auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.cmd.user;
  23
  24 import org.onap.aaf.auth.cmd.AAFcli;
  25 import org.onap.aaf.auth.cmd.Cmd;
  26 import org.onap.aaf.auth.cmd.Param;
  27 import org.onap.aaf.auth.rserv.HttpMethods;
  28 import org.onap.aaf.cadi.CadiException;
  29 import org.onap.aaf.cadi.LocatorException;
  30 import org.onap.aaf.cadi.client.Future;
  31 import org.onap.aaf.cadi.client.Rcli;
  32 import org.onap.aaf.cadi.client.Retryable;
  33 import org.onap.aaf.misc.env.APIException;
  34
  35 import aaf.v2_0.UserRoleRequest;
  36
  37 /**
  38  * p
  39  *
  40  * @author Jonathan
  41  *
  42  */
  43 public class Role extends Cmd {
  44         private static final String[] options = {"add", "del", "setTo","extend"};
  45         public Role(User parent) {
  46                 super(parent, "role", new Param(optionsToString(options), true), new Param("user", true), new Param(
  47                                 "role[,role]* (!REQ S)", false));
  48         }
  49
  50         @Override
  51         public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
  52                 return same(new Retryable<Integer>() {
  53                         @Override
  54                         public Integer code(Rcli<?> client) throws CadiException, APIException {
  55                                 int idx = index;
  56                                 String key = args[idx++];
  57                                 int option = whichOption(options, key);
  58                                 final String user = fullID(args[idx++]);
  59
  60                                 UserRoleRequest urr = new UserRoleRequest();
  61                                 urr.setUser(user);
  62                                 // Set Start/End commands
  63                                 setStartEnd(urr);
  64
  65                                 Future<?> fp = null;
  66
  67                                 if (option != 2) {
  68                                         if (args.length < 5) {
  69                                                 throw new CadiException(build(new StringBuilder("Too few args: "), null).toString());
  70                                         }
  71                                         String[] roles = args[idx++].split(",");
  72                                         for (String role : roles) {
  73                                                 String verb = null,participle=null;
  74                                                 urr.setRole(role);
  75                                                 // You can request to be added or removed from role.
  76                                                 setQueryParamsOn(client);
  77                                                 switch(option) {
  78                                                   case 0:
  79                                                         fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr);
  80                                                         verb = "Added";
  81                                                         participle = "] to User [" ;
  82                                                         break;
  83                                                   case 1:
  84                                                         fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class);
  85                                                         verb = "Removed";
  86                                                         participle = "] from User [" ;
  87                                                         break;
  88                                                   case 3:
  89                                                         fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
  90                                                         verb = "Extended";
  91                                                         participle = "] to User [" ;
  92                                                         break;
  93                                                   default:
  94                                                         throw new CadiException("Invalid action [" + key + ']');
  95                                                 }
  96                                                 if (fp.get(AAFcli.timeout())) {
  97                                                         pw().print(verb);
  98                                                         pw().print(" Role [");
  99                                                         pw().print(urr.getRole());
 100                                                         pw().print(participle);
 101                                                         pw().print(urr.getUser());
 102                                                         pw().println(']');
 103                                                 } else {
 104                                                         switch(fp.code()) {
 105                                                         case 202:
 106                                                                 pw().print("UserRole ");
 107                                                                 pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension");
 108                                                                 pw().println(" Accepted, but requires Approvals before actualizing");
 109                                                                 break;
 110                                                         case 404:
 111                                                                 if(option==3) {
 112                                                                         pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
 113                                                                         break;
 114                                                                 }
 115                                                         default:
 116                                                                 error(fp);
 117                                                         }
 118                                                 }
 119                                         }
 120                                 } else {
 121                                         // option 2 is setTo command (an update call)
 122                                         String allRoles = "";
 123                                         if (idx < args.length)
 124                                                 allRoles = args[idx++];
 125
 126                                         urr.setRole(allRoles);
 127                                         fp = client.update("/authz/userRole/user", getDF(UserRoleRequest.class), urr);
 128                                         if (fp.get(AAFcli.timeout())) {
 129                                                 pw().println("Set User's Roles to [" + allRoles + "]");
 130                                         } else {
 131                                                 error(fp);
 132                                         }
 133                                 }
 134                                 return fp == null ? 0 : fp.code();
 135                         }
 136                 });
 137         }
 138
 139         @Override
 140         public void detailedHelp(int indent, StringBuilder sb) {
 141                 detailLine(sb, indent, "Add OR Delete a User to/from a Role OR");
 142                 detailLine(sb, indent, "Set a User's Roles to the roles supplied");
 143                 detailLine(sb, indent + 2, "user    - ID of User");
 144                 detailLine(sb, indent + 2, "role(s) - Role or Roles to which to add the User");
 145                 sb.append('\n');
 146                 detailLine(sb, indent + 2, "Note: this is the same as \"role user add...\" except allows");
 147                 detailLine(sb, indent + 2, "assignment of user to multiple roles");
 148                 detailLine(sb, indent + 2, "WARNING: Roles supplied with setTo will be the ONLY roles attached to this user");
 149                 detailLine(sb, indent + 2, "If no roles are supplied, user's roles are reset.");
 150                 api(sb, indent, HttpMethods.POST, "authz/userRole", UserRoleRequest.class, true);
 151                 api(sb, indent, HttpMethods.DELETE, "authz/userRole/<user>/<role>", Void.class, false);
 152                 api(sb, indent, HttpMethods.PUT, "authz/userRole/<user>", UserRoleRequest.class, false);
 153         }
 154
 155 }