X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fservice%2FUserRolesCommonServiceImpl.java;h=b0dd4a21e256d9912af848eccf248777f4c5d9da;hb=2c658b3e35fa4f0c7b87bbd211de6bedbbe13852;hp=ab4044d14d909889dbf04efc0341d8806a701903;hpb=3aa28e9dd68cce134644223505f326378b5d91a8;p=portal.git diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java index ab4044d1..b0dd4a21 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -33,7 +33,7 @@ * * ============LICENSE_END============================================ * - * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * */ package org.onap.portalapp.portal.service; @@ -90,6 +90,7 @@ import org.onap.portalapp.portal.transport.FieldsValidator; import org.onap.portalapp.portal.transport.FunctionalMenuItem; import org.onap.portalapp.portal.transport.FunctionalMenuRole; import org.onap.portalapp.portal.transport.RemoteRole; +import org.onap.portalapp.portal.transport.RemoteRoleV1; import org.onap.portalapp.portal.transport.RemoteUserWithRoles; import org.onap.portalapp.portal.transport.RoleInAppForUser; import org.onap.portalapp.portal.transport.RolesInAppForUser; @@ -97,6 +98,7 @@ import org.onap.portalapp.portal.transport.UserApplicationRoles; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.portal.utils.PortalConstants; +import org.onap.portalapp.util.SystemType; import org.onap.portalsdk.core.domain.Role; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.restful.domain.EcompRole; @@ -140,6 +142,9 @@ public class UserRolesCommonServiceImpl { @Autowired private ExternalAccessRolesService externalAccessRolesService; + @Autowired + private AppsCacheService appsCacheService; + RestTemplate template = new RestTemplate(); /** @@ -345,7 +350,7 @@ public class UserRolesCommonServiceImpl { /* * for local app -- hack - always make sure fn_role * table's app_id is null and not 1 for primary app in - * this case being ecomp portal app; reason: hibernate + * this case being onap portal app; reason: hibernate * is rightly setting this to 1 while persisting to * fn_role as per the mapping but SDK role management * code expects the app_id to be null as there is no @@ -477,6 +482,7 @@ public class UserRolesCommonServiceImpl { oldAppRole.setName(role.getName()); localSession.update(oldAppRole); } + oldAppRole.setActive(true); newRolesMap.remove(oldAppRole.getAppRoleId()); } else { obsoleteRoles.add(oldAppRole); @@ -646,6 +652,24 @@ public class UserRolesCommonServiceImpl { Set updatedUserRolesinRemote = constructUsersRemoteAppRoles(roleInAppForUserList); Set updateUserRolesInEcomp = constructUsersEcompRoles(roleInAppForUserList); String userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemote); + EPApp externalApp = null; + SystemType type = SystemType.APPLICATION; + externalApp = appsCacheService.getApp(appId); + String appBaseUri = null; + Set updatedUserRolesinRemoteV1 = new TreeSet<>(); + if (externalApp != null) { + appBaseUri = (type == SystemType.APPLICATION) ? externalApp.getAppRestEndpoint() : ""; + } + if(appBaseUri != null && appBaseUri.endsWith("/api")){ + for(EcompRole eprole :updatedUserRolesinRemote) + { + RemoteRoleV1 role = new RemoteRoleV1(); + role.setId(eprole.getId()); + role.setName(eprole.getName()); + updatedUserRolesinRemoteV1.add(role); + } + userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemoteV1); + } applicationsRestClientService.post(EcompRole.class, appId, userRolesAsString, String.format("/user/%s/roles", userId)); // TODO: We should add code that verifies that the post operation did @@ -761,7 +785,7 @@ public class UserRolesCommonServiceImpl { for (EPRole externalAppRole : rolesList) { // Try to find an existing extern role for the app in the local - // ecomp DB. If so, then use its id to update the existing external + // onap DB. If so, then use its id to update the existing external // application role record. Long externAppId = externalAppRole.getId(); EPRole existingAppRole = epRoleService.getRole(appId, externAppId); @@ -794,20 +818,77 @@ public class UserRolesCommonServiceImpl { private EPUser addRemoteUser(List roleInAppForUserList, String userId, EPApp app, ObjectMapper mapper, SearchService searchService, ApplicationsRestClientService applicationsRestClientService) throws Exception{ EPUser addRemoteUser = null; if (remoteUserShouldBeCreated(roleInAppForUserList)) { - createNewUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper, isAppUpgradeVersion(app)); - // If we succeed, we know that the new user was - // persisted on remote app. - addRemoteUser = getUserFromApp(userId, app, applicationsRestClientService); - if (addRemoteUser == null) { - logger.error(EELFLoggerDelegate.errorLogger, - "Failed to persist new user: " + userId + " in remote app. appId = " + app.getId()); - // return null; - } } return addRemoteUser; } + + private EPUser pushRemoteUser(List roleInAppForUserList, String userId, EPApp app, + ObjectMapper mapper, SearchService searchService, + ApplicationsRestClientService applicationsRestClientService) throws Exception { + EPUser addRemoteUser = null; + if (remoteUserShouldBeCreated(roleInAppForUserList)) { + pushUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper, + isAppUpgradeVersion(app), roleInAppForUserList); + } + return addRemoteUser; + } + + protected void pushUserOnRemoteApp(String userId, EPApp app, + ApplicationsRestClientService applicationsRestClientService, SearchService searchService, + ObjectMapper mapper, boolean postOpenSource, List roleInAppForUserList) throws Exception { + + EPUser client = searchService.searchUserByUserId(userId); + + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + + if (client == null) { + String msg = "cannot create user " + userId + ", because he/she cannot be found in phonebook."; + logger.error(EELFLoggerDelegate.errorLogger, msg); + throw new Exception(msg); + } + + client.setLoginId(userId); + client.setActive(true); + roleInAppForUserList.removeIf(role -> role.isApplied.equals(false)); + Set userRolesInRemoteApp = constructUsersRemoteAppRoles(roleInAppForUserList); + SortedSet roles = new TreeSet<>(); + List getAppRoles = getAppRoles(app.getId()); + for (EcompRole epRole : userRolesInRemoteApp) { + Role role = new Role(); + EPRole appRole = getAppRoles.stream() + .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())) + .findAny() + .orElse(null); + if(appRole != null) + role.setId(appRole.getAppRoleId()); + role.setName(epRole.getName()); + roles.add(role); + } + client.setRoles(roles); + String userInString = null; + userInString = mapper.writerFor(EPUser.class).writeValueAsString(client); + logger.debug(EELFLoggerDelegate.debugLogger, + "about to post a client to remote application, users json = " + userInString); + applicationsRestClientService.post(EPUser.class, app.getId(), userInString, String.format("/user/%s", userId)); + + } + + + public List getAppRoles(Long appId) throws Exception { + List applicationRoles = null; + final Map appParams = new HashMap<>(); + try { + appParams.put("appId", appId); + applicationRoles = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles: failed", e); + throw e; + } + return applicationRoles; + } + /** * It checks whether the remote user exists or not * if exits returns user object else null @@ -867,18 +948,13 @@ public class UserRolesCommonServiceImpl { // if centralized app if (app.getCentralAuth()) { - // We should add If user does not exist in remote application if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - EPUser remoteAppUser = null; - remoteAppUser = checkIfRemoteUserExits(userId, app, applicationsRestClientService); - - if (remoteAppUser == null) { - addRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, + pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, applicationsRestClientService); - } } - Set userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper, + + Set userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper, applicationsRestClientService, appId, userId); RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId, userRolesInLocalApp); @@ -962,18 +1038,7 @@ public class UserRolesCommonServiceImpl { ObjectMapper mapper = new ObjectMapper(); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity getUserRolesEntity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to external system to get current user roles"); - ResponseEntity getResponse = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "roles/user/" + name, HttpMethod.GET, getUserRolesEntity, String.class); - if (getResponse.getStatusCode().value() == 200) { - logger.debug(EELFLoggerDelegate.debugLogger, "updateUserRolesInExternalSystem: Finished GET user roles from external system and received user roles {}", - getResponse.getBody()); - - }else{ - logger.error(EELFLoggerDelegate.errorLogger, "updateUserRolesInExternalSystem: Failed GET user roles from external system and received user roles {}",getResponse.getBody() ); - EPLogUtil.logExternalAuthAccessAlarm(logger, getResponse.getStatusCode()); - } + ResponseEntity getResponse = externalAccessRolesService.getUserRolesFromExtAuthSystem(name, getUserRolesEntity); List userRoleDetailList = new ArrayList<>(); String res = getResponse.getBody(); JSONObject jsonObj = null; @@ -1574,14 +1639,14 @@ public class UserRolesCommonServiceImpl { List rolesInAppForUser = null; EPApp app = appsService.getApp(appId); try { - // for ecomp portal app, no need to make a remote call + // for onap portal app, no need to make a remote call List roleList = new ArrayList<>(); if (appId == PortalConstants.PORTAL_APP_ID) { if(app.getCentralAuth()){ List cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey()); for(CentralV2Role cenRole : cenRoleList){ Role role = new Role(); - role.setActive(cenRole.isActive()); + role.setActive(cenRole.getActive()); role.setId(cenRole.getId()); role.setName(cenRole.getName()); role.setPriority(cenRole.getPriority()); @@ -1629,7 +1694,7 @@ public class UserRolesCommonServiceImpl { } else{ appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles"); } - // Test this error case, for generating an internal Ecomp Portal + // Test this error case, for generating an internal ONAP Portal // error // EcompRole[] appRoles = null; // If there is an exception in the rest client api, then null will @@ -1832,6 +1897,7 @@ public class UserRolesCommonServiceImpl { * @see org.onap.portalapp.portal.service.UserRolesService# * getCachedAppRolesForUser(java.lang.Long, java.lang.Long) */ + @SuppressWarnings("deprecation") public List getCachedAppRolesForUser(Long appId, Long userId) { // Find the records for this user-app combo, if any String filter = " where user_id = " + Long.toString(userId) + " and app_id = " + Long.toString(appId);