X-Git-Url: https://gerrit.onap.org/r/gitweb?p=dmaap%2Fdbcapi.git;a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fservice%2FAafTopicSetupService.java;h=16ffa0816a8120629849c267468bb214702280d0;hp=76085573e1cd1510c952c2dca7ea213b5dbc1c3a;hb=26a7eb9dea0fb9726d696422f8de54a8ac198994;hpb=e2e2bcd054957077817b4e9f441ca069ad452d2d

diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/AafTopicSetupService.java b/src/main/java/org/onap/dmaap/dbcapi/service/AafTopicSetupService.java
index 7608557..16ffa08 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/AafTopicSetupService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/AafTopicSetupService.java
@@ -27,19 +27,21 @@ import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
 import org.onap.dmaap.dbcapi.model.ApiError;
 import org.onap.dmaap.dbcapi.model.Topic;
+import org.onap.dmaap.dbcapi.util.DmaapConfig;
 
 import static java.lang.String.format;
+import static org.apache.commons.lang3.StringUtils.isNumeric;
 
 class AafTopicSetupService extends BaseLoggingClass {
 
     private final AafService aafService;
     private final DmaapService dmaapService;
-    private final boolean createTopicRoles;
+    private final DmaapConfig dmaapConfig;
 
-    AafTopicSetupService(AafService aafService, DmaapService dmaapService, boolean createTopicRoles) {
+    AafTopicSetupService(AafService aafService, DmaapService dmaapService, DmaapConfig dmaapConfig) {
         this.aafService = aafService;
         this.dmaapService = dmaapService;
-        this.createTopicRoles = createTopicRoles;
+        this.dmaapConfig = dmaapConfig;
     }
 
     ApiError aafTopicSetup(Topic topic) {
@@ -55,7 +57,7 @@ class AafTopicSetupService extends BaseLoggingClass {
             // For backwards compatibility, only do this if the feature is enabled.
             // Also, if the namespace of the topic is a foreign namespace, (i.e. not the same as our root ns)
             // then we likely don't have permission to create sub-ns and Roles so don't try.
-            if (createTopicRoles && topic.getFqtn().startsWith(getTopicsNsRoot())) {
+            if (createTopicRoles() && topic.getFqtn().startsWith(getTopicsNsRoot())) {
                 createNamespace(topic);
 
                 AafRole pubRole = createRole(topic, "publisher");
@@ -78,6 +80,25 @@ class AafTopicSetupService extends BaseLoggingClass {
         return okStatus();
     }
 
+    ApiError aafTopicCleanup(Topic topic) {
+        try {
+            if (performCleanup()) {
+                String instance = ":topic." + topic.getFqtn();
+                String topicPerm = dmaapService.getTopicPerm();
+                removePermission(topicPerm, instance, "pub");
+                removePermission(topicPerm, instance, "sub");
+                removePermission(topicPerm, instance, "view");
+
+                if (createTopicRoles() && topic.getFqtn().startsWith(getTopicsNsRoot())) {
+                    removeNamespace(topic);
+                }
+            }
+        } catch (TopicSetupException ex) {
+            return new ApiError(ex.getCode(), ex.getMessage(), ex.getFields());
+        }
+        return okStatus();
+    }
+
     private String getTopicsNsRoot() throws TopicSetupException {
         String nsr = dmaapService.getDmaap().getTopicNsRoot();
         if (nsr == null) {
@@ -119,9 +140,8 @@ class AafTopicSetupService extends BaseLoggingClass {
     }
 
     private AafRole createRole(Topic topic, String roleName) throws TopicSetupException {
-        int rc;
         AafRole role = new AafRole(topic.getFqtn(), roleName);
-        rc = aafService.addRole(role);
+        int rc = aafService.addRole(role);
         if (rc != 201 && rc != 409) {
             throw new TopicSetupException(500,
                     format("Unexpected response from AAF: %d topic=%s role=%s",
@@ -130,11 +150,44 @@ class AafTopicSetupService extends BaseLoggingClass {
         return role;
     }
 
+    private void removePermission(String permission, String instance, String action) throws TopicSetupException {
+        DmaapPerm perm = new DmaapPerm(permission, instance, action);
+        int rc = aafService.delPerm(perm, true);
+        if (rc != 200 && rc != 404) {
+            throw new TopicSetupException(500,
+                    format("Unexpected response from AAF: %d permission=%s instance=%s action=%s",
+                            rc, perm, instance, action));
+        }
+    }
+
+    private void removeNamespace(Topic topic) throws TopicSetupException {
+        AafNamespace ns = new AafNamespace(topic.getFqtn(), aafService.getIdentity());
+        int rc = aafService.delNamespace(ns, true);
+        if (rc != 200 && rc != 404) {
+            throw new TopicSetupException(500,
+                    format("Unexpected response from AAF: %d namespace=%s identity=%s",
+                            rc, topic.getFqtn(), aafService.getIdentity()));
+        }
+    }
+
     private ApiError okStatus() {
         return new ApiError(200, "OK");
     }
 
+    private boolean createTopicRoles() {
+        return "true".equalsIgnoreCase(dmaapConfig.getProperty("aaf.CreateTopicRoles", "true"));
+    }
+
+    private boolean performCleanup() {
+        String deleteLevel = dmaapConfig.getProperty("MR.ClientDeleteLevel", "0");
+        if (!isNumeric(deleteLevel)) {
+            return false;
+        }
+        return Integer.valueOf(deleteLevel) >= 2;
+    }
+
     private class TopicSetupException extends Exception {
+
         private final int code;
         private final String message;
         private final String fields;