2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.cmd.role;
24 import org.onap.aaf.auth.cmd.AAFcli;
25 import org.onap.aaf.auth.cmd.Cmd;
26 import org.onap.aaf.auth.cmd.Param;
27 import org.onap.aaf.auth.rserv.HttpMethods;
28 import org.onap.aaf.cadi.CadiException;
29 import org.onap.aaf.cadi.LocatorException;
30 import org.onap.aaf.cadi.client.Future;
31 import org.onap.aaf.cadi.client.Rcli;
32 import org.onap.aaf.cadi.client.Retryable;
33 import org.onap.aaf.misc.env.APIException;
35 import aaf.v2_0.UserRoleRequest;
42 public class User extends Cmd {
43 private final static String[] options = {"add","del","setTo","extend"};
44 public User(Role parent) {
46 new Param(optionsToString(options),true),
47 new Param("role",true),
48 new Param("id[,id]* (not required for setTo)",false));
52 public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
53 return same(new Retryable<Integer>() {
55 public Integer code(Rcli<?> client) throws CadiException, APIException {
57 String action = args[idx++];
58 int option = whichOption(options, action);
59 UserRoleRequest urr = new UserRoleRequest();
60 urr.setRole(args[idx++]);
61 // Set Start/End commands
67 String[] ids = args[idx++].split(",");
68 String verb=null,participle=null;
69 // You can request to be added or removed from role.
70 setQueryParamsOn(client);
72 for (String id: ids) {
79 getDF(UserRoleRequest.class),
82 participle = "] to Role [" ;
86 "/authz/userRole/"+urr.getUser()+'/'+urr.getRole(),
89 participle = "] from Role [" ;
92 fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
94 participle = "] in Role [" ;
97 default: // actually, should never get here...
98 throw new CadiException("Invalid action [" + action + ']');
100 if (fp.get(AAFcli.timeout())) {
102 pw().print(" User [");
103 pw().print(urr.getUser());
104 pw().print(participle);
105 pw().print(urr.getRole());
110 pw().print("User Role ");
112 pw().println(" is Accepted, but requires Approvals before actualizing");
116 pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
125 String allUsers = "";
126 if (idx < args.length)
127 allUsers = args[idx++];
128 StringBuilder finalUsers = new StringBuilder();
129 for (String u : allUsers.split(",")) {
132 if (finalUsers.length() > 0) finalUsers.append(",");
133 finalUsers.append(u);
137 urr.setUser(finalUsers.toString());
139 "/authz/userRole/role",
140 getDF(UserRoleRequest.class),
142 if (fp.get(AAFcli.timeout())) {
143 pw().println("Set the Role to Users [" + allUsers + "]");
148 return fp==null?0:fp.code();
154 public void detailedHelp(int indent, StringBuilder sb) {
155 detailLine(sb,indent,"Add OR Delete a User to/from a Role OR");
156 detailLine(sb,indent,"Set a User's Roles to the roles supplied");
157 detailLine(sb,indent+2,"role - Name of Role to create");
158 detailLine(sb,indent+2,"id(s) - ID or IDs to add to the Role");
160 detailLine(sb,indent+2,"Note: this is the same as \"user role add...\" except allows");
161 detailLine(sb,indent+2,"assignment of role to multiple userss");
162 detailLine(sb,indent+2,"WARNING: Users supplied with setTo will be the ONLY users attached to this role");
163 detailLine(sb,indent+2,"If no users are supplied, the users attached to this role are reset.");
164 api(sb,indent,HttpMethods.POST,"authz/userRole",UserRoleRequest.class,true);
165 api(sb,indent,HttpMethods.DELETE,"authz/userRole/<user>/<role>",Void.class,false);
166 api(sb,indent,HttpMethods.PUT,"authz/userRole/<role>",UserRoleRequest.class,false);