2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.service.api;
24 import static org.onap.aaf.auth.layer.Result.OK;
25 import static org.onap.aaf.auth.rserv.HttpMethods.DELETE;
26 import static org.onap.aaf.auth.rserv.HttpMethods.GET;
27 import static org.onap.aaf.auth.rserv.HttpMethods.POST;
28 import static org.onap.aaf.auth.rserv.HttpMethods.PUT;
30 import java.net.URLDecoder;
32 import javax.servlet.http.HttpServletRequest;
33 import javax.servlet.http.HttpServletResponse;
35 import org.eclipse.jetty.http.HttpStatus;
36 import org.onap.aaf.auth.dao.cass.Status;
37 import org.onap.aaf.auth.env.AuthzTrans;
38 import org.onap.aaf.auth.layer.Result;
39 import org.onap.aaf.auth.service.AAF_Service;
40 import org.onap.aaf.auth.service.Code;
41 import org.onap.aaf.auth.service.facade.AuthzFacade;
42 import org.onap.aaf.auth.service.mapper.Mapper.API;
43 import org.onap.aaf.cadi.config.Config;
45 public class API_Roles {
46 public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
48 * puts a new role in Authz DB
50 authzAPI.route(POST,"/authz/role",API.ROLE_REQ, new Code(facade,"Create Role",true) {
54 HttpServletRequest req,
55 HttpServletResponse resp) throws Exception {
56 Result<Void> r = context.createRole(trans, req, resp);
60 resp.setStatus(HttpStatus.CREATED_201);
62 case Status.ACC_Future:
63 resp.setStatus(HttpStatus.ACCEPTED_202);
66 context.error(trans,resp,r);
75 authzAPI.route(GET, "/authz/roles/:role", API.ROLES, new Code(facade,"GetRolesByFullName",true) {
78 HttpServletRequest req,
79 HttpServletResponse resp) throws Exception {
81 Result<Void> r = context.getRolesByName(trans, resp, pathParam(req, "role"));
84 resp.setStatus(HttpStatus.OK_200);
87 context.error(trans,resp,r);
95 * gets all Roles by user name
97 authzAPI.route(GET, "/authz/roles/user/:name", API.ROLES, new Code(facade,"GetRolesByUser",true) {
100 HttpServletRequest req,
101 HttpServletResponse resp) throws Exception {
103 Result<Void> r = context.getRolesByUser(trans, resp, pathParam(req, "name"));
106 resp.setStatus(HttpStatus.OK_200);
109 context.error(trans,resp,r);
116 * gets all Roles by Namespace
118 authzAPI.route(GET, "/authz/roles/ns/:ns", API.ROLES, new Code(facade,"GetRolesByNS",true) {
121 HttpServletRequest req,
122 HttpServletResponse resp) throws Exception {
124 Result<Void> r = context.getRolesByNS(trans, resp, pathParam(req, "ns"));
127 resp.setStatus(HttpStatus.OK_200);
130 context.error(trans,resp,r);
136 * gets all Roles by Name without the Namespace
138 authzAPI.route(GET, "/authz/roles/name/:name", API.ROLES, new Code(facade,"GetRolesByNameOnly",true) {
141 HttpServletRequest req,
142 HttpServletResponse resp) throws Exception {
143 Result<Void> r = context.getRolesByNameOnly(trans, resp, pathParam(req, ":name"));
146 resp.setStatus(HttpStatus.OK_200);
149 context.error(trans,resp,r);
155 * Deletes a Role from Authz DB by Object
157 authzAPI.route(DELETE,"/authz/role",API.ROLE_REQ, new Code(facade,"Delete Role",true) {
161 HttpServletRequest req,
162 HttpServletResponse resp) throws Exception {
163 Result<Void> r = context.deleteRole(trans, req, resp);
167 resp.setStatus(HttpStatus.OK_200);
170 context.error(trans,resp,r);
180 * Deletes a Role from Authz DB by Key
182 authzAPI.route(DELETE,"/authz/role/:role",API.ROLE, new Code(facade,"Delete Role",true) {
186 HttpServletRequest req,
187 HttpServletResponse resp) throws Exception {
188 Result<Void> r = context.deleteRole(trans, resp, pathParam(req,":role"));
192 resp.setStatus(HttpStatus.OK_200);
195 context.error(trans,resp,r);
204 * Add a Permission to a Role (Grant)
206 authzAPI.route(POST,"/authz/role/perm",API.ROLE_PERM_REQ, new Code(facade,"Add Permission to Role",true) {
210 HttpServletRequest req,
211 HttpServletResponse resp) throws Exception {
213 Result<Void> r = context.addPermToRole(trans, req, resp);
217 resp.setStatus(HttpStatus.CREATED_201);
220 context.error(trans,resp,r);
227 * Get all Roles by Permission
229 authzAPI.route(GET,"/authz/roles/perm/:type/:instance/:action",API.ROLES,new Code(facade,"GetRolesByPerm",true) {
232 HttpServletRequest req,
233 HttpServletResponse resp) throws Exception {
235 Result<Void> r = context.getRolesByPerm(trans, resp,
236 pathParam(req, "type"),
237 URLDecoder.decode(pathParam(req, "instance"),Config.UTF_8),
238 pathParam(req, "action"));
241 resp.setStatus(HttpStatus.OK_200);
244 context.error(trans,resp,r);
250 * Set a role's description
252 authzAPI.route(PUT,"/authz/role",API.ROLE_REQ,new Code(facade,"Set Description for role",true) {
256 HttpServletRequest req,
257 HttpServletResponse resp) throws Exception {
259 Result<Void> r = context.updateRoleDescription(trans, req, resp);
262 resp.setStatus(HttpStatus.OK_200);
265 context.error(trans,resp,r);
271 * Set a permission's roles to roles given
273 authzAPI.route(PUT,"/authz/role/perm",API.ROLE_PERM_REQ,new Code(facade,"Set a Permission's Roles",true) {
277 HttpServletRequest req,
278 HttpServletResponse resp) throws Exception {
280 Result<Void> r = context.resetPermRoles(trans, req, resp);
283 resp.setStatus(HttpStatus.OK_200);
286 context.error(trans,resp,r);
292 * Delete a Permission from a Role
293 * With multiple perms
295 authzAPI.route(DELETE,"/authz/role/:role/perm",API.ROLE_PERM_REQ, new Code(facade,"Delete Permission from Role",true) {
299 HttpServletRequest req,
300 HttpServletResponse resp) throws Exception {
301 Result<Void> r = context.delPermFromRole(trans, req, resp);
305 resp.setStatus(HttpStatus.OK_200);
308 context.error(trans,resp,r);
315 * Delete a Permission from a Role by key only
317 authzAPI.route(DELETE,"/authz/role/:role/perm/:type/:instance/:action",API.ROLE_PERM_REQ, new Code(facade,"Delete Permission from Role",true) {
321 HttpServletRequest req,
322 HttpServletResponse resp) throws Exception {
323 Result<Void> r = context.delPermFromRole(trans, resp,
324 pathParam(req,":role"),
325 pathParam(req,":type"),
326 pathParam(req,":instance"),
327 pathParam(req,":action"));
331 resp.setStatus(HttpStatus.OK_200);
334 context.error(trans,resp,r);