2 * ================================================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ================================================================================
20 package org.openecomp.portalapp.portal.service;
22 import java.util.Date;
23 import java.util.HashMap;
24 import java.util.HashSet;
25 import java.util.List;
28 import org.springframework.beans.factory.annotation.Autowired;
29 import org.springframework.context.annotation.EnableAspectJAutoProxy;
30 import org.springframework.stereotype.Service;
31 import org.springframework.transaction.annotation.Transactional;
33 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
34 import org.openecomp.portalsdk.core.menu.MenuBuilder;
35 import org.openecomp.portalsdk.core.service.DataAccessService;
36 import org.openecomp.portalsdk.core.service.support.FusionService;
37 import org.openecomp.portalsdk.core.util.SystemProperties;
38 import org.openecomp.portalsdk.core.web.support.AppUtils;
39 import org.openecomp.portalapp.command.EPLoginBean;
40 import org.openecomp.portalapp.portal.domain.EPUser;
41 import org.openecomp.portalapp.portal.logging.aop.EPMetricsLog;
42 import org.openecomp.portalapp.portal.logging.format.EPAppMessagesEnum;
43 import org.openecomp.portalapp.portal.logging.logic.EPLogUtil;
44 import org.openecomp.portalapp.util.EPUserUtils;
46 @Service("eploginService")
48 @org.springframework.context.annotation.Configuration
49 @EnableAspectJAutoProxy
51 public class EPLoginServiceImpl extends FusionService implements EPLoginService {
52 EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(EPLoginServiceImpl.class);
55 private DataAccessService dataAccessService;
59 * @see org.openecomp.portalapp.portal.service.EPLoginService#findUser(org.openecomp.portalapp.command.EPLoginBean, java.lang.String, java.util.HashMap)
61 @SuppressWarnings("rawtypes")
62 public EPLoginBean findUser(EPLoginBean bean, String menuPropertiesFilename, HashMap additionalParams)
64 return findUser(bean, menuPropertiesFilename, additionalParams, true);
69 * @see org.openecomp.portalapp.portal.service.EPLoginService#findUser(org.openecomp.portalapp.command.EPLoginBean, java.lang.String, java.util.HashMap, boolean)
71 @SuppressWarnings("rawtypes")
72 public EPLoginBean findUser(EPLoginBean bean, String menuPropertiesFilename_ignored, HashMap additionalParams,
73 boolean matchPassword) throws Exception {
75 EPUser userCopy = null;
77 if (bean.getOrgUserId() != null) {
78 user = (EPUser) findUser(bean);
81 user = (EPUser) findUser(bean.getLoginId(), bean.getLoginPwd());
83 user = (EPUser) findUserWithoutPwd(bean.getLoginId());
86 // run this command to fetch more information from the lazily loaded
89 // This is funny - commenting out the following method call
90 // 1. What are we doing with the returned values of the following two
92 // 2. Use a guest user scenario - user object will be null - clealry,
94 // 3. A check of if(user !=null) is made AFTER these bogus calls :) - If
95 // these calls WERE doing anything significat (which they are not),
96 // shouln't they have been moved inside that if check?
98 // user.getEPUserApps();
101 // 1. This method is clearly doing more than 'getting roles' - Not a
103 // 2. Also, there is no null check - guest user scenarios will break the
104 // code with NPE - added the check - Do not want to remove the call
105 // altogether - not sure how it will effect things.
110 // raise an error if the portal application is locked and the user
112 // have system administrator privileges
113 if (AppUtils.isApplicationLocked()
114 && !EPUserUtils.hasRole(user, SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID))) {
115 bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_APPLICATION_LOCKED);
116 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserAdminPrivilegesInfo, user.getLoginId());
119 // raise an error if the user is inactive
120 if (!user.getActive()) {
121 bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE);
122 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserInactiveWarning, user.getLoginId());
125 // only login the user if no errors have occurred
126 if (bean.getLoginErrorMessage() == null) {
128 // this will be a snapshot of the user's information as
129 // retrieved from the database
130 userCopy = (EPUser) user.clone();
132 // update the last logged in date for the user
133 user.setLastLoginDate(new Date());
134 getDataAccessService().saveDomainObject(user, additionalParams);
136 // create the application menu based on the user's privileges
137 MenuBuilder menuBuilder = new MenuBuilder();
138 Set appMenu = menuBuilder.getMenu(
139 SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME), dataAccessService);
140 bean.setMenu(appMenu != null ? appMenu : new HashSet());
141 Set businessDirectMenu = menuBuilder.getMenu(
142 SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_SET_NAME),
144 bean.setBusinessDirectMenu(businessDirectMenu != null ? businessDirectMenu : new HashSet());
146 bean.setUser(userCopy);
150 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserMissingError, bean.getOrgUserId());
157 * Searches the fn_user table for a row that matches the specified login_id
158 * and login_pwd values.
162 * @return EPUser object; null on error or if no match.
164 private EPUser findUser(String loginId, String password) {
167 StringBuffer criteria = new StringBuffer();
168 criteria.append(" where login_id = '").append(loginId).append("'").append(" and login_pwd = '").append(password)
172 list = getDataAccessService().getList(EPUser.class, criteria.toString(), null, null);
173 } catch (Exception e) {
174 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
175 logger.error(EELFLoggerDelegate.errorLogger, "findUser(String) failed on " + loginId, e);
178 return (list == null || list.size() == 0) ? null : (EPUser) list.get(0);
183 * @see org.openecomp.portalapp.portal.service.EPLoginService#findUserWithoutPwd(java.lang.String)
186 public EPUser findUserWithoutPwd(String loginId) {
189 StringBuffer criteria = new StringBuffer();
190 criteria.append(" where login_id = '").append(loginId).append("'");
193 list = getDataAccessService().getList(EPUser.class, criteria.toString(), null, null);
194 } catch (Exception e) {
195 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
196 String message = "findUserWithoutPwd failed on " + loginId;
197 logger.error(EELFLoggerDelegate.errorLogger, message, e);
200 return (list == null || list.size() == 0) ? null : (EPUser) list.get(0);
204 * Searches the fn_user table for a row that matches the value of the bean's
205 * Organization User ID property.
208 * @return EPUser object; null on error or if no match.
210 private EPUser findUser(EPLoginBean bean) {
213 StringBuffer criteria = new StringBuffer();
214 criteria.append(" where orgUserId = '").append(bean.getOrgUserId()).append("'");
217 list = getDataAccessService().getList(EPUser.class, criteria.toString(), null, null);
218 } catch (Exception e) {
219 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
220 logger.error(EELFLoggerDelegate.errorLogger, "findUser(EPLoginBean) failed", e);
223 return (list == null || list.size() == 0) ? null : (EPUser) list.get(0);
226 public DataAccessService getDataAccessService() {
227 return dataAccessService;
230 public void setDataAccessService(DataAccessService dataAccessService) {
231 this.dataAccessService = dataAccessService;