2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
7 * Modifications Copyright (c) 2019 Samsung
8 * ===================================================================
10 * Unless otherwise specified, all software contained herein is licensed
11 * under the Apache License, Version 2.0 (the "License");
12 * you may not use this software except in compliance with the License.
13 * You may obtain a copy of the License at
15 * http://www.apache.org/licenses/LICENSE-2.0
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS,
19 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
23 * Unless otherwise specified, all documentation contained herein is licensed
24 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
25 * you may not use this documentation except in compliance with the License.
26 * You may obtain a copy of the License at
28 * https://creativecommons.org/licenses/by/4.0/
30 * Unless required by applicable law or agreed to in writing, documentation
31 * distributed under the License is distributed on an "AS IS" BASIS,
32 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
33 * See the License for the specific language governing permissions and
34 * limitations under the License.
36 * ============LICENSE_END============================================
41 package org.onap.portal.service;
43 import java.util.HashMap;
44 import java.util.List;
46 import javax.persistence.EntityManager;
47 import org.onap.portal.domain.db.fn.FnRole;
48 import org.onap.portal.domain.db.fn.FnUser;
49 import org.onap.portal.domain.db.fn.FnUserRole;
50 import org.onap.portal.logging.format.EPAppMessagesEnum;
51 import org.onap.portal.logging.logic.EPLogUtil;
52 import org.onap.portal.service.fn.FnUserRoleService;
53 import org.onap.portal.service.fn.FnUserService;
54 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
55 import org.springframework.beans.factory.annotation.Autowired;
56 import org.springframework.stereotype.Service;
57 import org.springframework.transaction.annotation.Transactional;
61 public class AdminRolesService {
63 private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesService.class);
65 private final Long SYS_ADMIN_ROLE_ID = 1L;
66 private final Long ACCOUNT_ADMIN_ROLE_ID = 999L;
67 private final Long ECOMP_APP_ID = 1L;
68 private final String ADMIN_ACCOUNT = "Is account admin for user {}";
70 private final EntityManager entityManager;
71 private final FnUserService fnUserService;
72 private final FnUserRoleService fnUserRoleService;
75 public AdminRolesService(final EntityManager entityManager,
76 final FnUserService fnUserService, final FnUserRoleService fnUserRoleService) {
77 this.entityManager = entityManager;
78 this.fnUserService = fnUserService;
79 this.fnUserRoleService = fnUserRoleService;
82 public boolean isSuperAdmin(final String orgUserId) {
85 isSuperAdmin = fnUserRoleService
86 .isSuperAdmin(orgUserId, SYS_ADMIN_ROLE_ID, ECOMP_APP_ID);
87 } catch (Exception e) {
88 logger.error("isSuperAdmin exception: " + e.toString());
91 logger.info("isSuperAdmin " + isSuperAdmin);
95 public boolean isAccountAdmin(FnUser user) {
97 final Map<String, Long> userParams = new HashMap<>();
98 userParams.put("userId", user.getId());
99 logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId());
100 List<Integer> userAdminApps;
101 String query = "select fa.app_id from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)";
102 userAdminApps = entityManager.createQuery(query, Integer.class)
103 .setParameter("userId", user.getId()).getResultList();
104 logger.debug(EELFLoggerDelegate.debugLogger,
105 "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}",
106 user.getOrgUserId(), userAdminApps.size());
108 if (user.getId() != null) {
109 for (FnUserRole userApp : user.getFnUserRoles()) {
110 if (userApp.getRoleId().getId().equals(ACCOUNT_ADMIN_ROLE_ID) || (
111 userAdminApps.size() > 1)) {
112 logger.debug(EELFLoggerDelegate.debugLogger,
113 "Is account admin for userAdminApps() - for user {}, found Id {}",
114 user.getOrgUserId(), userApp.getRoleId().getId());
119 } catch (Exception e) {
120 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
121 logger.error(EELFLoggerDelegate.errorLogger,
122 "Exception occurred while executing isAccountAdmin operation",
128 public boolean isUser(FnUser user) {
130 FnUser currentUser = fnUserService.getUser(user.getId()).orElseThrow(Exception::new);
131 if (currentUser != null && currentUser.getId() != null) {
132 for (FnUserRole userApp : currentUser.getFnUserRoles()) {
133 if (!userApp.getAppId().getId().equals(ECOMP_APP_ID)) {
134 FnRole role = userApp.getRoleId();
135 if (!role.getId().equals(SYS_ADMIN_ROLE_ID) && !role.getId()
136 .equals(ACCOUNT_ADMIN_ROLE_ID)) {
137 if (role.getActiveYn()) {
144 } catch (Exception e) {
145 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
146 logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isUser operation",