authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByUser.java

   1 /*******************************************************************************\r
   2  * ============LICENSE_START====================================================\r
   3  * * org.onap.aaf\r
   4  * * ===========================================================================\r
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
   6  * * ===========================================================================\r
   7  * * Licensed under the Apache License, Version 2.0 (the "License");\r
   8  * * you may not use this file except in compliance with the License.\r
   9  * * You may obtain a copy of the License at\r
  10  * * \r
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0\r
  12  * * \r
  13  *  * Unless required by applicable law or agreed to in writing, software\r
  14  * * distributed under the License is distributed on an "AS IS" BASIS,\r
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
  16  * * See the License for the specific language governing permissions and\r
  17  * * limitations under the License.\r
  18  * * ============LICENSE_END====================================================\r
  19  * *\r
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
  21  * *\r
  22  ******************************************************************************/\r
  23 package org.onap.aaf.cmd.role;\r
  24 \r
  25 import java.util.ArrayList;\r
  26 import java.util.HashMap;\r
  27 \r
  28 import org.onap.aaf.cmd.AAFcli;\r
  29 import org.onap.aaf.cmd.Cmd;\r
  30 import org.onap.aaf.cmd.Param;\r
  31 import org.onap.aaf.cssa.rserv.HttpMethods;\r
  32 \r
  33 import org.onap.aaf.cadi.CadiException;\r
  34 import org.onap.aaf.cadi.LocatorException;\r
  35 import org.onap.aaf.cadi.client.Future;\r
  36 import org.onap.aaf.cadi.client.Rcli;\r
  37 import org.onap.aaf.cadi.client.Retryable;\r
  38 import org.onap.aaf.inno.env.APIException;\r
  39 import org.onap.aaf.inno.env.util.Chrono;\r
  40 \r
  41 import aaf.v2_0.Nss;\r
  42 import aaf.v2_0.Pkey;\r
  43 import aaf.v2_0.Roles;\r
  44 import aaf.v2_0.Users;\r
  45 \r
  46 /**\r
  47  * p\r
  48  *\r
  49  */\r
  50 public class ListByUser extends Cmd {\r
  51         private static final String HEADER = "List Roles for User ";\r
  52         \r
  53         public ListByUser(List parent) {\r
  54                 super(parent,"user", \r
  55                                 new Param("id",true)); \r
  56         }\r
  57 \r
  58         @Override\r
  59         public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {\r
  60                 String user=args[idx];\r
  61                 String realm = getOrgRealm();\r
  62                 final String fullUser;\r
  63                 if (user.indexOf('@') < 0 && realm != null) {\r
  64                     fullUser = user + '@' + realm;\r
  65                 } else {\r
  66                     fullUser = user;\r
  67                 }\r
  68 \r
  69                 return same(new Retryable<Integer>() {\r
  70                         @Override\r
  71                         public Integer code(Rcli<?> client) throws CadiException, APIException {\r
  72 \r
  73                                 Future<Roles> fp = client.read(\r
  74                                                 "/authz/roles/user/"+fullUser, \r
  75                                                 getDF(Roles.class)\r
  76                                                 );\r
  77                                 if(fp.get(AAFcli.timeout())) {\r
  78                                         Future<Nss> fn = null;\r
  79                                         ArrayList<String> roleNss = null;\r
  80                                         ArrayList<String> permNss = null;\r
  81                                         HashMap<String, Boolean> expiredMap = new HashMap<String, Boolean>();\r
  82                                         if (aafcli.isDetailed()) {\r
  83                                                 roleNss = new ArrayList<String>();\r
  84                                                 permNss = new ArrayList<String>();\r
  85                                                 for(aaf.v2_0.Role p : fp.value.getRole()) {\r
  86                                                         String roleNs = p.getName();\r
  87                                                         do {\r
  88                                                                 roleNs = p.getName().substring(0,roleNs.lastIndexOf('.'));\r
  89                                                                 fn = client.read("/authz/nss/"+roleNs,getDF(Nss.class));\r
  90                                                         } while (!fn.get(AAFcli.timeout()));\r
  91                                                         roleNss.add(roleNs);\r
  92         \r
  93                                                         for(Pkey perm : p.getPerms()) {\r
  94                                                                 if (perm.getType().contains(roleNs)) {\r
  95                                                                     permNss.add(roleNs);\r
  96                                                                 } else {\r
  97                                                                         Future<Nss> fpn = null;\r
  98                                                                         String permType = perm.getType();\r
  99                                                                         String permNs = permType;\r
 100                                                                         do {\r
 101                                                                                 permNs = permType.substring(0,permNs.lastIndexOf('.'));\r
 102                                                                                 fpn = client.read("/authz/nss/"+permNs,getDF(Nss.class));\r
 103                                                                         } while (!fpn.get(AAFcli.timeout()));\r
 104                                                                         permNss.add(permNs);\r
 105                                                                 }\r
 106                                                         }\r
 107                                                 }\r
 108                                         }\r
 109                                         \r
 110                                         if (fp.value != null) {\r
 111                                                 for(aaf.v2_0.Role p : fp.value.getRole()) {\r
 112                                                         Future<Users> fu = client.read(\r
 113                                                                         "/authz/userRole/"+fullUser+"/"+p.getName(), \r
 114                                                                         getDF(Users.class)\r
 115                                                                         );\r
 116                                                         if (fu.get(5000)) {\r
 117                                                                 if(fu.value != null) {\r
 118                                                                     for (Users.User u : fu.value.getUser()) {\r
 119                                                                         if(u.getExpires().normalize().compare(Chrono.timeStamp().normalize()) > 0) {\r
 120                                                                                 expiredMap.put(p.getName(), new Boolean(false));\r
 121                                                                         } else {\r
 122                                                                                 expiredMap.put(p.getName(), new Boolean(true));\r
 123                                                                         }\r
 124                                                                     }\r
 125                                                                 }\r
 126                                                         }\r
 127                                                 }       \r
 128                                         }\r
 129                                         \r
 130                                         ((List)parent).report(fp,roleNss,permNss,expiredMap,HEADER,fullUser);\r
 131                                 } else {\r
 132                                         error(fp);\r
 133                                 }\r
 134                                 return fp.code();\r
 135                         }\r
 136                 });\r
 137         }\r
 138         \r
 139         @Override\r
 140         public void detailedHelp(int indent, StringBuilder sb) {\r
 141                 detailLine(sb,indent,HEADER);\r
 142                 api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);\r
 143         }\r
 144 \r
 145 \r
 146 }\r