1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * Copyright © 2017 Amdocs
\r
7 * * ===========================================================================
\r
8 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
9 * * you may not use this file except in compliance with the License.
\r
10 * * You may obtain a copy of the License at
\r
12 * * http://www.apache.org/licenses/LICENSE-2.0
\r
14 * * Unless required by applicable law or agreed to in writing, software
\r
15 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
16 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
17 * * See the License for the specific language governing permissions and
\r
18 * * limitations under the License.
\r
19 * * ============LICENSE_END====================================================
\r
21 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
23 ******************************************************************************/
\r
24 package com.att.cmd.role;
\r
26 import com.att.cadi.CadiException;
\r
27 import com.att.cadi.LocatorException;
\r
28 import com.att.cadi.client.Future;
\r
29 import com.att.cadi.client.Rcli;
\r
30 import com.att.cadi.client.Retryable;
\r
31 import com.att.cmd.AAFcli;
\r
32 import com.att.cmd.Cmd;
\r
33 import com.att.cmd.Param;
\r
34 import com.att.cssa.rserv.HttpMethods;
\r
35 import com.att.inno.env.APIException;
\r
37 import aaf.v2_0.UserRoleRequest;
\r
43 public class User extends Cmd {
\r
44 private final static String[] options = {"add","del","setTo","extend"};
\r
45 public User(Role parent) {
\r
46 super(parent,"user",
\r
47 new Param(optionsToString(options),true),
\r
48 new Param("role",true),
\r
49 new Param("id[,id]* (not required for setTo)",false));
\r
53 public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
\r
54 return same(new Retryable<Integer>() {
\r
56 public Integer code(Rcli<?> client) throws CadiException, APIException {
\r
58 String realm = getOrgRealm();
\r
59 String action = args[idx++];
\r
60 int option = whichOption(options, action);
\r
61 UserRoleRequest urr = new UserRoleRequest();
\r
62 urr.setRole(args[idx++]);
\r
63 // Set Start/End commands
\r
66 Future<?> fp = null;
\r
69 String[] ids = args[idx++].split(",");
\r
70 String verb=null,participle=null;
\r
71 // You can request to be added or removed from role.
\r
72 setQueryParamsOn(client);
\r
74 for(String id: ids) {
\r
75 if (id.indexOf('@') < 0 && realm != null) id += '@' + realm;
\r
81 getDF(UserRoleRequest.class),
\r
84 participle = "] to Role [" ;
\r
88 "/authz/userRole/"+urr.getUser()+'/'+urr.getRole(),
\r
91 participle = "] from Role [" ;
\r
94 fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
\r
96 participle = "] in Role [" ;
\r
99 default: // actually, should never get here...
\r
100 throw new CadiException("Invalid action [" + action + ']');
\r
102 if(fp.get(AAFcli.timeout())) {
\r
104 pw().print(" User [");
\r
105 pw().print(urr.getUser());
\r
106 pw().print(participle);
\r
107 pw().print(urr.getRole());
\r
110 switch(fp.code()) {
\r
112 pw().print("User Role ");
\r
113 pw().print(action);
\r
114 pw().println(" is Accepted, but requires Approvals before actualizing");
\r
118 pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
\r
127 String allUsers = "";
\r
128 if (idx < args.length)
\r
129 allUsers = args[idx++];
\r
130 StringBuilder finalUsers = new StringBuilder();
\r
131 for (String u : allUsers.split(",")) {
\r
133 if (u.indexOf('@') < 0 && realm != null) u += '@' + realm;
\r
134 if (finalUsers.length() > 0) finalUsers.append(",");
\r
135 finalUsers.append(u);
\r
139 urr.setUser(finalUsers.toString());
\r
140 fp = client.update(
\r
141 "/authz/userRole/role",
\r
142 getDF(UserRoleRequest.class),
\r
144 if(fp.get(AAFcli.timeout())) {
\r
145 pw().println("Set the Role to Users [" + allUsers + "]");
\r
150 return fp==null?0:fp.code();
\r
156 public void detailedHelp(int indent, StringBuilder sb) {
\r
157 detailLine(sb,indent,"Add OR Delete a User to/from a Role OR");
\r
158 detailLine(sb,indent,"Set a User's Roles to the roles supplied");
\r
159 detailLine(sb,indent+2,"role - Name of Role to create");
\r
160 detailLine(sb,indent+2,"id(s) - ID or IDs to add to the Role");
\r
162 detailLine(sb,indent+2,"Note: this is the same as \"user role add...\" except allows");
\r
163 detailLine(sb,indent+2,"assignment of role to multiple userss");
\r
164 detailLine(sb,indent+2,"WARNING: Users supplied with setTo will be the ONLY users attached to this role");
\r
165 detailLine(sb,indent+2,"If no users are supplied, the users attached to this role are reset.");
\r
166 api(sb,indent,HttpMethods.POST,"authz/userRole",UserRoleRequest.class,true);
\r
167 api(sb,indent,HttpMethods.DELETE,"authz/userRole/<user>/<role>",Void.class,false);
\r
168 api(sb,indent,HttpMethods.PUT,"authz/userRole/<role>",UserRoleRequest.class,false);
\r
Code Review / aaf / authz.git / blob