X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fservice%2FExternalAccessRolesServiceImpl.java;h=786ad42990d6e94f470fb2f68e6e7e050b494a63;hb=3f56b9fdb4d2ec891344d6c9048363e1cac587d2;hp=3a86952b2c9053673af407e7a3771f7c23532ab0;hpb=a70761c096192e38800bf38d6c7f61f52bf72007;p=portal.git diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java index 3a86952b..786ad429 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java @@ -47,11 +47,9 @@ import java.util.Map; import java.util.Set; import java.util.SortedSet; import java.util.TreeSet; -import java.util.regex.Pattern; import java.util.stream.Collectors; import org.apache.commons.codec.DecoderException; -import org.apache.commons.codec.binary.Hex; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.SessionFactory; @@ -78,28 +76,7 @@ import org.onap.portalapp.portal.exceptions.RoleFunctionException; import org.onap.portalapp.portal.logging.aop.EPAuditLog; import org.onap.portalapp.portal.logging.aop.EPMetricsLog; import org.onap.portalapp.portal.logging.logic.EPLogUtil; -import org.onap.portalapp.portal.transport.BulkUploadRoleFunction; -import org.onap.portalapp.portal.transport.BulkUploadUserRoles; -import org.onap.portalapp.portal.transport.CentralApp; -import org.onap.portalapp.portal.transport.CentralRole; -import org.onap.portalapp.portal.transport.CentralRoleFunction; -import org.onap.portalapp.portal.transport.CentralUser; -import org.onap.portalapp.portal.transport.CentralUserApp; -import org.onap.portalapp.portal.transport.CentralV2Role; -import org.onap.portalapp.portal.transport.CentralV2User; -import org.onap.portalapp.portal.transport.CentralV2UserApp; -import org.onap.portalapp.portal.transport.CentralizedAppRoles; -import org.onap.portalapp.portal.transport.EPUserAppCurrentRoles; -import org.onap.portalapp.portal.transport.EcompUserRoles; -import org.onap.portalapp.portal.transport.ExternalAccessPerms; -import org.onap.portalapp.portal.transport.ExternalAccessPermsDetail; -import org.onap.portalapp.portal.transport.ExternalAccessRole; -import org.onap.portalapp.portal.transport.ExternalAccessRolePerms; -import org.onap.portalapp.portal.transport.ExternalAccessUser; -import org.onap.portalapp.portal.transport.ExternalAccessUserRoleDetail; -import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator; -import org.onap.portalapp.portal.transport.GlobalRoleWithApplicationRoleFunction; -import org.onap.portalapp.portal.transport.LocalRole; +import org.onap.portalapp.portal.transport.*; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.portal.utils.PortalConstants; @@ -219,8 +196,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic logger.debug(EELFLoggerDelegate.debugLogger, "getSingleAppRole: Connecting to External Auth system"); response = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "roles/" - + app.getNameSpace() - + "." + addRole + + app.getNameSpace() + "." + addRole .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), HttpMethod.GET, entity, String.class); logger.debug(EELFLoggerDelegate.debugLogger, @@ -284,9 +260,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param updateExtRole * @param app * @return true if success else false - * @throws Exception - * If updateRoleInExternalSystem fails we catch it in logger for - * detail message + * @throws Exception If updateRoleInExternalSystem fails we catch it in logger + * for detail message */ private boolean updateRoleInExternalSystem(Role updateExtRole, EPApp app, boolean isGlobalRole) throws Exception { boolean response = false; @@ -444,8 +419,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /* - * Adds function to the role in the external auth system while editing a - * role or updating new functions to a role + * Adds function to the role in the external auth system while editing a role or + * updating new functions to a role * */ private boolean addFunctionsToRoleInExternalAuthSystem(Role updateExtRole, EPApp app, ObjectMapper mapper, @@ -673,8 +648,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic /** * - * It converts list of functions in updateExtRole parameter to the - * RoleFunction object + * It converts list of functions in updateExtRole parameter to the RoleFunction + * object * * @param updateExtRole * @return list of functions @@ -736,8 +711,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param newRole * @param app * @return true if successfully added in the system else false - * @throws Exception - * If fails to add role in the system + * @throws Exception If fails to add role in the system */ private void addNewRoleInExternalSystem(List newRole, EPApp app) throws Exception, HttpClientErrorException { @@ -773,8 +747,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * * It updates existing role in the External Auth System * - * @param addRole - * It Contains role information + * @param addRole It Contains role information * @param app * @return string which is formatted to match with the external auth system * @throws JsonProcessingException @@ -913,8 +886,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * * @param checkRole * @param app - * @throws Exception - * If role exits + * @throws Exception If role exits */ private void checkIfRoleExitsInExternalSystem(Role checkRole, EPApp app) throws Exception { getNameSpaceIfExists(app); @@ -974,8 +946,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic /** * - * It filters the app functions which starts with similar name in the result - * set + * It filters the app functions which starts with similar name in the result set * * @param roleFunc * @param roleFunction @@ -1176,8 +1147,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * It returns user detail information which is deep copy of EPUser.class - * object + * It returns user detail information which is deep copy of EPUser.class object * * @param userInfo * @param userAppSet @@ -1349,8 +1319,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic /** * - * It returns list of app roles along with role functions and which went - * through deep copy + * It returns list of app roles along with role functions and which went through + * deep copy * * @param app * @param roleInfo @@ -1399,7 +1369,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @Override public CentralV2RoleFunction getRoleFunction(String functionCode, String uebkey) throws Exception { String code = EcompPortalUtils.getFunctionCode(functionCode); - String encodedCode = encodeFunctionCode(code); + String encodedCode = EcompPortalUtils.encodeFunctionCode(code); CentralV2RoleFunction roleFunc = null; EPApp app = getApp(uebkey).get(0); List getRoleFuncList = null; @@ -1457,7 +1427,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic throws Exception { boolean saveOrUpdateFunction = false; try { - domainCentralRoleFunction.setCode(encodeFunctionCode(domainCentralRoleFunction.getCode())); + if(EcompPortalUtils.checkFunctionCodeHasEncodePattern(domainCentralRoleFunction.getCode())) + domainCentralRoleFunction.setCode(EcompPortalUtils.encodeFunctionCode(domainCentralRoleFunction.getCode())); final Map functionParams = new HashMap<>(); functionParams.put("appId", String.valueOf(app.getId())); if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { @@ -2148,7 +2119,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (extPerms.getJSONObject(i).has("description")) { description = extPerms.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); } else { - description = extPerms.getJSONObject(i).getString("type") + "|" + description = extPerms.getJSONObject(i).getString("type").substring(app.getNameSpace().length() + 1) + "|" + extPerms.getJSONObject(i).getString("instance") + "|" + extPerms.getJSONObject(i).getString("action"); } @@ -2248,8 +2219,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic /** * - * While sync functions form external auth system if new role found we - * should add in local and return Role.class object + * While sync functions form external auth system if new role found we should + * add in local and return Role.class object * * @param app * @param role @@ -2768,65 +2739,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } - /** - * - * It checks description in External Auth System if found any - * changes updates in DB - * - * @param app - * @param finalRoleList - * contains list of External Auth System roles list which is - * converted to EPRole - */ - @SuppressWarnings("unchecked") - private void checkAndUpdateRoleInDB(EPApp app, List finalRoleList) { - for (EPRole roleItem : finalRoleList) { - final Map roleParams = new HashMap<>(); - List currentList = null; - roleParams.put(APP_ROLE_NAME_PARAM, roleItem.getName()); - if (app.getId() == 1) { - currentList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null); - } else { - roleParams.put(APP_ID, app.getId().toString()); - currentList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, - roleParams, null); - } - if (!currentList.isEmpty()) { - try { - Boolean aafRoleActive; - Boolean localRoleActive; - boolean result; - aafRoleActive = Boolean.valueOf(roleItem.getActive()); - localRoleActive = Boolean.valueOf(currentList.get(0).getActive()); - result = aafRoleActive.equals(localRoleActive); - EPRole updateRole = currentList.get(0); - if (!result) { - updateRole.setActive(roleItem.getActive()); - dataAccessService.saveDomainObject(updateRole, null); - } - if (roleItem.getPriority() != null - && !currentList.get(0).getPriority().equals(roleItem.getPriority())) { - updateRole.setPriority(roleItem.getPriority()); - dataAccessService.saveDomainObject(updateRole, null); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, - "syncApplicationRolesWithEcompDB: Failed to update role ", e); - } - } - } - } - /** * * It de-activates application roles in DB if not present in External Auth - * system + * system * * @param app - * @param finalRoleList - * contains list of current roles present in External Auth System - * @param applicationRolesList - * contains list of current roles present in DB + * @param finalRoleList contains list of current roles present in + * External Auth System + * @param applicationRolesList contains list of current roles present in DB */ @SuppressWarnings("unchecked") private void inactiveRolesNotInExternalAuthSystem(EPApp app, List finalRoleList, @@ -2840,8 +2761,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map extRoleParams = new HashMap<>(); List roleList = null; extRoleParams.put(APP_ROLE_NAME_PARAM, role.getName()); - if (!checkRolesInactive.containsKey(role.getName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) { + if (!checkRolesInactive.containsKey(role.getName())) { if (app.getId() == 1) { roleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, extRoleParams, null); } else { @@ -3640,20 +3560,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return userRolesAdded; } - @Override - public String encodeFunctionCode(String funCode) { - String encodedString = funCode; - List encodingList = new ArrayList<>(); - encodingList.add(Pattern.compile("/")); - encodingList.add(Pattern.compile("-")); - for (Pattern xssInputPattern : encodingList) { - encodedString = xssInputPattern.matcher(encodedString) - .replaceAll("%" + Hex.encodeHexString(xssInputPattern.toString().getBytes())); - } - encodedString = encodedString.replaceAll("\\*", "%" + Hex.encodeHexString("*".getBytes())); - return encodedString; - } - @Override public void bulkUploadRoleFunc(UploadRoleFunctionExtSystem data, EPApp app) throws Exception { ObjectMapper mapper = new ObjectMapper(); @@ -3662,7 +3568,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic ExternalAccessRolePerms extRolePerms; ExternalAccessPerms extPerms; extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + data.getType(), - encodeFunctionCode(data.getInstance()), data.getAction()); + EcompPortalUtils.encodeFunctionCode(data.getInstance()), data.getAction()); String appNameSpace = ""; if (data.getIsGlobalRolePartnerFunc()) { appNameSpace = epAppService.getApp(1l).getNameSpace(); @@ -3882,4 +3788,5 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return roleDescUpdated; } + }