1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package org.onap.aaf.cmd.role;
\r
25 import java.util.ArrayList;
\r
26 import java.util.HashMap;
\r
28 import org.onap.aaf.cmd.AAFcli;
\r
29 import org.onap.aaf.cmd.Cmd;
\r
30 import org.onap.aaf.cmd.Param;
\r
31 import org.onap.aaf.cssa.rserv.HttpMethods;
\r
33 import org.onap.aaf.cadi.CadiException;
\r
34 import org.onap.aaf.cadi.LocatorException;
\r
35 import org.onap.aaf.cadi.client.Future;
\r
36 import org.onap.aaf.cadi.client.Rcli;
\r
37 import org.onap.aaf.cadi.client.Retryable;
\r
38 import org.onap.aaf.inno.env.APIException;
\r
39 import org.onap.aaf.inno.env.util.Chrono;
\r
41 import aaf.v2_0.Nss;
\r
42 import aaf.v2_0.Pkey;
\r
43 import aaf.v2_0.Roles;
\r
44 import aaf.v2_0.Users;
\r
50 public class ListByUser extends Cmd {
\r
51 private static final String HEADER = "List Roles for User ";
\r
53 public ListByUser(List parent) {
\r
54 super(parent,"user",
\r
55 new Param("id",true));
\r
59 public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
\r
60 String user=args[idx];
\r
61 String realm = getOrgRealm();
\r
62 final String fullUser;
\r
63 if (user.indexOf('@') < 0 && realm != null) {
\r
64 fullUser = user + '@' + realm;
\r
69 return same(new Retryable<Integer>() {
\r
71 public Integer code(Rcli<?> client) throws CadiException, APIException {
\r
73 Future<Roles> fp = client.read(
\r
74 "/authz/roles/user/"+fullUser,
\r
77 if(fp.get(AAFcli.timeout())) {
\r
78 Future<Nss> fn = null;
\r
79 ArrayList<String> roleNss = null;
\r
80 ArrayList<String> permNss = null;
\r
81 HashMap<String, Boolean> expiredMap = new HashMap<String, Boolean>();
\r
82 if (aafcli.isDetailed()) {
\r
83 roleNss = new ArrayList<String>();
\r
84 permNss = new ArrayList<String>();
\r
85 for(aaf.v2_0.Role p : fp.value.getRole()) {
\r
86 String roleNs = p.getName();
\r
88 roleNs = p.getName().substring(0,roleNs.lastIndexOf('.'));
\r
89 fn = client.read("/authz/nss/"+roleNs,getDF(Nss.class));
\r
90 } while (!fn.get(AAFcli.timeout()));
\r
91 roleNss.add(roleNs);
\r
93 for(Pkey perm : p.getPerms()) {
\r
94 if (perm.getType().contains(roleNs)) {
\r
95 permNss.add(roleNs);
\r
97 Future<Nss> fpn = null;
\r
98 String permType = perm.getType();
\r
99 String permNs = permType;
\r
101 permNs = permType.substring(0,permNs.lastIndexOf('.'));
\r
102 fpn = client.read("/authz/nss/"+permNs,getDF(Nss.class));
\r
103 } while (!fpn.get(AAFcli.timeout()));
\r
104 permNss.add(permNs);
\r
110 if (fp.value != null) {
\r
111 for(aaf.v2_0.Role p : fp.value.getRole()) {
\r
112 Future<Users> fu = client.read(
\r
113 "/authz/userRole/"+fullUser+"/"+p.getName(),
\r
116 if (fu.get(5000)) {
\r
117 if(fu.value != null) {
\r
118 for (Users.User u : fu.value.getUser()) {
\r
119 if(u.getExpires().normalize().compare(Chrono.timeStamp().normalize()) > 0) {
\r
120 expiredMap.put(p.getName(), new Boolean(false));
\r
122 expiredMap.put(p.getName(), new Boolean(true));
\r
130 ((List)parent).report(fp,roleNss,permNss,expiredMap,HEADER,fullUser);
\r
140 public void detailedHelp(int indent, StringBuilder sb) {
\r
141 detailLine(sb,indent,HEADER);
\r
142 api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);
\r