import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum;
-import org.onap.dmaap.dbcapi.util.DmaapConfig;
-public class AafServiceImpl extends BaseLoggingClass implements AafService {
-
- private AafConnection aaf;
- private AafService.ServiceType ctype;
- private String aafURL;
- private String identity;
- private boolean useAAF = false;
-
- public AafServiceImpl(AafService.ServiceType t) {
- DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
- aafURL = p.getProperty("aaf.URL", "https://authentication.domain.netset.com:8100/proxy/");
- initAafService(t);
- }
-
- private void initAafService(AafService.ServiceType t) {
- DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
- useAAF = "true".equalsIgnoreCase(p.getProperty("UseAAF", "false"));
- logger.info("AafService initAafService: useAAF=" + useAAF);
-
- ctype = t;
- aaf = new AafConnection(getCred(true));
- }
-
- private String getCred(boolean wPwd) {
- String mechIdProperty;
- String secretProperty;
- DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
- AafDecrypt decryptor = new AafDecrypt();
-
- if (ctype == AafService.ServiceType.AAF_Admin) {
- mechIdProperty = "aaf.AdminUser";
- secretProperty = "aaf.AdminPassword";
- } else if (ctype == AafService.ServiceType.AAF_TopicMgr) {
- mechIdProperty = "aaf.TopicMgrUser";
- secretProperty = "aaf.TopicMgrPassword";
- } else {
- logger.error("Unexpected case for AAF credential type: " + ctype);
- return null;
- }
- identity = p.getProperty(mechIdProperty, "noMechId@domain.netset.com");
+import static java.lang.String.format;
- String encPwd = p.getProperty(secretProperty, "notSet");
-
- String pwd = decryptor.decrypt(encPwd);
+public class AafServiceImpl extends BaseLoggingClass implements AafService {
- if (wPwd) {
- return identity + ":" + pwd;
- } else {
- return identity;
- }
+ private static final int CREATED = 201;
+ private static final int OK = 200;
+ private static final String FORCE = "?force=true";
+ private final String aafUrl;
+ private final String identity;
+ private final boolean useAAF;
+ private final AafConnection aafConnection;
+
+ AafServiceImpl(boolean useAaf, String aafUrl, String identity, AafConnection aafConnection) {
+ this.useAAF = useAaf;
+ this.aafUrl = aafUrl;
+ this.identity = identity;
+ this.aafConnection = aafConnection;
}
@Override
@Override
public int addPerm(DmaapPerm perm) {
logger.info("entry: addPerm() ");
- return doPost(perm, "authz/perm", 201);
+ return doPost(perm, "authz/perm", CREATED);
}
@Override
- public int delPerm(DmaapPerm perm) {
- return 200;
+ public int delPerm(DmaapPerm perm, boolean force) {
+ logger.info("entry: delPerm()");
+ return doDelete(new AafEmpty(), format(
+ "authz/perm/%s/%s/%s%s",
+ perm.getPermission(), perm.getPtype(), perm.getAction(), force ? FORCE : ""), OK);
}
@Override
public int addGrant(DmaapGrant grant) {
logger.info("entry: addGrant() ");
- return doPost(grant, "authz/role/perm", 201);
+ return doPost(grant, "authz/role/perm", CREATED);
}
@Override
public int addUserRole(AafUserRole ur) {
logger.info("entry: addUserRole() ");
- return doPost(ur, "authz/userRole", 201);
+ return doPost(ur, "authz/userRole", CREATED);
}
@Override
public int delGrant(DmaapGrant grant) {
logger.info("entry: delGrant() ");
- return doDelete(grant, "authz/role/:" + grant.getRole() + "/perm", 200);
+ return doDelete(grant, "authz/role/:" + grant.getRole() + "/perm", OK);
}
@Override
public int addRole(AafRole role) {
logger.info("entry: addRole() ");
- return doPost(role, "authz/role", 201);
+ return doPost(role, "authz/role", CREATED);
}
@Override
public int addNamespace(AafNamespace ns) {
logger.info("entry: addNamespace() ");
- return doPost(ns, "authz/ns", 201);
+ return doPost(ns, "authz/ns", CREATED);
}
@Override
- public int delNamespace(AafNamespace ns) {
- return 200;
+ public int delNamespace(AafNamespace ns, boolean force) {
+ logger.info("entry: delNamespace()");
+ return doDelete(new AafEmpty(), format(
+ "authz/ns/%s%s",
+ ns.getName(), force ? FORCE : ""), OK);
}
private int doPost(AafObject obj, String uri, int expect) {
int rc;
logger.info("entry: doPost() ");
- String pURL = aafURL + uri;
+ String pURL = aafUrl + uri;
logger.info("doPost: useAAF=" + useAAF);
if (useAAF) {
logger.info("doPost: " + obj.toJSON());
- rc = aaf.postAaf(obj, pURL);
+ rc = aafConnection.postAaf(obj, pURL);
} else {
rc = expect;
}
switch (rc) {
case 401:
case 403:
- errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
+ errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, identity);
break;
case 409:
logger.warn("Object for " + uri + " already exists. Possible conflict.");
private int doDelete(AafObject obj, String uri, int expect) {
int rc;
- String pURL = aafURL + uri;
+ String pURL = aafUrl + uri;
if (useAAF) {
logger.info("doDelete: " + obj.toJSON());
- rc = aaf.delAaf(obj, pURL);
+ rc = aafConnection.delAaf(obj, pURL);
} else {
rc = expect;
}
switch (rc) {
case 401:
case 403:
- errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, getCred(false));
+ errorLogger.error(DmaapbcLogMessageEnum.AAF_CREDENTIAL_ERROR, identity);
break;
case 404:
logger.warn("Object not found...ignore");
break;
- case 200:
+ case OK:
logger.info("expected response");
break;
default:
return rc;
}
+
+ String getAafUrl() {
+ return aafUrl;
+ }
+
+ boolean isUseAAF() {
+ return useAAF;
+ }
+
}
\ No newline at end of file