authz-batch/src/main/java/com/att/authz/reports/CheckUR.java

   1 /*******************************************************************************
   2  * Copyright (c) 2016 AT&T Intellectual Property. All rights reserved.
   3  *******************************************************************************/
   4 package com.att.authz.reports;
   5
   6 import java.io.IOException;
   7
   8 import com.att.authz.Batch;
   9 import com.att.authz.env.AuthzTrans;
  10 import com.att.authz.helpers.NS;
  11 import com.att.authz.helpers.NS.NSSplit;
  12 import com.att.authz.helpers.UserRole;
  13 import org.onap.aaf.inno.env.APIException;
  14 import org.onap.aaf.inno.env.Env;
  15 import org.onap.aaf.inno.env.TimeTaken;
  16
  17 public class CheckUR extends Batch{
  18
  19         public CheckUR(AuthzTrans trans) throws APIException, IOException {
  20                 super(trans.env());
  21                 TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
  22                 try {
  23                         session = cluster.connect();
  24                 } finally {
  25                         tt.done();
  26                 }
  27         NS.load(trans, session,NS.v2_0_11);
  28                 UserRole.load(trans, session,UserRole.v2_0_11);
  29         }
  30
  31         @Override
  32         protected void run(AuthzTrans trans) {
  33         trans.info().log("Get All Namespaces");
  34
  35
  36                 String query;
  37
  38         /// Evaluate
  39                 for(UserRole urKey : UserRole.data) {
  40                 NSSplit nss = NS.deriveParent(urKey.role);
  41                 if(nss==null && NS.data.size()>0 ) { // there is no Namespace for this UserRole
  42                         if(dryRun) {
  43                                         trans.warn().printf("Would delete %s %s, which has no corresponding Namespace",urKey.user,urKey.role);
  44                         } else {
  45                                 query = "DELETE FROM authz.user_role WHERE "
  46                                                         + "user='" + urKey.user
  47                                                         + "' AND role='" + urKey.role
  48                                                         + "';";
  49                                 session.execute(query);
  50                                         trans.warn().printf("Deleting %s %s, which has no corresponding Namespace",urKey.user,urKey.role);
  51                         }
  52                 } else if(urKey.ns == null || urKey.rname == null || !urKey.role.equals(urKey.ns+'.'+urKey.rname)) {
  53                         if(dryRun) {
  54                                 trans.warn().log(urKey,"needs to be split and added to Record (", urKey.ns, urKey.rname,")");
  55                         } else {
  56                         query = "UPDATE authz.user_role SET ns='" + nss.ns
  57                                                 + "', rname='" + nss.other
  58                                                 + "' WHERE "
  59                                                 + "user='" + urKey.user
  60                                                 + "' AND role='" + urKey.role
  61                                                 + "';";
  62                         session.execute(query);
  63                         trans.warn().log("Setting ns and rname",query);
  64                                 }
  65                         }
  66                 }
  67         }
  68
  69         @Override
  70         protected void _close(AuthzTrans trans) {
  71         session.close();
  72         aspr.info("End " + this.getClass().getSimpleName() + " processing" );
  73         }
  74 }