auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Roles.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.service.api;
  23
  24 import static org.onap.aaf.auth.layer.Result.OK;
  25 import static org.onap.aaf.auth.rserv.HttpMethods.DELETE;
  26 import static org.onap.aaf.auth.rserv.HttpMethods.GET;
  27 import static org.onap.aaf.auth.rserv.HttpMethods.POST;
  28 import static org.onap.aaf.auth.rserv.HttpMethods.PUT;
  29
  30 import java.net.URLDecoder;
  31
  32 import javax.servlet.http.HttpServletRequest;
  33 import javax.servlet.http.HttpServletResponse;
  34
  35 import org.eclipse.jetty.http.HttpStatus;
  36 import org.onap.aaf.auth.dao.cass.Status;
  37 import org.onap.aaf.auth.env.AuthzTrans;
  38 import org.onap.aaf.auth.layer.Result;
  39 import org.onap.aaf.auth.service.AAF_Service;
  40 import org.onap.aaf.auth.service.Code;
  41 import org.onap.aaf.auth.service.facade.AuthzFacade;
  42 import org.onap.aaf.auth.service.mapper.Mapper.API;
  43 import org.onap.aaf.cadi.config.Config;
  44
  45 public class API_Roles {
  46     public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
  47         /**
  48          * puts a new role in Authz DB
  49          */
  50         authzAPI.route(POST,"/authz/role",API.ROLE_REQ, new Code(facade,"Create Role",true) {
  51                     @Override
  52                     public void handle(
  53                             AuthzTrans trans,
  54                             HttpServletRequest req,
  55                             HttpServletResponse resp) throws Exception {
  56                         Result<Void> r = context.createRole(trans, req, resp);
  57
  58                         switch(r.status) {
  59                             case OK:
  60                                 resp.setStatus(HttpStatus.CREATED_201);
  61                                 break;
  62                             case Status.ACC_Future:
  63                                 resp.setStatus(HttpStatus.ACCEPTED_202);
  64                                 break;
  65                             default:
  66                                 context.error(trans,resp,r);
  67                         }
  68                     }
  69                 }
  70             );
  71
  72         /**
  73          *  get Role by name
  74          */
  75         authzAPI.route(GET, "/authz/roles/:role", API.ROLES, new Code(facade,"GetRolesByFullName",true) {
  76             public void handle(
  77                     AuthzTrans trans,
  78                     HttpServletRequest req,
  79                     HttpServletResponse resp) throws Exception {
  80
  81                 Result<Void> r = context.getRolesByName(trans, resp, pathParam(req, "role"));
  82                 switch(r.status) {
  83                     case OK:
  84                         resp.setStatus(HttpStatus.OK_200);
  85                         break;
  86                     default:
  87                         context.error(trans,resp,r);
  88                 }
  89             }
  90
  91         });
  92
  93
  94         /**
  95          *  gets all Roles by user name
  96          */
  97         authzAPI.route(GET, "/authz/roles/user/:name", API.ROLES, new Code(facade,"GetRolesByUser",true) {
  98             public void handle(
  99                     AuthzTrans trans,
 100                     HttpServletRequest req,
 101                     HttpServletResponse resp) throws Exception {
 102
 103                 Result<Void> r = context.getRolesByUser(trans, resp, pathParam(req, "name"));
 104                 switch(r.status) {
 105                     case OK:
 106                         resp.setStatus(HttpStatus.OK_200);
 107                         break;
 108                     default:
 109                         context.error(trans,resp,r);
 110                 }
 111             }
 112
 113         });
 114
 115         /**
 116          *  gets all Roles by Namespace
 117          */
 118         authzAPI.route(GET, "/authz/roles/ns/:ns", API.ROLES, new Code(facade,"GetRolesByNS",true) {
 119             public void handle(
 120                     AuthzTrans trans,
 121                     HttpServletRequest req,
 122                     HttpServletResponse resp) throws Exception {
 123
 124                 Result<Void> r = context.getRolesByNS(trans, resp, pathParam(req, "ns"));
 125                 switch(r.status) {
 126                     case OK:
 127                         resp.setStatus(HttpStatus.OK_200);
 128                         break;
 129                     default:
 130                         context.error(trans,resp,r);
 131                 }
 132             }
 133         });
 134
 135         /**
 136          *  gets all Roles by Name without the Namespace
 137          */
 138         authzAPI.route(GET, "/authz/roles/name/:name", API.ROLES, new Code(facade,"GetRolesByNameOnly",true) {
 139             public void handle(
 140                     AuthzTrans trans,
 141                     HttpServletRequest req,
 142                     HttpServletResponse resp) throws Exception {
 143                 Result<Void> r = context.getRolesByNameOnly(trans, resp, pathParam(req, ":name"));
 144                 switch(r.status) {
 145                     case OK:
 146                         resp.setStatus(HttpStatus.OK_200);
 147                         break;
 148                     default:
 149                         context.error(trans,resp,r);
 150                 }
 151             }
 152         });
 153
 154         /**
 155          * Deletes a Role from Authz DB by Object
 156          */
 157         authzAPI.route(DELETE,"/authz/role",API.ROLE_REQ, new Code(facade,"Delete Role",true) {
 158                 @Override
 159                 public void handle(
 160                         AuthzTrans trans,
 161                         HttpServletRequest req,
 162                         HttpServletResponse resp) throws Exception {
 163                     Result<Void> r = context.deleteRole(trans, req, resp);
 164
 165                     switch(r.status) {
 166                         case OK:
 167                             resp.setStatus(HttpStatus.OK_200);
 168                             break;
 169                         default:
 170                             context.error(trans,resp,r);
 171                     }
 172                 }
 173
 174             }
 175         );
 176
 177
 178
 179         /**
 180          * Deletes a Role from Authz DB by Key
 181          */
 182         authzAPI.route(DELETE,"/authz/role/:role",API.ROLE, new Code(facade,"Delete Role",true) {
 183                 @Override
 184                 public void handle(
 185                         AuthzTrans trans,
 186                         HttpServletRequest req,
 187                         HttpServletResponse resp) throws Exception {
 188                     Result<Void> r = context.deleteRole(trans, resp, pathParam(req,":role"));
 189
 190                     switch(r.status) {
 191                         case OK:
 192                             resp.setStatus(HttpStatus.OK_200);
 193                             break;
 194                         default:
 195                             context.error(trans,resp,r);
 196                     }
 197                 }
 198
 199             }
 200         );
 201
 202
 203         /**
 204          * Add a Permission to a Role (Grant)
 205          */
 206         authzAPI.route(POST,"/authz/role/perm",API.ROLE_PERM_REQ, new Code(facade,"Add Permission to Role",true) {
 207                 @Override
 208                 public void handle(
 209                         AuthzTrans trans,
 210                         HttpServletRequest req,
 211                         HttpServletResponse resp) throws Exception {
 212
 213                     Result<Void> r = context.addPermToRole(trans, req, resp);
 214
 215                     switch(r.status) {
 216                         case OK:
 217                             resp.setStatus(HttpStatus.CREATED_201);
 218                             break;
 219                         default:
 220                             context.error(trans,resp,r);
 221                     }
 222                 }
 223             }
 224         );
 225
 226         /**
 227          * Get all Roles by Permission
 228          */
 229         authzAPI.route(GET,"/authz/roles/perm/:type/:instance/:action",API.ROLES,new Code(facade,"GetRolesByPerm",true) {
 230             public void handle(
 231                     AuthzTrans trans,
 232                     HttpServletRequest req,
 233                     HttpServletResponse resp) throws Exception {
 234
 235                 Result<Void> r = context.getRolesByPerm(trans, resp,
 236                         pathParam(req, "type"),
 237                         URLDecoder.decode(pathParam(req, "instance"),Config.UTF_8),
 238                         pathParam(req, "action"));
 239                 switch(r.status) {
 240                     case OK:
 241                         resp.setStatus(HttpStatus.OK_200);
 242                         break;
 243                     default:
 244                         context.error(trans,resp,r);
 245                 }
 246             }
 247         });
 248
 249         /**
 250          * Set a role's description
 251          */
 252         authzAPI.route(PUT,"/authz/role",API.ROLE_REQ,new Code(facade,"Set Description for role",true) {
 253             @Override
 254             public void handle(
 255                     AuthzTrans trans,
 256                     HttpServletRequest req,
 257                     HttpServletResponse resp) throws Exception {
 258
 259                 Result<Void> r = context.updateRoleDescription(trans, req, resp);
 260                 switch(r.status) {
 261                     case OK:
 262                         resp.setStatus(HttpStatus.OK_200);
 263                         break;
 264                     default:
 265                         context.error(trans,resp,r);
 266                 }
 267             }
 268         });
 269
 270         /**
 271          * Set a permission's roles to roles given
 272          */
 273         authzAPI.route(PUT,"/authz/role/perm",API.ROLE_PERM_REQ,new Code(facade,"Set a Permission's Roles",true) {
 274             @Override
 275             public void handle(
 276                     AuthzTrans trans,
 277                     HttpServletRequest req,
 278                     HttpServletResponse resp) throws Exception {
 279
 280                 Result<Void> r = context.resetPermRoles(trans, req, resp);
 281                 switch(r.status) {
 282                     case OK:
 283                         resp.setStatus(HttpStatus.OK_200);
 284                         break;
 285                     default:
 286                         context.error(trans,resp,r);
 287                 }
 288             }
 289         });
 290
 291         /**
 292          * Delete a Permission from a Role
 293          * With multiple perms
 294          */
 295         authzAPI.route(DELETE,"/authz/role/:role/perm",API.ROLE_PERM_REQ, new Code(facade,"Delete Permission from Role",true) {
 296             @Override
 297             public void handle(
 298                     AuthzTrans trans,
 299                     HttpServletRequest req,
 300                     HttpServletResponse resp) throws Exception {
 301                 Result<Void> r = context.delPermFromRole(trans, req, resp);
 302
 303                 switch(r.status) {
 304                     case OK:
 305                         resp.setStatus(HttpStatus.OK_200);
 306                         break;
 307                     default:
 308                         context.error(trans,resp,r);
 309                 }
 310             }
 311         });
 312
 313
 314         /*
 315          * Delete a Permission from a Role by key only
 316          * /
 317         authzAPI.route(DELETE,"/authz/role/:role/perm/:type/:instance/:action",API.ROLE_PERM_REQ, new Code(facade,"Delete Permission from Role",true) {
 318             @Override
 319             public void handle(
 320                     AuthzTrans trans,
 321                     HttpServletRequest req,
 322                     HttpServletResponse resp) throws Exception {
 323                 Result<Void> r = context.delPermFromRole(trans, resp,
 324                         pathParam(req,":role"),
 325                         pathParam(req,":type"),
 326                         pathParam(req,":instance"),
 327                         pathParam(req,":action"));
 328
 329                 switch(r.status) {
 330                     case OK:
 331                         resp.setStatus(HttpStatus.OK_200);
 332                         break;
 333                     default:
 334                         context.error(trans,resp,r);
 335                 }
 336             }
 337         });
 338         */
 339     }
 340 }