import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
import org.onap.dmaap.dbcapi.model.ApiError;
import org.onap.dmaap.dbcapi.model.Topic;
+import org.onap.dmaap.dbcapi.util.DmaapConfig;
import static java.lang.String.format;
+import static org.apache.commons.lang3.StringUtils.isNumeric;
class AafTopicSetupService extends BaseLoggingClass {
private final AafService aafService;
private final DmaapService dmaapService;
- private final boolean createTopicRoles;
+ private final DmaapConfig dmaapConfig;
- AafTopicSetupService(AafService aafService, DmaapService dmaapService, boolean createTopicRoles) {
+ AafTopicSetupService(AafService aafService, DmaapService dmaapService, DmaapConfig dmaapConfig) {
this.aafService = aafService;
this.dmaapService = dmaapService;
- this.createTopicRoles = createTopicRoles;
+ this.dmaapConfig = dmaapConfig;
}
ApiError aafTopicSetup(Topic topic) {
// For backwards compatibility, only do this if the feature is enabled.
// Also, if the namespace of the topic is a foreign namespace, (i.e. not the same as our root ns)
// then we likely don't have permission to create sub-ns and Roles so don't try.
- if (createTopicRoles && topic.getFqtn().startsWith(getTopicsNsRoot())) {
+ if (createTopicRoles() && topic.getFqtn().startsWith(getTopicsNsRoot())) {
createNamespace(topic);
AafRole pubRole = createRole(topic, "publisher");
return okStatus();
}
+ ApiError aafTopicCleanup(Topic topic) {
+ try {
+ if (performCleanup()) {
+ String instance = ":topic." + topic.getFqtn();
+ String topicPerm = dmaapService.getTopicPerm();
+ removePermission(topicPerm, instance, "pub");
+ removePermission(topicPerm, instance, "sub");
+ removePermission(topicPerm, instance, "view");
+
+ if (createTopicRoles() && topic.getFqtn().startsWith(getTopicsNsRoot())) {
+ removeNamespace(topic);
+ }
+ }
+ } catch (TopicSetupException ex) {
+ return new ApiError(ex.getCode(), ex.getMessage(), ex.getFields());
+ }
+ return okStatus();
+ }
+
private String getTopicsNsRoot() throws TopicSetupException {
String nsr = dmaapService.getDmaap().getTopicNsRoot();
if (nsr == null) {
}
private AafRole createRole(Topic topic, String roleName) throws TopicSetupException {
- int rc;
AafRole role = new AafRole(topic.getFqtn(), roleName);
- rc = aafService.addRole(role);
+ int rc = aafService.addRole(role);
if (rc != 201 && rc != 409) {
throw new TopicSetupException(500,
format("Unexpected response from AAF: %d topic=%s role=%s",
return role;
}
+ private void removePermission(String permission, String instance, String action) throws TopicSetupException {
+ DmaapPerm perm = new DmaapPerm(permission, instance, action);
+ int rc = aafService.delPerm(perm, true);
+ if (rc != 200 && rc != 404) {
+ throw new TopicSetupException(500,
+ format("Unexpected response from AAF: %d permission=%s instance=%s action=%s",
+ rc, perm, instance, action));
+ }
+ }
+
+ private void removeNamespace(Topic topic) throws TopicSetupException {
+ AafNamespace ns = new AafNamespace(topic.getFqtn(), aafService.getIdentity());
+ int rc = aafService.delNamespace(ns, true);
+ if (rc != 200 && rc != 404) {
+ throw new TopicSetupException(500,
+ format("Unexpected response from AAF: %d namespace=%s identity=%s",
+ rc, topic.getFqtn(), aafService.getIdentity()));
+ }
+ }
+
private ApiError okStatus() {
return new ApiError(200, "OK");
}
+ private boolean createTopicRoles() {
+ return "true".equalsIgnoreCase(dmaapConfig.getProperty("aaf.CreateTopicRoles", "true"));
+ }
+
+ private boolean performCleanup() {
+ String deleteLevel = dmaapConfig.getProperty("MR.ClientDeleteLevel", "0");
+ if (!isNumeric(deleteLevel)) {
+ return false;
+ }
+ return Integer.valueOf(deleteLevel) >= 2;
+ }
+
private class TopicSetupException extends Exception {
+
private final int code;
private final String message;
private final String fields;
Code Review / dmaap / dbcapi.git / blobdiff