Users found confusing. Can be reinstated later if matching GUI elements created..
Correct Onboard Doc
Issue-ID: AAF-798
Change-Id: Ic3672626df919791141f897ed11c818e594c8d7b
Signed-off-by: Instrumental <jonathan.gathman@att.com>
lcred.add(delRange);
lx509.add(delRange);
-
lcred.add(new Range(ONE_WEEK ,3,-1,1,0,0,GregorianCalendar.WEEK_OF_MONTH,1));
lcred.add(new Range(TWO_WEEK ,2,-1,-1,GregorianCalendar.WEEK_OF_MONTH,1,GregorianCalendar.WEEK_OF_MONTH,2));
lcred.add(new Range(ONE_MONTH,1,7,7,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1));
lcred.add(new Range(TWO_MONTH,1,-1,-1,GregorianCalendar.MONTH,1,GregorianCalendar.MONTH,2));
- lur.add( new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1));
+ lur.add( new Range(ONE_MONTH,1,-1,-1,0,0,GregorianCalendar.MONTH,1));
+ // Comment out until we can get some more clear actions in place for GUI
+ // lur.add( new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1));
+ // lur.add( new Range(ONE_WEEK,2,-1,1,0,0,GregorianCalendar.WEEK_OF_MONTH,1));
lx509.add(new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1));
}
+++ /dev/null
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-package org.onap.aaf.auth.batch.reports.bodies;
-
-import java.io.IOException;
-import java.util.Date;
-import java.util.List;
-
-import org.onap.aaf.auth.batch.helpers.LastNotified;
-import org.onap.aaf.auth.batch.reports.Notify;
-import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.org.Organization.Identity;
-import org.onap.aaf.auth.org.OrganizationException;
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.misc.env.util.Chrono;
-
-public abstract class NotifyURBody extends NotifyBody {
-
- private final String explanation;
- public NotifyURBody(Access access, String name) throws IOException {
- super(access,"ur",name);
-
- // Default
- explanation = "The Roles for the IDs associated with you will expire on the dates shown. "
- + "If the role membership is allowed to expire, "
- + "the ID will no longer have the permissions associated with that role.<br><br>"
- + "It is the responsibility of the Designated Approvers to approve, but you can monitor "
- + "their progress by clicking the ID Link.";
- }
-
- @Override
- public boolean body(AuthzTrans trans, StringBuilder sb, int indent, Notify n, String id) {
- String fullname = "n/a";
- String kind = "Name";
- try {
- Identity identity = trans.org().getIdentity(trans, id);
- if(identity==null) {
- trans.warn().printf("Cannot find %s in Organization",id);
- } else {
- fullname = identity.fullName();
- if(!identity.isPerson()) {
- if((identity = identity.responsibleTo())!=null) {
- kind = "AppID Sponsor";
- fullname = identity.fullName();
- }
- }
- }
- } catch (OrganizationException e) {
- trans.error().log(e);
- fullname = "n/a";
- }
- println(sb,indent,explanation);
- println(sb,indent,"<br><br>");
- println(sb,indent,"<table>");
- indent+=2;
- println(sb,indent,"<tr>");
- indent+=2;
- println(sb,indent,"<th>"+kind+"</th>");
- println(sb,indent,"<th>Fully Qualified ID</th>");
- println(sb,indent,"<th>Role</th>");
- println(sb,indent,"<th>Expires</th>");
- indent-=2;
- println(sb,indent,"</tr>");
-
- String name = null;
- String fqi = null;
- for(List<String> row : rows.get(id)) {
- println(sb,indent,"<tr>");
- indent+=2;
- name = printCell(sb,indent,fullname,name);
- String rid = row.get(1);
- String fqiCell = "<a href=\"" + gui_url + "/myrequests\">" + rid + "</a>";
- fqi = printCell(sb,indent,fqiCell,fqi);
- printCell(sb,indent,row.get(2));
- Date expires = new Date(Long.parseLong(row.get(6)));
- printCell(sb,indent,Chrono.niceUTCStamp(expires));
- indent-=2;
- println(sb,indent,"</tr>");
- }
- indent-=2;
- println(sb,indent,"</table>");
-
- return true;
- }
-
-
- @Override
- public void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified ln) {
- for(List<String> row : rows.get(id)) {
- for(String n : notified) {
- // Need to match LastNotified Key ... ur.user() + '|'+ur.role();
- ln.update(query, n, row.get(0), row.get(1)+'|'+row.get(2));
- }
- }
- }
-
- @Override
- public String user(List<String> row) {
- if( (row != null) && row.size()>1) {
- return row.get(1);
- }
- return null;
- }
-
-
-}
+++ /dev/null
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-package org.onap.aaf.auth.batch.reports.bodies;
-
-import java.io.IOException;
-
-import org.onap.aaf.auth.batch.helpers.ExpireRange;
-import org.onap.aaf.cadi.Access;
-
-public class OneMonthNotifyURBody extends NotifyURBody {
- public OneMonthNotifyURBody(Access access) throws IOException {
- super(access, ExpireRange.ONE_MONTH);
- }
-
- @Override
- public String subject() {
- return String.format("AAF One Month UserRole Notification (ENV: %s)",env);
- }
-}
import static org.junit.Assert.assertThat;
import static org.mockito.Mockito.when;
-import org.junit.Before;
-import org.junit.Test;
-import org.mockito.Mock;
-import org.mockito.MockitoAnnotations;
-
import java.io.ByteArrayOutputStream;
import java.io.PrintStream;
import javax.servlet.http.HttpServletRequest;
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.Lur;
import org.onap.aaf.cadi.PropAccess;
package org.onap.aaf.cadi.taf.test;
-import static org.hamcrest.CoreMatchers.is;
-import static org.junit.Assert.assertThat;
+import static org.junit.Assert.*;
+import static org.hamcrest.CoreMatchers.*;
+import org.junit.*;
import java.io.IOException;
-import org.junit.Test;
import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.Taf;
-import org.onap.aaf.cadi.Taf.LifeForm;
-import org.onap.aaf.cadi.principal.TaggedPrincipal;
-import org.onap.aaf.cadi.taf.EpiTaf;
-import org.onap.aaf.cadi.taf.NullTaf;
import org.onap.aaf.cadi.taf.TafResp;
import org.onap.aaf.cadi.taf.TafResp.RESP;
+import org.onap.aaf.cadi.taf.EpiTaf;
+import org.onap.aaf.cadi.taf.NullTaf;
+import org.onap.aaf.cadi.Taf.LifeForm;
+import org.onap.aaf.cadi.principal.TaggedPrincipal;
+
public class JU_EpiTaf {
@Test(expected = CadiException.class)
@Override public RESP isAuthenticated() { return RESP.TRY_ANOTHER_TAF; }
@Override public RESP authenticate() throws IOException { return null; }
@Override public TaggedPrincipal getPrincipal() { return null; }
- @Override public Access getAccess() { return Access.NULL; }
+ @Override public Access getAccess() { return null; }
@Override public boolean isFailedAttempt() { return false; }
@Override public float timing() { return 0; }
@Override public void timing(long start) {}
@Override public RESP isAuthenticated() { return RESP.TRY_AUTHENTICATING; }
@Override public RESP authenticate() throws IOException { return null; }
@Override public TaggedPrincipal getPrincipal() { return null; }
- @Override public Access getAccess() { return Access.NULL; }
+ @Override public Access getAccess() { return null; }
@Override public boolean isFailedAttempt() { return false; }
@Override public float timing() { return 0; }
@Override public void timing(long start) {}
(show web page)
From GUI
-role create org.onap.ngi.service ngi@ngi.onap.org
-perm grant org.onap.ngi.access|*|* org.onap.ngi.service
+ role create org.onap.ngi.service ngi@ngi.onap.org
-<Link to Certificates>
+ perm grant org.onap.ngi.access|*|* org.onap.ngi.service
+
+See Certificate Documentation for adding Certificate Artifacts.
Code Review / aaf / authz.git / commitdiff