auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_UserRole.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.service.api;
  23
  24 import static org.onap.aaf.auth.layer.Result.OK;
  25 import static org.onap.aaf.auth.rserv.HttpMethods.DELETE;
  26 import static org.onap.aaf.auth.rserv.HttpMethods.GET;
  27 import static org.onap.aaf.auth.rserv.HttpMethods.POST;
  28 import static org.onap.aaf.auth.rserv.HttpMethods.PUT;
  29
  30 import javax.servlet.http.HttpServletRequest;
  31 import javax.servlet.http.HttpServletResponse;
  32
  33 import org.eclipse.jetty.http.HttpStatus;
  34 import org.onap.aaf.auth.env.AuthzTrans;
  35 import org.onap.aaf.auth.layer.Result;
  36 import org.onap.aaf.auth.service.AAF_Service;
  37 import org.onap.aaf.auth.service.Code;
  38 import org.onap.aaf.auth.service.facade.AuthzFacade;
  39 import org.onap.aaf.auth.service.mapper.Mapper.API;
  40
  41 /**
  42  * User Role APIs
  43  * @author Jonathan
  44  *
  45  */
  46 public class API_UserRole {
  47     /**
  48      * Normal Init level APIs
  49      *
  50      * @param authzAPI
  51      * @param facade
  52      * @throws Exception
  53      */
  54     public static void init(final AAF_Service authzAPI, AuthzFacade facade) throws Exception {
  55         /**
  56          * Request User Role Access
  57          */
  58         authzAPI.route(POST,"/authz/userRole",API.USER_ROLE_REQ,new Code(facade,"Request User Role Access", true) {
  59             @Override
  60             public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
  61                 Result<Void> r = context.requestUserRole(trans, req, resp);
  62                 switch(r.status) {
  63                     case OK:
  64                         resp.setStatus(HttpStatus.CREATED_201);
  65                         break;
  66                     default:
  67                         context.error(trans,resp,r);
  68                 }
  69             }
  70         });
  71
  72
  73         /**
  74          * Get UserRoles by Role
  75          */
  76         authzAPI.route(GET,"/authz/userRoles/role/:role",API.USER_ROLES,new Code(facade,"Get UserRoles by Role", true) {
  77             @Override
  78             public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
  79                 Result<Void> r = context.getUserRolesByRole(trans, resp, pathParam(req,":role"));
  80                 switch(r.status) {
  81                     case OK:
  82                         resp.setStatus(HttpStatus.OK_200);
  83                         break;
  84                     default:
  85                         context.error(trans,resp,r);
  86                 }
  87             }
  88         });
  89
  90         /**
  91          * Get UserRoles by User
  92          */
  93         authzAPI.route(GET,"/authz/userRoles/user/:user",API.USER_ROLES,new Code(facade,"Get UserRoles by User", true) {
  94             @Override
  95             public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
  96                 Result<Void> r = context.getUserRolesByUser(trans, resp, pathParam(req,":user"));
  97                 switch(r.status) {
  98                     case OK:
  99                         resp.setStatus(HttpStatus.OK_200);
 100                         break;
 101                     default:
 102                         context.error(trans,resp,r);
 103                 }
 104             }
 105         });
 106
 107     /* TODO
 108      * REMOVE dangerous resetUsersForRole and resetRolesForUser APIs
 109      */
 110         final Result<Object> removeAPI = Result.err(Result.ERR_NotFound,"API Removed, use /authz/userRole instead.");
 111         /**
 112          * Update roles attached to user in path
 113          */
 114         authzAPI.route(PUT,"/authz/userRole/user",API.USER_ROLE_REQ,new Code(facade,"Update Roles for a user", true) {
 115             @Override
 116             public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
 117                 context.error(trans,resp,removeAPI);
 118             }
 119         });
 120
 121
 122         /**
 123          * Update users attached to role in path
 124          */
 125         authzAPI.route(PUT,"/authz/userRole/role",API.USER_ROLE_REQ,new Code(facade,"Update Users for a role", true) {
 126             @Override
 127             public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
 128                 context.error(trans,resp,removeAPI);
 129             }
 130         });
 131
 132     /*
 133      * END REMOVE Dangerous API
 134      */
 135
 136
 137         /**
 138          * Extend Expiration Date (according to Organizational rules)
 139          */
 140         authzAPI.route(PUT, "/authz/userRole/extend/:user/:role", API.VOID, new Code(facade,"Extend Expiration", true) {
 141             @Override
 142             public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
 143                 Result<Void> r = context.extendUserRoleExpiration(trans,resp,pathParam(req,":user"),pathParam(req,":role"));
 144                 switch(r.status) {
 145                 case OK:
 146                     resp.setStatus(HttpStatus.OK_200);
 147                     break;
 148                 default:
 149                     context.error(trans,resp,r);
 150             }
 151
 152             }
 153
 154         });
 155
 156
 157         /**
 158          * Create a new ID/Credential
 159          */
 160         authzAPI.route(DELETE,"/authz/userRole/:user/:role",API.VOID,new Code(facade,"Delete User Role", true) {
 161             @Override
 162             public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
 163                 Result<Void> r = context.deleteUserRole(trans, resp, pathParam(req,":user"),pathParam(req,":role"));
 164                 switch(r.status) {
 165                     case OK:
 166                         resp.setStatus(HttpStatus.OK_200);
 167                         break;
 168                     default:
 169                         context.error(trans,resp,r);
 170                 }
 171             }
 172         });
 173
 174     }
 175 }