X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fcontroller%2FRoleManageController.java;h=4d2abb8390ff68a925695e87258d4f1783d1616a;hb=230c71614b1d2fb71a8fb482c749ff5a6dad65d8;hp=9a525b5128c2b5ecc0350283f6ae16f62a3a7c96;hpb=0ab9cac55ff9d8b8854bf2bc58c4d17e323353e4;p=portal.git diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java index 9a525b51..4d2abb83 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java @@ -4,17 +4,19 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== - * Modifications Copyright (c) 2019 Samsung + * Modifications Copyright (c) 2019 Samsung * =================================================================== - * + * Modifications Copyright (c) 2020 IBM + * =================================================================== + * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); * you may not use this software except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software + * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and @@ -46,10 +48,8 @@ import java.util.List; import java.util.Map; import java.util.Set; import java.util.TreeSet; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - import javax.validation.ConstraintViolation; import javax.validation.Valid; import javax.validation.Validation; @@ -98,10 +98,11 @@ import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; import org.springframework.web.servlet.ModelAndView; - import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; @@ -157,7 +158,7 @@ public class RoleManageController extends EPRestrictedBaseController { * @throws Exception */ - @RequestMapping(value = { "/portalApi/get_roles/{appId}" }, method = RequestMethod.GET) + @GetMapping(value = { "/portalApi/get_roles/{appId}" }) public void getRoles(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId) throws Exception { try { @@ -165,7 +166,7 @@ public class RoleManageController extends EPRestrictedBaseController { EPApp requestedApp = appService.getApp(appId); if (isAuthorizedUser(user, requestedApp)) { fieldsValidation(requestedApp); - if (requestedApp.getCentralAuth()) { + if (requestedApp.getRolesInAAF()) { List answer = null; Map model = new HashMap<>(); ObjectMapper mapper = new ObjectMapper(); @@ -186,7 +187,7 @@ public class RoleManageController extends EPRestrictedBaseController { } } - @RequestMapping(value = { "/portalApi/role_list/toggleRole/{appId}/{roleId}" }, method = RequestMethod.POST) + @PostMapping(value = { "/portalApi/role_list/toggleRole/{appId}/{roleId}" }) public Map toggleRole(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception { EPApp requestedApp = null; @@ -230,7 +231,7 @@ public class RoleManageController extends EPRestrictedBaseController { return responseMap; } - @RequestMapping(value = { "/portalApi/role_list/removeRole/{appId}/{roleId}" }, method = RequestMethod.POST) + @PostMapping(value = { "/portalApi/role_list/removeRole/{appId}/{roleId}" }) public Map removeRole(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception { @@ -243,7 +244,7 @@ public class RoleManageController extends EPRestrictedBaseController { requestedApp = appService.getApp(appId); if (isAuthorizedUser(user, requestedApp)) { fieldsValidation(requestedApp); - if (requestedApp.getCentralAuth()) { + if (requestedApp.getRolesInAAF()) { externalRequestFieldsValidator = externalAccessRolesService.deleteDependencyRoleRecord(roleId, requestedApp.getUebKey(), user.getOrgUserId()); boolean deleteResponse = externalRequestFieldsValidator.isResult(); @@ -296,7 +297,7 @@ public class RoleManageController extends EPRestrictedBaseController { return responseMap; } - @RequestMapping(value = { "/portalApi/role/saveRole/{appId}" }, method = RequestMethod.POST) + @PostMapping(value = { "/portalApi/role/saveRole/{appId}" }) public Map saveRole(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId) throws Exception { EPUser user = EPUserUtils.getUserSession(request); @@ -306,7 +307,7 @@ public class RoleManageController extends EPRestrictedBaseController { EPApp requestedApp = appService.getApp(appId); if (isAuthorizedUser(user, requestedApp)) { fieldsValidation(requestedApp); - if (requestedApp != null && requestedApp.getCentralAuth().equals(true)) { + if (requestedApp != null && requestedApp.getRolesInAAF().equals(true)) { ObjectMapper mapper = new ObjectMapper(); mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); JsonNode root = mapper.readTree(request.getReader()); @@ -333,7 +334,7 @@ public class RoleManageController extends EPRestrictedBaseController { if (existRole.getName().equalsIgnoreCase(role.getName())) throw new DuplicateRecordException("Role already exists: " + existRole.getName()); - domainRole = new CentralV2Role(); + domainRole = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role(); domainRole.setName(role.getName()); domainRole.setPriority(role.getPriority()); domainRole.setActive(role.getActive()); @@ -418,29 +419,29 @@ public class RoleManageController extends EPRestrictedBaseController { return responseMap; } - @RequestMapping(value = { "/portalApi/role/removeRoleFunction" }, method = RequestMethod.POST) + @PostMapping(value = { "/portalApi/role/removeRoleFunction" }) public ModelAndView removeRoleRoleFunction(HttpServletRequest request, HttpServletResponse response) throws Exception { return getRoleController().removeRoleFunction(request, response); } - @RequestMapping(value = { "/portalApi/role/addRoleFunction" }, method = RequestMethod.POST) + @PostMapping(value = { "/portalApi/role/addRoleFunction" }) public ModelAndView addRoleRoRoleFunction(HttpServletRequest request, HttpServletResponse response) throws Exception { return getRoleController().addRoleFunction(request, response); } - @RequestMapping(value = { "/portalApi/role/removeChildRole" }, method = RequestMethod.POST) + @PostMapping(value = { "/portalApi/role/removeChildRole" }) public ModelAndView removeChildRole(HttpServletRequest request, HttpServletResponse response) throws Exception { return getRoleController().removeChildRole(request, response); } - @RequestMapping(value = { "/portalApi/role/addChildRole" }, method = RequestMethod.POST) + @PostMapping(value = { "/portalApi/role/addChildRole" }) public ModelAndView addChildRole(HttpServletRequest request, HttpServletResponse response) throws Exception { return getRoleController().addChildRole(request, response); } - @RequestMapping(value = { "/portalApi/get_role/{appId}/{roleId}" }, method = RequestMethod.GET) + @GetMapping(value = { "/portalApi/get_role/{appId}/{roleId}" }) public void getRole(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception { try { @@ -449,7 +450,7 @@ public class RoleManageController extends EPRestrictedBaseController { EPApp requestedApp = appService.getApp(appId); if (isAuthorizedUser(user, requestedApp)) { fieldsValidation(requestedApp); - if (requestedApp.getCentralAuth()) { + if (requestedApp.getRolesInAAF()) { CentralV2Role answer = externalAccessRolesService.getRoleInfo(roleId, requestedApp.getUebKey()); logger.info(EELFLoggerDelegate.applicationLogger, "role_id" + roleId); Map model = new HashMap<>(); @@ -474,7 +475,7 @@ public class RoleManageController extends EPRestrictedBaseController { } } - @RequestMapping(value = { "/portalApi/get_role_functions/{appId}" }, method = RequestMethod.GET) + @GetMapping(value = { "/portalApi/get_role_functions/{appId}" }) public void getRoleFunctionList(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId) throws Exception { try { @@ -482,7 +483,7 @@ public class RoleManageController extends EPRestrictedBaseController { EPApp requestedApp = appService.getApp(appId); if (isAuthorizedUser(user, requestedApp)) { fieldsValidation(requestedApp); - if (requestedApp.getCentralAuth()) { + if (requestedApp.getRolesInAAF()) { List answer = null; Map model = new HashMap<>(); ObjectMapper mapper = new ObjectMapper(); @@ -505,7 +506,7 @@ public class RoleManageController extends EPRestrictedBaseController { } } - @RequestMapping(value = { "/portalApi/role_function_list/saveRoleFunction/{appId}" }, method = RequestMethod.POST) + @PostMapping(value = { "/portalApi/role_function_list/saveRoleFunction/{appId}" }) public PortalRestResponse saveRoleFunction(HttpServletRequest request, HttpServletResponse response, @Valid @RequestBody CentralV2RoleFunction roleFunc, @PathVariable("appId") Long appId) throws Exception { if (roleFunc!=null) { @@ -517,13 +518,14 @@ public class RoleManageController extends EPRestrictedBaseController { return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Data is not valid", "ERROR"); } } + EPUser user = EPUserUtils.getUserSession(request); boolean saveOrUpdateResponse = false; try { EPApp requestedApp = appService.getApp(appId); if (isAuthorizedUser(user, requestedApp)) { fieldsValidation(requestedApp); - if (requestedApp.getCentralAuth() && roleFunc!=null) { + if (requestedApp.getRolesInAAF() && roleFunc!=null) { String code = roleFunc.getType() + PIPE + roleFunc.getCode() + PIPE + roleFunc.getAction(); CentralV2RoleFunction domainRoleFunction = externalAccessRolesService.getRoleFunction(code, requestedApp.getUebKey()); @@ -601,7 +603,7 @@ public class RoleManageController extends EPRestrictedBaseController { } } - @RequestMapping(value = { "/portalApi/role_function_list/removeRoleFunction/{appId}" }, method = RequestMethod.POST) + @PostMapping(value = { "/portalApi/role_function_list/removeRoleFunction/{appId}" }) public PortalRestResponse removeRoleFunction(HttpServletRequest request, HttpServletResponse response, @RequestBody String roleFunc, @PathVariable("appId") Long appId) throws Exception { EPUser user = EPUserUtils.getUserSession(request); @@ -622,7 +624,7 @@ public class RoleManageController extends EPRestrictedBaseController { EPApp requestedApp = appService.getApp(appId); if (isAuthorizedUser(user, requestedApp)) { fieldsValidation(requestedApp); - if (requestedApp.getCentralAuth()) { + if (requestedApp.getRolesInAAF()) { ObjectMapper mapper = new ObjectMapper(); String data = roleFunc; boolean getDelFuncResponse = false; @@ -678,7 +680,7 @@ public class RoleManageController extends EPRestrictedBaseController { return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Deleted Successfully!", "Success"); } - @RequestMapping(value = { "/portalApi/centralizedApps" }, method = RequestMethod.GET) + @GetMapping(value = { "/portalApi/centralizedApps" }) public List getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) { if(userId!=null) { SecureString secureString = new SecureString(userId); @@ -691,6 +693,7 @@ public class RoleManageController extends EPRestrictedBaseController { return null; } } + EPUser user = EPUserUtils.getUserSession(request); List applicationsList = null; if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user) @@ -720,7 +723,7 @@ public class RoleManageController extends EPRestrictedBaseController { this.roleController = roleController; } - @RequestMapping(value = { "/portalApi/syncRoles" }, method = RequestMethod.POST, produces = "application/json") + @PostMapping(value = { "/portalApi/syncRoles" }, produces = "application/json") public PortalRestResponse syncRoles(HttpServletRequest request, HttpServletResponse response, @RequestBody Long appId) { EPUser user = EPUserUtils.getUserSession(request); @@ -742,7 +745,7 @@ public class RoleManageController extends EPRestrictedBaseController { return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Sync roles completed successfully!", "Success"); } - @RequestMapping(value = { "/portalApi/syncFunctions" }, method = RequestMethod.POST, produces = "application/json") + @PostMapping(value = { "/portalApi/syncFunctions" }, produces = "application/json") public PortalRestResponse syncFunctions(HttpServletRequest request, HttpServletResponse response, @RequestBody Long appId) { EPUser user = EPUserUtils.getUserSession(request); @@ -808,7 +811,7 @@ public class RoleManageController extends EPRestrictedBaseController { throw new InvalidApplicationException("Invalid credentials"); } if (!appInfo.isEmpty() && EcompPortalUtils.checkIfRemoteCentralAccessAllowed() - && appInfo.get(0).getCentralAuth()) { + && appInfo.get(0).getRolesInAAF()) { ResponseEntity response = externalAccessRolesService.getNameSpaceIfExists(appInfo.get(0)); if (response.getStatusCode().value() == HttpServletResponse.SC_NOT_FOUND) throw new InvalidApplicationException("Invalid NameSpace"); @@ -827,8 +830,8 @@ public class RoleManageController extends EPRestrictedBaseController { response.getWriter().write("Unauthorized User"); } - @RequestMapping(value = { - "/portalApi/uploadRoleFunction/{appId}" }, method = RequestMethod.POST, produces = "application/json") + @PostMapping(value = { + "/portalApi/uploadRoleFunction/{appId}" }, produces = "application/json") public PortalRestResponse bulkUploadRoleFunc(HttpServletRequest request, HttpServletResponse response, @RequestBody UploadRoleFunctionExtSystem data, @PathVariable("appId") Long appId) { EPUser user = EPUserUtils.getUserSession(request);