* org.onap.dmaap
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ *
+ * Modifications Copyright (C) 2019 IBM.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
-import org.onap.dmaap.dbcapi.aaf.client.MrProvConnection;
-import org.onap.dmaap.dbcapi.aaf.database.DatabaseClass;
+import org.onap.dmaap.dbcapi.aaf.AafUserRole;
+import org.onap.dmaap.dbcapi.client.MrProvConnection;
+import org.onap.dmaap.dbcapi.database.DatabaseClass;
import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
import org.onap.dmaap.dbcapi.model.ApiError;
import org.onap.dmaap.dbcapi.model.DcaeLocation;
public class MR_ClientService extends BaseLoggingClass{
+ private static final String MR_CLIENT_ID = "mrClientId";
private int deleteLevel;
private Map<String, MR_Client> mr_clients = DatabaseClass.getMr_clients();
private Map<String, MR_Cluster> clusters = DatabaseClass.getMr_clusters();
- private Map<String, Topic> topics = DatabaseClass.getTopics();
private Map<String, DcaeLocation> locations = DatabaseClass.getDcaeLocations();
private DmaapService dmaap = new DmaapService();
+ private String centralCname;
public MR_ClientService() {
DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
-
- deleteLevel = Integer.valueOf(p.getProperty("MR.ClientDeleteLevel", "0" ));
- }
- public Map<String, MR_Client> getMR_Clients() {
- return mr_clients;
+ centralCname = p.getProperty("MR.CentralCname", "MRcname.not.set");
+ deleteLevel = Integer.valueOf(p.getProperty("MR.ClientDeleteLevel", "0" ));
}
public List<MR_Client> getAllMr_Clients() {
- return new ArrayList<MR_Client>(mr_clients.values());
+ return new ArrayList<>(mr_clients.values());
}
- public ArrayList<MR_Client> getAllMrClients(String fqtn) {
- ArrayList<MR_Client> results = new ArrayList<MR_Client>();
+ List<MR_Client> getAllMrClients(String fqtn) {
+ ArrayList<MR_Client> results = new ArrayList<>();
for (Map.Entry<String, MR_Client> entry : mr_clients.entrySet())
{
MR_Client client = entry.getValue();
return results;
}
- public ArrayList<MR_Client> getClientsByLocation(String location) {
- ArrayList<MR_Client> results = new ArrayList<MR_Client>();
+ List<MR_Client> getClientsByLocation(String location) {
+ List<MR_Client> results = new ArrayList<>();
for (Map.Entry<String, MR_Client> entry : mr_clients.entrySet())
{
MR_Client client = entry.getValue();
}
return results;
}
-
- public void refreshClients( String location ) {
- ApiError err = new ApiError();
- ArrayList<MR_Client> clients = getClientsByLocation( location );
- for( MR_Client client : clients ) {
- Topic topic = topics.get(client.getFqtn());
- if ( topic != null ) {
- addMr_Client( client, topic, err);
- }
-
-
- }
- }
+
public MR_Client getMr_Client( String key, ApiError apiError ) {
MR_Client c = mr_clients.get( key );
if ( c == null ) {
apiError.setCode(Status.NOT_FOUND.getStatusCode());
- apiError.setFields( "mrClientId");
- apiError.setMessage("mrClientId " + key + " not found" );
+ apiError.setFields(MR_CLIENT_ID);
+ apiError.setMessage(MR_CLIENT_ID+ " " + key + " not found" );
} else {
apiError.setCode(200);
}
logger.info( "Client dcaeLocation that doesn't exist or not specified" );
return null;
}
- grantClientPerms( client, err);
+ // original style: clients specified Role. This has precedence for backwards
+ // compatibility.
+ // ONAP style: clients specify Identity to be assigned to generated Role
+ String role = client.getClientRole();
+ if ( role != null ) {
+ grantClientRolePerms( client, err);
+ } else if ( client.hasClientIdentity() ){
+ if ( client.isSubscriber() ) {
+ role = topic.getSubscriberRole();
+ assignIdentityToRole( client, role, err );
+ }
+ if (client.isPublisher() ) {
+ role = topic.getPublisherRole();
+ assignIdentityToRole( client, role, err );
+ }
+ }
if ( ! client.isStatusValid()) {
return null;
}
String centralFqdn = null;
DcaeLocation candidate = locations.get(client.getDcaeLocationName());
- if ( candidate != null && candidate.isCentral() ) {
- DmaapConfig p = ( DmaapConfig)DmaapConfig.getConfig();
- centralFqdn = p.getProperty("MR.CentralCname");
- }
+
MR_Cluster cluster = clusters.get( client.getDcaeLocationName());
- if ( cluster != null ) {
+ if ( cluster != null && candidate != null ) {
+ if ( candidate.isCentral() && ! topic.getReplicationCase().involvesFQDN() ) {
+ centralFqdn = centralCname;
+ }
client.setTopicURL(cluster.genTopicURL(centralFqdn, client.getFqtn()));
if ( centralFqdn == null ) {
client.setStatus( addTopicToCluster( cluster, topic, err));
} else {
MR_ClusterService clusters = new MR_ClusterService();
- // in 1610, MM should only exist for edge-to-central
- // we use a cname for the central target
+ // MM should only exist for edge-to-central
+ // we use a cname for the central target (default resiliency with no replicationGroup set)
// but still need to provision topics on all central MRs
for( MR_Cluster central: clusters.getCentralClusters() ) {
client.setStatus( addTopicToCluster( central, topic, err));
}
} else {
- logger.info( "Client references a dcaeLocation that doesn't exist:" + client.getDcaeLocationName());
+ logger.warn( "Client references a dcaeLocation that doesn't exist:" + client.getDcaeLocationName());
client.setStatus( DmaapObject_Status.STAGED);
- //return null;
}
mr_clients.put( client.getMrClientId(), client );
MrProvConnection prov = new MrProvConnection();
logger.info( "POST topic " + topic.getFqtn() + " to cluster " + cluster.getFqdn() + " in loc " + cluster.getDcaeLocationName());
if ( prov.makeTopicConnection(cluster)) {
- String resp = prov.doPostTopic(topic, err);
+ prov.doPostTopic(topic, err);
logger.info( "response code: " + err.getCode() );
if ( err.is2xx() || err.getCode() == 409 ) {
return DmaapObject_Status.VALID;
return DmaapObject_Status.INVALID;
}
- private void grantClientPerms( MR_Client client, ApiError err) {
+ private void grantClientRolePerms( MR_Client client, ApiError err) {
AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
String instance = ":topic." + client.getFqtn();
client.setStatus( DmaapObject_Status.VALID);
+ String role = client.getClientRole();
for( String want : client.getAction() ) {
int rc;
DmaapPerm perm = new DmaapPerm( dmaap.getTopicPerm(), instance, want );
- DmaapGrant g = new DmaapGrant( perm, client.getClientRole() );
- rc = aaf.addGrant( g );
- if ( rc != 201 && rc != 409 ) {
- client.setStatus( DmaapObject_Status.INVALID);
- err.setCode(rc);
- err.setMessage( "Grant of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " failed for " + client.getClientRole() );
- logger.warn( err.getMessage());
- return;
- }
+ if ( role != null ) {
+ DmaapGrant g = new DmaapGrant( perm, role );
+ rc = aaf.addGrant( g );
+ if ( rc != 201 && rc != 409 ) {
+ client.setStatus( DmaapObject_Status.INVALID);
+ err.setCode(rc);
+ err.setMessage( "Grant of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " failed for " + role );
+ logger.warn( err.getMessage());
+ return;
+ }
+ } else {
+ logger.warn( "No Grant of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " because role is null " );
+ }
}
}
+ private void assignIdentityToRole( MR_Client client, String role, ApiError err ) {
+ AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
+
+ AafUserRole ur = new AafUserRole( client.getClientIdentity(), role );
+ int rc = aaf.addUserRole( ur );
+ if ( rc != 201 && rc != 409 ) {
+ client.setStatus( DmaapObject_Status.INVALID);
+ err.setCode(rc);
+ err.setMessage( "Failed to add user " + client.getClientIdentity()+ " to " + role );
+ logger.warn( err.getMessage());
+ return;
+ }
+ client.setStatus( DmaapObject_Status.VALID);
+
+ }
private void revokeClientPerms( MR_Client client, ApiError err) {
AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
MR_Client c = mr_clients.get( client.getMrClientId());
if ( c == null ) {
apiError.setCode(Status.NOT_FOUND.getStatusCode());
- apiError.setFields( "mrClientId");
+ apiError.setFields(MR_CLIENT_ID);
apiError.setMessage("mrClientId " + client.getMrClientId() + " not found" );
} else {
apiError.setCode(200);
MR_Client client = mr_clients.get( key );
if ( client == null ) {
apiError.setCode(Status.NOT_FOUND.getStatusCode());
- apiError.setFields( "mrClientId");
+ apiError.setFields(MR_CLIENT_ID);
apiError.setMessage("mrClientId " + key + " not found" );
return;
} else {
apiError.setCode(200);
}
- if ( updateTopicView == true ) {
+ if (updateTopicView) {
TopicService topics = new TopicService();
Topic t = topics.getTopic(client.getFqtn(), apiError );
if ( t != null ) {
- ArrayList<MR_Client> tc = t.getClients();
+ List<MR_Client> tc = t.getClients();
for( MR_Client c: tc) {
if ( c.getMrClientId().equals(client.getMrClientId())) {
tc.remove(c);
}
-
// remove from AAF
if ( deleteLevel >= 2 ) {
revokeClientPerms( client, apiError );
if ( deleteLevel >= 1 ) {
mr_clients.remove(key);
}
-
- return;
}
}