auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Create.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.cmd.perm;
  23
  24 import org.onap.aaf.auth.cmd.AAFcli;
  25 import org.onap.aaf.auth.cmd.Cmd;
  26 import org.onap.aaf.auth.cmd.Param;
  27 import org.onap.aaf.auth.rserv.HttpMethods;
  28 import org.onap.aaf.cadi.CadiException;
  29 import org.onap.aaf.cadi.LocatorException;
  30 import org.onap.aaf.cadi.client.Future;
  31 import org.onap.aaf.cadi.client.Rcli;
  32 import org.onap.aaf.cadi.client.Retryable;
  33 import org.onap.aaf.misc.env.APIException;
  34
  35 import aaf.v2_0.PermRequest;
  36 import aaf.v2_0.RoleRequest;
  37
  38 /**
  39  *
  40  * @author Jonathan
  41  *
  42  */
  43 public class Create extends Cmd {
  44         public Create(Perm parent) {
  45                 super(parent,"create",
  46                                 new Param("type",true),
  47                                 new Param("instance",true),
  48                                 new Param("action", true),
  49                                 new Param("role[,role]* (to Grant to)", false)
  50                                 );
  51         }
  52
  53         @Override
  54         public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
  55                 return same(new Retryable<Integer>() {
  56                         @Override
  57                         public Integer code(Rcli<?> client) throws CadiException, APIException {
  58                                 int idx = index;
  59                                 final PermRequest pr = new PermRequest();
  60                                 pr.setType(args[idx++]);
  61                                 pr.setInstance(args[idx++]);
  62                                 pr.setAction(args[idx++]);
  63                                 String roleCommas = (args.length>idx)?args[idx++]:null;
  64                                 String[] roles = roleCommas==null?null:roleCommas.split("\\s*,\\s*");
  65                                 boolean force = aafcli.forceString()!=null;
  66                                 int rv;
  67
  68                                 if(roles!=null && force) { // Make sure Roles are Created
  69                                         RoleRequest rr = new RoleRequest();
  70                                         for(String role : roles) {
  71                                                 rr.setName(role);;
  72                                                 Future<RoleRequest> fr = client.create(
  73                                                         "/authz/role",
  74                                                         getDF(RoleRequest.class),
  75                                                         rr
  76                                                         );
  77                                                 fr.get(AAFcli.timeout());
  78                                                 switch(fr.code()){
  79                                                         case 201:
  80                                                                 pw().println("Created Role [" + role + ']');
  81                                                                 break;
  82                                                         case 409:
  83                                                                 break;
  84                                                         default:
  85                                                                 pw().println("Role [" + role + "] does not exist, and cannot be created.");
  86                                                                 return 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
  87                                                 }
  88                                         }
  89                                 }
  90
  91                                 // Set Start/End commands
  92                                 setStartEnd(pr);
  93                                 setQueryParamsOn(client);
  94                                 Future<PermRequest> fp = client.create(
  95                                                 "/authz/perm",
  96                                                 getDF(PermRequest.class),
  97                                                 pr
  98                                                 );
  99                                 if(fp.get(AAFcli.timeout())) {
 100                                         rv = fp.code();
 101                                         pw().println("Created Permission");
 102                                         if(roles!=null) {
 103                                                 if(aafcli.forceString()!=null) { // Make sure Roles are Created
 104                                                         RoleRequest rr = new RoleRequest();
 105                                                         for(String role : roles) {
 106                                                                 rr.setName(role);;
 107                                                                 Future<RoleRequest> fr = client.create(
 108                                                                         "/authz/role",
 109                                                                         getDF(RoleRequest.class),
 110                                                                         rr
 111                                                                         );
 112                                                                 fr.get(AAFcli.timeout());
 113                                                                 switch(fr.code()){
 114                                                                         case 201:
 115                                                                         case 409:break;
 116                                                                         default:
 117
 118                                                                 }
 119                                                         }
 120                                                 }
 121
 122                                                 try {
 123                                                         if(201!=(rv=((Perm)parent)._exec(0,
 124                                                                         new String[] {"grant",pr.getType(),pr.getInstance(),pr.getAction(),roleCommas}))) {
 125                                                                 rv = 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
 126                                                         }
 127                                                 } catch (LocatorException e) {
 128                                                         throw new CadiException(e);
 129                                                 }
 130                                         }
 131                                 } else {
 132                                         rv = fp.code();
 133                                         if(rv==409 && force) {
 134                                                 rv = 201;
 135                                         } else if(rv==202) {
 136                                                 pw().println("Permission Creation Accepted, but requires Approvals before actualizing");
 137                                                 if (roles!=null)
 138                                                         pw().println("You need to grant the roles after approval.");
 139                                         } else {
 140                                                 error(fp);
 141                                         }
 142                                 }
 143                                 return rv;
 144                         }
 145                 });
 146         }
 147
 148         @Override
 149         public void detailedHelp(int _indent, StringBuilder sb) {
 150                 int indent = _indent;
 151                 detailLine(sb,indent,"Create a Permission with:");
 152                 detailLine(sb,indent+=2,"type     - A Namespace qualified identifier identifying the kind of");
 153                 detailLine(sb,indent+11,"resource to be protected");
 154                 detailLine(sb,indent,"instance - A name that distinguishes a particular instance of resource");
 155                 detailLine(sb,indent,"action   - What kind of action is allowed");
 156                 detailLine(sb,indent,"role(s)  - Perms granted to these Comma separated Role(s)");
 157                 detailLine(sb,indent+11,"Nonexistent role(s) will be created, if in same namespace");
 158                 sb.append('\n');
 159                 detailLine(sb,indent+2,"Note: Instance and Action can be a an '*' (enter \\\\* on Unix Shell)");
 160                 api(sb,indent,HttpMethods.POST,"authz/perm",PermRequest.class,true);
 161         }
 162
 163 }