auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermModify.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.actions;
  23
  24 import java.io.IOException;
  25 import java.util.List;
  26
  27 import org.onap.aaf.auth.dao.cass.PermDAO;
  28 import org.onap.aaf.auth.dao.cass.RoleDAO;
  29 import org.onap.aaf.auth.dao.cass.Status;
  30 import org.onap.aaf.auth.dao.cass.PermDAO.Data;
  31 import org.onap.aaf.auth.env.AuthzTrans;
  32 import org.onap.aaf.auth.helpers.Perm;
  33 import org.onap.aaf.auth.helpers.Role;
  34 import org.onap.aaf.auth.layer.Result;
  35 import org.onap.aaf.misc.env.APIException;
  36
  37 import com.datastax.driver.core.Cluster;
  38
  39 public class PermModify extends ActionDAO<Perm,PermDAO.Data,PermModify.Modify> {
  40         public PermModify(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
  41                 super(trans, cluster,dryRun);
  42         }
  43
  44         public PermModify(AuthzTrans trans, ActionDAO<?,?,?> adao) {
  45                 super(trans, adao);
  46         }
  47
  48         @Override
  49         public Result<PermDAO.Data> exec(AuthzTrans trans, final Perm p, final Modify modify) {
  50                 Result<List<PermDAO.Data>> rr = q.permDAO.read(trans, p.ns,p.type,p.instance,p.action);
  51                 if(dryRun) {
  52                         if(rr.isOKhasData()) {
  53                                 return Result.ok(rr.value.get(0));
  54                         } else {
  55                                 return Result.err(Result.ERR_NotFound, "Data not Found " + p.toString());
  56                         }
  57                 } else {
  58                         Result<PermDAO.Data> rv = null;
  59                         if(rr.isOKhasData()) {
  60                                 for(final Data d : rr.value) {
  61                                         modify.change(d);
  62                                         if(d.ns.equals(p.ns) && d.type.equals(p.type) && d.instance.equals(p.instance) && d.action.equals(p.action)) {
  63                                                 // update for fields
  64                                                 // In either case, adjust Permissions
  65                                                 for(String r : d.roles) {
  66                                                         if(!p.roles.contains(r)) {
  67                                                                 q.permDAO.dao().addRole(trans, d, r);
  68                                                         }
  69                                                 }
  70                                                 for(String r : p.roles) {
  71                                                         if(!d.roles.contains(r)) {
  72                                                                 q.permDAO.dao().delRole(trans, d, r);
  73                                                         }
  74                                                 }
  75                                                 rv = Result.ok(d);
  76                                         } else {
  77                                                 for(String r : d.roles) {
  78                                                         Role role = Role.keys.get(r);
  79                                                         if(role.perms.contains(p.encode())) {
  80                                                                 modify.roleModify().exec(trans, role, new RoleModify.Modify() {
  81                                                                         @Override
  82                                                                         public PermModify permModify() {
  83                                                                                 return PermModify.this;
  84                                                                         }
  85
  86                                                                         @Override
  87                                                                         public void change(RoleDAO.Data rdd) {
  88                                                                                 rdd.perms.remove(p.encode());
  89                                                                                 rdd.perms.add(d.encode());
  90                                                                         }
  91                                                                 });
  92                                                         }
  93                                                 }
  94
  95                                                 rv = q.permDAO.create(trans, d);
  96                                                 if(rv.isOK()) {
  97                                                         PermDAO.Data pdd = new PermDAO.Data();
  98                                                         pdd.ns = p.ns;
  99                                                         pdd.type = p.type;
 100                                                         pdd.instance = p.instance;
 101                                                         pdd.action = p.action;
 102                                                         q.permDAO.delete(trans, pdd, false);
 103                                                         trans.info().printf("Updated %s|%s|%s|%s to %s|%s|%s|%s\n",
 104                                                                 p.ns, p.type, p.instance, p.action,
 105                                                                 d.ns, d.type, d.instance, d.action);
 106                                                 } else {
 107                                                         trans.info().log(rv.errorString());
 108                                                 }
 109                                         }
 110
 111                                 }
 112                         } else {
 113                                 rv = Result.err(rr);
 114                         }
 115                         if(rv==null) {
 116                                 rv = Result.err(Status.ERR_General,"Never get to this code");
 117                         }
 118
 119                         return rv;
 120                 }
 121         }
 122
 123         public static interface Modify {
 124                 void change(PermDAO.Data ur);
 125                 RoleModify roleModify();
 126         }
 127
 128         public Result<Void> delete(AuthzTrans trans, Perm p) {
 129                 if(dryRun) {
 130                         return Result.ok();
 131                 } else {
 132                         PermDAO.Data data = new PermDAO.Data();
 133                         data.ns=p.ns;
 134                         data.type = p.type;
 135                         data.instance = p.instance;
 136                         data.action = p.action;
 137                         return q.permDAO.delete(trans,data,false);
 138                 }
 139         }
 140
 141 }