auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/UserRole.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.helpers;
  23
  24 import java.io.PrintStream;
  25 import java.util.ArrayList;
  26 import java.util.Date;
  27 import java.util.Iterator;
  28 import java.util.List;
  29 import java.util.SortedMap;
  30 import java.util.TreeMap;
  31
  32 import org.onap.aaf.auth.actions.URDelete;
  33 import org.onap.aaf.auth.dao.cass.UserRoleDAO;
  34 import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data;
  35 import org.onap.aaf.auth.env.AuthzTrans;
  36 import org.onap.aaf.misc.env.Env;
  37 import org.onap.aaf.misc.env.TimeTaken;
  38 import org.onap.aaf.misc.env.Trans;
  39 import org.onap.aaf.misc.env.util.Chrono;
  40
  41 import com.datastax.driver.core.ResultSet;
  42 import com.datastax.driver.core.Row;
  43 import com.datastax.driver.core.Session;
  44 import com.datastax.driver.core.SimpleStatement;
  45 import com.datastax.driver.core.Statement;
  46
  47 public class UserRole implements Cloneable, CacheChange.Data  {
  48
  49         private static final String SEPARATOR = "\",\"";
  50
  51         // CACHE Calling
  52         private static final String LOG_FMT = "%s UserRole - %s: %s-%s (%s, %s) expiring %s";
  53         private static final String REPLAY_FMT = "%s|%s|%s|%s|%s\n";
  54         private static final String DELETE_FMT = "# %s\n"+ REPLAY_FMT;
  55
  56         private static final List<UserRole> data = new ArrayList<>();
  57         private static final SortedMap<String,List<UserRole>> byUser = new TreeMap<>();
  58         private static final SortedMap<String,List<UserRole>> byRole = new TreeMap<>();
  59         private static final CacheChange<UserRole> cache = new CacheChange<>();
  60         private static PrintStream urDelete = System.out;
  61         private static PrintStream urRecover = System.err;
  62         private static int totalLoaded;
  63         private int deleted;
  64         private Data urdd;
  65
  66         public static final Creator<UserRole> v2_0_11 = new Creator<UserRole>() {
  67                 @Override
  68                 public UserRole create(Row row) {
  69                         return new UserRole(row.getString(0), row.getString(1), row.getString(2),row.getString(3),row.getTimestamp(4));
  70                 }
  71
  72                 @Override
  73                 public String select() {
  74                         return "select user,role,ns,rname,expires from authz.user_role";
  75                 }
  76         };
  77
  78         public UserRole(String user, String ns, String rname, Date expires) {
  79                 urdd = new UserRoleDAO.Data();
  80                 urdd.user = user;
  81                 urdd.role = ns + '.' + rname;
  82                 urdd.ns = ns;
  83                 urdd.rname = rname;
  84                 urdd.expires = expires;
  85         }
  86
  87         public UserRole(String user, String role, String ns, String rname, Date expires) {
  88                 urdd = new UserRoleDAO.Data();
  89                 urdd.user = user;
  90                 urdd.role = role;
  91                 urdd.ns = ns;
  92                 urdd.rname = rname;
  93                 urdd.expires = expires;
  94         }
  95
  96         public static List<UserRole> getData() {
  97                 return data;
  98         }
  99
 100         public static SortedMap<String, List<UserRole>> getByUser() {
 101                 return byUser;
 102         }
 103
 104         public static SortedMap<String, List<UserRole>> getByRole() {
 105                 return byRole;
 106         }
 107
 108         public static void load(Trans trans, Session session, Creator<UserRole> creator ) {
 109                 load(trans,session,creator,null);
 110         }
 111
 112         public static void loadOneRole(Trans trans, Session session, Creator<UserRole> creator, String role) {
 113                 load(trans,session,creator,"role='" + role +"' ALLOW FILTERING;");
 114         }
 115
 116         public static void loadOneUser(Trans trans, Session session, Creator<UserRole> creator, String user ) {
 117                 load(trans,session,creator,"role='"+ user +"';");
 118         }
 119
 120         private static void load(Trans trans, Session session, Creator<UserRole> creator, String where) {
 121                 String query = creator.query(where);
 122                 trans.info().log( "query: " + query );
 123                 TimeTaken tt = trans.start("Read UserRoles", Env.REMOTE);
 124
 125                 ResultSet results;
 126                 try {
 127                 Statement stmt = new SimpleStatement( query );
 128                 results = session.execute(stmt);
 129         } finally {
 130                 tt.done();
 131         }
 132         try {
 133                 tt = trans.start("Load UserRole", Env.SUB);
 134                 try {
 135                                                 iterateResults(creator, results.iterator());
 136                 } finally {
 137                         tt.done();
 138                 }
 139         } finally {
 140                 trans.info().log("Loaded",totalLoaded,"UserRoles");
 141         }
 142         }
 143
 144         private static void iterateResults(Creator<UserRole> creator, Iterator<Row> iter ) {
 145                 Row row;
 146                 while(iter.hasNext()) {
 147                         ++totalLoaded;
 148                         row = iter.next();
 149                         UserRole ur = creator.create(row);
 150                         data.add(ur);
 151
 152                         List<UserRole> lur = byUser.get(ur.urdd.user);
 153                         if(lur==null) {
 154                                 lur = new ArrayList<>();
 155                                 byUser.put(ur.urdd.user, lur);
 156                         }
 157                         lur.add(ur);
 158
 159                         lur = byRole.get(ur.urdd.role);
 160                         if(lur==null) {
 161                                 lur = new ArrayList<>();
 162                                 byRole.put(ur.urdd.role, lur);
 163                         }
 164                         lur.add(ur);
 165                 }
 166         }
 167
 168         public int totalLoaded() {
 169                 return totalLoaded;
 170         }
 171
 172         public int deleted() {
 173                 return deleted;
 174         }
 175
 176         @Override
 177         public void expunge() {
 178                 data.remove(this);
 179
 180                 List<UserRole> lur = byUser.get(urdd.user);
 181                 if(lur!=null) {
 182                         lur.remove(this);
 183                 }
 184
 185                 lur = byRole.get(urdd.role);
 186                 if(lur!=null) {
 187                         lur.remove(this);
 188                 }
 189         }
 190
 191         public static void setDeleteStream(PrintStream ds) {
 192                 urDelete = ds;
 193         }
 194
 195         public static void setRecoverStream(PrintStream ds) {
 196                 urRecover = ds;
 197         }
 198
 199         public static long count(Trans trans, Session session) {
 200                 String query = "select count(*) from authz.user_role LIMIT 1000000;";
 201         trans.info().log( "query: " + query );
 202         TimeTaken tt = trans.start("Count Namespaces", Env.REMOTE);
 203         ResultSet results;
 204         try {
 205                 Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
 206                 results = session.execute(stmt);
 207                 return results.one().getLong(0);
 208         } finally {
 209                 tt.done();
 210         }
 211         }
 212
 213         public UserRoleDAO.Data urdd() {
 214                 return urdd;
 215         }
 216
 217         public String user() {
 218                 return urdd.user;
 219         }
 220
 221         public String role() {
 222                 return urdd.role;
 223         }
 224
 225         public String ns() {
 226                 return urdd.ns;
 227         }
 228
 229         public String rname() {
 230                 return urdd.rname;
 231         }
 232
 233         public Date expires() {
 234                 return urdd.expires;
 235         }
 236
 237         public void expires(Date time) {
 238                 urdd.expires = time;
 239         }
 240
 241         public String toString() {
 242                 return "\"" + urdd.user + SEPARATOR + urdd.role + SEPARATOR + urdd.ns + SEPARATOR + urdd.rname + SEPARATOR
 243                         + Chrono.dateOnlyStamp(urdd.expires);
 244         }
 245
 246         public static UserRole get(String u, String r) {
 247                 List<UserRole> lur = byUser.get(u);
 248                 if(lur!=null) {
 249                         for(UserRole ur : lur) {
 250
 251                                 if(ur.urdd.role.equals(r)) {
 252                                         return ur;
 253                                 }
 254                         }
 255                 }
 256                 return null;
 257         }
 258
 259         // SAFETY - DO NOT DELETE USER ROLES DIRECTLY FROM BATCH FILES!!!
 260         // We write to a file, and validate.  If the size is iffy, we email Support
 261         public void delayDelete(AuthzTrans trans, String text, boolean dryRun) {
 262                 String dt = Chrono.dateTime(urdd.expires);
 263                 if(dryRun) {
 264                         trans.info().printf(LOG_FMT,text,"Would Delete",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
 265                 } else {
 266                         trans.info().printf(LOG_FMT,text,"Staged Deletion",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
 267                 }
 268                 urDelete.printf(DELETE_FMT,text,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
 269                 urRecover.printf(REPLAY_FMT,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
 270
 271                 cache.delayedDelete(this);
 272                 ++deleted;
 273         }
 274
 275
 276         /**
 277          * Calls expunge() for all deleteCached entries
 278          */
 279         public static void resetLocalData() {
 280                 cache.resetLocalData();
 281         }
 282
 283         public static int sizeForDeletion() {
 284                 return cache.cacheSize();
 285         }
 286
 287         public static boolean pendingDelete(UserRole ur) {
 288                 return cache.contains(ur);
 289         }
 290
 291         public static void actuateDeletionNow(AuthzTrans trans, URDelete directDel) {
 292                 for(UserRole ur : cache.getRemoved()) {
 293                         directDel.exec(trans, ur, "Actuating UserRole Deletion");
 294                 }
 295                 cache.getRemoved().clear();
 296                 cache.resetLocalData();
 297         }
 298
 299 }