auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Create.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * Modifications Copyright (C) 2019 IBM.
   7  * ===========================================================================
   8  * Licensed under the Apache License, Version 2.0 (the "License");
   9  * you may not use this file except in compliance with the License.
  10  * You may obtain a copy of the License at
  11  *
  12  *      http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing, software
  15  * distributed under the License is distributed on an "AS IS" BASIS,
  16  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  17  * See the License for the specific language governing permissions and
  18  * limitations under the License.
  19  * ============LICENSE_END====================================================
  20  *
  21  */
  22
  23 package org.onap.aaf.auth.cmd.perm;
  24
  25 import org.onap.aaf.auth.cmd.AAFcli;
  26 import org.onap.aaf.auth.cmd.Cmd;
  27 import org.onap.aaf.auth.cmd.Param;
  28 import org.onap.aaf.auth.rserv.HttpMethods;
  29 import org.onap.aaf.cadi.CadiException;
  30 import org.onap.aaf.cadi.LocatorException;
  31 import org.onap.aaf.cadi.client.Future;
  32 import org.onap.aaf.cadi.client.Rcli;
  33 import org.onap.aaf.cadi.client.Retryable;
  34 import org.onap.aaf.misc.env.APIException;
  35
  36 import aaf.v2_0.PermRequest;
  37 import aaf.v2_0.RoleRequest;
  38
  39 /**
  40  *
  41  * @author Jonathan
  42  *
  43  */
  44 public class Create extends Cmd {
  45     public Create(Perm parent) {
  46         super(parent,"create",
  47                 new Param("type",true),
  48                 new Param("instance",true),
  49                 new Param("action", true),
  50                 new Param("role[,role]* (to Grant to)", false)
  51                 );
  52     }
  53
  54     @Override
  55     public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
  56         return same(new Retryable<Integer>() {
  57             @Override
  58             public Integer code(Rcli<?> client) throws CadiException, APIException {
  59                 int idx = index;
  60                 final PermRequest pr = new PermRequest();
  61                 pr.setType(args[idx++]);
  62                 pr.setInstance(args[idx++]);
  63                 pr.setAction(args[idx++]);
  64                 String roleCommas = (args.length>idx)?args[idx++]:null;
  65                 String[] roles = roleCommas==null?null:roleCommas.split("\\s*,\\s*");
  66                 boolean force = aafcli.forceString()!=null;
  67                 int rv;
  68
  69                 if (roles!=null && force) { // Make sure Roles are Created
  70                     RoleRequest rr = new RoleRequest();
  71                     for (String role : roles) {
  72                         rr.setName(role);;
  73                         Future<RoleRequest> fr = client.create(
  74                             "/authz/role",
  75                             getDF(RoleRequest.class),
  76                             rr
  77                             );
  78                         fr.get(AAFcli.timeout());
  79                         switch(fr.code()){
  80                             case 201:
  81                                 pw().println("Created Role [" + role + ']');
  82                                 break;
  83                             case 409:
  84                                 break;
  85                             default:
  86                                 pw().println("Role [" + role + "] does not exist, and cannot be created.");
  87                                 return 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
  88                         }
  89                     }
  90                 }
  91
  92                 // Set Start/End commands
  93                 setStartEnd(pr);
  94                 setQueryParamsOn(client);
  95                 Future<PermRequest> fp = client.create(
  96                         "/authz/perm",
  97                         getDF(PermRequest.class),
  98                         pr
  99                         );
 100                 if (fp.get(AAFcli.timeout())) {
 101                     rv = fp.code();
 102                     pw().println("Created Permission");
 103                     if (roles!=null) {
 104                         if (aafcli.forceString()!=null) { // Make sure Roles are Created
 105                             RoleRequest rr = new RoleRequest();
 106                             for (String role : roles) {
 107                                 rr.setName(role);;
 108                                 Future<RoleRequest> fr = client.create(
 109                                     "/authz/role",
 110                                     getDF(RoleRequest.class),
 111                                     rr
 112                                     );
 113                                 fr.get(AAFcli.timeout());
 114                                 switch(fr.code()){
 115                                     case 201:
 116                                     case 409:break;
 117                                     default:
 118
 119                                 }
 120                             }
 121                         }
 122
 123                         try {
 124                             if (201!=(rv=((Perm)parent)._exec(0,
 125                                     new String[] {"grant",pr.getType(),pr.getInstance(),pr.getAction(),roleCommas}))) {
 126                                 rv = 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
 127                             }
 128                         } catch (LocatorException e) {
 129                             throw new CadiException(e);
 130                         }
 131                     }
 132                 } else {
 133                     rv = fp.code();
 134                     if (rv==409 && force) {
 135                         rv = 201;
 136                     } else if (rv==202) {
 137                         pw().println("Permission Creation Accepted, but requires Approvals before actualizing");
 138                         if (roles!=null)
 139                             pw().println("You need to grant the roles after approval.");
 140                     } else {
 141                         error(fp);
 142                     }
 143                 }
 144                 return rv;
 145             }
 146         });
 147     }
 148
 149     @Override
 150     public void detailedHelp(int _indent, StringBuilder sb) {
 151             int indent = _indent;
 152         detailLine(sb,indent,"Create a Permission with:");
 153         indent=indent+2;
 154         detailLine(sb,indent,"type     - A Namespace qualified identifier identifying the kind of");
 155         detailLine(sb,indent+11,"resource to be protected");
 156         detailLine(sb,indent,"instance - A name that distinguishes a particular instance of resource");
 157         detailLine(sb,indent,"action   - What kind of action is allowed");
 158         detailLine(sb,indent,"role(s)  - Perms granted to these Comma separated Role(s)");
 159         detailLine(sb,indent+11,"Nonexistent role(s) will be created, if in same namespace");
 160         sb.append('\n');
 161         detailLine(sb,indent+2,"Note: Instance and Action can be a an '*' (enter \\\\* on Unix Shell)");
 162         api(sb,indent,HttpMethods.POST,"authz/perm",PermRequest.class,true);
 163     }
 164
 165 }