2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.dao.cached;
24 import java.util.ArrayList;
25 import java.util.List;
27 import org.onap.aaf.auth.dao.CIDAO;
28 import org.onap.aaf.auth.dao.CachedDAO;
29 import org.onap.aaf.auth.dao.cass.Status;
30 import org.onap.aaf.auth.dao.cass.UserRoleDAO;
31 import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data;
32 import org.onap.aaf.auth.env.AuthzTrans;
33 import org.onap.aaf.auth.layer.Result;
34 import org.onap.aaf.misc.env.Slot;
36 public class CachedUserRoleDAO extends CachedDAO<AuthzTrans,UserRoleDAO, UserRoleDAO.Data> {
37 private Slot transURSlot;
39 public CachedUserRoleDAO(UserRoleDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
40 super(dao, info, UserRoleDAO.CACHE_SEG, expiresIn);
41 transURSlot = dao.transURSlot;
46 * User Roles by User are very likely to be called many times in a Transaction, to validate "May User do..."
47 * Pull result, and make accessible by the Trans, which is always keyed by User.
52 public Result<List<Data>> readByUser(AuthzTrans trans, final String user) {
53 DAOGetter getter = new DAOGetter(trans,dao()) {
54 public Result<List<Data>> call() {
55 // If the call is for THIS user, and it exists, get from TRANS, add to TRANS if not.
56 if(user!=null && user.equals(trans.user())) {
57 Result<List<Data>> transLD = trans.get(transURSlot,null);
59 transLD = dao.readByUser(trans, user);
63 return dao.readByUser(trans, user);
67 Result<List<Data>> lurd = get(trans, user, getter);
68 if(lurd.isOK() && lurd.isEmpty()) {
69 return Result.err(Status.ERR_UserRoleNotFound,"UserRole not found for [%s]",user);
75 public Result<List<Data>> readByRole(AuthzTrans trans, final String role) {
76 DAOGetter getter = new DAOGetter(trans,dao()) {
77 public Result<List<Data>> call() {
78 return dao.readByRole(trans, role);
81 Result<List<Data>> lurd = get(trans, role, getter);
82 if(lurd.isOK() && lurd.isEmpty()) {
83 return Result.err(Status.ERR_UserRoleNotFound,"UserRole not found for [%s]",role);
88 public Result<List<UserRoleDAO.Data>> readUserInRole(final AuthzTrans trans, final String user, final String role) {
89 DAOGetter getter = new DAOGetter(trans,dao()) {
90 public Result<List<Data>> call() {
91 if(user.equals(trans.user())) {
92 Result<List<Data>> rrbu = readByUser(trans, user);
94 List<Data> ld = new ArrayList<Data>(1);
95 for(Data d : rrbu.value) {
96 if(d.role.equals(role)) {
101 return Result.ok(ld).emptyList(ld.isEmpty());
106 return dao.readByUserRole(trans, user, role);
109 Result<List<Data>> lurd = get(trans, keyFromObjs(user,role), getter);
110 if(lurd.isOK() && lurd.isEmpty()) {
111 return Result.err(Status.ERR_UserRoleNotFound,"UserRole not found for role [%s] and user [%s]",role,user);
Code Review / aaf / authz.git / blob