Code Review / dmaap / datarouter.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "[DMAAP-DR-PROV] Remove aaf & cadi"
[dmaap/datarouter.git] / datarouter-prov / src / main / java / org / onap / dmaap / datarouter / provisioning / SubscriptionServlet.java
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java
index 1851d03..f4f3c9b 100644 (file)
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java
@@ -111,37 +111,6 @@ public class SubscriptionServlet extends ProxyServlet {
                 sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);\r
                 return;\r
             }\r
-            /*\r
-             * START - AAF changes\r
-             * TDP EPIC US# 307413\r
-             * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove subscription\r
-             */\r
-            String aafInstance = sub.getAafInstance();\r
-            if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) {\r
-                AuthorizationResponse aresp = authz.decide(req);\r
-                if (!aresp.isAuthorized()) {\r
-                    message = POLICY_ENGINE;\r
-                    elr.setMessage(message);\r
-                    elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
-                    eventlogger.error(elr.toString());\r
-                    sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
-                    return;\r
-                }\r
-            } else {\r
-                String permission = getSubscriberPermission(aafInstance, BaseServlet.DELETE_PERMISSION);\r
-                eventlogger.info("SubscriptionServlet.doDelete().. Permission String - " + permission);\r
-                if (!req.isUserInRole(permission)) {\r
-                    message = "AAF disallows access to permission - " + permission;\r
-                    elr.setMessage(message);\r
-                    elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
-                    eventlogger.error(elr.toString());\r
-                    sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
-                    return;\r
-                }\r
-            }\r
-            /*\r
-             * END - AAF changes\r
-             */\r
             // Delete Subscription\r
             if (doDelete(sub)) {\r
                 activeSubs--;\r
@@ -321,38 +290,6 @@ public class SubscriptionServlet extends ProxyServlet {
                 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
                 return;\r
             }\r
-\r
-            /*\r
-             * START - AAF changes\r
-             * TDP EPIC US# 307413\r
-             * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove subscription\r
-             */\r
-            String aafInstance = sub.getAafInstance();\r
-            if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) {\r
-                AuthorizationResponse aresp = authz.decide(req);\r
-                if (!aresp.isAuthorized()) {\r
-                    message = POLICY_ENGINE;\r
-                    elr.setMessage(message);\r
-                    elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
-                    eventlogger.error(elr.toString());\r
-                    sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
-                    return;\r
-                }\r
-            } else {\r
-                String permission = getSubscriberPermission(aafInstance, BaseServlet.EDIT_PERMISSION);\r
-                eventlogger.info("SubscriptionServlet.doDelete().. Permission String - " + permission);\r
-                if (!req.isUserInRole(permission)) {\r
-                    message = "AAF disallows access to permission - " + permission;\r
-                    elr.setMessage(message);\r
-                    elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
-                    eventlogger.error(elr.toString());\r
-                    sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
-                    return;\r
-                }\r
-            }\r
-            /*\r
-             * END - AAF changes\r
-             */\r
             sub.setSubid(oldsub.getSubid());\r
             sub.setFeedid(oldsub.getFeedid());\r
             sub.setSubscriber(bhdr);    // set from X-DMAAP-DR-ON-BEHALF-OF header\r
The Data Routing System project is intended to provide a common framework by which data producers can make data available to data consumers and a way for potential consumers to find feeds with the data they require. The interface to DR is exposed as a RESTful web service known as the DR Publishing and Delivery API