X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fservice%2FTopicService.java;fp=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fservice%2FTopicService.java;h=a26205c5901ee5bde667c8a5628466f30557128c;hb=297ea699d8f7f3be96abea6c28e4204f7c4687a4;hp=49966d785a990fc2a2627f5fec2b9ac9bfbd1413;hpb=956361f657eda468d5980249db6b155c472f5f85;p=dmaap%2Fdbcapi.git

diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java b/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
index 49966d7..a26205c 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
@@ -29,7 +29,10 @@ import java.util.Set;
 
 import javax.ws.rs.core.Response.Status;
 
+import org.onap.dmaap.dbcapi.aaf.AafNamespace;
+import org.onap.dmaap.dbcapi.aaf.AafRole;
 import org.onap.dmaap.dbcapi.aaf.AafService;
+import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
 import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
 import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
 import org.onap.dmaap.dbcapi.database.DatabaseClass;
@@ -112,6 +115,94 @@ public class TopicService extends BaseLoggingClass {
 		apiError.setCode(Status.OK.getStatusCode());
 		return t;
 	}
+	
+	private void aafTopicSetup(Topic topic, ApiError err ) {
+
+		String t = dmaapSvc.getTopicPerm();
+		if ( t == null ) {
+			err.setCode(500);
+			err.setMessage("Unable to establish AAF namespace root: (check /dmaap object)"  );
+			err.setFields("topicNsRoot");
+			return;
+		}
+
+		// establish AAF Connection using TopicMgr identity
+		AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
+		
+
+		
+		// create AAF namespace for this topic
+		AafNamespace ns = new AafNamespace( topic.getFqtn(), aaf.getIdentity());
+		{
+			int rc = aaf.addNamespace( ns );
+			if ( rc != 201 && rc != 409 ) {
+				err.setCode(500);
+				err.setMessage("Unexpected response from AAF:" + rc );
+				err.setFields("namespace:" + topic.getFqtn() + " identity="+ aaf.getIdentity());
+				return;
+			}
+		}
+		
+		// create AAF Roles for MR clients of this topic
+		String rn = "publisher";
+		AafRole pubRole = new AafRole( topic.getFqtn(), rn );
+		int rc = aaf.addRole( pubRole );
+		if ( rc != 201 && rc != 409 ) {
+			err.setCode(500);
+			err.setMessage("Unexpected response from AAF:" + rc );
+			err.setFields("topic:" + topic.getFqtn() + " role="+ rn);
+			return;
+		}
+		topic.setPublisherRole( pubRole.getFullyQualifiedRole() );
+		
+		rn = "subscriber";
+		AafRole subRole = new AafRole( topic.getFqtn(), rn );
+		rc = aaf.addRole( subRole );
+		if ( rc != 201 && rc != 409 ) {
+			err.setCode(500);
+			err.setMessage("Unexpected response from AAF:" + rc );
+			err.setFields("topic:" + topic.getFqtn() + " role="+ rn);
+			return;
+		}
+		topic.setSubscriberRole( subRole.getFullyQualifiedRole() );
+	
+		
+		// create AAF perms checked by MR
+		String instance = ":topic." + topic.getFqtn();
+		String[] actions = { "pub", "sub", "view" };
+		for ( String action : actions ){
+			DmaapPerm perm = new DmaapPerm( t, instance, action );
+			rc = aaf.addPerm( perm );
+			if ( rc != 201 && rc != 409 ) {
+				err.setCode(500);
+				err.setMessage("Unexpected response from AAF:" + rc );
+				err.setFields("t="+t + " instance="+ instance + " action="+ action);
+				return;
+			}
+			// Grant perms to our default Roles
+			if ( action.equals( "pub") || action.equals( "view") ) {
+				DmaapGrant g = new DmaapGrant( perm, pubRole.getFullyQualifiedRole() );
+				rc = aaf.addGrant( g );
+				if ( rc != 201 && rc != 409 ) {
+					err.setCode(rc);
+					err.setMessage( "Grant of " + perm.toString() + " failed for " + pubRole.getFullyQualifiedRole() );
+					logger.warn( err.getMessage());
+					return;
+				} 
+			}
+			if ( action.equals( "sub") || action.equals( "view") ) {
+				DmaapGrant g = new DmaapGrant( perm, subRole.getFullyQualifiedRole() );
+				rc = aaf.addGrant( g );
+				if ( rc != 201 && rc != 409 ) {
+					err.setCode(rc);
+					err.setMessage( "Grant of " + perm.toString() + " failed for " + subRole.getFullyQualifiedRole() );
+					logger.warn( err.getMessage());
+					return;
+				} 
+			}
+
+		}
+	}
 
 	public Topic addTopic( Topic topic, ApiError err, Boolean useExisting ) {
 		logger.info( "Entry: addTopic");
@@ -135,23 +226,11 @@ public class TopicService extends BaseLoggingClass {
 
 		topic.setFqtn( nFqtn );
 		
-		AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
-
-		String t = dmaapSvc.getTopicPerm();
-
-		String instance = ":topic." + topic.getFqtn();
+		aafTopicSetup( topic, err );
+		if ( err.getCode() >= 400 ) {
+			return null;
+		}	
 
-		String[] actions = { "pub", "sub", "view" };
-		for ( String action : actions ){
-			DmaapPerm perm = new DmaapPerm( t, instance, action );
-			int rc = aaf.addPerm( perm );
-			if ( rc != 201 && rc != 409 ) {
-				err.setCode(500);
-				err.setMessage("Unexpected response from AAF:" + rc );
-				err.setFields("t="+t + " instance="+ instance + " action="+ action);
-				return null;
-			}
-		}
 		if ( topic.getReplicationCase().involvesGlobal() ) {
 			if ( topic.getGlobalMrURL() == null ) {
 				topic.setGlobalMrURL(defaultGlobalMrHost);