2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.gui;
24 import java.util.Enumeration;
26 import javax.servlet.http.HttpServletRequest;
27 import javax.servlet.http.HttpServletResponse;
29 import org.onap.aaf.auth.common.Define;
30 import org.onap.aaf.auth.env.AuthzTrans;
31 import org.onap.aaf.auth.rserv.HttpCode;
32 import org.onap.aaf.auth.rserv.HttpMethods;
33 import org.onap.aaf.misc.env.Slot;
35 public class Display {
36 private final Page get;
37 public Display(final AAF_GUI gui, final HttpMethods meth, final Page page) {
39 final String[] fields = page.fields();
40 final Slot slots[] = new Slot[fields.length];
41 String prefix = page.name() + '.';
42 for (int i=0;i<slots.length;++i) {
43 slots[i] = gui.env.slot(prefix + fields[i]);
47 * We handle all the "Form POST" calls here with a naming convention that allows us to create arrays from strings.
49 * On the HTTP side, elements concatenate their name with their Index number (if multiple). In this code,
50 * we turn such names into arrays with same index number. Then, we place them in the Transaction "Properties" so that
51 * it can be transferred to subclasses easily.
53 if (meth.equals(HttpMethods.POST)) {
54 // Here, we'll expect FORM URL Encoded Data, which we need to get from the body
55 gui.route(gui.env, meth, page.url(),
56 new HttpCode<AuthzTrans,AAF_GUI>(gui,page.name()) {
58 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
59 trans.put(gui.slotHttpServletRequest, req);
60 for (int i=0; i<fields.length;++i) {
61 int idx = fields[i].indexOf("[]");
62 if (idx<0) { // single value
63 trans.put(slots[i], req.getParameter(fields[i])); // assume first value
64 } else { // multi value - Expect Values to be set with Field root name "field.<int>" corresponding to an array of types
65 String field=fields[i].substring(0, idx)+'.';
66 String[] array = new String[16];
67 for (Enumeration<String> names = req.getParameterNames(); names.hasMoreElements();) {
68 String key = names.nextElement();
69 if (key.startsWith(field)) {
71 int x = Integer.parseInt(key.substring(field.length()));
72 if (x>=array.length) {
73 String[] temp = new String[x+10];
74 System.arraycopy(temp, 0, temp, 0, array.length);
77 array[x]=req.getParameter(key);
78 } catch (NumberFormatException e) {
83 trans.put(slots[i], array);
86 page.replay(context,trans,resp.getOutputStream(),"general");
88 }, "application/x-www-form-urlencoded","*/*");
91 // Transfer whether Page shouldn't be cached to local Final var.
92 final boolean noCache = page.noCache;
94 gui.route(gui.env, meth, page.url(),
95 new HttpCode<AuthzTrans,AAF_GUI>(gui,page.name()) {
97 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
98 trans.put(gui.slotHttpServletRequest, req);
99 for (int i=0; i<slots.length;++i) {
100 int idx = fields[i].indexOf("[]");
101 if (idx<0) { // single value
102 if(asUser(trans, req,fields[i])) {
103 trans.put(slots[i], req.getParameter(fields[i]));
105 } else { // multi value
106 String[] array = new String[30];
107 String field=fields[i].substring(0, idx);
109 for (Enumeration<String> mm = req.getParameterNames();mm.hasMoreElements();) {
110 String key = mm.nextElement();
111 if (key.startsWith(field)) {
113 int x = Integer.parseInt(key.substring(field.length()));
114 if (x>=array.length) {
115 String[] temp = new String[x+10];
116 System.arraycopy(temp, 0, temp, 0, array.length);
119 array[x]=req.getParameter(key);
120 } catch (NumberFormatException e) {
121 trans.debug().log(e);
125 trans.put(slots[i], array);
128 page.replay(context,trans,resp.getOutputStream(),"general");
132 * When the field is "as_user", make sure permission is granted
134 private boolean asUser(AuthzTrans trans, HttpServletRequest req, String field) {
135 if("as_user".equals(field)) {
136 return req.isUserInRole(Define.ROOT_NS()+"|access|*|*");
142 public boolean no_cache() {
145 }, "text/html","*/*");
Code Review / aaf / authz.git / blob