X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fservice%2FUserRolesCommonServiceImpl.java;h=7a7f9ee4c92513d5a6beb3f2e8011a4cb652b6c9;hb=fca38e174e85b66c67ab9e8b754a9b53d70fbfd9;hp=ab688820cea7319d4619c843fb9660496d628f71;hpb=8e83c25788017acd56271a72286f7dcbc974e76d;p=portal.git diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java index ab688820..7a7f9ee4 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -200,7 +200,12 @@ public class UserRolesCommonServiceImpl { client = new EPUser(); client.setOrgUserId(userId); client.setSystemUser(true); - client.setFirstName(userId.substring(0,userId.indexOf("@"))); + if (userId.indexOf("@") != -1) { + client.setFirstName(userId.substring(0,userId.indexOf("@"))); + } + else { + client.setFirstName(userId); + } } if (client == null) { String msg = "createLocalUserIfNecessary: cannot create user " + userId @@ -371,7 +376,7 @@ public class UserRolesCommonServiceImpl { .setParameter("appId",appId) .list(); for (EPRole role : roles) { - if (!extRequestValue && app.getCentralAuth()) { + if (!extRequestValue && app.getRolesInAAF()) { rolesMap.put(role.getId(), role); } else { rolesMap.put(role.getAppRoleId(), role); @@ -1081,12 +1086,11 @@ public class UserRolesCommonServiceImpl { } } } - applyChangesToUserAppRolesForMyLoginsRequest(user, appId); Boolean systemUser = (newAppRolesForUser.getIsSystemUser() != null ? newAppRolesForUser.getIsSystemUser() : false); - if ((app.getCentralAuth() || app.getId().equals(PortalConstants.PORTAL_APP_ID)) && systemUser) { + if ((app.getRolesInAAF() || app.getId().equals(PortalConstants.PORTAL_APP_ID)) && systemUser) { Set userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper, applicationsRestClientService, appId, userId); @@ -1103,13 +1107,16 @@ public class UserRolesCommonServiceImpl { result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, "Portal", systemUser,rolesGotDeletedByApprover,false); - }else if (!app.getCentralAuth() && systemUser) + }else if (!app.getRolesInAAF() && systemUser) { throw new Exception("For non-centralized application we cannot add systemUser"); } else{ // if centralized app - if (app.getCentralAuth()) { - if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { + if (app.getRolesInAAF()) { + + if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && (app.getAppAck() != null && app.getAppAck())) { + logger.debug(EELFLoggerDelegate.debugLogger,"setAppWithUserRoleStateForUser: calling pushRemoteUser method for Central application"); + logger.debug(EELFLoggerDelegate.debugLogger,"setAppWithUserRoleStateForUser:"+app.getAppAck()); pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, applicationsRestClientService,false); } @@ -1120,7 +1127,6 @@ public class UserRolesCommonServiceImpl { userRolesInLocalApp); List roleAppUserList = rolesInAppForUser.roles; if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { - // Apply changes in external Access system updateUserRolesInExternalSystem(app, rolesInAppForUser.orgUserId, roleAppUserList, epRequestValue,false,rolesGotDeletedFromApprover,checkIfUserisOnlyRoleAdmin); @@ -1128,7 +1134,7 @@ public class UserRolesCommonServiceImpl { result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, "Portal", systemUser,rolesGotDeletedFromApprover,checkIfUserisOnlyRoleAdmin); } // In case if portal is not centralized then follow existing approach - else if(!app.getCentralAuth() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){ + else if(!app.getRolesInAAF() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){ Set userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper, applicationsRestClientService, appId, userId); RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId, @@ -1137,10 +1143,10 @@ public class UserRolesCommonServiceImpl { result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, "Portal",false,rolesGotDeletedByApprover,false); } else{// remote app EPUser remoteAppUser = null; - if(!app.getCentralAuth() && !app.getId().equals(PortalConstants.PORTAL_APP_ID)){ + if(!app.getRolesInAAF() && !app.getId().equals(PortalConstants.PORTAL_APP_ID)){ remoteAppUser = checkIfRemoteUserExits(userId, app, applicationsRestClientService); - + if (remoteAppUser == null) { remoteAppUser = addRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, applicationsRestClientService); } @@ -1192,7 +1198,7 @@ public class UserRolesCommonServiceImpl { * @param roleInAppUser Contains list of active roles */ @SuppressWarnings("unchecked") - private void updateUserRolesInExternalSystem(EPApp app, String orgUserId, List roleInAppUser, boolean isPortalRequest,boolean isSystemUser,Set deletedRolesByApprover,boolean isLoggedInUserRoleAdminofApp) throws Exception + private void updateUserRolesInExternalSystem(EPApp app, String orgUserId, List roleInAppUser, boolean isPortalRequest,boolean nonHumanUserId,Set deletedRolesByApprover,boolean isLoggedInUserRoleAdminofApp) throws Exception { try { // check if user exists @@ -1200,15 +1206,23 @@ public class UserRolesCommonServiceImpl { userParams.put("orgUserIdValue", orgUserId); List userInfo = checkIfUserExists(userParams); if (userInfo.isEmpty()) { - createLocalUserIfNecessary(orgUserId, isSystemUser); + createLocalUserIfNecessary(orgUserId, nonHumanUserId); } String name = ""; if (EPCommonSystemProperties - .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) && !isSystemUser) { - name = orgUserId - + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); + .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) && !nonHumanUserId) { + if(orgUserId.indexOf("@") ==-1) { + name = orgUserId + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); + }else { + name = orgUserId; + } } else { name = orgUserId; + if(nonHumanUserId && orgUserId!=null) { + if(orgUserId.indexOf("@") ==-1) { + name = orgUserId + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); + } + } } ObjectMapper mapper = new ObjectMapper(); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); @@ -1607,7 +1621,7 @@ public class UserRolesCommonServiceImpl { } //If Non-Centralized app make sure you sync app roles before assigning to user - if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && !app.getCentralAuth()) { + if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && !app.getRolesInAAF()) { logger.debug(EELFLoggerDelegate.debugLogger, "setExternalRequestUserAppRole: Starting GET roles for app {}",app.getId()); EcompRole[] appRoles = applicationsRestClientService.get(EcompRole[].class, app.getId(), "/roles"); logger.debug(EELFLoggerDelegate.debugLogger, "setExternalRequestUserAppRole: Finshed GET roles for app {} and payload {}",app.getId(), appRoles); @@ -1634,12 +1648,13 @@ public class UserRolesCommonServiceImpl { .anyMatch(roleList -> roleList.getRoleId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)); } // if Centralized app - if (app.getCentralAuth()) { + if (app.getRolesInAAF()) { // We should add If user does not exist in remote application try { // If adding just account admin role dont make remote application user call or // if request has only single non admin role then make remote call if (!(app.getId().equals(PortalConstants.PORTAL_APP_ID) && reqType.equals("DELETE")) + && (app.getAppAck() != null && app.getAppAck()) && ((checkIfAdminRoleExists && roleInAppForUserList.size() > 1) || (!checkIfAdminRoleExists && roleInAppForUserList.size() >= 1))) { // check if admin role exist then delete @@ -1649,6 +1664,7 @@ public class UserRolesCommonServiceImpl { return (role.getRoleId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)); }); String orgUserIdNewOrExist = (userInfo.size() != 0 || !userInfo.isEmpty()) ? user.getOrgUserId() : orgUserId; + pushRemoteUser(remoteUserRoles, orgUserIdNewOrExist , app, mapper, searchService, applicationsRestClientService,true); } @@ -1673,7 +1689,7 @@ public class UserRolesCommonServiceImpl { result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest, reqType,false,rolesGotDeletedByApprover,false); } // If local application is not centralized - else if(!app.getCentralAuth() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){ + else if(!app.getRolesInAAF() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){ Set userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper, applicationsRestClientService, app.getId(), orgUserId); RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId, app.getId(), @@ -1883,7 +1899,7 @@ public class UserRolesCommonServiceImpl { // for onap portal app, no need to make a remote call List roleList = new ArrayList<>(); if (appId == PortalConstants.PORTAL_APP_ID) { - if(app.getCentralAuth()){ + if(app.getRolesInAAF()){ List cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey()); for(CentralV2Role cenRole : cenRoleList){ Role role = new Role(); @@ -1922,7 +1938,7 @@ public class UserRolesCommonServiceImpl { EcompRole[] appRoles = null; boolean checkIfUserisApplicationAccAdmin = false; List roles = new ArrayList<>(); - if (app.getCentralAuth()) { + if (app.getRolesInAAF()) { final Map appParams = new HashMap<>(); appParams.put("appId", app.getId()); List applicationRoles = dataAccessService.executeNamedQuery("getActiveRolesOfApplication", @@ -2025,14 +2041,14 @@ public class UserRolesCommonServiceImpl { // If there is an exception in the rest client api, then null will // be returned. if (appRoles != null) { - if(!app.getCentralAuth()) { + if(!app.getRolesInAAF()) { syncAppRoles(sessionFactory, appId, appRoles); } EcompRole[] userAppRoles = null; try { try { - if(app.getCentralAuth()){ + if(app.getRolesInAAF()){ final Map params = new HashMap<>(); final Map userParams = new HashMap<>(); params.put("orgUserIdValue", userId); @@ -2302,7 +2318,7 @@ public class UserRolesCommonServiceImpl { EPApp app = appsService.getApp(appId); //If local or centralized application - if (appId == PortalConstants.PORTAL_APP_ID || app.getCentralAuth()) { + if (appId == PortalConstants.PORTAL_APP_ID || app.getRolesInAAF()) { Map params = new HashMap<>(); params.put("id", app.getId()); params.put("active", true);