Filter get all pnf by owning entity if multi tenancy is enabled

author Rodrigo Lima <rodrigo.lima@yoppworks.com>

Thu, 5 Nov 2020 19:46:40 +0000 (14:46 -0500)

committer Rodrigo Lima <rodrigo.lima@yoppworks.com>

Tue, 10 Nov 2020 20:30:57 +0000 (15:30 -0500)
author Rodrigo Lima <rodrigo.lima@yoppworks.com>
Thu, 5 Nov 2020 19:46:40 +0000 (14:46 -0500)
committer Rodrigo Lima <rodrigo.lima@yoppworks.com>
Tue, 10 Nov 2020 20:30:57 +0000 (15:30 -0500)
diff --git a/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java b/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java

index 061c640..4ece377 100644 (file)
--- a/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java
+++ b/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java
@@ -45,9 +45,19 @@ public class OwnerCheck extends SideEffect {
      @Override
      protected void processURI(Optional<String> completeUri, Entry<String, String> entry)
          throws AAIException {
-        if (serializer.getGroups() != null && !serializer.getGroups().isEmpty()) {
-            List<Vertex> owningEntity = self.graph().traversal()
-                .V(self)
+        if (!isAuthorized(serializer.getGroups(), self)) {
+
+            throw new AAIException("AAI_3304",
+                "Group(s) :" + serializer.getGroups() + " not authorized to perform function");
+
+        } //else skip processing because no required properties were specified
+
+    }
+
+    public static boolean isAuthorized(java.util.Set<String> groups, Vertex vertex) {
+        if (groups != null && !groups.isEmpty()) {
+            List<Vertex> owningEntity = vertex.graph().traversal()
+                .V(vertex)
                  .bothE("org.onap.relationships.inventory.BelongsTo")
                  .otherV()
                  .has("aai-node-type", "owning-entity")
@@ -56,13 +66,11 @@ public class OwnerCheck extends SideEffect {
              if(!owningEntity.isEmpty()) {
                  VertexProperty owningEntityName = owningEntity.get(0).property("owning-entity-name");
  
-                if(!serializer.getGroups().contains(owningEntityName.orElseGet(null))) {
-                    throw new AAIException("AAI_3304",
-                        "Group(s) :" + serializer.getGroups() + " not authorized to perform function");
-                }
+                return groups.contains(owningEntityName.orElseGet(null));
              }
-        } //else skip processing because no required properties were specified
+        }
  
+        return true;
      }
  
      @Override
diff --git a/aai-core/src/main/java/org/onap/aai/rest/db/HttpEntry.java b/aai-core/src/main/java/org/onap/aai/rest/db/HttpEntry.java

index aa4fb8c..7f3340b 100644 (file)
--- a/aai-core/src/main/java/org/onap/aai/rest/db/HttpEntry.java
+++ b/aai-core/src/main/java/org/onap/aai/rest/db/HttpEntry.java
@@ -20,6 +20,7 @@
  
  package org.onap.aai.rest.db;
  
+import org.onap.aai.introspection.sideeffect.OwnerCheck;
  import org.slf4j.Logger;
  import org.slf4j.LoggerFactory;
  import com.fasterxml.jackson.databind.JsonNode;
@@ -400,16 +401,24 @@ public class HttpEntry {
                      transactionId = request.getTransactionId();
                      uriTemp = request.getUri().getRawPath().replaceFirst("^v\\d+/", "");
                      uri = UriBuilder.fromPath(uriTemp).build();
-                    List<Vertex> vertTemp;
+
+                    boolean groupsAvailable = serializer.getGroups() != null && !serializer.getGroups().isEmpty();
+                    List<Vertex> queryResult = query.getQueryBuilder().toList();
                      List<Vertex> vertices;
                      if (this.isPaginated()) {
-                        vertTemp = query.getQueryBuilder().toList();
+                        List<Vertex> vertTemp = groupsAvailable ? queryResult.stream().filter((vx) -> {
+                            return OwnerCheck.isAuthorized(groups, vx);
+                        }).collect(Collectors.toList()) : queryResult;
                          this.setTotalsForPaging(vertTemp.size(), this.paginationBucket);
                          vertices = vertTemp.subList(((this.paginationIndex - 1) * this.paginationBucket),
                                  Math.min((this.paginationBucket * this.paginationIndex), vertTemp.size()));
                      } else {
-                        vertices = query.getQueryBuilder().toList();
+                        vertices = groupsAvailable && queryResult.size() > 1 ? queryResult.stream().filter((vx) -> {
+                            return OwnerCheck.isAuthorized(groups, vx);
+                        }).collect(Collectors.toList()) : queryResult;
+
                      }
+
                      boolean isNewVertex;
                      HttpHeaders headers = request.getHeaders();
                      outputMediaType = getMediaType(headers.getAcceptableMediaTypes());
author	Rodrigo Lima <rodrigo.lima@yoppworks.com>
	Thu, 5 Nov 2020 19:46:40 +0000 (14:46 -0500)
committer	Rodrigo Lima <rodrigo.lima@yoppworks.com>
	Tue, 10 Nov 2020 20:30:57 +0000 (15:30 -0500)
aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java		patch \| blob \| history
aai-core/src/main/java/org/onap/aai/rest/db/HttpEntry.java		patch \| blob \| history