INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400;
+
+// ONAP Specific Entities
+// ONAP initial env Namespace
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.onap','ONAP','org',2,2);
+
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3);
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.portal','access','*','read',{
+ 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor'
+ },'Portal Read Access');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins');
+
+// DEMO ID (OPS)
+insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
+
+// ADMIN
+insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
+
+// DESIGNER
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer');
+
+// TESTER
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester');
+
+// OPS
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops');
+
+// GOVERNOR
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor');
+
*/
public class Config {
+
public static final String UTF_8 = "UTF-8";
// Property Names associated with configurations.
public static final String AAF_APPPASS = "aaf_password";
public static final String AAF_LUR_CLASS = "aaf_lur_class";
public static final String AAF_TAF_CLASS = "aaf_taf_class";
- public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
public static final String AAF_CONNECTOR_CLASS = "aaf_connector_class";
public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
public static final String AAF_CONN_TIMEOUT = "aaf_conn_timeout";
public static final String AAF_CONN_TIMEOUT_DEF = "3000";
public static final String AAF_CONN_IDLE_TIMEOUT = "aaf_conn_idle_timeout"; // only for Direct Jetty Access.
public static final String AAF_CONN_IDLE_TIMEOUT_DEF = "10000"; // only for Direct Jetty Access.
-
+
+ // Default Classes: These are for Class loading to avoid direct compile links
+ public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
+ public static final String AAF_LOCATOR_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFLocator";
+ public static final String CADI_OLUR_CLASS_DEF = "org.onap.aaf.cadi.olur.OLur";
+ public static final String CADI_OBASIC_HTTP_TAF_DEF = "org.onap.aaf.cadi.obasic.OBasicHttpTaf";
+ public static final String CADI_AAF_CON_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFCon";
+
public static final String AAF_CALL_TIMEOUT = "aaf_timeout";
public static final String AAF_CALL_TIMEOUT_DEF = "5000";
public static final String AAF_USER_EXPIRES = "aaf_user_expires";
/////////////////////////////////////////////////////
// Setup AAFCon for any following
/////////////////////////////////////////////////////
- Class<?> aafConClass = loadClass(access,"org.onap.aaf.cadi.aaf.v2_0.AAFCon");
+ Class<?> aafConClass = loadClass(access,CADI_AAF_CON_DEF);
Object aafcon = null;
if(con!=null && aafConClass!=null && aafConClass.isAssignableFrom(con.getClass())) {
aafcon = con;
if(!hasOAuthDirectTAF) {
if(basic_realm!=null) {
@SuppressWarnings("unchecked")
- Class<HttpTaf> obasicCls = (Class<HttpTaf>)loadClass(access,"org.osaaf.cadi.obasic.OBasicHttpTaf");
+ Class<HttpTaf> obasicCls = (Class<HttpTaf>)loadClass(access,CADI_OBASIC_HTTP_TAF_DEF);
if(obasicCls!=null) {
try {
String tokenurl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL, null);
String introspect_url = logProp(access,AAF_OAUTH2_INTROSPECT_URL, null);
if(token_url!=null && introspect_url !=null) {
try {
- Class<?> olurCls = loadClass(access, "org.osaaf.cadi.olur.OLur");
+ Class<?> olurCls = loadClass(access, CADI_OLUR_CLASS_DEF);
if(olurCls!=null) {
Constructor<?> olurCnst = olurCls.getConstructor(PropAccess.class,String.class,String.class);
Lur olur = (Lur)olurCnst.newInstance(access,token_url,introspect_url);
}
try {
- Class<?> lcls = loadClass(access,"org.onap.aaf.cadi.aaf.v2_0.AAFLocator");
+ Class<?> lcls = loadClass(access,AAF_LOCATOR_CLASS_DEF);
if(lcls==null) {
throw new CadiException("Need to include aaf-cadi-aaf jar for AAFLocator");
}
Code Review / aaf / authz.git / commitdiff