperation(value = "Bulk upload users for renamed role of an application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/upload/portal/userRole/{roleId}" }, method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse bulkUploadUsersSingleRole(HttpServletRequest request, HttpServletResponse response, @PathVariable Long roleId) throws Exception { + public PortalRestResponse bulkUploadUsersSingleRole(HttpServletRequest request, HttpServletResponse response, @PathVariable Long roleId) { Integer result = 0; try { String roleName = request.getHeader("RoleName"); @@ -697,48 +758,53 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl } catch (Exception e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadUsersSingleRole failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, "Failed to bulkUploadUsersSingleRole", "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadUsersSingleRole", "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, "Successfully added: "+result, "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added: " + result, "Success"); } @ApiOperation(value = "Bulk upload functions for an partner application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/upload/partner/functions" }, method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse bulkUploadPartnerFunctions(HttpServletRequest request, HttpServletResponse response, @RequestBody List upload) throws Exception { + public PortalRestResponse bulkUploadPartnerFunctions(HttpServletRequest request, HttpServletResponse response) { + Integer addedFunctions = 0; try { - externalAccessRolesService.bulkUploadPartnerFunctions(request.getHeader(UEBKEY), upload); + addedFunctions = externalAccessRolesService.bulkUploadPartnerFunctions(request.getHeader(UEBKEY)); } catch (Exception e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadFunctions failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, "Failed to bulkUploadFunctions", "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadFunctions", "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, "Successfully added", "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, + "Successfully added: '" + addedFunctions + "' functions", "Success"); } @ApiOperation(value = "Bulk upload roles for an partner application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/upload/partner/roles" }, method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse bulkUploadPartnerRoles(HttpServletRequest request, HttpServletResponse response, @RequestBody List upload) throws Exception { + public PortalRestResponse bulkUploadPartnerRoles(HttpServletRequest request, HttpServletResponse response, @RequestBody List upload) { try { externalAccessRolesService.bulkUploadPartnerRoles(request.getHeader(UEBKEY), upload); } catch (Exception e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoles failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoles", "Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadRoles", "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, "Successfully added", "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Successfully added", "Success"); } @ApiOperation(value = "Bulk upload role functions for an partner application.", response = PortalRestResponse.class, responseContainer = "Json") @RequestMapping(value = { "/upload/partner/roleFunctions" }, method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse bulkUploadPartnerRoleFunctions(HttpServletRequest request, HttpServletResponse response, @RequestBody List upload) throws Exception { + public PortalRestResponse bulkUploadPartnerRoleFunctions(HttpServletRequest request, HttpServletResponse response) { + Integer addedRoleFunctions = 0; try { - externalAccessRolesService.bulkUploadPartnerRoleFunctions(request.getHeader(UEBKEY), upload); + addedRoleFunctions = externalAccessRolesService.bulkUploadPartnerRoleFunctions(request.getHeader(UEBKEY)); } catch (Exception e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoles failed", e); - return new PortalRestResponse(PortalRestStatusEnum.ERROR, "Failed to bulkUploadPartnerRoleFunctions", "Failed"); + logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerRoleFunctions failed", e); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadPartnerRoleFunctions", + "Failed"); } - return new PortalRestResponse(PortalRestStatusEnum.OK, "Successfully added", "Success"); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, + "Successfully added: '" + addedRoleFunctions + "' role functions", "Success"); } @ApiOperation(value = "Gets all functions along with global functions", response = List.class, responseContainer = "Json") @@ -760,11 +826,11 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl public List getUsersOfApplication(HttpServletRequest request, HttpServletResponse response) throws Exception { List users = null; try { + fieldsValidation(request); users = externalAccessRolesService.getAllAppUsers(request.getHeader(UEBKEY)); } catch (Exception e) { - response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + sendErrorResponse(response, e); logger.error(EELFLoggerDelegate.errorLogger, "getUsersOfApplication failed", e); - throw new Exception(e.getMessage()); } return users; } @@ -816,48 +882,59 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl } @ApiOperation(value = "Gets ecompUser of an application.", response = CentralUser.class, responseContainer = "List") - @RequestMapping(value = { "/ecompUser/{loginId}" }, method = RequestMethod.GET, produces = "application/json") + @RequestMapping(value = { "/v2/user/{loginId}" }, method = RequestMethod.GET, produces = "application/json") public String getEcompUser(HttpServletRequest request, HttpServletResponse response, @PathVariable("loginId") String loginId) throws Exception { + if(!DATA_VALIDATOR.isValid(new SecureString(loginId))){ + sendErrorResponse(response, new Exception("getEcompUser failed")); + logger.error(EELFLoggerDelegate.errorLogger, "getEcompUser failed", new Exception("getEcompUser failed")); + } EcompUser user = new EcompUser(); ObjectMapper mapper = new ObjectMapper(); - CentralUser answer = null; + String answer = null; try { fieldsValidation(request); - answer = externalAccessRolesService.getUserRoles(loginId, request.getHeader(UEBKEY)); + + answer = externalAccessRolesService.getV2UserWithRoles(loginId, request.getHeader(UEBKEY)); if (answer != null) { - String res = mapper.writeValueAsString(answer); - User ecompUser = userservice.userMapper(res); + User ecompUser = userservice.userMapper(answer); user = UserUtils.convertToEcompUser(ecompUser); + List missingRolesOfUser = externalAccessRolesService.missingUserApplicationRoles(request.getHeader(UEBKEY), loginId, user.getRoles()); + if (missingRolesOfUser.size() > 0) { + Set roles = new TreeSet<>(missingRolesOfUser); + user.getRoles().addAll(roles); + } } } catch (Exception e) { + sendErrorResponse(response, e); logger.error(EELFLoggerDelegate.errorLogger, "getEcompUser failed", e); - throw e; } return mapper.writeValueAsString(user); } @ApiOperation(value = "Gets user ecomp role for an application.", response = CentralUser.class, responseContainer = "List") - @RequestMapping(value = { "/ecompRoles" }, method = RequestMethod.GET, produces = "application/json") + @RequestMapping(value = { "/v2/roles" }, method = RequestMethod.GET, produces = "application/json") public List getEcompRolesOfApplication(HttpServletRequest request, HttpServletResponse response) throws Exception { - List ecompRoles = new ArrayList(); + List ecompRoles = null; ObjectMapper mapper = new ObjectMapper(); List cenRole = null; try { fieldsValidation(request); EPApp app = externalAccessRolesService.getApp(request.getHeader(UEBKEY)).get(0); - // Sync all roles from external system into Ecomp portal DB - logger.debug(EELFLoggerDelegate.debugLogger, "getRolesForApp: Entering into syncApplicationRolesWithEcompDB"); - externalAccessRolesService.syncApplicationRolesWithEcompDB(app); + // Sync all roles from external system into ONAP portal DB + logger.debug(EELFLoggerDelegate.debugLogger, + "getRolesForApp: Entering into syncApplicationRolesWithEcompDB"); + externalAccessRolesService.syncApplicationRolesWithEcompDB(app); logger.debug(EELFLoggerDelegate.debugLogger, "getRolesForApp: Finished syncApplicationRolesWithEcompDB"); cenRole = externalAccessRolesService.getActiveRoles(request.getHeader(UEBKEY)); } catch (Exception e) { sendErrorResponse(response, e); logger.error(EELFLoggerDelegate.errorLogger, "getActiveRoles failed", e); } - String res = mapper.writeValueAsString(cenRole); - if (res != null) { + if (cenRole != null) { + String res = mapper.writeValueAsString(cenRole); + ecompRoles = new ArrayList<>(); List roles = mapper.readValue(res, TypeFactory.defaultInstance().constructCollectionType(List.class, Role.class)); for (Role role : roles)