*
*/
-package org.onap.aaf.auth;
+package org.onap.aaf.auth.batch;
import java.io.File;
import java.io.FileInputStream;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Date;
import java.util.GregorianCalendar;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.TimeZone;
+import org.apache.log4j.Logger;
import org.onap.aaf.auth.common.Define;
import org.onap.aaf.auth.dao.CassAccess;
-import org.onap.aaf.auth.dao.cass.RoleDAO;
-import org.onap.aaf.auth.dao.cass.UserRoleDAO;
-import org.onap.aaf.auth.dao.hl.Question;
import org.onap.aaf.auth.env.AuthzEnv;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.layer.Result;
+import org.onap.aaf.auth.log4j.Log4JAccessAppender;
import org.onap.aaf.auth.org.Organization;
-import org.onap.aaf.auth.org.Organization.Identity;
import org.onap.aaf.auth.org.OrganizationException;
import org.onap.aaf.auth.org.OrganizationFactory;
-import org.onap.aaf.cadi.PropAccess;
import org.onap.aaf.cadi.Access.Level;
+import org.onap.aaf.cadi.PropAccess;
import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.StaticSlot;
import org.onap.aaf.misc.env.TimeTaken;
+import org.onap.aaf.misc.env.util.Chrono;
+import org.onap.aaf.misc.env.util.Split;
+import org.onap.aaf.misc.env.util.StringBuilderOutputStream;
import com.datastax.driver.core.Cluster;
import com.datastax.driver.core.ResultSet;
public abstract class Batch {
- private static String rootNs;
-
private static StaticSlot ssargs;
protected static final String STARS = "*****";
protected static AuthzEnv env;
protected static Session session;
protected static Set<String> specialNames;
+ protected static List<String> specialDomains;
protected static boolean dryRun;
protected static String batchEnv;
public static final String CASS_ENV = "CASS_ENV";
public static final String LOG_DIR = "LOG_DIR";
- protected static final String PUNT="punt";
protected static final String MAX_EMAILS="MAX_EMAILS";
protected static final String VERSION="VERSION";
public static final String GUI_URL="GUI_URL";
protected final Organization org;
-
-
protected Batch(AuthzEnv env) throws APIException, IOException, OrganizationException {
- // Be able to change Environments
- // load extra properties, i.e.
- // PERF.cassandra.clusters=....
- batchEnv = env.getProperty(CASS_ENV);
if (batchEnv != null) {
- batchEnv = batchEnv.trim();
env.info().log("Redirecting to ",batchEnv,"environment");
String str;
for (String key : new String[]{
CassAccess.CASSANDRA_CLUSTERS_PORT,
CassAccess.CASSANDRA_CLUSTERS_USER_NAME,
CassAccess.CASSANDRA_CLUSTERS_PASSWORD,
- VERSION,GUI_URL,PUNT,MAX_EMAILS,
+ VERSION,GUI_URL,MAX_EMAILS,
LOG_DIR,
"SPECIAL_NAMES"
}) {
// Special names to allow behaviors beyond normal rules
specialNames = new HashSet<>();
+ specialDomains = new ArrayList<>();
String names = env.getProperty( "SPECIAL_NAMES" );
if ( names != null )
{
env.info().log("Loading SPECIAL_NAMES");
- for (String s :names.split(",") )
- {
+ for (String s :names.split(",") ) {
env.info().log("\tspecial: " + s );
- specialNames.add( s.trim() );
+ if(s.indexOf('@')>0) {
+ specialNames.add( s.trim() );
+ } else {
+ specialDomains.add(s.trim());
+ }
}
}
}
}
public boolean isSpecial(String user) {
+ if(user==null) {
+ return false;
+ }
if (specialNames != null && specialNames.contains(user)) {
env.info().log("specialName: " + user);
-
return (true);
} else {
- return (false);
+ if(specialDomains!=null) {
+ for(String sd : specialDomains) {
+ if(user.endsWith(sd)) {
+ env.info().log("specialDomain: " + user + " matches " + sd);
+ return (true);
+ }
+ }
+ }
}
+ return (false);
}
}
}
- // IMPORTANT! VALIDATE Organization isUser method
- protected void checkOrganizationAcccess(AuthzTrans trans, Question q) throws APIException, OrganizationException {
- Set<String> testUsers = new HashSet<>();
- Result<List<RoleDAO.Data>> rrd = q.roleDAO.readNS(trans, rootNs);
- if (rrd.isOK()) {
- for (RoleDAO.Data r : rrd.value) {
- Result<List<UserRoleDAO.Data>> rur = q.userRoleDAO.readByRole(trans, r.fullName());
- if (!rur.isOK()) {
- continue;
- }
- for (UserRoleDAO.Data udd : rur.value) {
- testUsers.add(udd.user);
- }
- }
- if (testUsers.size() < 2) {
- throw new APIException("Not enough Users in Roles for " + rootNs + " to Validate");
- }
-
- Identity iden;
- for (String user : testUsers) {
- if ((iden = org.getIdentity(trans, user)) == null) {
- throw new APIException("Failed Organization Entity Validation Check: " + user);
- } else {
- trans.info().log("Organization Validation Check: " + iden.id());
- }
- }
- }
- }
-
protected static String logDir() {
String ld = env.getProperty(LOG_DIR);
if (ld==null) {
}
public static void main(String[] args) {
- PropAccess access = new PropAccess(args);
+ // Use a StringBuilder to save off logs until a File can be setup
+ StringBuilderOutputStream sbos = new StringBuilderOutputStream();
+ PropAccess access = new PropAccess(new PrintStream(sbos),args);
+ access.log(Level.INIT, "------- Starting Batch ------\n Args: ");
+ for(String s: args) {
+ sbos.getBuffer().append(s);
+ sbos.getBuffer().append(' ');
+ }
+
InputStream is = null;
String filename;
String propLoc;
try {
Define.set(access);
- rootNs =Define.ROOT_NS();
+
if(access.getProperty(Config.CADI_PROP_FILES)==null) {
File f = new File("authBatch.props");
try {
access.log(Level.INFO,"Configuring from", propLoc);
}
- env = new AuthzEnv(access);
+ env = new AuthzEnv(access);
+
transferVMProps(env, CASS_ENV, "DRY_RUN", "NS", "Organization");
- // Flow all Env Logs to Log4j, with ENV
-
-// LogFileNamer lfn;
-// lfn = new LogFileNamer(logDir(),"").noPID();
-// lfn.setAppender("authz-batch");
-// lfn.setAppender("aspr|ASPR");
-// lfn.setAppender("sync");
-// lfn.setAppender("jobchange");
-// lfn.setAppender("validateuser");
-// aspr = Logger.getLogger("aspr");
-// Log4JLogTarget.setLog4JEnv("authz-batch", env);
-// propLoc = null;
-
- Batch batch = null;
- // setup ATTUser and Organization Slots before starting this:
- // TODO redo this
- // env.slot(ATT.ATT_USERSLOT);
- //
- // OrganizationFactory.setDefaultOrg(env, ATT.class.getName());
- AuthzTrans trans = env.newTrans();
-
- TimeTaken tt = trans.start("Total Run", Env.SUB);
- try {
- int len = args.length;
- if (len > 0) {
- String toolName = args[0];
- len -= 1;
- if (len < 0)
- len = 0;
- String nargs[] = new String[len];
- if (len > 0) {
- System.arraycopy(args, 1, nargs, 0, len);
- }
-
- env.put(ssargs = env.staticSlot("ARGS"), nargs);
-
- /*
- * Add New Batch Programs (inherit from Batch) here
- */
-
- // Might be a Report, Update or Temp Batch
- Class<?> cls;
- String classifier = "";
- try {
- cls = ClassLoader.getSystemClassLoader().loadClass("org.onap.aaf.auth.update." + toolName);
- classifier = "Update:";
- } catch (ClassNotFoundException e) {
- try {
- cls = ClassLoader.getSystemClassLoader().loadClass("org.onap.aaf.auth.reports." + toolName);
- classifier = "Report:";
- } catch (ClassNotFoundException e2) {
- try {
- cls = ClassLoader.getSystemClassLoader()
- .loadClass("org.onap.aaf.auth.temp." + toolName);
- classifier = "Temp Utility:";
- } catch (ClassNotFoundException e3) {
- cls = null;
- }
- }
- }
- if (cls != null) {
- Constructor<?> cnst = cls.getConstructor(new Class[] { AuthzTrans.class });
- batch = (Batch) cnst.newInstance(trans);
- env.info().log("Begin", classifier, toolName);
- }
-
-
- if (batch == null) {
- trans.error().log("No Batch named", toolName, "found");
- }
- /*
- * End New Batch Programs (inherit from Batch) here
- */
+ // Be able to change Environments
+ // load extra properties, i.e.
+ // PERF.cassandra.clusters=....
+ batchEnv = env.getProperty(CASS_ENV);
+ if(batchEnv!=null) {
+ batchEnv = batchEnv.trim();
+ }
- }
- if (batch != null) {
- batch.run(trans);
- }
+ File logFile = new File(logDir() + "/batch" + Chrono.dateOnlyStamp(new Date()) + ".log" );
+ PrintStream batchLog = new PrintStream(new FileOutputStream(logFile,true));
+ try {
+ access.setStreamLogIt(batchLog);
+ sbos.flush();
+ batchLog.print(sbos.getBuffer());
+ sbos = null;
+ Logger.getRootLogger().addAppender(new Log4JAccessAppender(access));
+
+ Batch batch = null;
+ AuthzTrans trans = env.newTrans();
+
+ TimeTaken tt = trans.start("Total Run", Env.SUB);
+ try {
+ int len = args.length;
+ if (len > 0) {
+ String toolName = args[0];
+ len -= 1;
+ if (len < 0)
+ len = 0;
+ String nargs[] = new String[len];
+ if (len > 0) {
+ System.arraycopy(args, 1, nargs, 0, len);
+ }
+
+ env.put(ssargs = env.staticSlot("ARGS"), nargs);
+
+ /*
+ * Add New Batch Programs (inherit from Batch) here
+ */
+
+ // Might be a Report, Update or Temp Batch
+ Class<?> cls = null;
+ String classifier = "";
+
+ String[] pkgs = new String[] {
+ "org.onap.aaf.auth.batch.update",
+ "org.onap.aaf.auth.batch.reports",
+ "org.onap.aaf.auth.batch.temp"
+ };
+
+ String ebp = env.getProperty("EXTRA_BATCH_PKGS");
+ if(ebp!=null) {
+ String[] ebps = Split.splitTrim(':', ebp);
+ String[] temp = new String[ebps.length + pkgs.length];
+ System.arraycopy(pkgs,0, temp, 0, pkgs.length);
+ System.arraycopy(ebps,0,temp,pkgs.length,ebps.length);
+ pkgs = temp;
+ }
+
+ for(String p : pkgs) {
+ try {
+ cls = ClassLoader.getSystemClassLoader().loadClass(p + '.' + toolName);
+ int lastDot = p.lastIndexOf('.');
+ if(p.length()>0 || p.length()!=lastDot) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(Character.toUpperCase(p.charAt(++lastDot)));
+ while(++lastDot<p.length()) {
+ sb.append(p.charAt(lastDot));
+ }
+ sb.append(':');
+ classifier = sb.toString();
+ break;
+ }
+ } catch (ClassNotFoundException e) {
+ cls = null;
+ }
+ }
+ if (cls != null) {
+ Constructor<?> cnst = cls.getConstructor(AuthzTrans.class);
+ batch = (Batch) cnst.newInstance(trans);
+ env.info().log("Begin", classifier, toolName);
+ }
+
+
+ if (batch == null) {
+ trans.error().log("No Batch named", toolName, "found");
+ }
+ /*
+ * End New Batch Programs (inherit from Batch) here
+ */
+
+ }
+ if (batch != null) {
+ batch.run(trans);
+ }
+ } finally {
+ tt.done();
+ if (batch != null) {
+ batch.close(trans);
+ }
+ StringBuilder sb = new StringBuilder("Task Times\n");
+ trans.auditTrail(4, sb, AuthzTrans.SUB, AuthzTrans.REMOTE);
+ trans.info().log(sb);
+ }
} finally {
- tt.done();
- if (batch != null) {
- batch.close(trans);
- }
- StringBuilder sb = new StringBuilder("Task Times\n");
- trans.auditTrail(4, sb, AuthzTrans.SUB, AuthzTrans.REMOTE);
- trans.info().log(sb);
+ batchLog.close();
}
+
} catch (Exception e) {
e.printStackTrace(System.err);
// Exceptions thrown by DB aren't stopping the whole process.
*
*/
-package org.onap.aaf.auth;
+package org.onap.aaf.auth.batch;
public class BatchException extends Exception {
* ============LICENSE_END====================================================
*
*/
-package org.onap.aaf.auth;
+package org.onap.aaf.auth.batch;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
*
*/
-package org.onap.aaf.auth;
+package org.onap.aaf.auth.batch;
import java.io.IOException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.layer.Result;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
import java.util.Date;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
trans.info().printf("Would mark %s cache in DB for clearing: %s",table, text);
return Result.ok();
} else {
+
Result<Void> rv = q.clearCache(trans, table);
trans.info().printf("Set DB Cache %s for clearing: %s",table, text);
return rv;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import org.onap.aaf.auth.dao.cass.CredDAO;
import org.onap.aaf.auth.env.AuthzTrans;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
import java.util.Date;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.PrintStream;
import java.util.ArrayList;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.PrintStream;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
+import org.onap.aaf.auth.batch.helpers.Future;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Future;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.util.Chrono;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
public interface Key<HELPER> {
public String key(HELPER H);
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.util.ArrayList;
import java.util.List;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
+import org.onap.aaf.auth.batch.helpers.NsAttrib;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.NsAttrib;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
+import org.onap.aaf.auth.batch.helpers.NsAttrib;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.NsAttrib;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
+import org.onap.aaf.auth.batch.helpers.NS;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.NS;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
+import org.onap.aaf.auth.batch.helpers.Perm;
import org.onap.aaf.auth.dao.cass.PermDAO;
import org.onap.aaf.auth.dao.cass.PermDAO.Data;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Perm;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
+import org.onap.aaf.auth.batch.helpers.Perm;
import org.onap.aaf.auth.dao.cass.PermDAO;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Perm;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
import java.util.List;
+import org.onap.aaf.auth.batch.helpers.Perm;
+import org.onap.aaf.auth.batch.helpers.Role;
import org.onap.aaf.auth.dao.cass.PermDAO;
import org.onap.aaf.auth.dao.cass.RoleDAO;
import org.onap.aaf.auth.dao.cass.Status;
import org.onap.aaf.auth.dao.cass.PermDAO.Data;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Perm;
-import org.onap.aaf.auth.helpers.Role;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
+import org.onap.aaf.auth.batch.helpers.Role;
import org.onap.aaf.auth.dao.cass.RoleDAO;
import org.onap.aaf.auth.dao.cass.RoleDAO.Data;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Role;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
+import org.onap.aaf.auth.batch.helpers.Role;
import org.onap.aaf.auth.dao.cass.RoleDAO;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Role;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
import java.util.List;
+import org.onap.aaf.auth.batch.helpers.Perm;
+import org.onap.aaf.auth.batch.helpers.Role;
import org.onap.aaf.auth.dao.cass.PermDAO;
import org.onap.aaf.auth.dao.cass.RoleDAO;
import org.onap.aaf.auth.dao.cass.Status;
import org.onap.aaf.auth.dao.cass.RoleDAO.Data;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Perm;
-import org.onap.aaf.auth.helpers.Role;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.dao.cass.UserRoleDAO;
import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.util.Chrono;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.util.Chrono;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
import java.util.Date;
import java.util.GregorianCalendar;
+import org.onap.aaf.auth.batch.helpers.Approval;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.dao.cass.FutureDAO;
import org.onap.aaf.auth.dao.cass.NsDAO;
import org.onap.aaf.auth.dao.hl.Function;
import org.onap.aaf.auth.dao.hl.Question;
import org.onap.aaf.auth.dao.hl.Function.FUTURE_OP;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Approval;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.auth.org.Organization.Expiration;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
+import org.onap.aaf.auth.batch.helpers.Approval;
+import org.onap.aaf.auth.batch.helpers.Future;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.dao.cass.ApprovalDAO;
import org.onap.aaf.auth.dao.cass.UserRoleDAO;
import org.onap.aaf.auth.dao.cass.ApprovalDAO.Data;
import org.onap.aaf.auth.dao.hl.Function.Lookup;
import org.onap.aaf.auth.dao.hl.Function.OP_STATUS;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Approval;
-import org.onap.aaf.auth.helpers.Future;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.util.Chrono;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
import java.util.List;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.dao.cass.Status;
import org.onap.aaf.auth.dao.cass.UserRoleDAO;
import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.util.Chrono;
*
*/
-package org.onap.aaf.auth.actions;
+package org.onap.aaf.auth.batch.actions;
import java.io.IOException;
import java.util.Date;
import java.util.List;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.dao.cass.UserRoleDAO;
import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.util.Chrono;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.util.ArrayList;
import java.util.Date;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.util.HashMap;
import java.util.Map;
-import org.onap.aaf.auth.actions.Message;
+import org.onap.aaf.auth.batch.actions.Message;
import org.onap.aaf.auth.org.Organization;
public class Approver {
* ============LICENSE_END====================================================
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
+
+import org.onap.aaf.misc.env.LogTarget;
import com.datastax.driver.core.ResultSet;
import com.datastax.driver.core.Session;
private Session session;
private StringBuilder sb;
private int hasAdded;
+ private LogTarget log;
- public CQLBatch(Session session) {
+ public CQLBatch(LogTarget log, Session session) {
+ this.log = log;
this.session = session;
sb = new StringBuilder();
hasAdded = 0;
private boolean end() {
if(sb.length()==hasAdded) {
- System.out.println("Nothing to Process");
return false;
} else {
sb.append("APPLY BATCH;\n");
- System.out.println(sb);
+ log.log(sb);
return true;
}
}
} else {
return execute();
}
-
+ }
+
+ public void touch(String table, int begin, int end, boolean dryRun) {
+ StringBuilder sb = begin();
+ for(int i=begin;i<end;++i) {
+ sb.append("UPDATE cache SET touched=dateof(now()) WHERE name='");
+ sb.append(table);
+ sb.append("' AND seg=");
+ sb.append(i);
+ sb.append(";\n");
+ }
+ execute(dryRun);
}
}
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.util.ArrayList;
import java.util.List;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import com.datastax.driver.core.Row;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.util.ArrayList;
import java.util.Date;
}
- public static void row(StringBuilder sb, List<String> row) {
+ public static void batchDelete(StringBuilder sb, List<String> row) {
sb.append("DELETE from authz.cred WHERE id='");
sb.append(row.get(1));
sb.append("' AND type=");
sb.append("));\n");
}
-
public String toString() {
StringBuilder sb = new StringBuilder(id);
sb.append('[');
return id.equals(obj);
}
+
+ public static String histSubject(List<String> row) {
+ return row.get(1);
+ }
+
+
+ public static String histMemo(String fmt, String orgName, List<String> row) {
+ return String.format(fmt, row.get(1),orgName,row.get(4));
+ }
+
}
\ No newline at end of file
* ============LICENSE_END====================================================
*/
-package org.onap.aaf.auth.org;
+package org.onap.aaf.auth.batch.helpers;
import java.util.ArrayList;
import java.util.Date;
import java.util.Set;
import org.onap.aaf.cadi.Access;
+import org.onap.aaf.cadi.PropAccess;
public class ExpireRange {
private static final String AAF_BATCH_RANGE = "aaf_batch_range.";
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.nio.ByteBuffer;
import java.util.ArrayList;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.nio.ByteBuffer;
import java.util.Iterator;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.io.BufferedReader;
import java.io.IOException;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
public interface Loader<T> {
public void exec(T t);
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.util.Map;
import java.util.TreeMap;
-import org.onap.aaf.auth.BatchException;
+import org.onap.aaf.auth.batch.BatchException;
import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.Trans;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.io.BufferedReader;
import java.io.File;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.util.Iterator;
import java.util.Map;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.TreeMap;
-import org.onap.aaf.auth.actions.Message;
+import org.onap.aaf.auth.batch.actions.Message;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.org.Organization;
import org.onap.aaf.misc.env.Env;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.util.ArrayList;
import java.util.List;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.util.ArrayList;
import java.util.Iterator;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.util.ArrayList;
import java.util.HashSet;
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.io.PrintStream;
import java.util.ArrayList;
import java.util.SortedMap;
import java.util.TreeMap;
-import org.onap.aaf.auth.actions.URDelete;
+import org.onap.aaf.auth.batch.actions.URDelete;
import org.onap.aaf.auth.dao.cass.UserRoleDAO;
import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data;
import org.onap.aaf.auth.env.AuthzTrans;
return byRole;
}
+ public static void load(Trans trans, Session session, Creator<UserRole> creator) {
+ load(trans,session,creator,null,new DataLoadVisitor());
+ }
+
public static void load(Trans trans, Session session, Creator<UserRole> creator, Visitor<UserRole> visitor ) {
load(trans,session,creator,null,visitor);
}
}
public void row(final CSV.Writer csvw) {
- csvw.row("ur",user(),ns(),rname(),Chrono.dateOnlyStamp(expires()));
+ csvw.row("ur",user(),ns(),rname(),Chrono.dateOnlyStamp(expires()),expires().getTime());
}
- public static void row(StringBuilder sb, List<String> row) {
+ public static void batchDelete(StringBuilder sb, List<String> row) {
sb.append("DELETE from authz.user_role WHERE user='");
sb.append(row.get(1));
sb.append("' AND role='");
sb.append(row.get(3));
sb.append("';\n");
}
+
+ public static void batchExtend(StringBuilder sb, List<String> row, String newDate ) {
+ sb.append("UPDATE authz.user_role SET expires='");
+ sb.append(newDate);
+ sb.append("' WHERE user='");
+ sb.append(row.get(1));
+ sb.append("' AND role='");
+ sb.append(row.get(2));
+ sb.append('.');
+ sb.append(row.get(3));
+ sb.append("';\n");
+ }
+ public static String histMemo(String fmt, List<String> row) {
+ return String.format(fmt, row.get(1),row.get(2)+'.'+row.get(3), row.get(4));
+ }
+ public static String histSubject(List<String> row) {
+ return row.get(1) + '|' + row.get(2)+'.'+row.get(3);
+ }
}
\ No newline at end of file
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ */
+
+package org.onap.aaf.auth.batch.helpers;
+
+public interface Visitor<T> {
+ void visit(T t);
+
+ public static class Multi<T> implements Visitor<T> {
+ private final Visitor<T>[] visitors;
+ @SafeVarargs
+ public Multi(Visitor<T> ... vs) {
+ visitors = vs;
+ }
+
+ @Override
+ public void visit(T t) {
+ for(Visitor<T> v : visitors) {
+ v.visit(t);
+ }
+ }
+ };
+}
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.helpers;
import java.io.IOException;
import java.nio.ByteBuffer;
import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.Trans;
import org.onap.aaf.misc.env.util.Chrono;
+import org.onap.aaf.misc.env.util.Split;
import com.datastax.driver.core.ResultSet;
import com.datastax.driver.core.Row;
private static void load(Trans trans, Session session, String query, Visitor<X509> visitor) {
trans.info().log( "query: " + query );
- TimeTaken tt = trans.start("Read Roles", Env.REMOTE);
+ TimeTaken tt = trans.start("Read X509", Env.REMOTE);
ResultSet results;
try {
sb.append(";\n");
}
+
+ public static String histSubject(List<String> row) {
+ return row.get(4);
+ }
+
+
+ public static String histMemo(String fmt, List<String> row) {
+ String id="n/a";
+ for(String s : Split.splitTrim(',', row.get(4))) {
+ if(s.startsWith("OU=") && s.indexOf('@')>=0) {
+ int colon = s.indexOf(':');
+ if(colon<0) {
+ colon=s.length();
+ }
+ id=s.substring(3,colon);
+ break;
+ }
+ }
+ return String.format(fmt, "Cert for " + id,"CA " + row.get(1),row.get(3));
+ }
+
}
\ No newline at end of file
*
*/
-package org.onap.aaf.auth.reports;
+package org.onap.aaf.auth.batch.reports;
import java.io.File;
import java.io.FileNotFoundException;
import java.util.Set;
import java.util.TreeMap;
-import org.onap.aaf.auth.Batch;
+import org.onap.aaf.auth.batch.Batch;
+import org.onap.aaf.auth.batch.helpers.Cred;
+import org.onap.aaf.auth.batch.helpers.ExpireRange;
+import org.onap.aaf.auth.batch.helpers.UserRole;
+import org.onap.aaf.auth.batch.helpers.Visitor;
+import org.onap.aaf.auth.batch.helpers.X509;
+import org.onap.aaf.auth.batch.helpers.Cred.Instance;
+import org.onap.aaf.auth.batch.helpers.ExpireRange.Range;
import org.onap.aaf.auth.dao.cass.CredDAO;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Cred;
-import org.onap.aaf.auth.helpers.Cred.Instance;
-import org.onap.aaf.auth.helpers.UserRole;
-import org.onap.aaf.auth.helpers.Visitor;
-import org.onap.aaf.auth.helpers.X509;
-import org.onap.aaf.auth.org.ExpireRange;
-import org.onap.aaf.auth.org.ExpireRange.Range;
import org.onap.aaf.auth.org.OrganizationException;
import org.onap.aaf.cadi.configure.Factory;
import org.onap.aaf.cadi.util.CSV;
// Load Cred. We don't follow Visitor, because we have to gather up everything into Identity Anyway
Cred.load(trans, session);
- UserRole.load(trans, session, UserRole.v2_0_11, new UserRole.DataLoadVisitor());
minOwners=1;
cw.row(INFO,r.name(),Chrono.dateOnlyStamp(expireRange.now),r.reportingLevel());
writerList.put(r.name(),cw);
if("Delete".equals(r.name())) {
- deleteDate = r.getStart();
+ deleteDate = r.getEnd();
}
+ trans.init().log("Creating File:",file.getAbsolutePath());
}
}
}
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.auth.batch.reports;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.TreeMap;
+
+import org.onap.aaf.auth.batch.Batch;
+import org.onap.aaf.auth.batch.helpers.Cred;
+import org.onap.aaf.auth.batch.helpers.Cred.Instance;
+import org.onap.aaf.auth.batch.helpers.UserRole;
+import org.onap.aaf.auth.batch.helpers.Visitor;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.org.Organization;
+import org.onap.aaf.auth.org.Organization.Identity;
+import org.onap.aaf.auth.org.OrganizationException;
+import org.onap.aaf.cadi.util.CSV;
+import org.onap.aaf.cadi.util.CSV.Writer;
+import org.onap.aaf.misc.env.APIException;
+import org.onap.aaf.misc.env.Env;
+import org.onap.aaf.misc.env.TimeTaken;
+import org.onap.aaf.misc.env.util.Chrono;
+
+
+public class NotInOrg extends Batch {
+
+ private static final String NOT_IN_ORG = "NotInOrg";
+ private static final String CSV = ".csv";
+ private static final String INFO = "info";
+ private Map<String, CSV.Writer> writerList;
+ private Map<String, CSV.Writer> whichWriter;
+ private File logDir;
+ private Date now;
+ private Writer notInOrgW;
+ private Writer notInOrgDeleteW;
+
+ public NotInOrg(AuthzTrans trans) throws APIException, IOException, OrganizationException {
+ super(trans.env());
+ trans.info().log("Starting Connection Process");
+
+ TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
+ try {
+ TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
+ try {
+ session = cluster.connect();
+ } finally {
+ tt.done();
+ }
+
+ // Load Cred. We don't follow Visitor, because we have to gather up everything into Identity Anyway
+ Cred.load(trans, session);
+
+ // Create Intermediate Output
+ writerList = new HashMap<>();
+ whichWriter = new TreeMap<>();
+ logDir = new File(logDir());
+ logDir.mkdirs();
+
+ now = new Date();
+ String sdate = Chrono.dateOnlyStamp(now);
+ File file = new File(logDir,NOT_IN_ORG + sdate +CSV);
+ CSV csv = new CSV(file);
+ notInOrgW = csv.writer(false);
+ notInOrgW.row(INFO,NOT_IN_ORG,Chrono.dateOnlyStamp(now),0);
+ writerList.put(NOT_IN_ORG,notInOrgW);
+
+ // These will have been double-checked by the Organization, and can be deleted immediately.
+ String fn = NOT_IN_ORG+"Delete";
+ file = new File(logDir,fn + sdate +CSV);
+ CSV csvDelete = new CSV(file);
+ notInOrgDeleteW = csvDelete.writer(false);
+ notInOrgDeleteW.row(INFO,fn,Chrono.dateOnlyStamp(now),0);
+ writerList.put(NOT_IN_ORG,notInOrgW);
+
+ } finally {
+ tt0.done();
+ }
+ }
+
+ @Override
+ protected void run(AuthzTrans trans) {
+ try {
+ Map<String,Boolean> checked = new TreeMap<String, Boolean>();
+ trans.info().log("Process Organization Identities");
+ trans.info().log("User Roles");
+
+ final AuthzTrans transNoAvg = trans.env().newTransNoAvg();
+ UserRole.load(trans, session, UserRole.v2_0_11, new Visitor<UserRole>() {
+ @Override
+ public void visit(UserRole ur) {
+ try {
+ if(!check(transNoAvg, checked, ur.user())) {
+ ur.row(whichWriter(transNoAvg,ur.user()));
+ }
+ } catch (OrganizationException e) {
+ trans.error().log(e, "Error Decrypting X509");
+ }
+ }
+ });
+
+ trans.info().log("Checking for Creds without IDs");
+
+ for (Cred cred : Cred.data.values()) {
+ if(!check(transNoAvg,checked, cred.id)) {
+ CSV.Writer cw = whichWriter(transNoAvg, cred.id);
+ for(Instance inst : cred.instances) {
+ cred.row(cw, inst);
+ }
+ }
+ }
+
+ /*
+ * Do we delete now? Or work on Revocation semantics
+ *
+ trans.info().log("Checking for X509s without IDs");
+ X509.load(trans, session, new Visitor<X509>() {
+ @Override
+ public void visit(X509 x509) {
+ try {
+ for(Certificate cert : Factory.toX509Certificate(x509.x509)) {
+ X509Certificate xc = (X509Certificate)cert;
+ xc.getSubjectDN();
+ if(!check(transNoAvg,checked, (X))) {
+ x509.row(notInOrgW,);
+ }
+ }
+ } catch (CertificateException | IOException e) {
+ trans.error().log(e, "Error Decrypting X509");
+ }
+ }
+ });
+ */
+ } catch (OrganizationException e) {
+ trans.info().log(e);
+ }
+ }
+
+
+ private Writer whichWriter(AuthzTrans transNoAvg, String id) {
+ Writer w = whichWriter.get(id);
+ if(w==null) {
+ w = org.mayAutoDelete(transNoAvg, id)?
+ notInOrgDeleteW:
+ notInOrgW;
+ whichWriter.put(id,w);
+ }
+ return w;
+ }
+
+ private boolean check(AuthzTrans trans, Map<String, Boolean> checked, String id) throws OrganizationException {
+ Boolean rv = checked.get(id);
+ if(rv==null) {
+ if(isSpecial(id)) { // do not check against org... too important to delete.
+ return true;
+ }
+ Organization org = trans.org();
+ if(org != null) {
+ Identity identity = org.getIdentity(trans, id);
+ rv = identity!=null;
+ checked.put(id, rv);
+ } else {
+ throw new OrganizationException("No Organization Found for " + id + ": required for processing");
+ }
+ }
+ return rv;
+ }
+
+
+ @Override
+ protected void _close(AuthzTrans trans) {
+ session.close();
+ for(CSV.Writer cw : writerList.values()) {
+ cw.close();
+ }
+ }
+
+}
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */package org.onap.aaf.auth.batch.reports;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.onap.aaf.auth.batch.Batch;
+import org.onap.aaf.auth.batch.reports.bodies.NotifyBody;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.org.Mailer;
+import org.onap.aaf.auth.org.Organization.Identity;
+import org.onap.aaf.auth.org.OrganizationException;
+import org.onap.aaf.cadi.Access;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.client.Holder;
+import org.onap.aaf.cadi.util.CSV;
+import org.onap.aaf.misc.env.APIException;
+
+public class Notify extends Batch {
+ private final Mailer mailer;
+ private final String mailFrom;
+ private final String header;
+ private final String footer;
+ private List<File> notifyFile;
+
+ public Notify(AuthzTrans trans) throws APIException, IOException, OrganizationException {
+ super(trans.env());
+ String mailerCls = env.getProperty("MAILER");
+ mailFrom = env.getProperty("MAIL_FROM");
+ String header_html = env.getProperty("HEADER_HTML");
+ String footer_html = env.getProperty("FOOTER_HTML");
+ if(mailerCls==null || mailFrom==null || header_html==null || footer_html==null) {
+ throw new APIException("Notify requires MAILER, MAILER_FROM, HEADER_HTML and FOOTER_HTML properties");
+ }
+ try {
+ Class<?> mailc = Class.forName(mailerCls);
+ Constructor<?> mailcst = mailc.getConstructor(Access.class);
+ mailer = (Mailer)mailcst.newInstance(env.access());
+ } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
+ throw new APIException("Unable to construct " + mailerCls,e);
+ }
+
+ FileInputStream fis = new FileInputStream(header_html);
+ try {
+ byte[] content = new byte[(int)fis.getChannel().size()];
+ fis.read(content);
+ header = new String(content);
+ } finally {
+ fis.close();
+ }
+
+ fis = new FileInputStream(footer_html);
+ try {
+ byte[] content = new byte[(int)fis.getChannel().size()];
+ fis.read(content);
+ footer = new String(content);
+ } finally {
+ fis.close();
+ }
+
+ // Class Load possible data
+ NotifyBody.load(env.access());
+
+ // Create Intermediate Output
+ File logDir = new File(logDir());
+ notifyFile = new ArrayList<>();
+ if(args().length>0) {
+ for(int i=0;i<args().length;++i) {
+ notifyFile.add(new File(logDir, args()[i]));
+ }
+ }
+ }
+
+ @Override
+ protected void run(AuthzTrans trans) {
+ List<String> toList = new ArrayList<>();
+ List<String> ccList = new ArrayList<>();
+ AuthzTrans noAvg = trans.env().newTransNoAvg();
+ String subject = "Test Notify";
+ boolean urgent = false;
+
+
+
+ final Notify notify = this;
+ final Holder<List<String>> info = new Holder<>(null);
+ final Set<String> errorSet = new HashSet<>();
+
+ try {
+ for(File f : notifyFile) {
+ CSV csv = new CSV(f);
+ try {
+ csv.visit(new CSV.Visitor() {
+ @Override
+ public void visit(List<String> row) throws IOException, CadiException {
+ if("info".equals(row.get(0))) {
+ info.set(row);
+ }
+ if(info.get()==null) {
+ throw new CadiException("First line of Feed MUST contain 'info' record");
+ }
+ String key = row.get(0)+'|'+info.get().get(1);
+ NotifyBody body = NotifyBody.get(key);
+ if(body==null) {
+ errorSet.add("No NotifyBody defined for " + key);
+ } else {
+ body.store(row);
+ }
+ }
+ });
+ } catch (IOException | CadiException e) {
+ e.printStackTrace();
+ }
+
+ // now create Notification
+ for(NotifyBody nb : NotifyBody.getAll()) {
+ for(String id : nb.users()) {
+ toList.clear();
+ ccList.clear();
+ try {
+ String bodyS = nb.body(noAvg, notify, id);
+ Identity identity = trans.org().getIdentity(noAvg, id);
+ if(!identity.isPerson()) {
+ identity = identity.responsibleTo();
+ }
+ for(int i=1;i<nb.escalation();++i) {
+ if(identity != null) {
+ if(i==1) {
+ toList.add(identity.email());
+ } else {
+ identity=identity.responsibleTo();
+ ccList.add(identity.email());
+ }
+ }
+ }
+
+ mailer.sendEmail(noAvg, dryRun, mailFrom, toList, ccList, subject,
+ String.format(header,"2.1.9",Identity.mixedCase(identity.firstName()))+
+ bodyS +
+ footer, urgent);
+ } catch (OrganizationException e) {
+ trans.error().log(e);
+ }
+ }
+ }
+
+ }
+ } finally {
+ for(String s : errorSet) {
+ trans.audit().log(s);
+ }
+ }
+ }
+
+ @Override
+ protected void _close(AuthzTrans trans) {
+ }
+
+}
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.auth.batch.reports.bodies;
+
+import java.io.IOException;
+import java.util.List;
+
+public abstract class AbsCredBody extends NotifyBody {
+
+ public AbsCredBody(final String name) throws IOException {
+ super("cred",name);
+ }
+
+ @Override
+ public String user(List<String> row) {
+ if(row.size()>0) {
+ return row.get(1);
+ }
+ return null;
+ }
+}
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.auth.batch.reports.bodies;
+
+import java.io.File;
+import java.io.IOException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Modifier;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.TreeMap;
+
+import org.onap.aaf.auth.batch.reports.Notify;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.cadi.Access;
+import org.onap.aaf.misc.env.APIException;
+
+public abstract class NotifyBody {
+ private static final Map<String,NotifyBody> bodyMap = new HashMap<>();
+
+ protected Map<String,List<List<String>>> rows;
+ private final String name;
+ private final String type;
+ private String date;
+ private int escalation;
+
+ public NotifyBody(final String type, final String name) {
+ rows = new TreeMap<>();
+ this.name = name;
+ this.type = type;
+ date="";
+ escalation = 1;
+ }
+
+ public void store(List<String> row) {
+ if(!row.isEmpty()) {
+ if("info".equals(row.get(0))) {
+ if(row.size()>2) {
+ date = row.get(2);
+ }
+ if(row.size()>3) {
+ escalation = Integer.parseInt(row.get(3));
+ }
+ return;
+ } else if(type.equals(row.get(0))) {
+ String user = user(row);
+ if(user!=null) {
+ List<List<String>> lss = rows.get(user);
+ if(lss == null) {
+ lss = new ArrayList<>();
+ rows.put(user,lss);
+ }
+ lss.add(row);
+ }
+ }
+ }
+ }
+
+ public String name() {
+ return name;
+ }
+
+ public String date() {
+ return date;
+ }
+ public int escalation() {
+ return escalation;
+ }
+
+ public Set<String> users() {
+ return rows.keySet();
+ }
+
+ /**
+ * ID must be set from Row for Email lookup
+ *
+ * @param trans
+ * @param n
+ * @param id
+ * @param row
+ * @return
+ */
+ public abstract String body(AuthzTrans trans, Notify n, String id);
+
+ /**
+ * Return "null" if user not found in row... Code will handle.
+ * @param row
+ * @return
+ */
+ protected abstract String user(List<String> row);
+
+ /**
+ * Get Notify Body based on key of
+ * type|name
+ */
+ public static NotifyBody get(String key) {
+ return bodyMap.get(key);
+ }
+
+ /**
+ * Return set of loaded NotifyBodies
+ *
+ */
+ public static Collection<NotifyBody> getAll() {
+ return bodyMap.values();
+ }
+
+ /**
+ * @param propAccess
+ * @throws URISyntaxException
+ *
+ */
+ public static void load(Access access) throws APIException, IOException {
+ // class load available NotifyBodies
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ Package pkg = NotifyBody.class.getPackage();
+ String path = pkg.getName().replace('.', '/');
+// Enumeration<URL> urls = cl.getResources(path);
+// while(urls.hasMoreElements()) {
+// URL url = urls.nextElement();
+ URL url = cl.getResource(path);
+ if(url == null) {
+ throw new APIException("Cannot load resources from " + path);
+ }
+ System.out.println(url);
+ File dir;
+ try {
+ dir = new File(url.toURI());
+ } catch (URISyntaxException e) {
+ throw new APIException(e);
+ }
+ if(dir.exists()) {
+ String[] files = dir.list();
+ if(files!=null) {
+ for(String sf : files) {
+ int dot = sf.indexOf('.');
+ if(dot>=0) {
+ String cls = pkg.getName()+'.'+sf.substring(0,dot);
+ try {
+ Class<?> c = cl.loadClass(cls);
+ if(c!=null) {
+ if(!Modifier.isAbstract(c.getModifiers())) {
+ Constructor<?> cst = c.getConstructor(Access.class);
+ NotifyBody nb = (NotifyBody)cst.newInstance(access);
+ if(nb!=null) {
+ bodyMap.put("info|"+nb.name, nb);
+ bodyMap.put(nb.type+'|'+nb.name, nb);
+ }
+ }
+ }
+ } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
+ e.printStackTrace();
+ }
+ }
+ }
+ }
+ }
+// }
+ }
+}
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.auth.batch.reports.bodies;
+
+import java.io.IOException;
+import java.util.List;
+
+import org.onap.aaf.auth.batch.reports.Notify;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.cadi.Access;
+
+public class NotifyCredBody extends AbsCredBody {
+ private final String explanation;
+ public NotifyCredBody(Access access, String name) throws IOException {
+ super(name);
+
+ // Default
+ explanation = "The following Credentials are expiring on the dates shown. "
+ + "Failure to act before the expiration date will cause your App's Authentications to fail.";
+ }
+
+ @Override
+ public String body(AuthzTrans trans, Notify n, String id) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(explanation);
+ sb.append("<br>");
+ sb.append("<tr>\n" +
+ "<th>Role</th>\n" +
+ "<th>Expires</th>\n" +
+ "</tr>\n");
+ for(List<String> row : rows.get(id)) {
+
+ }
+ return sb.toString();
+ }
+}
* See the License for the specific language governing permissions and
* limitations under the License.
* ============LICENSE_END====================================================
+ *
*/
+package org.onap.aaf.auth.batch.reports.bodies;
-package org.onap.aaf.auth.helpers;
+import java.io.IOException;
-public interface Visitor<T> {
- void visit(T t);
+import org.onap.aaf.cadi.Access;
+
+public class TwoWeeksNotifyCredBody extends NotifyCredBody {
+ public TwoWeeksNotifyCredBody(Access access) throws IOException {
+ super(access, "CredTwoWeek");
+ }
}
*
*/
-package org.onap.aaf.auth.update;
+package org.onap.aaf.auth.batch.update;
import java.io.BufferedReader;
import java.io.File;
import java.util.List;
import java.util.UUID;
-import org.onap.aaf.auth.Batch;
-import org.onap.aaf.auth.BatchPrincipal;
-import org.onap.aaf.auth.actions.Action;
-import org.onap.aaf.auth.actions.ActionDAO;
-import org.onap.aaf.auth.actions.CacheTouch;
-import org.onap.aaf.auth.actions.CredDelete;
-import org.onap.aaf.auth.actions.CredPrint;
-import org.onap.aaf.auth.actions.Email;
-import org.onap.aaf.auth.actions.Message;
-import org.onap.aaf.auth.actions.URDelete;
-import org.onap.aaf.auth.actions.URFutureApprove;
-import org.onap.aaf.auth.actions.URFutureApproveExec;
-import org.onap.aaf.auth.actions.URPrint;
+import org.onap.aaf.auth.batch.Batch;
+import org.onap.aaf.auth.batch.BatchPrincipal;
+import org.onap.aaf.auth.batch.actions.Action;
+import org.onap.aaf.auth.batch.actions.ActionDAO;
+import org.onap.aaf.auth.batch.actions.CacheTouch;
+import org.onap.aaf.auth.batch.actions.CredDelete;
+import org.onap.aaf.auth.batch.actions.CredPrint;
+import org.onap.aaf.auth.batch.actions.Email;
+import org.onap.aaf.auth.batch.actions.Message;
+import org.onap.aaf.auth.batch.actions.URDelete;
+import org.onap.aaf.auth.batch.actions.URFutureApprove;
+import org.onap.aaf.auth.batch.actions.URFutureApproveExec;
+import org.onap.aaf.auth.batch.actions.URPrint;
+import org.onap.aaf.auth.batch.helpers.Approval;
+import org.onap.aaf.auth.batch.helpers.Cred;
+import org.onap.aaf.auth.batch.helpers.Future;
+import org.onap.aaf.auth.batch.helpers.NS;
+import org.onap.aaf.auth.batch.helpers.Role;
+import org.onap.aaf.auth.batch.helpers.UserRole;
+import org.onap.aaf.auth.batch.helpers.Cred.Instance;
import org.onap.aaf.auth.dao.cass.ApprovalDAO;
import org.onap.aaf.auth.dao.cass.CredDAO;
import org.onap.aaf.auth.dao.cass.FutureDAO;
import org.onap.aaf.auth.dao.hl.Function.FUTURE_OP;
import org.onap.aaf.auth.dao.hl.Function.OP_STATUS;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Approval;
-import org.onap.aaf.auth.helpers.Cred;
-import org.onap.aaf.auth.helpers.Future;
-import org.onap.aaf.auth.helpers.NS;
-import org.onap.aaf.auth.helpers.Role;
-import org.onap.aaf.auth.helpers.UserRole;
-import org.onap.aaf.auth.helpers.Cred.Instance;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.auth.org.OrganizationException;
import org.onap.aaf.auth.org.Organization.Identity;
TimeTaken tt = trans.start("Connect to Cluster with DAOs", Env.REMOTE);
try {
urFutureApprove = new URFutureApprove(trans, cluster,isDryRun());
- checkOrganizationAcccess(trans, urFutureApprove.question());
+// checkOrganizationAcccess(trans, urFutureApprove.question());
urFutureApproveExec = new URFutureApproveExec(trans, urFutureApprove);
urPrint = new URPrint("User Roles:");
crDelete = new CredDelete(trans, urFutureApprove);
}
email.addTo(address);
- } catch (OrganizationException e) {
- throw new APIException("Error getting valid Organization",e);
} finally {
tt0.done();
}
*
*/
-package org.onap.aaf.auth.update;
+package org.onap.aaf.auth.batch.update;
import java.io.BufferedReader;
import java.io.File;
import java.util.Map;
import java.util.Map.Entry;
-import org.onap.aaf.auth.Batch;
-import org.onap.aaf.auth.BatchPrincipal;
-import org.onap.aaf.auth.actions.Action;
-import org.onap.aaf.auth.actions.ActionDAO;
-import org.onap.aaf.auth.actions.CacheTouch;
-import org.onap.aaf.auth.actions.URDelete;
+import org.onap.aaf.auth.batch.Batch;
+import org.onap.aaf.auth.batch.BatchPrincipal;
+import org.onap.aaf.auth.batch.actions.Action;
+import org.onap.aaf.auth.batch.actions.ActionDAO;
+import org.onap.aaf.auth.batch.actions.CacheTouch;
+import org.onap.aaf.auth.batch.actions.URDelete;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.org.OrganizationException;
import org.onap.aaf.cadi.util.Split;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.update;
+package org.onap.aaf.auth.batch.update;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.List;
import java.util.Map.Entry;
-import org.onap.aaf.auth.Batch;
-import org.onap.aaf.auth.BatchPrincipal;
-import org.onap.aaf.auth.actions.Email;
-import org.onap.aaf.auth.actions.EmailPrint;
-import org.onap.aaf.auth.actions.Message;
+import org.onap.aaf.auth.batch.Batch;
+import org.onap.aaf.auth.batch.BatchPrincipal;
+import org.onap.aaf.auth.batch.actions.Email;
+import org.onap.aaf.auth.batch.actions.EmailPrint;
+import org.onap.aaf.auth.batch.actions.Message;
+import org.onap.aaf.auth.batch.helpers.Approval;
+import org.onap.aaf.auth.batch.helpers.Future;
import org.onap.aaf.auth.dao.CassAccess;
import org.onap.aaf.auth.dao.cass.ApprovalDAO;
import org.onap.aaf.auth.dao.cass.FutureDAO;
import org.onap.aaf.auth.dao.cass.HistoryDAO;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Approval;
-import org.onap.aaf.auth.helpers.Future;
import org.onap.aaf.auth.org.Organization;
import org.onap.aaf.auth.org.OrganizationException;
import org.onap.aaf.auth.org.OrganizationFactory;
*
*/
-package org.onap.aaf.auth.update;
+package org.onap.aaf.auth.batch.update;
import java.io.File;
import java.io.FileOutputStream;
import java.util.Set;
import java.util.TreeMap;
-import org.onap.aaf.auth.Batch;
-import org.onap.aaf.auth.BatchPrincipal;
-import org.onap.aaf.auth.actions.Email;
-import org.onap.aaf.auth.actions.EmailPrint;
-import org.onap.aaf.auth.actions.Message;
+import org.onap.aaf.auth.batch.Batch;
+import org.onap.aaf.auth.batch.BatchPrincipal;
+import org.onap.aaf.auth.batch.actions.Email;
+import org.onap.aaf.auth.batch.actions.EmailPrint;
+import org.onap.aaf.auth.batch.actions.Message;
+import org.onap.aaf.auth.batch.helpers.Cred;
+import org.onap.aaf.auth.batch.helpers.NS;
+import org.onap.aaf.auth.batch.helpers.Notification;
+import org.onap.aaf.auth.batch.helpers.UserRole;
+import org.onap.aaf.auth.batch.helpers.Notification.TYPE;
import org.onap.aaf.auth.dao.cass.CredDAO;
import org.onap.aaf.auth.dao.hl.Question;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Cred;
-import org.onap.aaf.auth.helpers.NS;
-import org.onap.aaf.auth.helpers.Notification;
-import org.onap.aaf.auth.helpers.Notification.TYPE;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.auth.org.EmailWarnings;
import org.onap.aaf.auth.org.Organization;
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.auth.batch.update;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+
+import org.onap.aaf.auth.batch.Batch;
+import org.onap.aaf.auth.batch.BatchPrincipal;
+import org.onap.aaf.auth.batch.helpers.CQLBatch;
+import org.onap.aaf.auth.batch.helpers.Cred;
+import org.onap.aaf.auth.batch.helpers.UserRole;
+import org.onap.aaf.auth.batch.helpers.X509;
+import org.onap.aaf.auth.dao.CassAccess;
+import org.onap.aaf.auth.dao.cass.CertDAO;
+import org.onap.aaf.auth.dao.cass.CredDAO;
+import org.onap.aaf.auth.dao.cass.HistoryDAO;
+import org.onap.aaf.auth.dao.cass.UserRoleDAO;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.org.OrganizationException;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.client.Holder;
+import org.onap.aaf.cadi.util.CSV;
+import org.onap.aaf.misc.env.APIException;
+import org.onap.aaf.misc.env.Env;
+import org.onap.aaf.misc.env.TimeTaken;
+import org.onap.aaf.misc.env.util.Chrono;
+
+public class Remove extends Batch {
+ private final AuthzTrans noAvg;
+ private HistoryDAO historyDAO;
+ private CQLBatch cqlBatch;
+
+ public Remove(AuthzTrans trans) throws APIException, IOException, OrganizationException {
+ super(trans.env());
+ trans.info().log("Starting Connection Process");
+
+ noAvg = env.newTransNoAvg();
+ noAvg.setUser(new BatchPrincipal("Remove"));
+
+ TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
+ try {
+ historyDAO = new HistoryDAO(trans, cluster, CassAccess.KEYSPACE);
+ TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE);
+ try {
+ session = historyDAO.getSession(trans);
+ } finally {
+ tt2.done();
+ }
+ cqlBatch = new CQLBatch(noAvg.info(),session);
+
+
+ } finally {
+ tt0.done();
+ }
+ }
+
+ @Override
+ protected void run(AuthzTrans trans) {
+ final int maxBatch = 25;
+
+ // Create Intermediate Output
+ File logDir = new File(logDir());
+
+ List<File> remove = new ArrayList<>();
+ if(args().length>0) {
+ for(int i=0;i<args().length;++i) {
+ remove.add(new File(logDir, args()[i]));
+ }
+ } else {
+ remove.add(new File(logDir,"Delete"+Chrono.dateOnlyStamp()+".csv"));
+ }
+
+ for(File f : remove) {
+ trans.init().log("Processing File:",f.getAbsolutePath());
+ }
+
+ final Holder<Boolean> ur = new Holder<>(false);
+ final Holder<Boolean> cred = new Holder<>(false);
+ final Holder<Boolean> x509 = new Holder<>(false);
+ final Holder<String> memoFmt = new Holder<String>("");
+ final HistoryDAO.Data hdd = new HistoryDAO.Data();
+ final String orgName = trans.org().getName();
+
+ hdd.action="delete";
+ hdd.reconstruct = ByteBuffer.allocate(0);
+ hdd.user = noAvg.user();
+ SimpleDateFormat sdf = new SimpleDateFormat("yyyyMM");
+ hdd.yr_mon = Integer.parseInt(sdf.format(new Date()));
+
+ try {
+ for(File f : remove) {
+ trans.info().log("Processing ",f.getAbsolutePath(),"for Deletions");
+ if(f.exists()) {
+ CSV removeCSV = new CSV(f);
+
+ try {
+ final StringBuilder sb = cqlBatch.begin();
+ final Holder<Integer> hi = new Holder<Integer>(0);
+ removeCSV.visit(new CSV.Visitor() {
+ @Override
+ public void visit(List<String> row) throws IOException, CadiException {
+ int i = hi.get();
+ if(i>=maxBatch) {
+ cqlBatch.execute(dryRun);
+ hi.set(0);
+ cqlBatch.begin();
+ i=0;
+ }
+ switch(row.get(0)) {
+ case "info":
+ switch(row.get(1)) {
+ case "Delete":
+ memoFmt.set("%s expired from %s on %s");
+ break;
+ case "NotInOrgDelete":
+ memoFmt.set("Identity %s was removed from %s on %s");
+ break;
+ }
+ break;
+ case "ur":
+ if(!ur.get()) {
+ ur.set(true);
+ }
+ hi.set(++i);
+ UserRole.batchDelete(sb,row);
+ hdd.target=UserRoleDAO.TABLE;
+ hdd.subject=UserRole.histSubject(row);
+ hdd.memo=UserRole.histMemo(memoFmt.get(), row);
+ historyDAO.createBatch(sb, hdd);
+ break;
+ case "cred":
+ if(!cred.get()) {
+ cred.set(true);
+ }
+ hi.set(++i);
+ Cred.batchDelete(sb,row);
+ hdd.target=CredDAO.TABLE;
+ hdd.subject=Cred.histSubject(row);
+ hdd.memo=Cred.histMemo(memoFmt.get(), orgName,row);
+ historyDAO.createBatch(sb, hdd);
+ break;
+ case "x509":
+ if(!x509.get()) {
+ x509.set(true);
+ }
+ hi.set(++i);
+ X509.row(sb,row);
+ hdd.target=CertDAO.TABLE;
+ hdd.subject=X509.histSubject(row);
+ hdd.memo=X509.histMemo(memoFmt.get(),row);
+ historyDAO.createBatch(sb, hdd);
+ break;
+ }
+ }
+ });
+ cqlBatch.execute(dryRun);
+ } catch (IOException | CadiException e) {
+ e.printStackTrace();
+ }
+ } else {
+ trans.error().log("File",f.getAbsolutePath(),"does not exist.");
+ }
+ }
+ } finally {
+ if(ur.get()) {
+ cqlBatch.touch(UserRoleDAO.TABLE, 0, UserRoleDAO.CACHE_SEG, dryRun);
+ }
+ if(cred.get()) {
+ cqlBatch.touch(CredDAO.TABLE, 0, CredDAO.CACHE_SEG, dryRun);
+ }
+ if(x509.get()) {
+ cqlBatch.touch(CertDAO.TABLE, 0, CertDAO.CACHE_SEG, dryRun);
+ }
+ }
+ }
+
+ @Override
+ protected void _close(AuthzTrans trans) {
+ session.close();
+ }
+
+}
* ============LICENSE_END====================================================
*/
-package org.onap.aaf.auth.update;
+package org.onap.aaf.auth.batch.update;
import java.io.BufferedReader;
import java.io.File;
import java.util.ArrayList;
import java.util.List;
-import org.onap.aaf.auth.Batch;
+import org.onap.aaf.auth.batch.Batch;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.org.OrganizationException;
import org.onap.aaf.misc.env.APIException;
+++ /dev/null
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.auth.update;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.List;
-
-import org.onap.aaf.auth.Batch;
-import org.onap.aaf.auth.BatchPrincipal;
-import org.onap.aaf.auth.actions.CacheTouch;
-import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.CQLBatch;
-import org.onap.aaf.auth.helpers.Cred;
-import org.onap.aaf.auth.helpers.UserRole;
-import org.onap.aaf.auth.helpers.X509;
-import org.onap.aaf.auth.org.OrganizationException;
-import org.onap.aaf.cadi.CadiException;
-import org.onap.aaf.cadi.client.Holder;
-import org.onap.aaf.cadi.util.CSV;
-import org.onap.aaf.misc.env.APIException;
-import org.onap.aaf.misc.env.Env;
-import org.onap.aaf.misc.env.TimeTaken;
-import org.onap.aaf.misc.env.util.Chrono;
-
-public class Remove extends Batch {
- private final AuthzTrans noAvg;
- private CacheTouch cacheTouch;
- private CQLBatch cqlBatch;
-
- public Remove(AuthzTrans trans) throws APIException, IOException, OrganizationException {
- super(trans.env());
- trans.info().log("Starting Connection Process");
-
- noAvg = env.newTransNoAvg();
- noAvg.setUser(new BatchPrincipal("batch:RemoveExpired"));
-
- TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
- try {
- cacheTouch = new CacheTouch(trans, cluster, dryRun);
- TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE);
- try {
- session = cacheTouch.getSession(trans);
- } finally {
- tt2.done();
- }
- cqlBatch = new CQLBatch(session);
-
-
- } finally {
- tt0.done();
- }
- }
-
- @Override
- protected void run(AuthzTrans trans) {
- final int maxBatch = 50;
-
- // Create Intermediate Output
- File logDir = new File(logDir());
-
- File expired = new File(logDir,"Delete"+Chrono.dateOnlyStamp()+".csv");
- CSV expiredCSV = new CSV(expired);
- try {
- final StringBuilder sb = cqlBatch.begin();
- final Holder<Integer> hi = new Holder<Integer>(0);
- expiredCSV.visit(new CSV.Visitor() {
- @Override
- public void visit(List<String> row) throws IOException, CadiException {
- int i = hi.get();
- if(i>=maxBatch) {
- cqlBatch.execute(dryRun);
- hi.set(0);
- cqlBatch.begin();
- i=0;
- }
- switch(row.get(0)) {
- case "ur":
- hi.set(++i);
- UserRole.row(sb,row);
- break;
- case "cred":
- hi.set(++i);
- Cred.row(sb,row);
- break;
- case "x509":
- hi.set(++i);
- X509.row(sb,row);
- break;
- }
- }
- });
- cqlBatch.execute(dryRun);
- } catch (IOException | CadiException e) {
- e.printStackTrace();
- }
- }
-
- @Override
- protected void _close(AuthzTrans trans) {
- session.close();
- cacheTouch.close(trans);
- }
-
-}
*
*/
-package org.onap.aaf.auth.actions.test;
+package org.onap.aaf.auth.batch.actions.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.actions.ActionDAO;
+import org.onap.aaf.auth.batch.actions.ActionDAO;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.APIException;
*
*/
-package org.onap.aaf.auth.actions.test;
+package org.onap.aaf.auth.batch.actions.test;
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.when;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mock;
-import org.onap.aaf.auth.actions.CredPrint;
+import org.onap.aaf.auth.batch.actions.CredPrint;
import org.onap.aaf.auth.dao.cass.CredDAO;
import org.onap.aaf.auth.dao.cass.CredDAO.Data;
import org.onap.aaf.auth.env.AuthzTrans;
*
*/
-package org.onap.aaf.auth.actions.test;
+package org.onap.aaf.auth.batch.actions.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.actions.Email;
-import org.onap.aaf.auth.actions.Message;
+import org.onap.aaf.auth.batch.actions.Email;
+import org.onap.aaf.auth.batch.actions.Message;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.org.Organization.Identity;
import org.onap.aaf.auth.org.Organization;
*
*/
-package org.onap.aaf.auth.actions.test;
+package org.onap.aaf.auth.batch.actions.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.actions.EmailPrint;
+import org.onap.aaf.auth.batch.actions.EmailPrint;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.org.Organization;
import org.onap.aaf.cadi.client.Future;
*
*/
-package org.onap.aaf.auth.actions.test;
+package org.onap.aaf.auth.batch.actions.test;
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.when;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mock;
-import org.onap.aaf.auth.actions.FuturePrint;
+import org.onap.aaf.auth.batch.actions.FuturePrint;
+import org.onap.aaf.auth.batch.helpers.Future;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Future;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.LogTarget;
*
*/
-package org.onap.aaf.auth.actions.test;
+package org.onap.aaf.auth.batch.actions.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.actions.Message;
+import org.onap.aaf.auth.batch.actions.Message;
import static org.mockito.Mockito.*;
import org.junit.Test;
* ============LICENSE_END====================================================
*
*/
-package org.onap.aaf.auth.actions.test;
+package org.onap.aaf.auth.batch.actions.test;
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.when;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mock;
-import org.onap.aaf.auth.actions.URFuturePrint;
+import org.onap.aaf.auth.batch.actions.URFuturePrint;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.LogTarget;
*
*/
-package org.onap.aaf.auth.actions.test;
+package org.onap.aaf.auth.batch.actions.test;
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.when;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mock;
-import org.onap.aaf.auth.actions.URPrint;
+import org.onap.aaf.auth.batch.actions.URPrint;
+import org.onap.aaf.auth.batch.helpers.UserRole;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.UserRole;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.LogTarget;
* ============LICENSE_END====================================================
*
*/
-package org.onap.aaf.auth.helpers.creators;
+package org.onap.aaf.auth.batch.helpers.creators;
import java.math.BigDecimal;
import java.math.BigInteger;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.assertEquals;
import static org.mockito.Matchers.any;
import org.junit.Before;
import org.junit.Test;
+import org.onap.aaf.auth.batch.helpers.Approval;
+import org.onap.aaf.auth.batch.helpers.creators.RowCreator;
import org.onap.aaf.auth.dao.cass.ApprovalDAO;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Approval;
-import org.onap.aaf.auth.helpers.creators.RowCreator;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.LogTarget;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.actions.Message;
-import org.onap.aaf.auth.helpers.Approver;
+import org.onap.aaf.auth.batch.actions.Message;
+import org.onap.aaf.auth.batch.helpers.Approver;
import org.onap.aaf.auth.org.Organization;
import static org.mockito.Mockito.*;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.helpers.CacheChange;
+import org.onap.aaf.auth.batch.helpers.CacheChange;
import junit.framework.Assert;
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.helpers.Creator;
+import org.onap.aaf.auth.batch.helpers.Creator;
import com.datastax.driver.core.Row;
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
+import org.onap.aaf.auth.batch.helpers.Cred;
+import org.onap.aaf.auth.batch.helpers.Cred.CredCount;
+import org.onap.aaf.auth.batch.helpers.Cred.Instance;
import org.onap.aaf.auth.common.Define;
-import org.onap.aaf.auth.helpers.Cred;
-import org.onap.aaf.auth.helpers.Cred.CredCount;
-import org.onap.aaf.auth.helpers.Cred.Instance;
import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.PropAccess;
import org.onap.aaf.cadi.config.Config;
* ============LICENSE_END====================================================
*/
-package org.onap.aaf.auth.org.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import java.util.Set;
import org.junit.Test;
-import org.onap.aaf.auth.org.ExpireRange;
+import org.onap.aaf.auth.batch.helpers.ExpireRange;
import org.onap.aaf.cadi.PropAccess;
public class JU_ExpireRange {
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.assertEquals;
import static org.mockito.Matchers.any;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
+import org.onap.aaf.auth.batch.helpers.Creator;
+import org.onap.aaf.auth.batch.helpers.Future;
+import org.onap.aaf.auth.batch.helpers.creators.RowCreator;
import org.onap.aaf.auth.dao.cass.FutureDAO;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Creator;
-import org.onap.aaf.auth.helpers.Future;
-import org.onap.aaf.auth.helpers.creators.RowCreator;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.LogTarget;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.helpers.History;
+import org.onap.aaf.auth.batch.helpers.History;
import junit.framework.Assert;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.helpers.InputIterator;
+import org.onap.aaf.auth.batch.helpers.InputIterator;
import static org.mockito.Mockito.*;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.BatchException;
-import org.onap.aaf.auth.helpers.MiscID;
+import org.onap.aaf.auth.batch.BatchException;
+import org.onap.aaf.auth.batch.helpers.MiscID;
import com.datastax.driver.core.Row;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.helpers.MonthData;
-import org.onap.aaf.auth.helpers.MonthData.Row;
+import org.onap.aaf.auth.batch.helpers.MonthData;
+import org.onap.aaf.auth.batch.helpers.MonthData.Row;
import junit.framework.Assert;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.assertEquals;
import static org.mockito.Matchers.any;
import org.junit.Before;
import org.junit.Test;
-import org.onap.aaf.auth.helpers.Creator;
-import org.onap.aaf.auth.helpers.NS;
-import org.onap.aaf.auth.helpers.NS.NSSplit;
-import org.onap.aaf.auth.helpers.creators.RowCreator;
+import org.onap.aaf.auth.batch.helpers.Creator;
+import org.onap.aaf.auth.batch.helpers.NS;
+import org.onap.aaf.auth.batch.helpers.NS.NSSplit;
+import org.onap.aaf.auth.batch.helpers.creators.RowCreator;
import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.LogTarget;
import org.onap.aaf.misc.env.TimeTaken;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import org.junit.Before;
import org.junit.Test;
-import org.onap.aaf.auth.helpers.NsAttrib;
-import org.onap.aaf.auth.helpers.creators.RowCreator;
+import org.onap.aaf.auth.batch.helpers.NsAttrib;
+import org.onap.aaf.auth.batch.helpers.creators.RowCreator;
import junit.framework.Assert;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.helpers.Perm;
+import org.onap.aaf.auth.batch.helpers.Perm;
import junit.framework.Assert;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.helpers.Perm;
-import org.onap.aaf.auth.helpers.Role;
+import org.onap.aaf.auth.batch.helpers.Perm;
+import org.onap.aaf.auth.batch.helpers.Role;
import junit.framework.Assert;
*
*/
-package org.onap.aaf.auth.helpers.test;
+package org.onap.aaf.auth.batch.helpers.test;
import static org.junit.Assert.assertEquals;
import static org.mockito.Matchers.any;
import org.junit.Before;
import org.junit.Test;
-import org.onap.aaf.auth.actions.URDelete;
+import org.onap.aaf.auth.batch.actions.URDelete;
+import org.onap.aaf.auth.batch.helpers.Creator;
+import org.onap.aaf.auth.batch.helpers.UserRole;
+import org.onap.aaf.auth.batch.helpers.creators.RowCreator;
import org.onap.aaf.auth.dao.cass.UserRoleDAO;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Creator;
-import org.onap.aaf.auth.helpers.UserRole;
-import org.onap.aaf.auth.helpers.creators.RowCreator;
import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.LogTarget;
import org.onap.aaf.misc.env.TimeTaken;
*
*/
-package org.onap.aaf.auth.test;
+package org.onap.aaf.auth.batch.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.Batch;
+import org.onap.aaf.auth.batch.Batch;
import org.onap.aaf.auth.env.AuthzEnv;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.org.Organization;
*/
-package org.onap.aaf.auth.test;
+package org.onap.aaf.auth.batch.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.BatchException;
+import org.onap.aaf.auth.batch.BatchException;
import static org.mockito.Mockito.*;
import org.junit.Test;
*
*/
-package org.onap.aaf.auth.test;
+package org.onap.aaf.auth.batch.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.BatchPrincipal;
+import org.onap.aaf.auth.batch.BatchPrincipal;
import junit.framework.Assert;
*
*/
-package org.onap.aaf.auth.test;
+package org.onap.aaf.auth.batch.test;
import static org.junit.Assert.*;
import org.junit.After;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
-import org.onap.aaf.auth.CassBatch;
+import org.onap.aaf.auth.batch.CassBatch;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.org.OrganizationException;
import org.onap.aaf.misc.env.APIException;
* ============LICENSE_END====================================================
*
*/
-package org.onap.aaf.auth.helpers;
+package org.onap.aaf.auth.batch.test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mock;
-import org.onap.aaf.auth.actions.Message;
+import org.onap.aaf.auth.batch.actions.Message;
+import org.onap.aaf.auth.batch.helpers.Creator;
+import org.onap.aaf.auth.batch.helpers.Notification;
+import org.onap.aaf.auth.batch.helpers.Notification.TYPE;
+import org.onap.aaf.auth.batch.helpers.creators.RowCreator;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.helpers.Notification.TYPE;
-import org.onap.aaf.auth.helpers.creators.RowCreator;
import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.LogTarget;
import org.onap.aaf.misc.env.TimeTaken;
// data.day_time = Integer.parseInt(dayTimeFormat.format(now));
return data;
}
+
+ public void createBatch(StringBuilder sb, Data data) {
+ sb.append("INSERT INTO history (");
+ sb.append(helpers[FIELD_COMMAS]);
+ sb.append(") VALUES(now(),");
+ sb.append(data.yr_mon);
+ sb.append(",'");
+ sb.append(data.user);
+ sb.append("','");
+ sb.append(data.action);
+ sb.append("','");
+ sb.append(data.target);
+ sb.append("','");
+ sb.append(data.subject);
+ sb.append("','");
+ sb.append(data.memo);
+ sb.append("',null);\n");
+ }
public Result<List<Data>> readByYYYYMM(AuthzTrans trans, int yyyymm) {
Result<ResultSet> rs = readByYRMN.exec(trans, "yr_mon", yyyymm);
rv = cacheInfoDAO.touch(trans, NsDAO.TABLE, seg);
}
if (all || PermDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
+ int seg[] = series(PermDAO.CACHE_SEG);
for (int i: seg) {cacheClear(trans, PermDAO.TABLE,i);}
rv = cacheInfoDAO.touch(trans, PermDAO.TABLE,seg);
}
if (all || RoleDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
+ int seg[] = series(RoleDAO.CACHE_SEG);
for (int i: seg) {cacheClear(trans, RoleDAO.TABLE,i);}
rv = cacheInfoDAO.touch(trans, RoleDAO.TABLE,seg);
}
if (all || UserRoleDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
+ int seg[] = series(UserRoleDAO.CACHE_SEG);
for (int i: seg) {cacheClear(trans, UserRoleDAO.TABLE,i);}
rv = cacheInfoDAO.touch(trans, UserRoleDAO.TABLE,seg);
}
if (all || CredDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
+ int seg[] = series(CredDAO.CACHE_SEG);
for (int i: seg) {cacheClear(trans, CredDAO.TABLE,i);}
rv = cacheInfoDAO.touch(trans, CredDAO.TABLE,seg);
}
if (all || CertDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
+ int seg[] = series(CertDAO.CACHE_SEG);
for (int i: seg) {cacheClear(trans, CertDAO.TABLE,i);}
rv = cacheInfoDAO.touch(trans, CertDAO.TABLE,seg);
}
private String[] trustChain;
private String[] notes;
- public CertResp(Trans trans, CA ca, X509Certificate x509, CSRMeta csrMeta, String[] trustChain, String[] notes) throws IOException, GeneralSecurityException, CertException {
+ public CertResp(Trans trans, CA ca, X509Certificate x509, CSRMeta csrMeta, String[] trustChain, String[] notes) throws IOException, CertException {
keyPair = csrMeta.keypair(trans);
privateKey = Factory.toString(trans, keyPair.getPrivate());
certString = Factory.toString(trans,x509);
pw().println("AAF Command Line Tool");
pw().print("Version: ");
pw().println(Config.AAF_DEFAULT_API_VERSION);
- return 200 /*HttpStatus.OK_200;*/;
+ return 200;
}
}
* org.onap.aaf
* ===========================================================================
* Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * Modifications Copyright (C) 2018 IBM.
* ===========================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
}
@Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
+ public int _exec(int idx0, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = idx0;
final String type=args[idx];
final String instance=args[++idx];
final String action=args[++idx];
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.auth.log4j;
+
+import org.apache.log4j.AppenderSkeleton;
+import org.apache.log4j.Level;
+import org.apache.log4j.spi.LoggingEvent;
+import org.onap.aaf.cadi.Access;
+
+public class Log4JAccessAppender extends AppenderSkeleton{
+ private Access access;
+
+ public Log4JAccessAppender(Access access) {
+ this.access = access;
+ }
+
+ @Override
+ public void close() {
+ }
+
+ @Override
+ public boolean requiresLayout() {
+ return false;
+ }
+
+ @Override
+ protected void append(LoggingEvent event) {
+ Access.Level al = null;
+ switch(event.getLevel().toInt()) {
+ case Level.FATAL_INT:
+ case Level.ERROR_INT:
+ if(access.willLog(Access.Level.ERROR)) {
+ al=Access.Level.ERROR;
+ }
+ break;
+ case Level.WARN_INT:
+ if(!access.willLog(Access.Level.WARN)) {
+ al=Access.Level.WARN;
+ }
+ break;
+ case Level.ALL_INT:
+ case Level.INFO_INT:
+ if(!access.willLog(Access.Level.INFO)) {
+ al=Access.Level.INFO;
+ }
+ break;
+ case Level.TRACE_INT:
+ if(!access.willLog(Access.Level.TRACE)) {
+ al=Access.Level.TRACE;
+ }
+ break;
+ }
+ if(al!=null) {
+ access.log(al,"Log4J["+event.getLoggerName()+"]["+event.getLevel()+']',event.getMessage());
+ }
+ }
+
+}
+
public boolean isPerson(); // Whether a Person or a Machine (App)
public Organization org(); // Organization of Identity
+
+ public static String mixedCase(String in) {
+ StringBuilder sb = new StringBuilder();
+ for(int i=0;i<in.length();++i) {
+ if(i==0) {
+ sb.append(Character.toUpperCase(in.charAt(i)));
+ } else {
+ sb.append(Character.toLowerCase(in.charAt(i)));
+ }
+ }
+ return sb.toString();
+ }
}
public void addSupportedRealm(String r);
-
-
- String getDomain();
+ public String getDomain();
/**
* Get Identity information based on userID
*/
public Identity getIdentity(AuthzTrans trans, String id) throws OrganizationException;
+ /**
+ * May AutoDelete
+ *
+ * Deletion of an Identity that has been removed from an Organization can be dangerous. Mistakes may have been made
+ * in the Organization side, a Feed might be corrupted, an API might not be quite right.
+ *
+ * The implementation of this method can use a double check of some sort, such as comparsion of missing ID in Organization
+ * feed with a "Deleted ID" feed.
+ *
+ * The failure to be in Organization will still be reported, if returned "false", but if true, it is taken as an
+ * ok to proceed with deletion.
+ */
+ public boolean mayAutoDelete(AuthzTrans trans, String id);
+
/**
* Does the ID pass Organization Standards
}
};
+
+
}
@Override
public String[] getPasswordRules() {
return nullStringArray;
}
+
+ @Override
+ public boolean mayAutoDelete(AuthzTrans trans, String id) {
+ // provide a corresponding feed that indicates that an ID has been intentionally removed from identities.dat table.
+ return false;
+ }
};
-
}
}
Organization org = orgs.get(orgNS);
if (org == null) {
- env.debug().printf("Attempting to instantiate Organization %s\n",orgNS);
+ env.debug().printf("Attempting to instantiate Organization %s",orgNS);
String orgClass = env.getProperty(ORGANIZATION_DOT+orgNS);
if (orgClass == null) {
if ((isDefault="true".equalsIgnoreCase(env.getProperty(orgNS+".default")))) {
defaultOrg = org;
}
- env.init().printf("Instantiated %s with %s%s\n",orgNS,orgClass,(isDefault?" as default":""));
+ env.init().printf("Instantiated %s with %s%s",orgNS,orgClass,(isDefault?" as default":""));
}
if (org==null) {
if (defaultOrg!=null) {
return 0;
}
}
+
+ @Override
+ public boolean mayAutoDelete(AuthzTrans trans, String user) {
+ // provide a corresponding feed that indicates that an ID has been intentionally removed from identities.dat table.
+ return false;
+ }
}
/aaf.props
/cass.props
/policy*
+/*.yaml
+/*.orig
ps.println(buildMsg(level,elements));
ps.flush();
}
-
}
public void set(LogIt logit) {
logIt = logit;
}
-
+
+ public void setStreamLogIt(PrintStream ps) {
+ logIt = new StreamLogIt(ps);
+ }
+
public String toString() {
return props.toString();
}
};\r
\r
// A Convenient LogTarget to write to the Console\r
- public static final LogTarget SYSOUT = new LogTarget() {\r
+ public static final LogTarget SYSOUT = new StreamLogTarget(System.out,false);\r
+ \r
+ // A Convenient LogTarget to write to the Console\r
+ public static final LogTarget SYSERR = new StreamLogTarget(System.err,false);\r
+ \r
+ public static class StreamLogTarget implements LogTarget {\r
+ private final PrintStream out;\r
+ private final boolean closeMe;\r
+\r
+ public StreamLogTarget(PrintStream ps) {\r
+ this(ps,true);\r
+ }\r
+\r
+ /* Do NOT close SYSTEM ERR or OUT*/\r
+ protected StreamLogTarget(PrintStream ps, boolean shouldClose) {\r
+ out = ps;\r
+ closeMe = shouldClose;\r
+ }\r
public void log(Object ... msgs) {\r
- PrintStream out = System.out;\r
- out.print(org.onap.aaf.misc.env.util.Chrono.dateFmt.format(new Date()));\r
+ out.print(Chrono.dateFmt.format(new Date()));\r
out.print(": ");\r
for (Object str : msgs) {\r
if (str!=null) {\r
}\r
\r
public void log(Throwable t, Object ... msgs) {\r
- PrintStream out = System.out;\r
out.print(Chrono.dateFmt.format(new Date()));\r
out.print(": ");\r
for (Object str : msgs) {\r
public void printf(String fmt, Object ... vars) {\r
log(String.format(fmt,vars));\r
}\r
- };\r
- \r
- // A Convenient LogTarget to write to the Console\r
- public static final LogTarget SYSERR = new LogTarget() {\r
- public void log(Object ... msgs) {\r
- PrintStream out = System.err;\r
- out.print(Chrono.dateFmt.format(new Date()));\r
- out.print(": ");\r
- for (Object str : msgs) {\r
- out.print(str.toString());\r
- out.print(' ');\r
- }\r
- out.println();\r
- out.flush();\r
- }\r
-\r
- public void log(Throwable t, Object ... msgs) {\r
- PrintStream out = System.err;\r
- out.print(Chrono.dateFmt.format(new Date()));\r
- out.print(": ");\r
- for (Object str : msgs) {\r
- out.print(str.toString());\r
- out.print(' ');\r
- }\r
- out.println();\r
- t.printStackTrace(out);\r
- }\r
-\r
- public boolean isLoggable() {\r
- return true;\r
+ \r
+ public void close() {\r
+ if(closeMe) {\r
+ out.close();\r
+ }\r
}\r
- @Override\r
- public void printf(String fmt, Object ... vars) {\r
- log(String.format(fmt,vars));\r
- }\r
-\r
- };\r
\r
+ }\r
\r
};
\ No newline at end of file
outTarget.log(t);\r
outTarget.log(t, "First String Object");\r
\r
- assertTrue(outTarget.isLoggable());\r
+ assertTrue(outTarget.isLoggable());\r
\r
- verify(t, times(2)).printStackTrace(System.out);\r
+ verify(t, times(2)).printStackTrace(System.out);\r
}\r
\r
@Test\r
errTarget.log(t);\r
errTarget.log(t, "First String Object");\r
\r
- assertTrue(errTarget.isLoggable());\r
+ assertTrue(errTarget.isLoggable());\r
\r
- verify(t, times(2)).printStackTrace(System.err);\r
+ verify(t, times(2)).printStackTrace(System.err);\r
}\r
\r
}\r