X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fservice%2FAdminRolesServiceImpl.java;h=969ccc5f8831c8873cdd18a2a182f0fc2e5ef1b6;hb=230c71614b1d2fb71a8fb482c749ff5a6dad65d8;hp=e0ce086e659089f54f047a451b761519c69b0b5d;hpb=1376951553a11ed93a9fde45b7f26b51c0b31e9c;p=portal.git

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java
index e0ce086e..969ccc5f 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java
@@ -4,6 +4,8 @@
  * ===================================================================
  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
  * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
  *
  * Unless otherwise specified, all software contained herein is licensed
  * under the Apache License, Version 2.0 (the "License");
@@ -33,18 +35,18 @@
  *
  * ============LICENSE_END============================================
  *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * 
  */
 package org.onap.portalapp.portal.service;
 
 import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
-import java.util.SortedSet;
-
+import java.util.Set;
+import java.util.stream.Collectors;
 import javax.annotation.PostConstruct;
-
 import org.apache.cxf.common.util.StringUtils;
 import org.hibernate.Session;
 import org.hibernate.SessionFactory;
@@ -57,6 +59,7 @@ import org.onap.portalapp.portal.domain.EPUser;
 import org.onap.portalapp.portal.domain.EPUserApp;
 import org.onap.portalapp.portal.domain.UserIdRoleId;
 import org.onap.portalapp.portal.domain.UserRole;
+import org.onap.portalapp.portal.exceptions.RoleFunctionException;
 import org.onap.portalapp.portal.logging.aop.EPMetricsLog;
 import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
@@ -66,6 +69,7 @@ import org.onap.portalapp.portal.transport.ExternalAccessUser;
 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
 import org.onap.portalapp.portal.utils.EcompPortalUtils;
 import org.onap.portalapp.portal.utils.PortalConstants;
+import org.onap.portalapp.util.EPUserUtils;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.service.DataAccessService;
 import org.onap.portalsdk.core.util.SystemProperties;
@@ -78,7 +82,6 @@ import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.client.RestTemplate;
-
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 @Service("adminRolesService")
@@ -91,6 +94,8 @@ public class AdminRolesServiceImpl implements AdminRolesService {
 	private Long SYS_ADMIN_ROLE_ID = 1L;
 	private Long ACCOUNT_ADMIN_ROLE_ID = 999L;
 	private Long ECOMP_APP_ID = 1L;
+	public static final String TYPE_APPROVER = "approver";
+	private static final String ADMIN_ACCOUNT= "Is account admin for user {}";
 
 	private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesServiceImpl.class);
 
@@ -102,6 +107,8 @@ public class AdminRolesServiceImpl implements AdminRolesService {
 	private SearchService searchService;
 	@Autowired
 	private EPAppService appsService;
+	@Autowired
+	private ExternalAccessRolesService externalAccessRolesService;
 
 	private RestTemplate template = new RestTemplate();
 
@@ -130,9 +137,9 @@ public class AdminRolesServiceImpl implements AdminRolesService {
 			try {
 				userList = dataAccessService.executeNamedQuery("getEPUserByOrgUserId", userParams, null);
 			} catch (Exception e) {
-				logger.error(EELFLoggerDelegate.errorLogger, "getEPUserByOrgUserId failed", e);			
+				logger.error(EELFLoggerDelegate.errorLogger, "getEPUserByOrgUserId failed", e);
 			}
-				
+
 			HashMap<Long, Long> appsUserAdmin = new HashMap<Long, Long>();
 			if (userList!= null && userList.size() > 0) {
 				EPUser user = userList.get(0);
@@ -153,8 +160,10 @@ public class AdminRolesServiceImpl implements AdminRolesService {
 			appsListWithAdminRole.orgUserId = orgUserId;
 			List<EPApp> appsList = null;
 			try {
-				appsList = dataAccessService.getList(EPApp.class,
-						"  where ( enabled = 'Y' or id = " + ECOMP_APP_ID + ")", null, null);
+//				appsList = dataAccessService.getList(EPApp.class,
+//						null, null, null);
+				
+				appsList = dataAccessService.getList(EPApp.class, null);
 			} catch (Exception e) {
 				logger.error(EELFLoggerDelegate.errorLogger, "getAppsWithAdminRoleStateForUser 2 failed", e);
 				EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
@@ -187,9 +196,9 @@ public class AdminRolesServiceImpl implements AdminRolesService {
 				List<EPApp> apps = appsService.getAppsFullList();
 				HashMap<Long, EPApp> enabledApps = new HashMap<Long, EPApp>();
 				for (EPApp app : apps) {
-					if (app.getEnabled().booleanValue() || app.getId() == ECOMP_APP_ID) {
+//					if (app.getEnabled().booleanValue() || app.getId() == ECOMP_APP_ID) {
 						enabledApps.put(app.getId(), app);
-					}
+//					}
 				}
 				List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin = new ArrayList<AppNameIdIsAdmin>();
 				for (AppNameIdIsAdmin adminRole : newAppsListWithAdminRoles.appsRoles) {
@@ -252,7 +261,7 @@ public class AdminRolesServiceImpl implements AdminRolesService {
 							// Add user admin role for list of centralized applications in external system
 							addAdminRoleInExternalSystem(user, localSession, newAppsWhereUserIsAdmin);
 							result = true;
-						}	
+						}
 					} catch (Exception e) {
 						EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
 						logger.error(EELFLoggerDelegate.errorLogger,
@@ -340,7 +349,7 @@ public class AdminRolesServiceImpl implements AdminRolesService {
 			for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) {
 				EPApp app = (EPApp) localSession.get(EPApp.class, appNameIdIsAdmin.id);
 				try {
-					if (app.getCentralAuth()) {
+					if (app.getRolesInAAF()) {
 						String extRole = app.getNameSpace() + "." + PortalConstants.ADMIN_ROLE.replaceAll(" ", "_");
 						HttpEntity<String> entity = new HttpEntity<>(headers);
 						String name = "";
@@ -431,12 +440,27 @@ public class AdminRolesServiceImpl implements AdminRolesService {
 
 	public boolean isAccountAdmin(EPUser user) {
 		try {
-			EPUser currentUser = user != null
-					? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null)
-					: null;
+        if (user == null) {
+            return false;
+        }
+
+			EPUser currentUser = (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null);
+
+			final Map<String, Long> userParams = new HashMap<>();
+			userParams.put("userId", user.getId());
+			logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId());
+			List<Integer> userAdminApps = new ArrayList<>();
+
+			userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null);
+			logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}", user.getOrgUserId(), userAdminApps.size());
+
+
 			if (currentUser != null && currentUser.getId() != null) {
 				for (EPUserApp userApp : currentUser.getEPUserApps()) {
-					if (userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
+
+
+					if (userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)||(userAdminApps.size()>1)) {
+						logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found Id {}", user.getOrgUserId(), userApp.getRole().getId());
 						// Account Administrator sees only the applications
 						// he/she is Administrator
 						return true;
@@ -451,6 +475,39 @@ public class AdminRolesServiceImpl implements AdminRolesService {
 		return false;
 	}
 
+
+	public boolean isRoleAdmin(EPUser user) {
+		try {
+			logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access");
+
+					final Map<String, Long> userParams = new HashMap<>();
+					userParams.put("userId", user.getId());
+					List getRoleFuncListOfUser = dataAccessService.executeNamedQuery("getRoleFunctionsOfUserforAlltheApplications", userParams, null);
+					logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser" , getRoleFuncListOfUser);
+					Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser);
+					Set<String> getRoleFuncListOfPortalSet1=new HashSet<>();
+					Set<String> roleFunSet = new HashSet<>();
+					roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")).collect(Collectors.toSet());
+					if (!roleFunSet.isEmpty())
+						for (String roleFunction : roleFunSet) {
+							String type = externalAccessRolesService.getFunctionCodeType(roleFunction);
+							getRoleFuncListOfPortalSet1.add(type);
+						}
+				
+					boolean checkIfFunctionsExits = getRoleFuncListOfPortalSet1.stream()
+							.anyMatch(roleFunction -> roleFunction.equalsIgnoreCase("Approver"));
+					logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction" , checkIfFunctionsExits);
+
+					return checkIfFunctionsExits;
+		
+		} catch (Exception e) {
+			EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+			logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isRoleAdmin operation",
+					e);
+		}
+		return false;
+	}
+
 	public boolean isUser(EPUser user) {
 		try {
 			EPUser currentUser = user != null
@@ -490,24 +547,71 @@ public class AdminRolesServiceImpl implements AdminRolesService {
 
 	@Override
 	public boolean isAccountAdminOfApplication(EPUser user, EPApp app) {
+		Boolean isApplicationAccountAdmin=false;
 		try {
-			EPUser currentUser = user != null
-					? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null;
-			if (currentUser != null && currentUser.getId() != null) {
-				SortedSet<EPUserApp> userApps = currentUser.getEPUserApps();
-				EPUserApp userApp = userApps.stream()
-						.filter(x -> x.getRole().getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)
-								&& x.getApp().getId().equals(app.getId()))
-						.findAny().orElse(null);
-				if (userApp != null) {
-					return true;
-				}
+					final Map<String, Long> userParams = new HashMap<>();
+					userParams.put("userId", user.getId());
+					logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId());
+					List<Integer> userAdminApps = new ArrayList<>();
+					userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null);
+					if(!userAdminApps.isEmpty()){
+					isApplicationAccountAdmin=userAdminApps.contains((int) (long) app.getId());
+					logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(),app.getId());
+					}
+			} catch (Exception e) {
+			EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+			logger.error(EELFLoggerDelegate.errorLogger,
+					"Exception occurred while executing isAccountAdminOfApplication operation", e);
+		}
+		logger.debug(EELFLoggerDelegate.debugLogger, "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin, user.getOrgUserId());
+		return isApplicationAccountAdmin;
+
+	}
+
+	@Override
+	public Set<String> getAllAppsFunctionsOfUser(String OrgUserId) throws RoleFunctionException {
+		final Map<String, String> params = new HashMap<>();
+		params.put("userId", OrgUserId);
+		List getRoleFuncListOfPortal = dataAccessService.executeNamedQuery("getAllAppsFunctionsOfUser", params, null);
+		Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfPortal);
+		Set<String> roleFunSet = new HashSet<>();
+		roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")).collect(Collectors.toSet());
+		if (!roleFunSet.isEmpty())
+			for (String roleFunction : roleFunSet) {
+				String roleFun = EcompPortalUtils.getFunctionCode(roleFunction);
+				getRoleFuncListOfPortalSet.remove(roleFunction);
+				getRoleFuncListOfPortalSet.add(roleFun);
 			}
-		} catch (Exception e) {
+
+		Set<String> finalRoleFunctionSet = new HashSet<>();
+		for (String roleFn : getRoleFuncListOfPortalSet) {
+			finalRoleFunctionSet.add(EPUserUtils.decodeFunctionCode(roleFn));
+		}
+		
+		return finalRoleFunctionSet;
+	}
+
+	
+	@Override
+	public boolean isAccountAdminOfAnyActiveorInactiveApplication(EPUser user, EPApp app) {
+		Boolean isApplicationAccountAdmin=false;
+		try {
+					final Map<String, Long> userParams = new HashMap<>();
+					userParams.put("userId", user.getId());	
+					logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId());
+					List<Integer> userAdminApps = new ArrayList<>();
+					userAdminApps =dataAccessService.executeNamedQuery("getAllAdminAppsofTheUser", userParams, null);
+					if(!userAdminApps.isEmpty()){
+					isApplicationAccountAdmin=userAdminApps.contains((int) (long) app.getId());
+					logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(),app.getId());
+					}					
+			} catch (Exception e) {
 			EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
 			logger.error(EELFLoggerDelegate.errorLogger,
 					"Exception occurred while executing isAccountAdminOfApplication operation", e);
 		}
-		return false;
+		logger.debug(EELFLoggerDelegate.debugLogger, "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin, user.getOrgUserId());
+		return isApplicationAccountAdmin;
+
 	}
 }