/** * ============LICENSE_START==================================================== * org.onap.aaf * =========================================================================== * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. * =========================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END==================================================== * */ package org.onap.aaf.auth.service; import java.util.Date; import javax.servlet.http.HttpServletRequest; import org.onap.aaf.auth.dao.DAOException; import org.onap.aaf.auth.dao.cass.NsType; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.auth.layer.Result; import org.onap.aaf.auth.service.mapper.Mapper; public interface AuthzService { public Mapper mapper(); /*********************************** * NAMESPACE ***********************************/ /** * * @param trans * @param user * @param ns * @return * @throws DAOException * @throws */ public Result createNS(AuthzTrans trans, REQUEST request, NsType type); /** * * @param trans * @param ns * @return */ public Result addAdminNS(AuthzTrans trans, String ns, String id); /** * * @param trans * @param ns * @return */ public Result delAdminNS(AuthzTrans trans, String ns, String id); /** * * @param trans * @param ns * @param id * @return */ public Result addResponsibleNS(AuthzTrans trans, String ns, String id); /** * * @param trans * @param ns * @param id * @return */ public Result delResponsibleNS(AuthzTrans trans, String ns, String id); /** * * @param trans * @param ns * @param key * @param value * @return */ public Result createNsAttrib(AuthzTrans trans, String ns, String key, String value); /** * * @param trans * @param ns * @param key * @param value * @return */ public Result updateNsAttrib(AuthzTrans trans, String ns, String key, String value); /** * * @param trans * @param ns * @param key * @return */ public Result deleteNsAttrib(AuthzTrans trans, String ns, String key); /** * * @param trans * @param ns * @param key * @return */ public Result readNsByAttrib(AuthzTrans trans, String key); /** * * @param trans * @param ns * @return */ public Result getNSbyName(AuthzTrans trans, String ns, boolean full); /** * * @param trans * @param user * @return */ public Result getNSbyAdmin(AuthzTrans trans, String user, boolean full); /** * * @param trans * @param user * @return */ public Result getNSbyResponsible(AuthzTrans trans, String user, boolean full); /** * * @param trans * @param user * @return */ public Result getNSbyEither(AuthzTrans trans, String user, boolean full); /** * * @param trans * @param parent * @return */ public Result getNSsChildren(AuthzTrans trans, String parent); /** * * @param trans * @param req * @return */ public Result updateNsDescription(AuthzTrans trans, REQUEST req); /** * * @param trans * @param ns * @param user * @return * @throws DAOException */ public Result deleteNS(AuthzTrans trans, String ns); /*********************************** * PERM ***********************************/ /** * * @param trans * @param rreq * @return * @throws DAOException * @throws MappingException */ public Result createPerm(AuthzTrans trans, REQUEST rreq); /** * * @param trans * @param childPerm * @return * @throws DAOException */ public Result getPermsByType(AuthzTrans trans, String perm); /** * * @param trans * @param type * @param instance * @param action * @return */ public Result getPermsByName(AuthzTrans trans, String type, String instance, String action); /** * Gets all the permissions for a user across all the roles it is assigned to * @param userName * @return * @throws Exception * @throws Exception */ public Result getPermsByUser(AuthzTrans trans, String userName); /** * Gets all the permissions for a user across all the roles it is assigned to, filtered by NS (Scope) * * @param trans * @param user * @param scopes * @return */ public Result getPermsByUserScope(AuthzTrans trans, String user, String[] scopes); /** * Gets all the permissions for a user across all the roles it is assigned to * * Add AAF Perms representing the "MayUser" calls if * 1) Allowed * 2) User has equivalent permission * * @param userName * @return * @throws Exception * @throws Exception */ public Result getPermsByUser(AuthzTrans trans, PERMS perms, String userName); /** * * Gets all the permissions for a user across all the roles it is assigned to * * @param roleName * @return * @throws Exception */ public Result getPermsByRole(AuthzTrans trans, String roleName); /** * * @param trans * @param ns * @return */ public Result getPermsByNS(AuthzTrans trans, String ns); /** * rename permission * * @param trans * @param rreq * @param isRename * @param origType * @param origInstance * @param origAction * @return */ public Result renamePerm(AuthzTrans trans, REQUEST rreq, String origType, String origInstance, String origAction); /** * * @param trans * @param req * @return */ public Result updatePermDescription(AuthzTrans trans, REQUEST req); /** * * @param trans * @param from * @return */ public Result resetPermRoles(AuthzTrans trans, REQUEST from); /** * * @param trans * @param from * @return * @throws Exception */ public Result deletePerm(AuthzTrans trans, REQUEST from); /** * * @param trans * @param user * @param perm * @param type * @param action * @return * @throws Exception */ Result deletePerm(AuthzTrans trans, String perm, String type, String action); /*********************************** * ROLE ***********************************/ /** * * @param trans * @param user * @param role * @param approvers * @return * @throws DAOException * @throws Exception */ public Result createRole(AuthzTrans trans, REQUEST req); /** * * @param trans * @param role * @return */ public Result getRolesByName(AuthzTrans trans, String role); /** * * @param trans * @param user * @return * @throws DAOException */ public Result getRolesByUser(AuthzTrans trans, String user); /** * * @param trans * @param user * @return */ public Result getRolesByNS(AuthzTrans trans, String user); /** * * @param trans * @param name * @return */ public Result getRolesByNameOnly(AuthzTrans trans, String name); /** * * @param trans * @param type * @param instance * @param action * @return */ public Result getRolesByPerm(AuthzTrans trans, String type, String instance, String action); /** * * @param trans * @param req * @return */ public Result updateRoleDescription(AuthzTrans trans, REQUEST req); /** * * @param trans * @param rreq * @return * @throws DAOException */ public Result addPermToRole(AuthzTrans trans, REQUEST rreq); /** * * @param trans * @param rreq * @return * @throws DAOException */ Result delPermFromRole(AuthzTrans trans, REQUEST rreq); /** * Itemized key delete * @param trans * @param role * @param type * @param instance * @param action * @return */ public Result delPermFromRole(AuthzTrans trans, String role, String type, String instance, String action); /** * * @param trans * @param user * @param role * @return * @throws DAOException * @throws MappingException */ public Result deleteRole(AuthzTrans trans, String role); /** * * @param trans * @param req * @return */ public Result deleteRole(AuthzTrans trans, REQUEST req); /*********************************** * CRED ***********************************/ /** * * @param trans * @param from * @return */ Result createUserCred(AuthzTrans trans, REQUEST from); /** * * @param trans * @param from * @return */ Result changeUserCred(AuthzTrans trans, REQUEST from); /** * * @param trans * @param from * @param days * @return */ Result extendUserCred(AuthzTrans trans, REQUEST from, String days); /** * * @param trans * @param ns * @return */ public Result getCredsByNS(AuthzTrans trans, String ns); /** * * @param trans * @param id * @return */ public Result getCredsByID(AuthzTrans trans, String id); /** * * @param trans * @param req * @param id * @return */ public Result getCertInfoByID(AuthzTrans trans, HttpServletRequest req, String id); /** * * @param trans * @param credReq * @return */ public Result deleteUserCred(AuthzTrans trans, REQUEST credReq); /** * * @param trans * @param user * @return * @throws Exception */ public Result doesCredentialMatch(AuthzTrans trans, REQUEST credReq); /** * * @param trans * @param basicAuth * @return */ public Result validateBasicAuth(AuthzTrans trans, String basicAuth); /** * * @param trans * @param role * @return */ public Result getUsersByRole(AuthzTrans trans, String role); /** * * @param trans * @param role * @return */ public Result getUserInRole(AuthzTrans trans, String user, String role); /** * * @param trans * @param type * @param instance * @param action * @return */ public Result getUsersByPermission(AuthzTrans trans,String type, String instance, String action); /*********************************** * USER-ROLE ***********************************/ /** * * @param trans * @param user * @param request * @return * @throws Exception */ public Result createUserRole(AuthzTrans trans, REQUEST request); /** * * @param trans * @param role * @return */ public Result getUserRolesByRole(AuthzTrans trans, String role); /** * * @param trans * @param role * @return */ public Result getUserRolesByUser(AuthzTrans trans, String user); /** * * @param trans * @param from * @return */ public Result resetRolesForUser(AuthzTrans trans, REQUEST from); /** * * @param trans * @param from * @return */ public Result resetUsersForRole(AuthzTrans trans, REQUEST from); /** * * @param trans * @param user * @param role * @return */ public Result extendUserRole(AuthzTrans trans, String user, String role); /** * * @param trans * @param user * @param usr * @param role * @return * @throws DAOException */ public Result deleteUserRole(AuthzTrans trans, String usr, String role); /*********************************** * HISTORY ***********************************/ /** * * @param trans * @param user * @param yyyymm * @return */ public Result getHistoryByUser(AuthzTrans trans, String user, int[] yyyymm, int sort); /** * * @param trans * @param subj * @param yyyymm * @param sort * @return */ public Result getHistoryByRole(AuthzTrans trans, String subj, int[] yyyymm, int sort); /** * * @param trans * @param subj * @param yyyymm * @param sort * @return */ public Result getHistoryByPerm(AuthzTrans trans, String subj, int[] yyyymm, int sort); /** * * @param trans * @param subj * @param yyyymm * @param sort * @return */ public Result getHistoryByNS(AuthzTrans trans, String subj, int[] yyyymm, int sort); /*********************************** * DELEGATE ***********************************/ /** * * @param trans * @param delegates * @return * @throws Exception */ public Result createDelegate(AuthzTrans trans, REQUEST reqDelegate); /** * * @param trans * @param delegates * @return * @throws Exception */ public Result updateDelegate(AuthzTrans trans, REQUEST reqDelegate); /** * * @param trans * @param userName * @param delegate * @return * @throws Exception */ public Result deleteDelegate(AuthzTrans trans, REQUEST reqDelegate); /** * * @param trans * @param userName * @return */ public Result deleteDelegate(AuthzTrans trans, String userName); /** * * @param trans * @param user * @return * @throws Exception */ public Result getDelegatesByUser(AuthzTrans trans, String user); /** * * @param trans * @param delegate * @return */ public Result getDelegatesByDelegate(AuthzTrans trans, String delegate); /*********************************** * APPROVAL ***********************************/ /** * * @param trans * @param user * @param approver * @param status * @return */ public Result updateApproval(AuthzTrans trans, APPROVALS approvals); /** * * @param trans * @param user * @return */ public Result getApprovalsByUser(AuthzTrans trans, String user); /** * * @param trans * @param ticket * @return */ public Result getApprovalsByTicket(AuthzTrans trans, String ticket); /** * * @param trans * @param approver * @return */ public Result getApprovalsByApprover(AuthzTrans trans, String approver); /** * * @param trans * @param cname * @return */ public Result cacheClear(AuthzTrans trans, String cname); /** * * @param trans * @param cname * @param segment * @return */ public Result cacheClear(AuthzTrans trans, String cname, int[] segment); /** * * @param trans */ public void dbReset(AuthzTrans trans); }