X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Faai%2Fsa%2Fauth%2FSearchDbServiceAuthCore.java;h=48743b62cc201fd89329c86986d4e2fca685d784;hb=15af66b115f3e8046b2d0f2634fb77b3d835f730;hp=75660292e20b8cfdcef1b1681ce908a13c140ef6;hpb=50becb8a60c614344c85cccb20830395283a4454;p=aai%2Fsearch-data-service.git diff --git a/src/main/java/org/onap/aai/sa/auth/SearchDbServiceAuthCore.java b/src/main/java/org/onap/aai/sa/auth/SearchDbServiceAuthCore.java index 7566029..48743b6 100644 --- a/src/main/java/org/onap/aai/sa/auth/SearchDbServiceAuthCore.java +++ b/src/main/java/org/onap/aai/sa/auth/SearchDbServiceAuthCore.java @@ -2,8 +2,8 @@ * ============LICENSE_START======================================================= * org.onap.aai * ================================================================================ - * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * Copyright © 2017 Amdocs + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * Copyright © 2017-2018 Amdocs * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,20 +17,12 @@ * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END========================================================= - * - * ECOMP is a trademark and service mark of AT&T Intellectual Property. */ package org.onap.aai.sa.auth; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; -import org.json.simple.parser.JSONParser; -import org.json.simple.parser.ParseException; -import org.onap.aai.sa.searchdbabstraction.util.SearchDbConstants; -import org.onap.aai.cl.api.Logger; -import org.onap.aai.cl.eelf.LoggerFactory; - import java.io.File; import java.io.FileNotFoundException; import java.io.FileReader; @@ -40,215 +32,214 @@ import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Timer; +import org.json.simple.parser.JSONParser; +import org.json.simple.parser.ParseException; +import org.onap.aai.cl.api.Logger; +import org.onap.aai.cl.eelf.LoggerFactory; +import org.onap.aai.sa.searchdbabstraction.util.SearchDbConstants; public class SearchDbServiceAuthCore { - private static Logger logger = LoggerFactory.getInstance() - .getLogger(SearchDbServiceAuthCore.class.getName()); - - private static String GlobalAuthFileName = SearchDbConstants.SDB_AUTH_CONFIG_FILENAME; + private static Logger logger = LoggerFactory.getInstance().getLogger(SearchDbServiceAuthCore.class.getName()); - private static enum HTTP_METHODS { - POST, GET, PUT, DELETE - } + private static String GlobalAuthFileName = SearchDbConstants.SDB_AUTH_CONFIG_FILENAME; - ; - - // Don't instantiate - private SearchDbServiceAuthCore() { - } - - private static boolean usersInitialized = false; - private static HashMap users; - private static boolean timerSet = false; - private static Timer timer = null; + private enum HTTP_METHODS { + POST, + GET, + PUT, + DELETE + } - public synchronized static void init() { + // Don't instantiate + private SearchDbServiceAuthCore() {} + private static boolean usersInitialized = false; + private static HashMap users; + private static boolean timerSet = false; + private static Timer timer = null; - SearchDbServiceAuthCore.getConfigFile(); - SearchDbServiceAuthCore.reloadUsers(); + public synchronized static void init() { - } - public static void cleanup() { - timer.cancel(); - } + SearchDbServiceAuthCore.getConfigFile(); + SearchDbServiceAuthCore.reloadUsers(); - public static String getConfigFile() { - if (GlobalAuthFileName == null) { - String nc = SearchDbConstants.SDB_AUTH_CONFIG_FILENAME; - if (nc == null) { - nc = "/home/aaiadmin/etc/aaipolicy.json"; - } + } - GlobalAuthFileName = nc; + public static void cleanup() { + timer.cancel(); } - return GlobalAuthFileName; - } - - public synchronized static void reloadUsers() { - users = new HashMap(); - - - ObjectMapper mapper = new ObjectMapper(); // can reuse, share globally - JSONParser parser = new JSONParser(); - try { - Object obj = parser.parse(new FileReader(GlobalAuthFileName)); - // aailogger.debug(logline, "Reading from " + GlobalAuthFileName); - JsonNode rootNode = mapper.readTree(new File(GlobalAuthFileName)); - JsonNode rolesNode = rootNode.path("roles"); - - for (JsonNode roleNode : rolesNode) { - String roleName = roleNode.path("name").asText(); - - TabularAuthRole authRole = new TabularAuthRole(); - JsonNode usersNode = roleNode.path("users"); - JsonNode functionsNode = roleNode.path("functions"); - for (JsonNode functionNode : functionsNode) { - String function = functionNode.path("name").asText(); - JsonNode methodsNode = functionNode.path("methods"); - boolean hasMethods = false; - for (JsonNode methodNode : methodsNode) { - String methodName = methodNode.path("name").asText(); - hasMethods = true; - String thisFunction = methodName + ":" + function; - - authRole.addAllowedFunction(thisFunction); - } - - if (hasMethods == false) { - // iterate the list from HTTP_METHODS - for (HTTP_METHODS meth : HTTP_METHODS.values()) { - String thisFunction = meth.toString() + ":" + function; - - authRole.addAllowedFunction(thisFunction); - } - } + public static String getConfigFile() { + if (GlobalAuthFileName == null) { + String nc = GlobalAuthFileName; + if (nc == null) { + nc = "/home/aaiadmin/etc/aaipolicy.json"; + } + GlobalAuthFileName = nc; } - for (JsonNode userNode : usersNode) { - // make the user lower case - String username = userNode.path("username").asText().toLowerCase(); - SearchDbAuthUser authUser = null; - if (users.containsKey(username)) { - authUser = users.get(username); - } else { - authUser = new SearchDbAuthUser(); - } - - - authUser.setUser(username); - authUser.addRole(roleName, authRole); - users.put(username, authUser); - } - } - } catch (FileNotFoundException fnfe) { - logger.debug("Failed to load the policy file "); + return GlobalAuthFileName; + } - } catch (ParseException e) { - logger.debug("Failed to Parse the policy file "); + public synchronized static void reloadUsers() { + users = new HashMap<>(); + ObjectMapper mapper = new ObjectMapper(); // can reuse, share globally + JSONParser parser = new JSONParser(); + try { + parser.parse(new FileReader(GlobalAuthFileName)); + JsonNode rootNode = mapper.readTree(new File(GlobalAuthFileName)); + JsonNode rolesNode = rootNode.path("roles"); + + for (JsonNode roleNode : rolesNode) { + String roleName = roleNode.path("name").asText(); + + TabularAuthRole authRole = new TabularAuthRole(); + JsonNode usersNode = roleNode.path("users"); + JsonNode functionsNode = roleNode.path("functions"); + for (JsonNode functionNode : functionsNode) { + String function = functionNode.path("name").asText(); + JsonNode methodsNode = functionNode.path("methods"); + boolean hasMethods = false; + for (JsonNode methodNode : methodsNode) { + String methodName = methodNode.path("name").asText(); + hasMethods = true; + String thisFunction = methodName + ":" + function; + + authRole.addAllowedFunction(thisFunction); + } + + if (hasMethods == false) { + // iterate the list from HTTP_METHODS + for (HTTP_METHODS meth : HTTP_METHODS.values()) { + String thisFunction = meth.toString() + ":" + function; + + authRole.addAllowedFunction(thisFunction); + } + } + + } + for (JsonNode userNode : usersNode) { + // make the user lower case + String username = userNode.path("username").asText().toLowerCase(); + SearchDbAuthUser authUser = null; + if (users.containsKey(username)) { + authUser = users.get(username); + } else { + authUser = new SearchDbAuthUser(); + } + + + authUser.setUser(username); + authUser.addRole(roleName, authRole); + users.put(username, authUser); + } + } + } catch (FileNotFoundException fnfe) { + logger.debug("Failed to load the policy file "); - } catch (JsonProcessingException e) { - logger.debug("JSON processing error while parsing policy file: " + e.getMessage()); + } catch (ParseException e) { + logger.debug("Failed to Parse the policy file "); - } catch (IOException e) { - logger.debug("IO Exception while parsing policy file: " + e.getMessage()); - } + } catch (JsonProcessingException e) { + logger.debug("JSON processing error while parsing policy file: " + e.getMessage()); - usersInitialized = true; + } catch (IOException e) { + logger.debug("IO Exception while parsing policy file: " + e.getMessage()); + } - } + usersInitialized = true; - public static class SearchDbAuthUser { - public SearchDbAuthUser() { - this.roles = new HashMap(); } - private String username; - private HashMap roles; + public static class SearchDbAuthUser { + public SearchDbAuthUser() { + this.roles = new HashMap<>(); + } - public String getUser() { - return this.username; - } + private String username; + private HashMap roles; - public HashMap getRoles() { - return this.roles; - } + public String getUser() { + return this.username; + } - public void addRole(String roleName, TabularAuthRole authRole) { - this.roles.put(roleName, authRole); - } + public HashMap getRoles() { + return this.roles; + } - public boolean checkAllowed(String checkFunc) { - for (Map.Entry roleEntry : this.roles.entrySet()) { - TabularAuthRole role = roleEntry.getValue(); - if (role.hasAllowedFunction(checkFunc)) { - // break out as soon as we find it - return true; + public void addRole(String roleName, TabularAuthRole authRole) { + this.roles.put(roleName, authRole); } - } - // we would have got positive confirmation had it been there - return false; - } - public void setUser(String myuser) { - this.username = myuser; - } + public boolean checkAllowed(String checkFunc) { + for (Map.Entry roleEntry : this.roles.entrySet()) { + TabularAuthRole role = roleEntry.getValue(); + if (role.hasAllowedFunction(checkFunc)) { + // break out as soon as we find it + return true; + } + } + // we would have got positive confirmation had it been there + return false; + } - } + public void setUser(String myuser) { + this.username = myuser; + } - public static class TabularAuthRole { - public TabularAuthRole() { - this.allowedFunctions = new ArrayList(); } - private List allowedFunctions; + public static class TabularAuthRole { + public TabularAuthRole() { + this.allowedFunctions = new ArrayList<>(); + } - public void addAllowedFunction(String func) { - this.allowedFunctions.add(func); - } + private List allowedFunctions; - public void delAllowedFunction(String delFunc) { - if (this.allowedFunctions.contains(delFunc)) { - this.allowedFunctions.remove(delFunc); - } - } + public void addAllowedFunction(String func) { + this.allowedFunctions.add(func); + } + + public void delAllowedFunction(String delFunc) { + if (this.allowedFunctions.contains(delFunc)) { + this.allowedFunctions.remove(delFunc); + } + } - public boolean hasAllowedFunction(String afunc) { - if (this.allowedFunctions.contains(afunc)) { - return true; - } else { - return false; - } + public boolean hasAllowedFunction(String afunc) { + if (this.allowedFunctions.contains(afunc)) { + return true; + } else { + return false; + } + } } - } - public static HashMap getUsers(String key) { - if (!usersInitialized || (users == null)) { - reloadUsers(); + public static HashMap getUsers(String key) { + if (!usersInitialized || (users == null)) { + reloadUsers(); + } + return users; } - return users; - } - public static boolean authorize(String username, String authFunction) { - // logline.init(component, transId, fromAppId, "authorize()"); + public static boolean authorize(String username, String authFunction) { - if (!usersInitialized || (users == null)) { - init(); - } - if (users.containsKey(username)) { - if (users.get(username).checkAllowed(authFunction) == true) { + if (!usersInitialized || (users == null)) { + init(); + } + if (users.containsKey(username)) { + if (users.get(username).checkAllowed(authFunction) == true) { - return true; - } else { + return true; + } else { - return false; - } - } else { + return false; + } + } else { - return false; + return false; + } } - } }