From: Kiran Kamineni Date: Wed, 27 Mar 2019 19:06:05 +0000 (+0000) Subject: Merge "remove INFORMATIONAL email" X-Git-Tag: 2.1.11~18 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=7dc087eef2c4efb0c79f600bb055db9bc9dbc297;hp=d7c4f7754624b14d5e91cf60e48730b922df5839;p=aaf%2Fauthz.git Merge "remove INFORMATIONAL email" --- diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java index cbfad7b9..f742a465 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java @@ -71,13 +71,15 @@ public class ExpireRange { lcred.add(delRange); lx509.add(delRange); - lcred.add(new Range(ONE_WEEK ,3,-1,1,0,0,GregorianCalendar.WEEK_OF_MONTH,1)); lcred.add(new Range(TWO_WEEK ,2,-1,-1,GregorianCalendar.WEEK_OF_MONTH,1,GregorianCalendar.WEEK_OF_MONTH,2)); lcred.add(new Range(ONE_MONTH,1,7,7,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); lcred.add(new Range(TWO_MONTH,1,-1,-1,GregorianCalendar.MONTH,1,GregorianCalendar.MONTH,2)); - lur.add( new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); + lur.add( new Range(ONE_MONTH,1,-1,-1,0,0,GregorianCalendar.MONTH,1)); + // Comment out until we can get some more clear actions in place for GUI + // lur.add( new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); + // lur.add( new Range(ONE_WEEK,2,-1,1,0,0,GregorianCalendar.WEEK_OF_MONTH,1)); lx509.add(new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyURBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyURBody.java deleted file mode 100644 index 20ba8166..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyURBody.java +++ /dev/null @@ -1,124 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ -package org.onap.aaf.auth.batch.reports.bodies; - -import java.io.IOException; -import java.util.Date; -import java.util.List; - -import org.onap.aaf.auth.batch.helpers.LastNotified; -import org.onap.aaf.auth.batch.reports.Notify; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.org.Organization.Identity; -import org.onap.aaf.auth.org.OrganizationException; -import org.onap.aaf.cadi.Access; -import org.onap.aaf.misc.env.util.Chrono; - -public abstract class NotifyURBody extends NotifyBody { - - private final String explanation; - public NotifyURBody(Access access, String name) throws IOException { - super(access,"ur",name); - - // Default - explanation = "The Roles for the IDs associated with you will expire on the dates shown. " - + "If the role membership is allowed to expire, " - + "the ID will no longer have the permissions associated with that role.

" - + "It is the responsibility of the Designated Approvers to approve, but you can monitor " - + "their progress by clicking the ID Link."; - } - - @Override - public boolean body(AuthzTrans trans, StringBuilder sb, int indent, Notify n, String id) { - String fullname = "n/a"; - String kind = "Name"; - try { - Identity identity = trans.org().getIdentity(trans, id); - if(identity==null) { - trans.warn().printf("Cannot find %s in Organization",id); - } else { - fullname = identity.fullName(); - if(!identity.isPerson()) { - if((identity = identity.responsibleTo())!=null) { - kind = "AppID Sponsor"; - fullname = identity.fullName(); - } - } - } - } catch (OrganizationException e) { - trans.error().log(e); - fullname = "n/a"; - } - println(sb,indent,explanation); - println(sb,indent,"

"); - println(sb,indent,""); - indent+=2; - println(sb,indent,""); - indent+=2; - println(sb,indent,""); - println(sb,indent,""); - println(sb,indent,""); - println(sb,indent,""); - indent-=2; - println(sb,indent,""); - - String name = null; - String fqi = null; - for(List row : rows.get(id)) { - println(sb,indent,""); - indent+=2; - name = printCell(sb,indent,fullname,name); - String rid = row.get(1); - String fqiCell = "" + rid + ""; - fqi = printCell(sb,indent,fqiCell,fqi); - printCell(sb,indent,row.get(2)); - Date expires = new Date(Long.parseLong(row.get(6))); - printCell(sb,indent,Chrono.niceUTCStamp(expires)); - indent-=2; - println(sb,indent,""); - } - indent-=2; - println(sb,indent,"
"+kind+"Fully Qualified IDRoleExpires
"); - - return true; - } - - - @Override - public void record(AuthzTrans trans, StringBuilder query, String id, List notified, LastNotified ln) { - for(List row : rows.get(id)) { - for(String n : notified) { - // Need to match LastNotified Key ... ur.user() + '|'+ur.role(); - ln.update(query, n, row.get(0), row.get(1)+'|'+row.get(2)); - } - } - } - - @Override - public String user(List row) { - if( (row != null) && row.size()>1) { - return row.get(1); - } - return null; - } - - -} diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneMonthNotifyURBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneMonthNotifyURBody.java deleted file mode 100644 index 5392c187..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneMonthNotifyURBody.java +++ /dev/null @@ -1,37 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ -package org.onap.aaf.auth.batch.reports.bodies; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.ExpireRange; -import org.onap.aaf.cadi.Access; - -public class OneMonthNotifyURBody extends NotifyURBody { - public OneMonthNotifyURBody(Access access) throws IOException { - super(access, ExpireRange.ONE_MONTH); - } - - @Override - public String subject() { - return String.format("AAF One Month UserRole Notification (ENV: %s)",env); - } -} diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFTrustChecker.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFTrustChecker.java index f21aad6f..dddb85a0 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFTrustChecker.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFTrustChecker.java @@ -25,16 +25,15 @@ import static org.hamcrest.CoreMatchers.is; import static org.junit.Assert.assertThat; import static org.mockito.Mockito.when; -import org.junit.Before; -import org.junit.Test; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; - import java.io.ByteArrayOutputStream; import java.io.PrintStream; import javax.servlet.http.HttpServletRequest; +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.Lur; import org.onap.aaf.cadi.PropAccess; diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_EpiTaf.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_EpiTaf.java index ed4591d4..08602cb0 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_EpiTaf.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_EpiTaf.java @@ -22,22 +22,23 @@ package org.onap.aaf.cadi.taf.test; -import static org.hamcrest.CoreMatchers.is; -import static org.junit.Assert.assertThat; +import static org.junit.Assert.*; +import static org.hamcrest.CoreMatchers.*; +import org.junit.*; import java.io.IOException; -import org.junit.Test; import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.Taf; -import org.onap.aaf.cadi.Taf.LifeForm; -import org.onap.aaf.cadi.principal.TaggedPrincipal; -import org.onap.aaf.cadi.taf.EpiTaf; -import org.onap.aaf.cadi.taf.NullTaf; import org.onap.aaf.cadi.taf.TafResp; import org.onap.aaf.cadi.taf.TafResp.RESP; +import org.onap.aaf.cadi.taf.EpiTaf; +import org.onap.aaf.cadi.taf.NullTaf; +import org.onap.aaf.cadi.Taf.LifeForm; +import org.onap.aaf.cadi.principal.TaggedPrincipal; + public class JU_EpiTaf { @Test(expected = CadiException.class) @@ -75,7 +76,7 @@ public class JU_EpiTaf { @Override public RESP isAuthenticated() { return RESP.TRY_ANOTHER_TAF; } @Override public RESP authenticate() throws IOException { return null; } @Override public TaggedPrincipal getPrincipal() { return null; } - @Override public Access getAccess() { return Access.NULL; } + @Override public Access getAccess() { return null; } @Override public boolean isFailedAttempt() { return false; } @Override public float timing() { return 0; } @Override public void timing(long start) {} @@ -92,7 +93,7 @@ public class JU_EpiTaf { @Override public RESP isAuthenticated() { return RESP.TRY_AUTHENTICATING; } @Override public RESP authenticate() throws IOException { return null; } @Override public TaggedPrincipal getPrincipal() { return null; } - @Override public Access getAccess() { return Access.NULL; } + @Override public Access getAccess() { return null; } @Override public boolean isFailedAttempt() { return false; } @Override public float timing() { return 0; } @Override public void timing(long start) {} diff --git a/docs/sections/configuration/onboard.rst b/docs/sections/configuration/onboard.rst index 6e565c80..6f80e6e9 100644 --- a/docs/sections/configuration/onboard.rst +++ b/docs/sections/configuration/onboard.rst @@ -27,7 +27,8 @@ Create "As Cert Artifact" (show web page) From GUI -role create org.onap.ngi.service ngi@ngi.onap.org -perm grant org.onap.ngi.access|*|* org.onap.ngi.service + role create org.onap.ngi.service ngi@ngi.onap.org - + perm grant org.onap.ngi.access|*|* org.onap.ngi.service + +See Certificate Documentation for adding Certificate Artifacts.