ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/BasicAuthAccountServiceImpl.java

   1 /*-
   2  * ============LICENSE_START==========================================
   3  * ONAP Portal
   4  * ===================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
   6  * ===================================================================
   7  *
   8  * Unless otherwise specified, all software contained herein is licensed
   9  * under the Apache License, Version 2.0 (the "License");
  10  * you may not use this software except in compliance with the License.
  11  * You may obtain a copy of the License at
  12  *
  13  *             http://www.apache.org/licenses/LICENSE-2.0
  14  *
  15  * Unless required by applicable law or agreed to in writing, software
  16  * distributed under the License is distributed on an "AS IS" BASIS,
  17  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18  * See the License for the specific language governing permissions and
  19  * limitations under the License.
  20  *
  21  * Unless otherwise specified, all documentation contained herein is licensed
  22  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  23  * you may not use this documentation except in compliance with the License.
  24  * You may obtain a copy of the License at
  25  *
  26  *             https://creativecommons.org/licenses/by/4.0/
  27  *
  28  * Unless required by applicable law or agreed to in writing, documentation
  29  * distributed under the License is distributed on an "AS IS" BASIS,
  30  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  31  * See the License for the specific language governing permissions and
  32  * limitations under the License.
  33  *
  34  * ============LICENSE_END============================================
  35  *
  36  *
  37  */
  38 package org.onap.portalapp.portal.service;
  39
  40 import java.util.ArrayList;
  41 import java.util.HashMap;
  42 import java.util.List;
  43 import java.util.Map;
  44
  45 import org.hibernate.criterion.Criterion;
  46 import org.hibernate.criterion.Restrictions;
  47 import org.onap.portalapp.portal.domain.BasicAuthCredentials;
  48 import org.onap.portalapp.portal.domain.EPEndpoint;
  49 import org.onap.portalapp.portal.domain.EPEndpointAccount;
  50 import org.onap.portalapp.portal.logging.aop.EPMetricsLog;
  51 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
  52 import org.onap.portalapp.validation.DataValidator;
  53 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
  54 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
  55 import org.onap.portalsdk.core.onboarding.util.KeyConstants;
  56 import org.onap.portalsdk.core.onboarding.util.KeyProperties;
  57 import org.onap.portalsdk.core.service.DataAccessService;
  58 import org.onap.portalsdk.core.util.SystemProperties;
  59 import org.springframework.beans.factory.annotation.Autowired;
  60 import org.springframework.context.annotation.EnableAspectJAutoProxy;
  61 import org.springframework.stereotype.Service;
  62
  63 @Service("basicAuthAccountService")
  64 @EnableAspectJAutoProxy
  65 @EPMetricsLog
  66 public class BasicAuthAccountServiceImpl implements BasicAuthAccountService{
  67         EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MicroserviceServiceImpl.class);
  68         private final DataValidator dataValidator = new DataValidator();
  69         @Autowired
  70         private DataAccessService dataAccessService;
  71
  72         @Override
  73         public Long saveBasicAuthAccount(BasicAuthCredentials newCredential) throws Exception {
  74
  75                 if(!dataValidator.isValid(newCredential)){
  76                         throw new Exception("saveBasicAuthAccount() failed, new credential are not safe");
  77                 }
  78                 if (newCredential.getPassword() != null)
  79                         newCredential.setPassword(encryptedPassword(newCredential.getPassword()));
  80                 try{
  81                         getDataAccessService().saveDomainObject(newCredential, null);
  82                 }catch(Exception e){
  83                         logger.error(EELFLoggerDelegate.errorLogger, "saveBasicAuthAccount() failed", e);
  84                         throw e;
  85                 }
  86                 return newCredential.getId();
  87         }
  88
  89
  90         @Override
  91         @SuppressWarnings("unchecked")
  92         public Long saveEndpoints(EPEndpoint endpoint) throws Exception {
  93
  94                 List<Criterion> restrictionsList = new ArrayList<Criterion>();
  95                 Criterion NameCrit = Restrictions.eq("name", endpoint.getName());
  96                 restrictionsList.add(NameCrit);
  97
  98                 List<EPEndpoint> tempList = (List<EPEndpoint>) dataAccessService.getList(EPEndpoint.class, null,
  99                                 restrictionsList, null);
 100                 if (tempList.size() != 0) {
 101                         return tempList.get(0).getId();
 102                 } else {
 103                         getDataAccessService().saveDomainObject(endpoint, null);
 104                         return endpoint.getId();
 105                 }
 106
 107         }
 108
 109         @Override
 110         public void saveEndpointAccount(Long accountId, Long endpointId) throws Exception {
 111                 EPEndpointAccount record = new EPEndpointAccount();
 112                 record.setAccount_id(accountId);
 113                 record.setEp_id(endpointId);
 114                 try {
 115                         getDataAccessService().saveDomainObject(record, null);
 116                 } catch (Exception e) {
 117                         logger.error(EELFLoggerDelegate.errorLogger, "saveEndpointAccount() failed", e);
 118                         throw e;
 119                 }
 120
 121         }
 122
 123         @Override
 124         @SuppressWarnings("unchecked")
 125         public void updateBasicAuthAccount(Long accountId, BasicAuthCredentials newCredential) throws Exception {
 126                 try {
 127                         newCredential.setId(accountId);
 128                         if (newCredential.getPassword() != null){
 129                                 if(newCredential.getPassword().equals(EPCommonSystemProperties.APP_DISPLAY_PASSWORD)){
 130                                         BasicAuthCredentials oldMS = getBasicAuthCredentialsById(accountId);
 131                                         newCredential.setPassword(oldMS.getPassword()); // keep the old password
 132                                 }else
 133                                         newCredential.setPassword(encryptedPassword(newCredential.getPassword())); //new password
 134                         }
 135                         getDataAccessService().saveDomainObject(newCredential, null);
 136
 137                         List<EPEndpoint> endpoints = newCredential.getEndpoints();
 138                         List<EPEndpoint> orig_points = getEPEndpoints(accountId);
 139
 140                         for(EPEndpoint temp_ep: orig_points){
 141                                 boolean flag = false;
 142                                 for(EPEndpoint temp_ep2: endpoints){
 143                                         if(temp_ep2.getId() == temp_ep.getId())
 144                                                 flag = true;
 145                                 }
 146                                 if(!flag){
 147                                         Map<String, String> params = new HashMap<String, String>();
 148                                         params.put("accountId", Long.toString(accountId));
 149                                         params.put("epId", Long.toString(temp_ep.getId()));
 150                                         dataAccessService.executeNamedQuery("deleteAccountEndpointRecord", params, null);
 151                                 }
 152                         }
 153
 154
 155                         for(int i = 0; i < endpoints.size(); i++){
 156
 157                                 List<Criterion> restrictionsList = new ArrayList<Criterion>();
 158                                 Criterion IdCrit = Restrictions.eq("id", endpoints.get(i).getId());
 159                                 restrictionsList.add(IdCrit);
 160                                 Criterion NameCrit = Restrictions.eq("name", endpoints.get(i).getName());
 161                                 restrictionsList.add(NameCrit);
 162                                 List<EPEndpoint> tempList = (List<EPEndpoint>) dataAccessService
 163                                                 .getList(EPEndpoint.class, null, restrictionsList, null);
 164                                 if(tempList.size() == 0){
 165                                         if(endpoints.get(i).getId() != null){
 166                                                 //delete the record endpoints.get(i).getId(), accountId
 167                                                 Map<String, String> params = new HashMap<String, String>();
 168                                                 params.put("accountId", Long.toString(accountId));
 169                                                 params.put("epId", Long.toString(endpoints.get(i).getId()));
 170                                                 dataAccessService.executeNamedQuery("deleteAccountEndpointRecord", params, null);
 171                                                 endpoints.get(i).setId(null);
 172                                         }
 173                                         //create a new endpoint
 174                                         Long ep_id = saveEndpoints(endpoints.get(i));
 175                                         saveEndpointAccount(accountId, ep_id);
 176                                 }
 177                         }
 178                 } catch (Exception e) {
 179                         logger.error(EELFLoggerDelegate.errorLogger, "updateBasicAuthAccount() failed", e);
 180                         throw e;
 181                 }
 182         }
 183
 184         @Override
 185         public List<BasicAuthCredentials> getAccountData() throws Exception {
 186                 @SuppressWarnings("unchecked")
 187                 List<BasicAuthCredentials> list = (List<BasicAuthCredentials>) dataAccessService.getList(BasicAuthCredentials.class, null);
 188                 for (int i = 0; i < list.size(); i++) {
 189                         if (list.get(i).getPassword() != null)
 190                                 list.get(i).setPassword(EPCommonSystemProperties.APP_DISPLAY_PASSWORD);
 191                         list.get(i).setEndpoints(getEPEndpoints(list.get(i).getId()));
 192                 }
 193                 return list;
 194         }
 195
 196         @SuppressWarnings("unchecked")
 197         private List<EPEndpoint> getEPEndpoints(long accountId) {
 198                 List<EPEndpoint> result = new ArrayList<>();
 199                 List<EPEndpointAccount> list = null;
 200                 Map<String, Long> params = new HashMap<>();
 201                 params.put("account_id", accountId);
 202                 try {
 203                         list = this.getDataAccessService().executeNamedQuery("getEPEndpointAccountByAccountId", params, null);
 204                 } catch (Exception e) {
 205                         logger.error(EELFLoggerDelegate.errorLogger, "getEPEndpointAccountByAccountId failed", e);
 206                 }
 207
 208                 for(int i = 0; list != null && i < list.size(); i++){
 209                         result.add((EPEndpoint) dataAccessService.getDomainObject(EPEndpoint.class, list.get(i).getEp_id(), null));
 210                 }
 211                 return result;
 212         }
 213
 214         @Override
 215         public void deleteEndpointAccout(Long accountId) throws Exception {
 216                 try{
 217                         Map<String, String> params = new HashMap<String, String>();
 218                         params.put("accountId", Long.toString(accountId));
 219
 220                         dataAccessService.executeNamedQuery("deleteAccountEndpoint", params, null);
 221                         dataAccessService.executeNamedQuery("deleteBasicAuthAccount", params, null);
 222
 223                 }catch(Exception e){
 224                         logger.error(EELFLoggerDelegate.errorLogger, "deleteEndpointAccout() failed", e);
 225                         throw e;
 226                 }
 227         }
 228
 229         private String decryptedPassword(String encryptedPwd) throws Exception {
 230                 String result = "";
 231                 if (encryptedPwd != null && encryptedPwd.length() > 0) {
 232                         try {
 233                                 result = CipherUtil.decryptPKC(encryptedPwd,
 234                                                 KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY));
 235                         } catch (Exception e) {
 236                                 logger.error(EELFLoggerDelegate.errorLogger, "decryptedPassword() failed", e);
 237                                 throw e;
 238                         }
 239                 }
 240                 return result;
 241         }
 242
 243         private String encryptedPassword(String decryptedPwd) throws Exception {
 244                 String result = "";
 245                 if (decryptedPwd != null && decryptedPwd.length() > 0) {
 246                         try {
 247                                 result = CipherUtil.encryptPKC(decryptedPwd,
 248                                                 KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY));
 249                         } catch (Exception e) {
 250                                 logger.error(EELFLoggerDelegate.errorLogger, "encryptedPassword() failed", e);
 251                                 throw e;
 252                         }
 253                 }
 254                 return result;
 255         }
 256
 257         public DataAccessService getDataAccessService() {
 258                 return dataAccessService;
 259         }
 260
 261         @Override
 262         public BasicAuthCredentials getBasicAuthCredentialsById(long id) throws Exception {
 263                 try {
 264                         @SuppressWarnings("unchecked")
 265                         List<BasicAuthCredentials> list = (List<BasicAuthCredentials>) dataAccessService
 266                                         .getList(BasicAuthCredentials.class, null);
 267                         for (BasicAuthCredentials auth : list) {
 268                                 if (auth != null && auth.getId() == id)
 269                                         return auth;
 270                         }
 271                 } catch (Exception e) {
 272                         logger.error(EELFLoggerDelegate.errorLogger, "getBasicAuthCredentialsDataById failed", e);
 273                         throw e;
 274                 }
 275                 return null;
 276
 277         }
 278 }