1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package org.onap.aaf.authz.cadi;
\r
25 import static org.onap.aaf.authz.layer.Result.OK;
\r
27 import java.security.Principal;
\r
28 import java.util.List;
\r
30 import org.onap.aaf.authz.env.AuthzEnv;
\r
31 import org.onap.aaf.authz.env.AuthzTrans;
\r
32 import org.onap.aaf.authz.layer.Result;
\r
33 import org.onap.aaf.dao.aaf.cass.PermDAO;
\r
34 import org.onap.aaf.dao.aaf.cass.PermDAO.Data;
\r
35 import org.onap.aaf.dao.aaf.hl.Question;
\r
37 import org.onap.aaf.cadi.Lur;
\r
38 import org.onap.aaf.cadi.Permission;
\r
40 public class DirectAAFLur implements Lur {
\r
41 private final AuthzEnv env;
\r
42 private final Question question;
\r
44 public DirectAAFLur(AuthzEnv env, Question question) {
\r
46 this.question = question;
\r
50 public boolean fish(Principal bait, Permission pond) {
\r
51 return fish(env.newTransNoAvg(),bait,pond);
\r
54 public boolean fish(AuthzTrans trans, Principal bait, Permission pond) {
\r
55 Result<List<Data>> pdr = question.getPermsByUser(trans, bait.getName(),false);
\r
56 switch(pdr.status) {
\r
58 for(PermDAO.Data d : pdr.value) {
\r
59 if(new PermPermission(d).match(pond)) return true;
\r
63 trans.error().log("Can't access Cassandra to fulfill Permission Query: ",pdr.status,"-",pdr.details);
\r
69 public void fishAll(Principal bait, List<Permission> permissions) {
\r
70 Result<List<Data>> pdr = question.getPermsByUser(env.newTrans(), bait.getName(),false);
\r
71 switch(pdr.status) {
\r
73 for(PermDAO.Data d : pdr.value) {
\r
74 permissions.add(new PermPermission(d));
\r
78 env.error().log("Can't access Cassandra to fulfill Permission Query: ",pdr.status,"-", pdr.details);
\r
83 public void destroy() {
\r
87 public boolean handlesExclusively(Permission pond) {
\r
92 * Small Class implementing CADI's Permission with Cassandra Data
\r
95 public static class PermPermission implements Permission {
\r
96 private PermDAO.Data data;
\r
98 public PermPermission(PermDAO.Data d) {
\r
102 public PermPermission(AuthzTrans trans, Question q, String p) {
\r
103 data = PermDAO.Data.create(trans, q, p);
\r
106 public PermPermission(String ns, String type, String instance, String action) {
\r
107 data = new PermDAO.Data();
\r
110 data.instance = instance;
\r
111 data.action = action;
\r
115 public String getKey() {
\r
120 public boolean match(Permission p) {
\r
121 if(p==null)return false;
\r
123 if(p instanceof DirectAAFLur.PermPermission) {
\r
124 pd = ((DirectAAFLur.PermPermission)p).data;
\r
125 if(data.ns.equals(pd.ns))
\r
126 if(data.type.equals(pd.type))
\r
127 if(data.instance!=null && (data.instance.equals(pd.instance) || "*".equals(data.instance)))
\r
128 if(data.action!=null && (data.action.equals(pd.action) || "*".equals(data.action)))
\r
131 String[] lp = p.getKey().split("\\|");
\r
132 if(lp.length<3)return false;
\r
133 if(data.fullType().equals(lp[0]))
\r
134 if(data.instance!=null && (data.instance.equals(lp[1]) || "*".equals(data.instance)))
\r
135 if(data.action!=null && (data.action.equals(lp[2]) || "*".equals(data.action)))
\r
142 public String permType() {
\r
148 public String toString() {
\r
149 return "DirectAAFLur is enabled";
\r
154 public boolean supports(String userName) {
\r
160 public Permission createPerm(String p) {
\r
161 // TODO Auto-generated method stub
\r
166 public void clear(Principal p, StringBuilder report) {
\r
167 // TODO Auto-generated method stub
\r