X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Finterceptor%2FPortalResourceInterceptor.java;h=146050a48318da7c57423a1e8e9014e862f32820;hb=4d0b6c18868e0a5fdbd876d4e0fdb18ae5b4573e;hp=b143906038b246e29b513aefc04c7ebb4295bffa;hpb=a70761c096192e38800bf38d6c7f61f52bf72007;p=portal.git diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java index b1439060..146050a4 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java @@ -154,8 +154,8 @@ public class PortalResourceInterceptor extends ResourceInterceptor { SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME)); //RoleAdmin check is being added because the role belongs to partner application //inorder to access portal api's, bypassing this with isRoleAdmin Check - if ((matchRoleFunctions(portalApiPath, allRoleFunctions) - && !matchRoleFunctions(portalApiPath, roleFunctions)) && !adminRolesService.isRoleAdmin(user)) { + if ((EPUserUtils.matchRoleFunctions(portalApiPath, allRoleFunctions) + && !EPUserUtils.matchRoleFunctions(portalApiPath, roleFunctions)) && !adminRolesService.isRoleAdmin(user)) { logger.error(EELFLoggerDelegate.errorLogger, "preHandle: User {} not authorized for path {} ", user.getOrgUserId(), portalApiPath); @@ -296,9 +296,13 @@ public class PortalResourceInterceptor extends ResourceInterceptor { }catch(ClassCastException e){ logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the classcastexception block if the UN is not the mechid : {}"); - + String secretKey = null; // Unauthorized access due to missing HTTP Authorization request header if (authHeader == null) { + if (remoteWebServiceCallService.verifyRESTCredential(secretKey, request.getHeader(EPCommonSystemProperties.UEB_KEY), + request.getHeader("username"), request.getHeader("password"))) { + return true; + } final String msg = "no authorization found"; logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); @@ -396,42 +400,6 @@ public class PortalResourceInterceptor extends ResourceInterceptor { return result; } - private Boolean matchRoleFunctions(String portalApiPath, Set roleFunctions) { - String[] path = portalApiPath.split("/"); - List roleFunList = new ArrayList<>(); - if (path.length > 1) { - roleFunList = roleFunctions.stream().filter(item -> item.startsWith(path[0])).collect(Collectors.toList()); - if (roleFunList.size() >= 1) { - for (String roleFunction : roleFunList) { - String[] roleFunctionArray = roleFunction.split("/"); - boolean b = true; - if (roleFunctionArray.length == path.length) { - for (int i = 0; i < roleFunctionArray.length; i++) { - if (b) { - if (!roleFunctionArray[i].equals("*")) { - Pattern p = Pattern.compile(Pattern.quote(path[i]), Pattern.CASE_INSENSITIVE); - Matcher m = p.matcher(roleFunctionArray[i]); - b = m.matches(); - - } - } - } - if (b) - return b; - } - } - } - } else { - for (String roleFunction : roleFunctions) { - if (portalApiPath.matches(roleFunction)) - return true; - } - } - return false; - } - - - protected void handleSessionUpdates(HttpServletRequest request) { PortalTimeoutHandler.handleSessionUpdatesNative(request, null, null, null, null, manageService); }