From 22441bf68398310bc3f451eb3331f3e4ee57d93a Mon Sep 17 00:00:00 2001
From: Instrumental <jonathan.gathman@att.com>
Date: Mon, 30 Apr 2018 14:11:34 -0500
Subject: [PATCH] add newly revealed ONAP IDs

Issue-ID: AAF-256
Change-Id: I7ff85f115a513d333ed6c742609190cc67c1d536
Signed-off-by: Instrumental <jonathan.gathman@att.com>
---
 auth/auth-cass/src/main/cql/.gitignore             |  5 +-
 auth/auth-cass/src/main/cql/osaaf.cql              | 61 ++++++++++++++++++++++
 auth/sample/data/identities.dat                    |  9 ++++
 .../org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java     |  4 +-
 .../main/java/org/onap/aaf/cadi/config/Config.java | 19 ++++---
 5 files changed, 87 insertions(+), 11 deletions(-)

diff --git a/auth/auth-cass/src/main/cql/.gitignore b/auth/auth-cass/src/main/cql/.gitignore
index 5fd2ede3..ce22752c 100644
--- a/auth/auth-cass/src/main/cql/.gitignore
+++ b/auth/auth-cass/src/main/cql/.gitignore
@@ -1,4 +1 @@
-/.settings/
-/.project
-/target/
-/.classpath
+temp.cql
diff --git a/auth/auth-cass/src/main/cql/osaaf.cql b/auth/auth-cass/src/main/cql/osaaf.cql
index 83c7fdf0..e7385ab6 100644
--- a/auth/auth-cass/src/main/cql/osaaf.cql
+++ b/auth/auth-cass/src/main/cql/osaaf.cql
@@ -59,3 +59,64 @@ INSERT INTO role(ns, name, perms, description)
 INSERT INTO user_role(user,role,expires,ns,rname)
   VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400;
 
+
+// ONAP Specific Entities
+// ONAP initial env Namespace
+INSERT INTO ns (name,description,parent,scope,type)
+  VALUES('org.onap','ONAP','org',2,2);
+
+INSERT INTO ns (name,description,parent,scope,type)
+  VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3);
+
+INSERT INTO perm(ns, type, instance, action, roles, description) 
+  VALUES ('org.onap.portal','access','*','read',{
+    'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor'
+  },'Portal Read Access');
+
+INSERT INTO role(ns, name, perms, description)
+  VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner');
+
+INSERT INTO perm(ns, type, instance, action, roles, description) 
+  VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access');
+
+INSERT INTO role(ns, name, perms, description)
+  VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins');
+
+// DEMO ID (OPS)
+insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO user_role(user,role,expires,ns,rname)
+  VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
+
+// ADMIN
+insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO user_role(user,role,expires,ns,rname)
+  VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
+
+// DESIGNER
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+  VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer');
+INSERT INTO user_role(user,role,expires,ns,rname)
+  VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer');
+
+// TESTER
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+  VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester');
+INSERT INTO user_role(user,role,expires,ns,rname)
+  VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester');
+
+// OPS
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+  VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations');
+INSERT INTO user_role(user,role,expires,ns,rname)
+  VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops');
+
+// GOVERNOR
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+  VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor');
+INSERT INTO user_role(user,role,expires,ns,rname)
+  VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor');
+
diff --git a/auth/sample/data/identities.dat b/auth/sample/data/identities.dat
index dd4dbb1d..3c40e500 100644
--- a/auth/sample/data/identities.dat
+++ b/auth/sample/data/identities.dat
@@ -40,3 +40,12 @@ sunilu|Sunil Unnava|Sunil|Unnava|6094541858|sunil.unnava@att.com|e|ramkoya
 dmaapmr|DMaap Message Router|DMaap MR|Message Router||su622b@att.com|a|sunilu
 oof|OOF|OOF|OOF||sarat@research.att.com|a|saratp
 saratp|Sarat Puthenpura|Sarat|Puthenpura|9089012067|sarat@research.att.com|e|clefevre
+# ONAP default Users
+demo|PORTAL DEMO|PORTAL|DEMO|||e|jonathan
+jh0003|PORTAL ADMIN|PORTAL|ADMIN|||e|jonathan
+cs0008|PORTAL DESIGNER|PORTAL|DESIGNER|||e|jonathan
+jm0007|PORTAL TESTER|PORTAL|TESTER|||e|jonathan
+op0001|PORTAL OPS|PORTAL|OPS|||e|jonathan
+gv0001|PORTAL GOVERNOR|PORTAL|GOVERNOR|||e|jonathan
+
+
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
index 41f237d6..84d23655 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
@@ -59,6 +59,8 @@ import aaf.v2_0.Perms;
  *
  */
 public class AAFLurPerm extends AbsAAFLur<AAFPermission> {
+	private static final String ORG_OSAAF_CADI_OAUTH_O_AUTH2_LUR = "org.osaaf.cadi.oauth.OAuth2Lur";
+
 	/**
 	 *  Need to be able to transmutate a Principal into either ATTUID or MechID, which are the only ones accepted at this
 	 *  point by AAF.  There is no "domain", aka, no "@att.com" in "ab1234@att.com".  
@@ -90,7 +92,7 @@ public class AAFLurPerm extends AbsAAFLur<AAFPermission> {
 					Constructor<?> tmconst = tmcls.getConstructor(AAFCon.class,String.class);
 					Object tokMangr = tmconst.newInstance(con,oauth2_url);
 					@SuppressWarnings("unchecked")
-					Class<Lur> oa2cls = (Class<Lur>)Config.loadClass(access,"org.osaaf.cadi.oauth.OAuth2Lur");
+					Class<Lur> oa2cls = (Class<Lur>)Config.loadClass(access,ORG_OSAAF_CADI_OAUTH_O_AUTH2_LUR);
 					Constructor<Lur> oa2const = oa2cls.getConstructor(tmcls);
 					Lur oa2 = oa2const.newInstance(tokMangr);
 					setPreemptiveLur(oa2);
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index c4634cf4..8525ac59 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -65,6 +65,7 @@ import org.onap.aaf.cadi.taf.dos.DenialOfServiceTaf;
  */
 public class Config {
 
+	
 	public static final String UTF_8 = "UTF-8";
 
 	// Property Names associated with configurations.
@@ -142,14 +143,20 @@ public class Config {
 	public static final String AAF_APPPASS = "aaf_password";
 	public static final String AAF_LUR_CLASS = "aaf_lur_class";
 	public static final String AAF_TAF_CLASS = "aaf_taf_class";
-	public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
 	public static final String AAF_CONNECTOR_CLASS = "aaf_connector_class";
 	public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
 	public static final String AAF_CONN_TIMEOUT = "aaf_conn_timeout";
 	public static final String AAF_CONN_TIMEOUT_DEF = "3000";
 	public static final String AAF_CONN_IDLE_TIMEOUT = "aaf_conn_idle_timeout"; // only for Direct Jetty Access.
 	public static final String AAF_CONN_IDLE_TIMEOUT_DEF = "10000"; // only for Direct Jetty Access.
-	
+	 
+	// Default Classes: These are for Class loading to avoid direct compile links
+	public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
+	public static final String AAF_LOCATOR_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFLocator";
+	public static final String CADI_OLUR_CLASS_DEF = "org.onap.aaf.cadi.olur.OLur";
+	public static final String CADI_OBASIC_HTTP_TAF_DEF = "org.onap.aaf.cadi.obasic.OBasicHttpTaf";
+	public static final String CADI_AAF_CON_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFCon";
+
 	public static final String AAF_CALL_TIMEOUT = "aaf_timeout";
 	public static final String AAF_CALL_TIMEOUT_DEF = "5000";
 	public static final String AAF_USER_EXPIRES = "aaf_user_expires";
@@ -223,7 +230,7 @@ public class Config {
 		/////////////////////////////////////////////////////
 		// Setup AAFCon for any following
 		/////////////////////////////////////////////////////
-		Class<?> aafConClass = loadClass(access,"org.onap.aaf.cadi.aaf.v2_0.AAFCon");
+		Class<?> aafConClass = loadClass(access,CADI_AAF_CON_DEF);
 		Object aafcon = null;
 		if(con!=null && aafConClass!=null && aafConClass.isAssignableFrom(con.getClass())) {
 			aafcon = con;
@@ -312,7 +319,7 @@ public class Config {
 			if(!hasOAuthDirectTAF) {
 				if(basic_realm!=null) {
 					@SuppressWarnings("unchecked")
-					Class<HttpTaf> obasicCls = (Class<HttpTaf>)loadClass(access,"org.osaaf.cadi.obasic.OBasicHttpTaf");
+					Class<HttpTaf> obasicCls = (Class<HttpTaf>)loadClass(access,CADI_OBASIC_HTTP_TAF_DEF);
 					if(obasicCls!=null) {
 						try {
 							String tokenurl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL, null);
@@ -516,7 +523,7 @@ public class Config {
 		String introspect_url = logProp(access,AAF_OAUTH2_INTROSPECT_URL, null);
 		if(token_url!=null && introspect_url !=null) {
 			try {
-				Class<?> olurCls = loadClass(access, "org.osaaf.cadi.olur.OLur");
+				Class<?> olurCls = loadClass(access, CADI_OLUR_CLASS_DEF);
 				if(olurCls!=null) {
 					Constructor<?> olurCnst = olurCls.getConstructor(PropAccess.class,String.class,String.class);
 					Lur olur = (Lur)olurCnst.newInstance(access,token_url,introspect_url);
@@ -713,7 +720,7 @@ public class Config {
 			}
 	
 			try {
-				Class<?> lcls = loadClass(access,"org.onap.aaf.cadi.aaf.v2_0.AAFLocator");
+				Class<?> lcls = loadClass(access,AAF_LOCATOR_CLASS_DEF);
 				if(lcls==null) {
 					throw new CadiException("Need to include aaf-cadi-aaf jar for AAFLocator");
 				}
-- 
2.16.6