X-Git-Url: https://gerrit.onap.org/r/gitweb?p=dmaap%2Fdatarouter.git;a=blobdiff_plain;f=datarouter-prov%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdatarouter%2Fprovisioning%2FSubscriptionServlet.java;fp=datarouter-prov%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdatarouter%2Fprovisioning%2FSubscriptionServlet.java;h=f4f3c9b038cb65003e078954e29decddc75c6361;hp=1851d03a61879ae93a8bbcbb31ef96fd79307bdf;hb=495ebf460ae2ca936981e4ed28a11224de69b64e;hpb=63b13a0cddf45b4cfd1691dd5b95a205af355898 diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java index 1851d03a..f4f3c9b0 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java @@ -111,37 +111,6 @@ public class SubscriptionServlet extends ProxyServlet { sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger); return; } - /* - * START - AAF changes - * TDP EPIC US# 307413 - * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove subscription - */ - String aafInstance = sub.getAafInstance(); - if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) { - AuthorizationResponse aresp = authz.decide(req); - if (!aresp.isAuthorized()) { - message = POLICY_ENGINE; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_FORBIDDEN); - eventlogger.error(elr.toString()); - sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); - return; - } - } else { - String permission = getSubscriberPermission(aafInstance, BaseServlet.DELETE_PERMISSION); - eventlogger.info("SubscriptionServlet.doDelete().. Permission String - " + permission); - if (!req.isUserInRole(permission)) { - message = "AAF disallows access to permission - " + permission; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_FORBIDDEN); - eventlogger.error(elr.toString()); - sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); - return; - } - } - /* - * END - AAF changes - */ // Delete Subscription if (doDelete(sub)) { activeSubs--; @@ -321,38 +290,6 @@ public class SubscriptionServlet extends ProxyServlet { sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); return; } - - /* - * START - AAF changes - * TDP EPIC US# 307413 - * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove subscription - */ - String aafInstance = sub.getAafInstance(); - if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) { - AuthorizationResponse aresp = authz.decide(req); - if (!aresp.isAuthorized()) { - message = POLICY_ENGINE; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_FORBIDDEN); - eventlogger.error(elr.toString()); - sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); - return; - } - } else { - String permission = getSubscriberPermission(aafInstance, BaseServlet.EDIT_PERMISSION); - eventlogger.info("SubscriptionServlet.doDelete().. Permission String - " + permission); - if (!req.isUserInRole(permission)) { - message = "AAF disallows access to permission - " + permission; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_FORBIDDEN); - eventlogger.error(elr.toString()); - sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); - return; - } - } - /* - * END - AAF changes - */ sub.setSubid(oldsub.getSubid()); sub.setFeedid(oldsub.getFeedid()); sub.setSubscriber(bhdr); // set from X-DMAAP-DR-ON-BEHALF-OF header