2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.gui.pages;
24 import java.io.IOException;
25 import java.net.ConnectException;
27 import org.onap.aaf.auth.cmd.AAFcli;
28 import org.onap.aaf.auth.env.AuthzTrans;
29 import org.onap.aaf.auth.gui.AAF_GUI;
30 import org.onap.aaf.auth.gui.BreadCrumbs;
31 import org.onap.aaf.auth.gui.NamedCode;
32 import org.onap.aaf.auth.gui.Page;
33 import org.onap.aaf.cadi.CadiException;
34 import org.onap.aaf.cadi.client.Future;
35 import org.onap.aaf.cadi.util.Holder;
36 import org.onap.aaf.cadi.client.Rcli;
37 import org.onap.aaf.cadi.client.Retryable;
38 import org.onap.aaf.cadi.util.Vars;
39 import org.onap.aaf.misc.env.APIException;
40 import org.onap.aaf.misc.env.Data.TYPE;
41 import org.onap.aaf.misc.env.Slot;
42 import org.onap.aaf.misc.env.util.IPValidator;
43 import org.onap.aaf.misc.env.util.Split;
44 import org.onap.aaf.misc.xgen.Cache;
45 import org.onap.aaf.misc.xgen.DynamicCode;
46 import org.onap.aaf.misc.xgen.Mark;
47 import org.onap.aaf.misc.xgen.html.HTMLGen;
49 import aaf.v2_0.Error;
50 import certman.v1_0.Artifacts;
51 import certman.v1_0.Artifacts.Artifact;
53 public class CMArtiChangeAction extends Page {
54 public CMArtiChangeAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
55 super(gui.env,CMArtiChangeForm.NAME,CMArtiChangeForm.HREF, CMArtiChangeForm.fields,
56 new BreadCrumbs(breadcrumbs),
57 new NamedCode(true,"content") {
58 final Slot sID = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[0]);
59 final Slot sMachine = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[1]);
60 final Slot sNS = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[2]);
61 final Slot sDirectory = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[3]);
62 final Slot sCA = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[4]);
63 final Slot sOSUser = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[5]);
64 final Slot sRenewal = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[6]);
65 final Slot sNotify = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[7]);
66 final Slot sCmd = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[8]);
67 final Slot sOther = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[9]);
68 final Slot sType = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[10]);
69 final Slot sSans = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[11]);
72 public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
73 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
75 public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
76 trans.info().log("Step 1");
77 final Artifact arti = new Artifact();
78 final String machine = trans.get(sMachine,null);
79 final String ca = trans.get(sCA, null);
80 final String sans = ((String)trans.get(sSans,null));
82 for (String s: Split.splitTrim(',', sans)) {
83 arti.getSans().add(s);
87 // These checks to not apply to deletions
88 if(!CMArtiChangeForm.DELETE.equals(trans.get(sCmd, ""))) {
89 // Disallow IP entries, except by special Permission
90 if (!trans.fish(getPerm(ca,"ip"))) {
92 if (IPValidator.ip(machine)) {
96 for (String s: arti.getSans()) {
97 if (IPValidator.ip(s)) {
104 hgen.p("Policy Failure: IPs in certificates are only allowed by Exception.");
111 arti.setMechid((String)trans.get(sID,null));
112 arti.setMachine(machine);
113 arti.setNs((String)trans.get(sNS,null));
114 arti.setDir((String)trans.get(sDirectory,null));
116 arti.setOsUser((String)trans.get(sOSUser, null));
117 arti.setRenewDays(Integer.parseInt((String)trans.get(sRenewal, null)));
118 arti.setNotification((String)trans.get(sNotify, null));
119 String[] checkbox = trans.get(sType,null);
120 for (int i=0;i<CMArtiChangeForm.types.length;++i) {
121 if ("on".equals(checkbox[i])) {
122 arti.getType().add(CMArtiChangeForm.types[i]);
127 if (arti.getMechid()==null || arti.getMechid().indexOf('@')<=0) {
128 hgen.p("Data Entry Failure: Please enter a valid ID, including domain.");
130 } else { // everything else is checked by Server
133 final Artifacts artifacts = new Artifacts();
134 artifacts.getArtifact().add(arti);
135 final Holder<Boolean> ok = new Holder<Boolean>(false);
136 final Holder<Boolean> deleted = new Holder<Boolean>(false);
137 Future<?> f = gui.cmClientAsUser(trans.getUserPrincipal(), new Retryable<Future<?>>() {
139 public Future<?> code(Rcli<?> client)throws CadiException, ConnectException, APIException {
141 switch((String)trans.get(sCmd, "")) {
142 case CMArtiChangeForm.CREATE:
143 Future<Artifacts> fc;
144 rv = fc = client.create("/cert/artifacts", gui.artifactsDF, artifacts);
145 if (fc.get(AAFcli.timeout())) {
146 hgen.p("Created Artifact " + arti.getMechid() + " on " + arti.getMachine());
150 case CMArtiChangeForm.UPDATE:
151 Future<Artifacts> fu = client.update("/cert/artifacts", gui.artifactsDF, artifacts);
153 if(rv.get(AAFcli.timeout())) {
154 hgen.p("Artifact " + arti.getMechid() + " on " + arti.getMachine() + " is updated");
158 case CMArtiChangeForm.COPY:
159 Future<Artifacts> future = client.read("/cert/artifacts/"+arti.getMechid()+'/'+arti.getMachine(), gui.artifactsDF);
161 if (future.get(AAFcli.timeout())) {
162 for (Artifact a : future.value.getArtifact()) { // only one, because these two are key
163 for (String newMachine :Split.split(',', trans.get(sOther, ""))) {
164 a.setMachine(newMachine);
165 Future<Artifacts> fup = client.update("/cert/artifacts", gui.artifactsDF, future.value);
166 if (fup.get(AAFcli.timeout())) {
167 hgen.p("Copied to " + newMachine);
174 case CMArtiChangeForm.DELETE:
176 rv = fv = client.delete("/cert/artifacts/"+arti.getMechid()+"/"+arti.getMachine(),"application/json");
177 if (fv.get(AAFcli.timeout())) {
178 hgen.p("Deleted " + arti.getMechid() + " on " + arti.getMachine());
189 hgen.p("Unknown Command");
191 if (f.code() > 201) {
192 Error err = gui.getDF(Error.class).newData().in(TYPE.JSON).load(f.body()).asObject();
193 if(f.body().contains("%") ) {
194 hgen.p(Vars.convert(err.getText(),err.getVariables()));
196 int colon = err.getText().indexOf(':');
198 hgen.p(err.getMessageId() + ": " + err.getText().substring(0, colon));
199 Mark bq = new Mark();
200 hgen.incr(bq,"blockquote");
201 for(String em : Split.splitTrim('\n', err.getText().substring(colon+1))) {
206 hgen.p(err.getMessageId() + ": " + err.getText());
210 hgen.p(arti.getMechid() + " on " + arti.getMachine() + ": " + f.body());
214 hgen.br().leaf(HTMLGen.A,"class=greenbutton","href="+(deleted.get()?CMArtifactShow.HREF:CMArtiChangeForm.HREF)+
215 "?id="+arti.getMechid()+
216 "&machine="+arti.getMachine() +
217 "&ns="+arti.getNs())
221 } catch (Exception e) {
222 hgen.p("Unknown Error");
Code Review / aaf / authz.git / blob