2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.gui;
24 import static org.onap.aaf.misc.xgen.html.HTMLGen.A;
25 import static org.onap.aaf.misc.xgen.html.HTMLGen.H1;
26 import static org.onap.aaf.misc.xgen.html.HTMLGen.LI;
27 import static org.onap.aaf.misc.xgen.html.HTMLGen.TITLE;
28 import static org.onap.aaf.misc.xgen.html.HTMLGen.UL;
31 import java.io.FileInputStream;
32 import java.io.IOException;
33 import java.util.ArrayList;
34 import java.util.HashMap;
35 import java.util.List;
37 import java.util.Properties;
38 import java.util.TreeMap;
40 import javax.servlet.http.Cookie;
41 import javax.servlet.http.HttpServletRequest;
43 import org.onap.aaf.auth.common.Define;
44 import org.onap.aaf.auth.env.AuthzEnv;
45 import org.onap.aaf.auth.env.AuthzTrans;
46 import org.onap.aaf.auth.gui.pages.Home;
47 import org.onap.aaf.cadi.Permission;
48 import org.onap.aaf.cadi.aaf.AAFPermission;
49 import org.onap.aaf.cadi.config.Config;
50 import org.onap.aaf.cadi.principal.TaggedPrincipal;
51 import org.onap.aaf.misc.env.APIException;
52 import org.onap.aaf.misc.env.Env;
53 import org.onap.aaf.misc.env.Slot;
54 import org.onap.aaf.misc.env.StaticSlot;
55 import org.onap.aaf.misc.env.util.Split;
56 import org.onap.aaf.misc.xgen.Cache;
57 import org.onap.aaf.misc.xgen.CacheGen;
58 import org.onap.aaf.misc.xgen.Code;
59 import org.onap.aaf.misc.xgen.DynamicCode;
60 import org.onap.aaf.misc.xgen.Mark;
61 import org.onap.aaf.misc.xgen.html.HTMLCacheGen;
62 import org.onap.aaf.misc.xgen.html.HTMLGen;
63 import org.onap.aaf.misc.xgen.html.Imports;
66 * A Base "Mobile First" Page
71 public class Page extends HTMLCacheGen {
72 public static final String AAF_THEME = "aaf_theme";
73 public static final String AAFURL_TOOLS = "aaf_url.tools";
74 public static final String AAF_URL_TOOL_DOT = "aaf_url.tool.";
75 public static final String AAF_URL_CUIGUI = "aaf_url.cuigui"; // link to help
76 public static final String AAF_URL_GUI_ONBOARD = "aaf_url.gui_onboard";
77 public static final String AAF_URL_AAF_HELP = "aaf_url.aaf_help";
78 public static final String AAF_URL_CADI_HELP = "aaf_url.cadi_help";
79 public static final String PERM_CA_TYPE = "certman";
80 public static final String PERM_NS = Define.ROOT_NS();
82 public static enum BROWSER {iPhone,html5,ie,ieOld};
84 public static final int MAX_LINE = 20;
85 protected static final String[] NO_FIELDS = new String[0];
86 private static final String BROWSER_TYPE = "BROWSER_TYPE";
88 private final String bcName, bcUrl;
89 private final String[] fields;
91 public final boolean no_cache;
93 // Note: Only access is synchronized in "getPerm"
94 private final static Map<String,Map<String,Permission>> perms = new HashMap<>();
97 * Relative path, Menu Name, Full Path
99 protected static final String[][] MENU_ITEMS = new String[][] {
100 {"myperms","My Permissions","/gui/myperms"},
101 {"myroles","My Roles","/gui/myroles"},
102 {"ns","My Namespaces","/gui/ns"},
103 {"approve","My Approvals","/gui/approve"},
104 {"myrequests","My Pending Requests","/gui/myrequests"},
106 // {"onboard","Onboarding"},
107 {"passwd","Password Management","/gui/passwd"},
108 {"cui","Command Prompt","/gui/cui"},
109 {"api","AAF API","/gui/api"},
110 {"clear","Clear Preferences","/gui/clear"}
113 public String name() {
117 public String url() {
121 public String[] fields() {
125 public Page(AuthzEnv env, String name, String url, Enum<?>[] en, final NamedCode ...content) throws APIException, IOException {
126 super(CacheGen.PRETTY, new PageCode(env, 1, content));
127 fields = new String[en.length];
129 for (Enum<?> p : en) {
130 fields[++i]=p.name();
135 // Mark which fields must be "no_cache"
136 boolean no_cacheTemp=false;
137 for (NamedCode nc : content) {
143 no_cache=no_cacheTemp;
145 public Page(AuthzEnv env, String name, String url, String [] fields, final NamedCode ... content) throws APIException,IOException {
146 this(env,name,url,1,fields,content);
149 public Page(AuthzEnv env, String name, String url, int backdots, String [] fields, final NamedCode ... content) throws APIException,IOException {
150 super(CacheGen.PRETTY, new PageCode(env, backdots, content));
152 this.fields = new String[0];
154 this.fields = fields;
158 // Mark which fields must be "no_cache"
159 boolean no_cacheTemp=false;
160 for (NamedCode nc : content) {
166 no_cache=no_cacheTemp;
170 private static class PageCode implements Code<HTMLGen> {
171 private static final String AAF_GUI_THEME = "aaf.gui.theme";
172 private static final String AAF_GUI_TITLE = "aaf_gui_title";
174 private final ContentCode[] content;
175 private final Slot browserSlot;
176 private final int backdots;
177 protected AuthzEnv env;
178 private StaticSlot sTheme;
179 private static Map<String,List<String>> themes;
180 private static Map<String,Properties> themeProps;
182 public PageCode(AuthzEnv env, int backdots, final ContentCode[] content) {
183 this.content = content;
184 this.backdots = backdots;
185 browserSlot = env.slot(BROWSER_TYPE);
186 sTheme = env.staticSlot(AAF_GUI.AAF_GUI_THEME);
188 getThemeFiles(env,""); //
191 private static synchronized List<String> getThemeFiles(Env env, String theme) {
193 themes = new TreeMap<>();
194 File themeD = new File("theme");
195 if(themeD.exists() && themeD.isDirectory()) {
196 for (File t : themeD.listFiles()) {
197 if(t.isDirectory()) {
198 List<String> la = new ArrayList<>();
199 for(File f : t.listFiles()) {
201 if(f.getName().endsWith(".props")) {
203 if(themeProps == null) {
204 themeProps = new TreeMap<>();
207 props = themeProps.get(t.getName());
210 props = new Properties();
211 themeProps.put(t.getName(), props);
215 FileInputStream fis = new FileInputStream(f);
221 } catch (IOException e) {
229 themes.put(t.getName(),la);
234 return themes.get(theme);
237 protected Imports getImports(Env env, String theme, int backdots, BROWSER browser) {
238 List<String> ls = getThemeFiles(env,theme);
239 Imports imp = new Imports(backdots);
240 String prefix = "theme/" + theme + '/';
242 if(f.endsWith(".js")) {
244 } else if(f.endsWith(".css")) {
245 if(f.endsWith("iPhone.css")) {
246 if(BROWSER.iPhone.equals(browser)) {
249 } else if (f.endsWith("Desktop.css")){
250 if(!BROWSER.iPhone.equals(browser)) {
253 // Make Console specific to Console page
254 } else if (!"console.js".equals(f)) {
263 public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
264 // Note: I found that App Storage saves everything about the page, or not. Thus, if you declare the page uncacheable, none of the
265 // Artifacts, like JPGs are stored, which makes this feature useless for Server driven elements
266 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
268 public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
269 switch(browser(trans,browserSlot)) {
272 hgen.directive("!DOCTYPE html");
273 hgen.directive("meta", "http-equiv=X-UA-Compatible","content=IE=11");
279 final String title = env.getProperty(AAF_GUI_TITLE,"Authentication/Authorization Framework");
280 final String defaultTheme = env.get(sTheme,"onap");
282 Mark head = hgen.head();
283 hgen.leaf(TITLE).text(title).end();
284 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
286 public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
287 BROWSER browser = browser(trans,browserSlot);
289 Cookie[] cookies = trans.hreq().getCookies();
291 for(Cookie c : cookies) {
292 if(AAF_GUI_THEME.equals(c.getName())) {
294 if(!(themes.containsKey(theme))) {
295 theme = defaultTheme;
303 for(String t : themes.keySet()) {
304 if(!t.equals(defaultTheme) && trans.fish(new AAFPermission(null,trans.user()+":id", AAF_GUI_THEME, t))) {
310 theme = defaultTheme;
312 List<String> ls = getThemeFiles(trans, theme);
314 throw new APIException("Theme " + theme + " does not exist.");
316 Cookie cookie = new Cookie(AAF_GUI_THEME,theme);
317 cookie.setMaxAge(604_800); // one week
318 trans.hresp().addCookie(cookie);
320 trans.setProperty(Page.AAF_THEME, theme);
322 hgen.imports(getImports(env,theme,backdots,browser));
326 hgen.js().text("document.createElement('header');")
327 .text("document.createElement('nav');")
337 Mark body = hgen.body();
338 Mark header = hgen.header();
339 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
341 public void code(AAF_GUI state, AuthzTrans trans,Cache<HTMLGen> cache, HTMLGen xgen)
342 throws APIException, IOException {
343 // Obtain Server Info, and print
345 String env = trans.getProperty(Config.AAF_ENV,"N/A");
346 xgen.leaf(H1).text(title + " on " + env).end();
347 xgen.leaf("p","id=version").text("AAF Version: " + state.deployedVersion).end();
349 // Obtain User Info, and print
350 TaggedPrincipal p = trans.getUserPrincipal();
353 user = "please choose a Login Authority";
354 secured = "NOT Secure!";
356 user = p.personalName();
359 xgen.leaf("p","id=welcome").text("Welcome, ")
363 .text("</sup>").end();
365 switch(browser(trans,browserSlot)) {
368 xgen.incr("h5").text("This app is Mobile First HTML5. Internet Explorer "
369 + " does not support all HTML5 standards. Old, non TSS-Standard versions may not function correctly.").br()
370 .text(" For best results, use a highly compliant HTML5 browser like Firefox.")
382 // If BreadCrumbs, put here
383 if (content.length>0 && content[0] instanceof BreadCrumbs) {
385 Mark ctnt = hgen.divID(nc.idattrs());
386 nc.code(cache, hgen);
395 hgen.divID("pageContent");
396 Mark inner = hgen.divID("inner");
398 for (int i=cIdx;i<content.length;++i) {
400 Mark ctnt = hgen.divID(nc.idattrs());
401 nc.code(cache, hgen);
408 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
410 public void code(AAF_GUI state, AuthzTrans trans,Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
411 String theme = trans.getProperty(Page.AAF_THEME);
416 props = themeProps==null?null:themeProps.get(theme);
419 if(props!=null && "TRUE".equalsIgnoreCase(props.getProperty("enable_nav_btn"))) {
420 xgen.leaf("button", "id=navBtn").end();
424 // Adding "nav Hamburger button"
425 // Navigation - Using older Nav to work with decrepit IE versions
426 Mark nav = hgen.divID("nav");
427 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
429 public void code(AAF_GUI state, AuthzTrans trans,Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
430 String theme = trans.getProperty(Page.AAF_THEME);
435 props = themeProps==null?null:themeProps.get(theme);
439 if("TRUE".equalsIgnoreCase(props.getProperty("main_menu_in_nav"))) {
440 xgen.incr("h2").text("Navigation").end();
441 Mark mark = new Mark();
442 boolean selected = isSelected(trans.path(),Home.HREF);
443 //trans.path().endsWith("home");
444 xgen.incr(mark,HTMLGen.UL)
445 .incr(HTMLGen.LI,selected?"class=selected":"")
446 .incr(HTMLGen.A, "href=home")
449 boolean noSelection = !selected;
450 for(String[] mi : MENU_ITEMS) {
451 //selected = trans.path().endsWith(mi[0]);
453 selected = isSelected(trans.path(),mi[2]);
454 noSelection = !selected;
458 xgen.incr(HTMLGen.LI,selected?"class=selected":"")
459 .incr(HTMLGen.A, "href="+mi[2])
468 private boolean isSelected(String path, String item) {
469 if(item.equals(path)) {
472 for(ContentCode c : content) {
473 if(c instanceof BreadCrumbs) {
474 Page[] bc = ((BreadCrumbs)c).breadcrumbs;
476 for(int i = bc.length-1;i>0;--i) {
477 if(bc[i].url().equals(item)) {
489 hgen.incr("h2").text("Related Links").end();
491 String aaf_help = env.getProperty(AAF_URL_AAF_HELP,null);
492 if (aaf_help!=null) {
493 hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_AAF_HELP),"target=_blank").text("AAF WIKI").end(2);
494 String sub = env.getProperty(AAF_URL_AAF_HELP+".sub");
496 hgen.incr(UL,"style=margin-left:5%");
497 for (String s : Split.splitTrim(',', sub)) {
498 hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_AAF_HELP+".sub."+s),"target=_blank").text(s.replace('+', ' ')).end(2);
503 aaf_help = env.getProperty(AAF_URL_CADI_HELP,null);
504 if (aaf_help!=null) {
505 hgen.leaf(LI).leaf(A,"href="+aaf_help,"target=_blank").text("CADI WIKI").end(2);
507 String tools = env.getProperty(AAFURL_TOOLS);
510 .incr(HTMLGen.UL,"style=margin-left:5%")
511 .leaf(HTMLGen.H3).text("Related Tools").end();
513 for (String tool : Split.splitTrim(',',tools)) {
514 hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_TOOL_DOT+tool),"target=_blank").text(tool.replace('+', ' ')).end(2);
523 // Footer - Using older Footer to work with decrepit IE versions
524 Mark footer = hgen.divID("footer");
525 hgen.textCR(1, env.getProperty(AAF_GUI.AAF_GUI_COPYRIGHT))
533 public static String getBrowserType() {
540 * Use int found in "ieVersion"
543 * Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322;
544 * .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
546 * Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2;
547 * .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; ATT)
549 * IE 11 Compatibility
550 * Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; SLCC2; .NET CLR 2.0.50727;
551 * .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; .NET4.0C; .NET4.0E; InfoPath.3; HVD; ATT)
553 * IE 11 (not Compatiblity)
554 * Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727;
555 * .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; .NET4.0C; .NET4.0E; InfoPath.3; HVD; ATT)
560 public static BROWSER browser(AuthzTrans trans, Slot slot) {
561 BROWSER br = trans.get(slot, null);
563 String agent = trans.agent();
565 if (agent.contains("iPhone") /* other phones? */) {
567 } else if ((msie = agent.indexOf("MSIE"))>=0) {
569 int end = agent.indexOf(";",msie);
572 ver = Float.valueOf(agent.substring(msie,end));
573 br = ver<8f?BROWSER.ieOld:BROWSER.ie;
574 } catch (Exception e) {
586 * Get, rather than create each time, permissions for validations
588 protected static synchronized Permission getPerm(String instance, String action) {
589 Map<String,Permission> msp = perms.get(instance);
592 msp = new HashMap<>();
593 perms.put(instance, msp);
596 p = msp.get(instance);
599 p=new AAFPermission(PERM_NS, PERM_CA_TYPE,instance,action);
605 protected static String getSingleParam(HttpServletRequest req, String tag) {
606 String values[] = req.getParameterValues(tag);
607 return values.length<1?null:values[0];
Code Review / aaf / authz.git / blob