2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.helpers;
24 import java.io.PrintStream;
25 import java.util.ArrayList;
26 import java.util.Date;
27 import java.util.Iterator;
28 import java.util.List;
29 import java.util.TreeMap;
31 import org.onap.aaf.auth.actions.URDelete;
32 import org.onap.aaf.auth.dao.cass.UserRoleDAO;
33 import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data;
34 import org.onap.aaf.auth.env.AuthzTrans;
35 import org.onap.aaf.misc.env.Env;
36 import org.onap.aaf.misc.env.TimeTaken;
37 import org.onap.aaf.misc.env.Trans;
38 import org.onap.aaf.misc.env.util.Chrono;
40 import com.datastax.driver.core.ResultSet;
41 import com.datastax.driver.core.Row;
42 import com.datastax.driver.core.Session;
43 import com.datastax.driver.core.SimpleStatement;
44 import com.datastax.driver.core.Statement;
46 public class UserRole implements Cloneable, CacheChange.Data {
47 public static final List<UserRole> data = new ArrayList<UserRole>();
48 public static final TreeMap<String,List<UserRole>> byUser = new TreeMap<String,List<UserRole>>();
49 public static final TreeMap<String,List<UserRole>> byRole = new TreeMap<String,List<UserRole>>();
50 private final static CacheChange<UserRole> cache = new CacheChange<UserRole>();
51 private static PrintStream urDelete=System.out,urRecover=System.err;
52 private static int totalLoaded;
53 private static int deleted;
57 public UserRole(String user, String ns, String rname, Date expires) {
58 urdd = new UserRoleDAO.Data();
60 urdd.role = ns + '.' + rname;
63 urdd.expires = expires;
66 public UserRole(String user, String role, String ns, String rname, Date expires) {
67 urdd = new UserRoleDAO.Data();
72 urdd.expires = expires;
75 public static void load(Trans trans, Session session, Creator<UserRole> creator ) {
76 load(trans,session,creator,null);
79 public static void loadOneRole(Trans trans, Session session, Creator<UserRole> creator, String role) {
80 load(trans,session,creator,"role='" + role +"' ALLOW FILTERING;");
83 public static void loadOneUser(Trans trans, Session session, Creator<UserRole> creator, String user ) {
84 load(trans,session,creator,"role='"+ user +"';");
87 private static void load(Trans trans, Session session, Creator<UserRole> creator, String where) {
88 String query = creator.query(where);
89 trans.info().log( "query: " + query );
90 TimeTaken tt = trans.start("Read UserRoles", Env.REMOTE);
94 Statement stmt = new SimpleStatement( query );
95 results = session.execute(stmt);
100 Iterator<Row> iter = results.iterator();
102 tt = trans.start("Load UserRole", Env.SUB);
104 while(iter.hasNext()) {
107 UserRole ur = creator.create(row);
110 List<UserRole> lur = byUser.get(ur.urdd.user);
112 lur = new ArrayList<UserRole>();
113 byUser.put(ur.urdd.user, lur);
117 lur = byRole.get(ur.urdd.role);
119 lur = new ArrayList<UserRole>();
120 byRole.put(ur.urdd.role, lur);
128 trans.info().log("Loaded",totalLoaded,"UserRoles");
132 public int totalLoaded() {
133 return totalLoaded();
136 public int deleted() {
141 public void expunge() {
144 List<UserRole> lur = byUser.get(urdd.user);
149 lur = byRole.get(urdd.role);
155 public static void setDeleteStream(PrintStream ds) {
159 public static void setRecoverStream(PrintStream ds) {
163 public static long count(Trans trans, Session session) {
164 String query = "select count(*) from authz.user_role LIMIT 1000000;";
165 trans.info().log( "query: " + query );
166 TimeTaken tt = trans.start("Count Namespaces", Env.REMOTE);
169 Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
170 results = session.execute(stmt);
171 return results.one().getLong(0);
178 public static Creator<UserRole> v2_0_11 = new Creator<UserRole>() {
180 public UserRole create(Row row) {
181 return new UserRole(row.getString(0), row.getString(1), row.getString(2),row.getString(3),row.getTimestamp(4));
185 public String select() {
186 return "select user,role,ns,rname,expires from authz.user_role";
190 public UserRoleDAO.Data urdd() {
194 public String user() {
198 public String role() {
206 public String rname() {
210 public Date expires() {
214 public void expires(Date time) {
220 public String toString() {
221 return "\"" + urdd.user + "\",\"" + urdd.role + "\",\"" + urdd.ns + "\",\"" + urdd.rname + "\",\""+ Chrono.dateOnlyStamp(urdd.expires);
224 public static UserRole get(String u, String r) {
225 List<UserRole> lur = byUser.get(u);
227 for(UserRole ur : lur) {
228 if(ur.urdd.role.equals(r)) {
237 private static final String logfmt = "%s UserRole - %s: %s-%s (%s, %s) expiring %s";
238 private static final String replayfmt = "%s|%s|%s|%s|%s\n";
239 private static final String deletefmt = "# %s\n"+replayfmt;
241 // SAFETY - DO NOT DELETE USER ROLES DIRECTLY FROM BATCH FILES!!!
242 // We write to a file, and validate. If the size is iffy, we email Support
243 public void delayDelete(AuthzTrans trans, String text, boolean dryRun) {
244 String dt = Chrono.dateTime(urdd.expires);
246 trans.info().printf(logfmt,text,"Would Delete",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
248 trans.info().printf(logfmt,text,"Staged Deletion",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
250 urDelete.printf(deletefmt,text,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
251 urRecover.printf(replayfmt,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
253 cache.delayedDelete(this);
259 * Calls expunge() for all deleteCached entries
261 public static void resetLocalData() {
262 cache.resetLocalData();
265 public static int sizeForDeletion() {
266 return cache.cacheSize();
269 public static boolean pendingDelete(UserRole ur) {
270 return cache.contains(ur);
273 public static void actuateDeletionNow(AuthzTrans trans, URDelete directDel) {
274 for(UserRole ur : cache.getRemoved()) {
275 directDel.exec(trans, ur, "Actuating UserRole Deletion");
277 cache.getRemoved().clear();
278 cache.resetLocalData();