X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Faaf%2FAafServiceImpl.java;h=4848a69ed9522c0573290977893c66b7d0fc2b7a;hb=27a9a302a7d7e1894732535a8eb61f3460637b24;hp=a01b30c0a207ef8a2bc7c76cc4c73b864fca1f67;hpb=83c6b7a136bfa598dca073846532aa1cbdccf270;p=dmaap%2Fdbcapi.git diff --git a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java index a01b30c..4848a69 100644 --- a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java +++ b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafServiceImpl.java @@ -22,176 +22,102 @@ package org.onap.dmaap.dbcapi.aaf; import org.onap.dmaap.dbcapi.logging.BaseLoggingClass; import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum; -import org.onap.dmaap.dbcapi.util.DmaapConfig; -public class AafServiceImpl extends BaseLoggingClass implements AafService { - public enum ServiceType { - AAF_Admin, - AAF_TopicMgr - } - - private AafConnection aaf; - private AafService.ServiceType ctype; - private String aafURL; - private String identity; - private boolean useAAF = false; - - - public String getIdentity() { - return identity; - } +import static java.lang.String.format; +public class AafServiceImpl extends BaseLoggingClass implements AafService { - public void setIdentity(String identity) { + private static final int CREATED = 201; + private static final int OK = 200; + private static final String FORCE = "?force=true"; + private final String aafUrl; + private final String identity; + private final boolean useAAF; + private final AafConnection aafConnection; + + AafServiceImpl(boolean useAaf, String aafUrl, String identity, AafConnection aafConnection) { + this.useAAF = useAaf; + this.aafUrl = aafUrl; this.identity = identity; + this.aafConnection = aafConnection; } - - private String getCred(boolean wPwd) { - String mechIdProperty = null; - String pwdProperty = null; - DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig(); - AafDecrypt decryptor = new AafDecrypt(); - - if (ctype == AafService.ServiceType.AAF_Admin) { - mechIdProperty = "aaf.AdminUser"; - pwdProperty = "aaf.AdminPassword"; - } else if (ctype == AafService.ServiceType.AAF_TopicMgr) { - mechIdProperty = "aaf.TopicMgrUser"; - pwdProperty = "aaf.TopicMgrPassword"; - } else { - logger.error("Unexpected case for AAF credential type: " + ctype); - return null; - } - identity = p.getProperty(mechIdProperty, "noMechId@domain.netset.com"); - - String pwd = ""; - String encPwd = p.getProperty(pwdProperty, "notSet"); - - - pwd = decryptor.decrypt(encPwd); - - if (wPwd) { - return identity + ":" + pwd; - } else { - return identity; - } - - - } - - - public AafServiceImpl(AafService.ServiceType t) { - DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig(); - aafURL = p.getProperty("aaf.URL", "https://authentication.domain.netset.com:8100/proxy/"); - initAafService(t); - } - - public AafServiceImpl(AafService.ServiceType t, String url) { - aafURL = url; - initAafService(t); - } - - private void initAafService(AafService.ServiceType t) { - DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig(); - useAAF = "true".equalsIgnoreCase(p.getProperty("UseAAF", "false")); - logger.info("AafService initAafService: useAAF=" + useAAF); - - ctype = t; - aaf = new AafConnection(getCred(true)); + @Override + public String getIdentity() { + return identity; } + @Override public int addPerm(DmaapPerm perm) { logger.info("entry: addPerm() "); - return doPost(perm, "authz/perm", 201); + return doPost(perm, "authz/perm", CREATED); } @Override - public int delPerm(DmaapPerm perm) { - return 200; + public int delPerm(DmaapPerm perm, boolean force) { + logger.info("entry: delPerm()"); + return doDelete(new AafEmpty(), format( + "authz/perm/%s/%s/%s%s", + perm.getPermission(), perm.getPtype(), perm.getAction(), force ? FORCE : ""), OK); } + @Override public int addGrant(DmaapGrant grant) { logger.info("entry: addGrant() "); - return doPost(grant, "authz/role/perm", 201); + return doPost(grant, "authz/role/perm", CREATED); } + @Override public int addUserRole(AafUserRole ur) { logger.info("entry: addUserRole() "); - return doPost(ur, "authz/userRole", 201); + return doPost(ur, "authz/userRole", CREATED); } + @Override public int delGrant(DmaapGrant grant) { - int rc = -1; logger.info("entry: delGrant() "); - - String pURL = aafURL + "authz/role/:" + grant.getRole() + "/perm"; - - if (useAAF) { - rc = aaf.delAaf(grant, pURL); - } else { - rc = 200; - } - switch (rc) { - case 401: - case 403: - errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false)); - System.exit(1); - break; - - case 404: - logger.warn("Perm not found...ignore"); - break; - - case 200: - logger.info("expected response"); - break; - default: - logger.error("Unexpected response: " + rc); - break; - } - - return rc; + return doDelete(grant, "authz/role/:" + grant.getRole() + "/perm", OK); } + @Override public int addRole(AafRole role) { logger.info("entry: addRole() "); - return doPost(role, "authz/role", 201); + return doPost(role, "authz/role", CREATED); } - + @Override public int addNamespace(AafNamespace ns) { logger.info("entry: addNamespace() "); - return doPost(ns, "authz/ns", 201); + return doPost(ns, "authz/ns", CREATED); } @Override - public int delNamespace(AafNamespace ns) { - return 200; + public int delNamespace(AafNamespace ns, boolean force) { + logger.info("entry: delNamespace()"); + return doDelete(new AafEmpty(), format( + "authz/ns/%s%s", + ns.getName(), force ? FORCE : ""), OK); } - private int doPost(AafObject obj, String uri, int expect) { - int rc = -1; + int rc; logger.info("entry: doPost() "); - String pURL = aafURL + uri; + String pURL = aafUrl + uri; logger.info("doPost: useAAF=" + useAAF); if (useAAF) { logger.info("doPost: " + obj.toJSON()); - rc = aaf.postAaf(obj, pURL); + rc = aafConnection.postAaf(obj, pURL); } else { rc = expect; } switch (rc) { case 401: case 403: - errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false)); - System.exit(1); + errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, identity); + break; case 409: logger.warn("Object for " + uri + " already exists. Possible conflict."); break; - - default: if (rc == expect) { logger.info("expected response: " + rc); @@ -203,4 +129,41 @@ public class AafServiceImpl extends BaseLoggingClass implements AafService { return rc; } + + private int doDelete(AafObject obj, String uri, int expect) { + int rc; + String pURL = aafUrl + uri; + if (useAAF) { + logger.info("doDelete: " + obj.toJSON()); + rc = aafConnection.delAaf(obj, pURL); + } else { + rc = expect; + } + switch (rc) { + case 401: + case 403: + errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, identity); + break; + case 404: + logger.warn("Object not found...ignore"); + break; + case OK: + logger.info("expected response"); + break; + default: + logger.error("Unexpected response: " + rc); + break; + } + + return rc; + } + + String getAafUrl() { + return aafUrl; + } + + boolean isUseAAF() { + return useAAF; + } + } \ No newline at end of file