2 * ================================================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ================================================================================
20 package org.openecomp.portalapp.util;
22 import java.util.ArrayList;
23 import java.util.Enumeration;
24 import java.util.HashMap;
25 import java.util.HashSet;
26 import java.util.Iterator;
27 import java.util.List;
30 import java.util.UUID;
32 import javax.servlet.ServletContext;
33 import javax.servlet.http.HttpServletRequest;
34 import javax.servlet.http.HttpSession;
36 import org.hibernate.Session;
37 import org.hibernate.SessionFactory;
38 import org.hibernate.criterion.Projections;
39 import org.hibernate.criterion.Restrictions;
40 import org.hibernate.transform.Transformers;
41 import org.openecomp.portalapp.portal.domain.CentralRoleFunction;
42 import org.openecomp.portalapp.portal.domain.EPRole;
43 import org.openecomp.portalapp.portal.domain.EPUser;
44 import org.openecomp.portalapp.portal.domain.EPUserApp;
45 import org.openecomp.portalapp.portal.service.EPRoleFunctionService;
46 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
47 import org.openecomp.portalsdk.core.domain.RoleFunction;
48 import org.openecomp.portalsdk.core.exception.SessionExpiredException;
49 import org.openecomp.portalsdk.core.lm.FusionLicenseManager;
50 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
51 import org.openecomp.portalsdk.core.menu.MenuBuilder;
52 import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants;
53 import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties;
54 import org.openecomp.portalsdk.core.service.DataAccessService;
55 import org.openecomp.portalsdk.core.util.SystemProperties;
56 import org.openecomp.portalsdk.core.web.support.AppUtils;
57 import org.springframework.beans.factory.annotation.Autowired;
59 public class EPUserUtils {
61 private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(EPUserUtils.class);
63 private final static Long ACCOUNT_ADMIN_ROLE_ID = 999L;
65 public static final String ALL_ROLE_FUNCTIONS = "allRoleFunctions";
67 private static DataAccessService dataAccessService;
70 private static SessionFactory sessionFactory;
73 * Gets the EPUser object from the session.
77 * @return EPUser object that was created upon login
78 * @throws SessionExpiredException
79 * if no session exists.
81 public static EPUser getUserSession(HttpServletRequest request) {
82 HttpSession session = AppUtils.getSession(request);
84 throw new SessionExpiredException();
85 return (EPUser) session.getAttribute(SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME));
89 * Establishes the user's portal session
95 * @param applicationMenuData
97 * @param businessDirectMenuData
99 * @param loginMethod_ignored
100 * How the user authenticated; ignored
101 * @param allRoleFunctions
102 * Set of user's roles
104 @SuppressWarnings("rawtypes")
105 public static void setUserSession(HttpServletRequest request, EPUser user, Set applicationMenuData,
106 Set businessDirectMenuData, String loginMethod_ignored, EPRoleFunctionService ePRoleFunctionService) {
107 HttpSession session = request.getSession(true);
109 // clear the current user session to avoid any conflicts
110 EPUserUtils.clearUserSession(request);
111 session.setAttribute(SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME), user);
113 setAllRoleFunctions(ePRoleFunctionService.getRoleFunctions(), session);
115 ePRoleFunctionService.getRoleFunctions(request,user);
117 // truncate the role (and therefore the role function) data to save
118 // memory in the session
119 user.setEPRoles(null);
120 session.setAttribute(SystemProperties.getProperty(SystemProperties.USER_NAME), user.getFullName());
122 ServletContext context = session.getServletContext();
123 int licenseVerificationFlag = 3;
125 licenseVerificationFlag = (Integer) context.getAttribute("licenseVerification");
126 } catch (Exception e) {
127 logger.error(EELFLoggerDelegate.errorLogger, "setUserSession failed to get licenseVerification attribute",
130 switch (licenseVerificationFlag) {
131 case FusionLicenseManager.DEVELOPER_LICENSE:
132 session.setAttribute(SystemProperties.getProperty(SystemProperties.APP_DISPLAY_NAME),
133 "My Portal [Development Version]");
135 case FusionLicenseManager.EXPIRED_LICENSE:
136 session.setAttribute(SystemProperties.getProperty(SystemProperties.APP_DISPLAY_NAME),
137 "My Portal [LICENSE EXPIRED]");
139 case FusionLicenseManager.VALID_LICENSE:
140 session.setAttribute(SystemProperties.getProperty(SystemProperties.APP_DISPLAY_NAME), "My Portal");
143 session.setAttribute(SystemProperties.getProperty(SystemProperties.APP_DISPLAY_NAME),
144 "My Portal [INVALID LICENSE]");
148 session.setAttribute(SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_ATTRIBUTE_NAME),
149 MenuBuilder.filterMenu(applicationMenuData, request));
150 session.setAttribute(SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_ATTRIBUTE_NAME),
151 MenuBuilder.filterMenu(businessDirectMenuData, request));
155 * Creates a set of role function names and stores the set as a session
158 * @param allRoleFunctions
159 * List of role functions.
163 private static void setAllRoleFunctions(List<RoleFunction> allRoleFunctions, HttpSession session) {
164 if (allRoleFunctions == null)
166 Set<String> roleFnSet = new HashSet<String>();
167 for (RoleFunction roleFn : allRoleFunctions)
168 roleFnSet.add(roleFn.getCode());
169 session.setAttribute(ALL_ROLE_FUNCTIONS, roleFnSet);
173 * Removes all stored attributes from the user's session
177 * @throws SessionExpiredException
178 * if no session exists
180 private static void clearUserSession(HttpServletRequest request) {
181 HttpSession session = AppUtils.getSession(request);
183 throw new SessionExpiredException();
185 // removes all stored attributes from the current user's session
186 session.removeAttribute(SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME));
187 session.removeAttribute(SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_ATTRIBUTE_NAME));
188 session.removeAttribute(SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_ATTRIBUTE_NAME));
189 session.removeAttribute(SystemProperties.getProperty(SystemProperties.ROLES_ATTRIBUTE_NAME));
190 session.removeAttribute(SystemProperties.getProperty(SystemProperties.ROLE_FUNCTIONS_ATTRIBUTE_NAME));
195 * Gets role information from the user session, in the cached user object.
196 * As a side effect sets a session variable with the roles.
200 * @return Map of role ID to role object
202 @SuppressWarnings("rawtypes")
203 public static HashMap getRoles(HttpServletRequest request) {
204 HashMap roles = null;
206 HttpSession session = AppUtils.getSession(request);
207 roles = (HashMap) session.getAttribute(SystemProperties.getProperty(SystemProperties.ROLES_ATTRIBUTE_NAME));
209 // if roles are not already cached, let's grab them from the user
212 EPUser user = getUserSession(request);
214 // get all user roles (including the tree of child roles)
215 roles = getAllUserRoles(user);
217 session.setAttribute(SystemProperties.getProperty(SystemProperties.ROLES_ATTRIBUTE_NAME), roles);
224 * Builds a map of role ID to role object.
228 * @return Map of role ID to role object
230 @SuppressWarnings({ "rawtypes", "unchecked" })
231 private static HashMap getAllUserRoles(EPUser user) {
232 HashMap roles = new HashMap();
233 Iterator i = user.getEPRoles().iterator();
235 while (i.hasNext()) {
236 EPRole role = (EPRole) i.next();
238 if (role.getActive()) {
239 roles.put(role.getId(), role);
241 // let's take a recursive trip down the tree to add all child
243 addChildRoles(role, roles);
247 // Additionally; the account admin role is overloaded between ecomp
248 // portal and partners; lets also include that
249 Iterator<EPUserApp> appRolesIterator = user.getEPUserApps().iterator();
250 while (appRolesIterator.hasNext()) {
251 EPRole role = (EPRole) appRolesIterator.next().getRole();
253 if (role.getActive() && role.getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
254 roles.put(role.getId(), role);
256 // let's take a recursive trip down the tree to add all child
258 addChildRoles(role, roles);
266 * Adds all child roles of the specified role to the map of roles.
271 * Maps role id to role object
273 @SuppressWarnings({ "rawtypes", "unchecked" })
274 private static void addChildRoles(EPRole role, HashMap roles) {
275 Set childRoles = role.getChildRoles();
277 if (childRoles != null && childRoles.size() > 0) {
278 Iterator j = childRoles.iterator();
279 while (j.hasNext()) {
280 EPRole childRole = (EPRole) j.next();
282 if (childRole.getActive()) {
283 roles.put(childRole.getId(), childRole);
285 addChildRoles(childRole, roles);
292 public static boolean hasRole(EPUser user, String roleKey) {
293 return getAllUserRoles(user).keySet().contains(new Long(roleKey));
296 public static DataAccessService getDataAccessService() {
297 return dataAccessService;
301 public void setDataAccessService(DataAccessService dataAccessService) {
302 EPUserUtils.dataAccessService = dataAccessService;
306 * Gets the user's ID from the user object in the session
310 * @return Integer ID of current user
312 public static int getUserId(HttpServletRequest request) {
313 return getUserIdAsLong(request).intValue();
317 * Gets the user's ID from the user object in the session
321 * @return Long ID of current user
323 public static Long getUserIdAsLong(HttpServletRequest request) {
324 Long userId = new Long(SystemProperties.getProperty(SystemProperties.APPLICATION_USER_ID));
325 if (request != null) {
326 if (getUserSession(request) != null) {
327 userId = getUserSession(request).getId();
334 * Gets the request ID from the request.
340 public static String getRequestId(HttpServletRequest request) {
341 Enumeration<String> headerNames = request.getHeaderNames();
343 String requestId = "";
345 while (headerNames.hasMoreElements()) {
346 String headerName = (String) headerNames.nextElement();
347 logger.debug(EELFLoggerDelegate.debugLogger,
348 "One header is " + headerName + " : " + request.getHeader(headerName));
349 if (headerName.equalsIgnoreCase(SystemProperties.ECOMP_REQUEST_ID)) {
350 requestId = request.getHeader(headerName);
354 } catch (Exception e) {
355 logger.error(EELFLoggerDelegate.errorLogger, "HEADER!!!! Exception : " + EcompPortalUtils.getStackTrace(e));
358 return (requestId.isEmpty() ? UUID.randomUUID().toString() : requestId);
362 * Gets the full URL from the request.
368 public static String getFullURL(HttpServletRequest request) {
369 if (request != null) {
370 StringBuffer requestURL = request.getRequestURL();
371 String queryString = request.getQueryString();
373 if (queryString == null) {
374 return requestURL.toString();
376 return requestURL.append('?').append(queryString).toString();