Code Review / dmaap / buscontroller.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
[DMAAP-BC] Consolidate bus controller repos
[dmaap/buscontroller.git] / dmaap-bc / src / main / java / org / onap / dmaap / dbcapi / authentication / ApiPerms.java
1 /*-
2  * ============LICENSE_START=======================================================
3  * org.onap.dmaap
4  * ================================================================================
5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6  * 
7  * Modifications Copyright (C) 2018 IBM.
8  * ================================================================================
9  * Licensed under the Apache License, Version 2.0 (the "License");
10  * you may not use this file except in compliance with the License.
11  * You may obtain a copy of the License at
12  * 
13  *      http://www.apache.org/licenses/LICENSE-2.0
14  * 
15  * Unless required by applicable law or agreed to in writing, software
16  * distributed under the License is distributed on an "AS IS" BASIS,
17  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18  * See the License for the specific language governing permissions and
19  * limitations under the License.
20  * ============LICENSE_END=========================================================
21  */
22
23 package org.onap.dmaap.dbcapi.authentication;
24
25 import com.att.eelf.configuration.EELFLogger;
26 import com.att.eelf.configuration.EELFManager;
27
28 import org.onap.dmaap.dbcapi.aaf.AafService;
29 import org.onap.dmaap.dbcapi.aaf.AafServiceFactory;
30 import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
31 import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
32 import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
33 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
34 import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
35 import org.onap.dmaap.dbcapi.model.Dmaap;
36 import org.onap.dmaap.dbcapi.service.DmaapService;
37 import org.onap.dmaap.dbcapi.util.DmaapConfig;
38
39 public  class ApiPerms extends BaseLoggingClass {
40         static String topic = "topics";
41         static String mrClusters = "mr_clusters";
42         static String mrClients = "mr_clients";
43         static String feed = "feeds";
44         static String drSubs = "dr_subs";
45         static String drPubs = "dr_pubs";
46         static String drNodes = "dr_nodes";
47         static String dcaeLocations = "dcaeLocations";
48         static String inventory = "Inventory";
49         static String portalUser = "PortalUser";
50         static String orchestrator = "Orchestrator";
51         static String delete = "DELETE";
52         static String dmaap = "dmaap";
53         static String controller = "Controller";
54         
55         private static class PermissionMap {
56                 static final EELFLogger logger = EELFManager.getInstance().getLogger( PermissionMap.class );
57                 static final EELFLogger errorLogger = EELFManager.getInstance().getErrorLogger();
58                 String uri;
59                 String action;
60                 String[] roles;
61                 
62                 private PermissionMap( String u, String a, String[] r ) {
63                         this.setUri(u);
64                         this.setAction(a);
65                         this.setRoles(r);
66                 }       
67                 
68                 public String getUri() {
69                         return uri;
70                 }
71                 public void setUri(String uri) {
72                         this.uri = uri;
73                 }
74                 public String getAction() {
75                         return action;
76                 }
77                 public void setAction(String action) {
78                         this.action = action;
79                 }
80
81                 public String[] getRoles() {
82                         return roles;
83                 }
84                 public void setRoles(String[] roles) {
85                         this.roles = roles;
86                 }
87
88                 public static void initMap( PermissionMap[] pmap, String instance ) {
89
90                         DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
91                         String api = p.getProperty("ApiNamespace", "apiNamespace.not.set");
92
93                         AafService aaf = new AafServiceFactory().initAafService(ServiceType.AAF_Admin);
94                         
95                         for ( int i = 0; i < pmap.length ; i++ ) {
96                                 String uri = new String( api + "." + pmap[i].getUri());
97                                 DmaapPerm perm = new DmaapPerm( uri, instance, pmap[i].getAction() );
98                                 int rc = aaf.addPerm( perm );
99                                 if ( rc != 201 &&  rc != 409 ) {
100                                         errorLogger.error( DmaapbcLogMessageEnum.AAF_UNEXPECTED_RESPONSE,  Integer.toString(rc), "add perm",  perm.toString() );
101
102                                 }
103                                 for( String r: pmap[i].getRoles()) {
104                                         String fr = new String( api + "." + r );
105                                         logger.debug( "i:" + i + " granting perm " + perm.toString()+ " to role=" + fr );
106                                         DmaapGrant grant = new DmaapGrant( perm, fr );
107                                         rc = aaf.addGrant( grant );
108                                         if ( rc != 201 && rc != 409 ) {
109                                                 errorLogger.error( DmaapbcLogMessageEnum.AAF_UNEXPECTED_RESPONSE,  Integer.toString(rc), "grant perm",  perm.toString() );
110                                         }
111                                 }
112                                 
113                         }
114                 }
115         }
116         
117         static PermissionMap[] bootMap = {
118                 new PermissionMap( dmaap, "GET", new String[] { controller }),
119                 new PermissionMap( dmaap, "POST", new String[] { controller }), 
120                 new PermissionMap( dmaap, "PUT", new String[] { controller }),
121                 new PermissionMap( dmaap, delete, new String[] { controller })
122         
123         };
124
125         static PermissionMap[] envMap = {
126                 new PermissionMap( dmaap, "GET", new String[] { controller, orchestrator, inventory, "Metrics", portalUser }),
127                 new PermissionMap( dmaap, "POST", new String[] { controller } ),                
128                 new PermissionMap( dmaap, "PUT", new String[] { controller }),
129                 new PermissionMap( dmaap, delete, new String[] { controller }),
130                 new PermissionMap( "bridge", "GET", new String[] {  "Metrics" }),
131                 //new PermissionMap( "bridge", "POST", new String[] { "Metrics" } ),            
132                 //new PermissionMap( "bridge", "PUT", new String[] { "Metrics" }),
133                 //new PermissionMap( "bridge", delete, new String[] { "Metrics" }),
134                 new PermissionMap( dcaeLocations, "GET", new String[] { controller, orchestrator, inventory, "Metrics", portalUser }),
135                 new PermissionMap( dcaeLocations, "POST", new String[] { controller } ),                
136                 new PermissionMap( dcaeLocations, "PUT", new String[] { controller }),
137                 new PermissionMap( dcaeLocations, delete, new String[] { controller }),
138                 new PermissionMap( drNodes, "GET", new String[] { controller, orchestrator, inventory,  portalUser }),
139                 new PermissionMap( drNodes, "POST", new String[] { controller } ),              
140                 new PermissionMap( drNodes, "PUT", new String[] { controller }),
141                 new PermissionMap( drNodes, delete, new String[] { controller }),
142                 new PermissionMap( drPubs, "GET", new String[] { controller, orchestrator, inventory, "Metrics", portalUser }),
143                 new PermissionMap( drPubs, "POST", new String[] { controller, orchestrator,portalUser } ),              
144                 new PermissionMap( drPubs, "PUT", new String[] { controller, orchestrator,portalUser }),
145                 new PermissionMap( drPubs, delete, new String[] { controller, orchestrator,portalUser }),
146                 new PermissionMap( drSubs, "GET", new String[] { controller, orchestrator, inventory, "Metrics", portalUser }),
147                 new PermissionMap( drSubs, "POST", new String[] { controller, orchestrator,portalUser } ),              
148                 new PermissionMap( drSubs, "PUT", new String[] { controller, orchestrator,portalUser }),
149                 new PermissionMap( drSubs, delete, new String[] { controller, orchestrator,portalUser }),
150                 new PermissionMap( feed, "GET", new String[] { controller, orchestrator, inventory, "Metrics", portalUser }),
151                 new PermissionMap( feed, "POST", new String[] { controller, orchestrator,portalUser } ),                
152                 new PermissionMap( feed, "PUT", new String[] { controller, orchestrator, portalUser }),
153                 new PermissionMap( feed, delete, new String[] { controller, portalUser }),
154                 new PermissionMap( mrClients, "GET", new String[] { controller, orchestrator, inventory, "Metrics", portalUser }),
155                 new PermissionMap( mrClients, "POST", new String[] { controller,orchestrator, portalUser } ),           
156                 new PermissionMap( mrClients, "PUT", new String[] { controller, orchestrator,portalUser }),
157                 new PermissionMap( mrClients, delete, new String[] { controller,orchestrator, portalUser }),
158                 new PermissionMap( mrClusters, "GET", new String[] { controller, orchestrator, inventory, "Metrics", portalUser }),
159                 new PermissionMap( mrClusters, "POST", new String[] { controller } ),           
160                 new PermissionMap( mrClusters, "PUT", new String[] { controller }),
161                 new PermissionMap( mrClusters, delete, new String[] { controller }),
162                 new PermissionMap( topic, "GET", new String[] { controller, orchestrator, inventory, "Metrics", portalUser }),
163                 new PermissionMap( topic, "POST", new String[] { controller, orchestrator } ),          
164                 new PermissionMap( topic, "PUT", new String[] { controller, orchestrator }),
165                 new PermissionMap( topic, delete, new String[] { controller, orchestrator })
166         };
167         
168         public void setBootMap() {
169                 String instance = "boot";
170                 PermissionMap.initMap( bootMap, instance );
171         }
172         
173         public void setEnvMap() {
174                 Dmaap dmaapVar = new DmaapService().getDmaap();
175                 String dmaapName = dmaapVar.getDmaapName();
176                 PermissionMap.initMap( envMap, dmaapName );
177         }
178         
179
180 }
Provides a northbound REST API to ONAP clients to manage DMaaP resources. This includes DMaaP components such as MR and DR, as well as provisioning of topics and feeds. Southbound, it communicates with the respective component APIs.