auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/UserRole.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.helpers;
  23
  24 import java.io.PrintStream;
  25 import java.util.ArrayList;
  26 import java.util.Date;
  27 import java.util.Iterator;
  28 import java.util.List;
  29 import java.util.TreeMap;
  30
  31 import org.onap.aaf.auth.actions.URDelete;
  32 import org.onap.aaf.auth.dao.cass.UserRoleDAO;
  33 import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data;
  34 import org.onap.aaf.auth.env.AuthzTrans;
  35 import org.onap.aaf.misc.env.Env;
  36 import org.onap.aaf.misc.env.TimeTaken;
  37 import org.onap.aaf.misc.env.Trans;
  38 import org.onap.aaf.misc.env.util.Chrono;
  39
  40 import com.datastax.driver.core.ResultSet;
  41 import com.datastax.driver.core.Row;
  42 import com.datastax.driver.core.Session;
  43 import com.datastax.driver.core.SimpleStatement;
  44 import com.datastax.driver.core.Statement;
  45
  46 public class UserRole implements Cloneable, CacheChange.Data  {
  47         public static final List<UserRole> data = new ArrayList<UserRole>();
  48     public static final TreeMap<String,List<UserRole>> byUser = new TreeMap<String,List<UserRole>>();
  49     public static final TreeMap<String,List<UserRole>> byRole = new TreeMap<String,List<UserRole>>();
  50         private final static CacheChange<UserRole> cache = new CacheChange<UserRole>();
  51         private static PrintStream urDelete=System.out,urRecover=System.err;
  52         private static int totalLoaded;
  53         private static int deleted;
  54
  55         private Data urdd;
  56
  57         public UserRole(String user, String ns, String rname, Date expires) {
  58                 urdd = new UserRoleDAO.Data();
  59                 urdd.user = user;
  60                 urdd.role = ns + '.' + rname;
  61                 urdd.ns = ns;
  62                 urdd.rname = rname;
  63                 urdd.expires = expires;
  64         }
  65
  66         public UserRole(String user, String role, String ns, String rname, Date expires) {
  67                 urdd = new UserRoleDAO.Data();
  68                 urdd.user = user;
  69                 urdd.role = role;
  70                 urdd.ns = ns;
  71                 urdd.rname = rname;
  72                 urdd.expires = expires;
  73         }
  74
  75         public static void load(Trans trans, Session session, Creator<UserRole> creator ) {
  76                 load(trans,session,creator,null);
  77         }
  78
  79         public static void loadOneRole(Trans trans, Session session, Creator<UserRole> creator, String role) {
  80                 load(trans,session,creator,"role='" + role +"' ALLOW FILTERING;");
  81         }
  82
  83         public static void loadOneUser(Trans trans, Session session, Creator<UserRole> creator, String user ) {
  84                 load(trans,session,creator,"role='"+ user +"';");
  85         }
  86
  87         private static void load(Trans trans, Session session, Creator<UserRole> creator, String where) {
  88                 String query = creator.query(where);
  89                 trans.info().log( "query: " + query );
  90         TimeTaken tt = trans.start("Read UserRoles", Env.REMOTE);
  91
  92         ResultSet results;
  93                 try {
  94                 Statement stmt = new SimpleStatement( query );
  95                 results = session.execute(stmt);
  96         } finally {
  97                 tt.done();
  98         }
  99         try {
 100                 Iterator<Row> iter = results.iterator();
 101                 Row row;
 102                 tt = trans.start("Load UserRole", Env.SUB);
 103                 try {
 104                         while(iter.hasNext()) {
 105                                 ++totalLoaded;
 106                                 row = iter.next();
 107                                 UserRole ur = creator.create(row);
 108                                 data.add(ur);
 109
 110                                 List<UserRole> lur = byUser.get(ur.urdd.user);
 111                                 if(lur==null) {
 112                                         lur = new ArrayList<UserRole>();
 113                                         byUser.put(ur.urdd.user, lur);
 114                                 }
 115                                 lur.add(ur);
 116
 117                                 lur = byRole.get(ur.urdd.role);
 118                                 if(lur==null) {
 119                                         lur = new ArrayList<UserRole>();
 120                                         byRole.put(ur.urdd.role, lur);
 121                                 }
 122                                 lur.add(ur);
 123                         }
 124                 } finally {
 125                         tt.done();
 126                 }
 127         } finally {
 128                 trans.info().log("Loaded",totalLoaded,"UserRoles");
 129         }
 130         }
 131
 132         public int totalLoaded() {
 133                 return totalLoaded();
 134         }
 135
 136         public int deleted() {
 137                 return deleted;
 138         }
 139
 140         @Override
 141         public void expunge() {
 142                 data.remove(this);
 143
 144                 List<UserRole> lur = byUser.get(urdd.user);
 145                 if(lur!=null) {
 146                         lur.remove(this);
 147                 }
 148
 149                 lur = byRole.get(urdd.role);
 150                 if(lur!=null) {
 151                         lur.remove(this);
 152                 }
 153         }
 154
 155         public static void setDeleteStream(PrintStream ds) {
 156                 urDelete = ds;
 157         }
 158
 159         public static void setRecoverStream(PrintStream ds) {
 160                 urRecover = ds;
 161         }
 162
 163         public static long count(Trans trans, Session session) {
 164                 String query = "select count(*) from authz.user_role LIMIT 1000000;";
 165         trans.info().log( "query: " + query );
 166         TimeTaken tt = trans.start("Count Namespaces", Env.REMOTE);
 167         ResultSet results;
 168         try {
 169                 Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
 170                 results = session.execute(stmt);
 171                 return results.one().getLong(0);
 172         } finally {
 173                 tt.done();
 174         }
 175         }
 176
 177
 178         public static Creator<UserRole> v2_0_11 = new Creator<UserRole>() {
 179                 @Override
 180                 public UserRole create(Row row) {
 181                         return new UserRole(row.getString(0), row.getString(1), row.getString(2),row.getString(3),row.getTimestamp(4));
 182                 }
 183
 184                 @Override
 185                 public String select() {
 186                         return "select user,role,ns,rname,expires from authz.user_role";
 187                 }
 188         };
 189
 190         public UserRoleDAO.Data urdd() {
 191                 return urdd;
 192         }
 193
 194         public String user() {
 195                 return urdd.user;
 196         };
 197
 198         public String role() {
 199                 return urdd.role;
 200         }
 201
 202         public String ns() {
 203                 return urdd.ns;
 204         }
 205
 206         public String rname() {
 207                 return urdd.rname;
 208         }
 209
 210         public Date expires() {
 211                 return urdd.expires;
 212         }
 213
 214         public void expires(Date time) {
 215                 urdd.expires = time;
 216         }
 217
 218
 219
 220         public String toString() {
 221                 return "\"" + urdd.user + "\",\"" + urdd.role + "\",\""  + urdd.ns + "\",\"" + urdd.rname + "\",\""+ Chrono.dateOnlyStamp(urdd.expires);
 222         }
 223
 224         public static UserRole get(String u, String r) {
 225                 List<UserRole> lur = byUser.get(u);
 226                 if(lur!=null) {
 227                         for(UserRole ur : lur) {
 228                                 if(ur.urdd.role.equals(r)) {
 229                                         return ur;
 230                                 }
 231                         }
 232                 }
 233                 return null;
 234         }
 235
 236         // CACHE Calling
 237         private static final String logfmt = "%s UserRole - %s: %s-%s (%s, %s) expiring %s";
 238         private static final String replayfmt = "%s|%s|%s|%s|%s\n";
 239         private static final String deletefmt = "# %s\n"+replayfmt;
 240
 241         // SAFETY - DO NOT DELETE USER ROLES DIRECTLY FROM BATCH FILES!!!
 242         // We write to a file, and validate.  If the size is iffy, we email Support
 243         public void delayDelete(AuthzTrans trans, String text, boolean dryRun) {
 244                 String dt = Chrono.dateTime(urdd.expires);
 245                 if(dryRun) {
 246                         trans.info().printf(logfmt,text,"Would Delete",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
 247                 } else {
 248                         trans.info().printf(logfmt,text,"Staged Deletion",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
 249                 }
 250                 urDelete.printf(deletefmt,text,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
 251                 urRecover.printf(replayfmt,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
 252
 253                 cache.delayedDelete(this);
 254                 ++deleted;
 255         }
 256
 257
 258         /**
 259          * Calls expunge() for all deleteCached entries
 260          */
 261         public static void resetLocalData() {
 262                 cache.resetLocalData();
 263         }
 264
 265         public static int sizeForDeletion() {
 266                 return cache.cacheSize();
 267         }
 268
 269         public static boolean pendingDelete(UserRole ur) {
 270                 return cache.contains(ur);
 271         }
 272
 273         public static void actuateDeletionNow(AuthzTrans trans, URDelete directDel) {
 274                 for(UserRole ur : cache.getRemoved()) {
 275                         directDel.exec(trans, ur, "Actuating UserRole Deletion");
 276                 }
 277                 cache.getRemoved().clear();
 278                 cache.resetLocalData();
 279         }
 280
 281
 282 }