2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.gui;
24 import java.util.Enumeration;
26 import javax.servlet.http.HttpServletRequest;
27 import javax.servlet.http.HttpServletResponse;
29 import org.onap.aaf.auth.common.Define;
30 import org.onap.aaf.auth.env.AuthzTrans;
31 import org.onap.aaf.auth.rserv.HttpCode;
32 import org.onap.aaf.auth.rserv.HttpMethods;
33 import org.onap.aaf.misc.env.Slot;
34 import org.onap.aaf.misc.xgen.html.HTMLGen;
36 public class Display {
37 private final Page get;
38 public Display(final AAF_GUI gui, final HttpMethods meth, final Page page) {
40 final String[] fields = page.fields();
41 final Slot slots[] = new Slot[fields.length];
42 String prefix = page.name() + '.';
43 for (int i=0;i<slots.length;++i) {
44 slots[i] = gui.env.slot(prefix + fields[i]);
48 * We handle all the "Form POST" calls here with a naming convention that allows us to create arrays from strings.
50 * On the HTTP side, elements concatenate their name with their Index number (if multiple). In this code,
51 * we turn such names into arrays with same index number. Then, we place them in the Transaction "Properties" so that
52 * it can be transferred to subclasses easily.
54 if (meth.equals(HttpMethods.POST)) {
55 // Here, we'll expect FORM URL Encoded Data, which we need to get from the body
56 gui.route(gui.env, meth, page.url(),
57 new HttpCode<AuthzTrans,AAF_GUI>(gui,page.name()) {
59 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
60 trans.put(gui.slot_httpServletRequest, req);
61 for (int i=0; i<fields.length;++i) {
62 int idx = fields[i].indexOf("[]");
63 if (idx<0) { // single value
64 trans.put(slots[i], req.getParameter(fields[i])); // assume first value
65 } else { // multi value - Expect Values to be set with Field root name "field.<int>" corresponding to an array of types
66 String field=fields[i].substring(0, idx)+'.';
67 String[] array = new String[16];
68 for (Enumeration<String> names = req.getParameterNames(); names.hasMoreElements();) {
69 String key = names.nextElement();
70 if (key.startsWith(field)) {
72 int x = Integer.parseInt(key.substring(field.length()));
73 if (x>=array.length) {
74 String[] temp = new String[x+10];
75 System.arraycopy(temp, 0, temp, 0, array.length);
78 array[x]=req.getParameter(key);
79 } catch (NumberFormatException e) {
84 trans.put(slots[i], array);
87 page.replay(context,trans,resp.getOutputStream(),"general");
89 }, "application/x-www-form-urlencoded","*/*");
92 // Transfer whether Page shouldn't be cached to local Final var.
93 final boolean no_cache = page.no_cache;
95 gui.route(gui.env, meth, page.url(),
96 new HttpCode<AuthzTrans,AAF_GUI>(gui,page.name()) {
98 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
99 trans.put(gui.slot_httpServletRequest, req);
100 for (int i=0; i<slots.length;++i) {
101 int idx = fields[i].indexOf("[]");
102 if (idx<0) { // single value
103 if(asUser(trans, req,fields[i])) {
104 trans.put(slots[i], req.getParameter(fields[i]));
106 } else { // multi value
107 String[] array = new String[30];
108 String field=fields[i].substring(0, idx);
110 for (Enumeration<String> mm = req.getParameterNames();mm.hasMoreElements();) {
111 String key = mm.nextElement();
112 if (key.startsWith(field)) {
114 int x = Integer.parseInt(key.substring(field.length()));
115 if (x>=array.length) {
116 String[] temp = new String[x+10];
117 System.arraycopy(temp, 0, temp, 0, array.length);
120 array[x]=req.getParameter(key);
121 } catch (NumberFormatException e) {
122 trans.debug().log(e);
126 trans.put(slots[i], array);
129 page.replay(context,trans,resp.getOutputStream(),"general");
133 * When the field is "as_user", make sure permission is granted
135 private boolean asUser(AuthzTrans trans, HttpServletRequest req, String field) {
136 if("as_user".equals(field)) {
137 return req.isUserInRole(Define.ROOT_NS()+"|access|*|*");
143 public boolean no_cache() {
146 }, "text/html","*/*");
Code Review / aaf / authz.git / blob