auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/List.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.cmd.role;
  23
  24 import java.util.Collections;
  25 import java.util.Comparator;
  26
  27 import javax.xml.datatype.XMLGregorianCalendar;
  28
  29 import org.onap.aaf.auth.cmd.AAFcli;
  30 import org.onap.aaf.auth.cmd.BaseCmd;
  31 import org.onap.aaf.cadi.CadiException;
  32 import org.onap.aaf.cadi.client.Future;
  33 import org.onap.aaf.cadi.client.Rcli;
  34 import org.onap.aaf.cadi.client.Retryable;
  35 import org.onap.aaf.misc.env.APIException;
  36 import org.onap.aaf.misc.env.util.Chrono;
  37
  38 import aaf.v2_0.Perm;
  39 import aaf.v2_0.Perms;
  40 import aaf.v2_0.Pkey;
  41 import aaf.v2_0.Roles;
  42 import aaf.v2_0.UserRole;
  43 import aaf.v2_0.UserRoles;
  44
  45
  46
  47 public class List extends BaseCmd<Role> {
  48     private static final String XXXX_XX_XX = "XXXX-XX-XX";
  49     private static final String LIST_ROLES_BY_NAME = "list roles for role";
  50
  51     public List(Role parent) {
  52         super(parent,"list");
  53         cmds.add(new ListByUser(this));
  54         cmds.add(new ListByRole(this));
  55         cmds.add(new ListByNS(this));
  56         cmds.add(new ListByNameOnly(this));
  57         cmds.add(new ListByPerm(this));
  58         cmds.add(new ListActivity(this));
  59     }
  60
  61     // Package Level on purpose
  62     abstract class ListRoles extends Retryable<Integer> {
  63         protected int list(Future<Roles> fr,Rcli<?> client, String header) throws APIException, CadiException {
  64             if (fr.get(AAFcli.timeout())) {
  65                 Perms perms=null;
  66                 if (aafcli.isDetailed()) {
  67                     for (aaf.v2_0.Role r : fr.value.getRole()) {
  68                         Future<Perms> fp = client.read(
  69                                 "/authz/perms/role/"+r.getName()+(aafcli.isDetailed()?"?ns":""),
  70                                 getDF(Perms.class)
  71                             );
  72                         if (fp.get(AAFcli.timeout())) {
  73                             if (perms==null) {
  74                                 perms = fp.value;
  75                             } else {
  76                                 perms.getPerm().addAll(fp.value.getPerm());
  77                             }
  78                         }
  79                     }
  80                 }
  81                 report(fr.value,perms,null,header);
  82             } else {
  83                 error(fr);
  84             }
  85             return fr.code();
  86         }
  87     }
  88
  89     private final static String roleFormat = "%-56s Expires %s\n";
  90     private final static String roleFormatNoDate = "%-61s\n";
  91     private final static String roleExpiredFormat = "%-53s !!! EXPIRED !!! %s\n";
  92     private final static String permFormat = "   %-30s %-30s %-15s\n";
  93
  94
  95     private static final Comparator<aaf.v2_0.Role> roleCompare = new Comparator<aaf.v2_0.Role>() {
  96         @Override
  97         public int compare(aaf.v2_0.Role a, aaf.v2_0.Role b) {
  98             return a.getName().compareTo(b.getName());
  99         }
 100     };
 101     public void report(Roles roles, Perms perms, UserRoles urs, String ... str) {
 102         reportHead(str);
 103         XMLGregorianCalendar now = Chrono.timeStamp().normalize();
 104         if (roles==null || roles.getRole().isEmpty()) {
 105             pw().println("<No Roles Found>");
 106         } else if (aafcli.isDetailed()){
 107             if (str[0].toLowerCase().contains(LIST_ROLES_BY_NAME)) {
 108                 String description = roles.getRole().get(0).getDescription();
 109                 if (description == null) description = "";
 110                 reportColHead("%-80s\n","Description: " + description);
 111             }
 112
 113             String fullFormat = roleFormat+permFormat;
 114             reportColHead(fullFormat,"[ROLE NS].Name","","[PERM NS].Type","Instance","Action");
 115             Collections.sort(roles.getRole(),roleCompare);
 116             for (aaf.v2_0.Role r : roles.getRole()) {
 117                 String roleName = r.getName();
 118                 String ns = r.getNs();
 119                 if (aafcli.isTest()) {
 120                     if (ns==null) {
 121                         pw().format(roleFormat, roleName,XXXX_XX_XX);
 122                     } else {
 123                         pw().format(roleFormat, "["+ns+"]"+roleName.substring(ns.length()),XXXX_XX_XX);
 124                     }
 125                 } else {
 126                     String fullname;
 127                     if(ns==null) {
 128                         fullname = roleName;
 129                     } else {
 130                         fullname = ns+'.'+roleName;
 131                     }
 132                     UserRole ur = get(fullname,urs);
 133                     if (ur!=null && now.compare(ur.getExpires().normalize())>0) {
 134                         if (ns==null) {
 135                             pw().format(roleExpiredFormat, roleName,Chrono.dateOnlyStamp(ur.getExpires()));
 136                         } else {
 137                             pw().format(roleExpiredFormat, "["+ns+"]."+roleName,Chrono.dateOnlyStamp(ur.getExpires()));
 138                         }
 139                     } else {
 140                         if (ns==null) {
 141                             pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
 142                         } else {
 143                             pw().format(roleFormat, "["+ns+"]."+roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
 144                         }
 145                     }
 146                 }
 147
 148                 for (Pkey pkey : r.getPerms()) {
 149                     Perm perm = get(pkey,perms);
 150                     if (perm==null || perm.getNs()==null) {
 151                         pw().format(permFormat,
 152                                 pkey.getType(),
 153                                 pkey.getInstance(),
 154                                 pkey.getAction());
 155                     } else {
 156                         String ns1 = perm.getNs();
 157                         pw().format(permFormat,
 158                                 '['+ns1+"]"+perm.getType().substring(ns1.length()),
 159                                 perm.getInstance(),
 160                                 perm.getAction());
 161                     }
 162                 }
 163             }
 164         } else {
 165             String fullFormat = roleFormat;
 166             reportColHead(fullFormat,"ROLE Name","","PERM Type","Instance","Action");
 167             Collections.sort(roles.getRole(),roleCompare);
 168             for (aaf.v2_0.Role r : roles.getRole()) {
 169                 if (urs != null) {
 170                     String roleName = r.getName();
 171                     if (!aafcli.isTest()) {
 172                         UserRole ur = get(roleName,urs);
 173                         if (ur!=null && now.compare(ur.getExpires().normalize())>0) {
 174                             pw().format(roleExpiredFormat, roleName+"*",Chrono.dateOnlyStamp(ur.getExpires()));
 175                         } else {
 176                             pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
 177                         }
 178                     } else {
 179                         pw().format(roleFormat, roleName,XXXX_XX_XX);
 180                     }
 181                 } else {
 182                     pw().format(roleFormatNoDate, r.getName());
 183                     for (Pkey perm : r.getPerms()) {
 184                         pw().format(permFormat,
 185                                 perm.getType(),
 186                                 perm.getInstance(),
 187                                 perm.getAction());
 188                     }
 189                 }
 190             }
 191         }
 192     }
 193     private Perm get(Pkey pkey, Perms perms) {
 194         if (perms!=null) {
 195             for (Perm p : perms.getPerm()) {
 196                 if (pkey.getAction().equals(p.getAction()) &&
 197                    pkey.getInstance().equals(p.getInstance()) &&
 198                    pkey.getType().equals(p.getType())) {
 199                     return p;
 200                 }
 201             }
 202         }
 203         return null;
 204     }
 205     // The assumption is that these UserRoles are already pulled in by User... no need to check
 206     private UserRole get(String roleName, UserRoles urs) {
 207         if (urs!=null) {
 208             for (UserRole ur : urs.getUserRole()) {
 209                 if (roleName.equals(ur.getRole())) {
 210                     return ur;
 211                 }
 212             }
 213         }
 214         return null;
 215     }
 216
 217 }