1 package org.onap.portal.service;
3 import com.fasterxml.jackson.databind.ObjectMapper;
5 import javax.annotation.PostConstruct;
6 import javax.persistence.EntityExistsException;
7 import javax.persistence.EntityManager;
8 import javax.servlet.http.HttpServletResponse;
9 import org.onap.portal.domain.db.fn.FnApp;
10 import org.onap.portal.domain.db.fn.FnRole;
11 import org.onap.portal.domain.db.fn.FnUser;
12 import org.onap.portal.domain.db.fn.FnUserRole;
13 import org.onap.portal.domain.dto.transport.ExternalAccessUser;
14 import org.onap.portal.domain.dto.transport.FieldsValidator;
15 import org.onap.portal.domain.dto.transport.PortalAdmin;
16 import org.onap.portal.restTemplates.AAFTemplate;
17 import org.onap.portal.service.app.FnAppService;
18 import org.onap.portal.service.role.FnRoleService;
19 import org.onap.portal.service.user.FnUserService;
20 import org.onap.portal.service.userRole.FnUserRoleService;
21 import org.onap.portal.utils.EPCommonSystemProperties;
22 import org.onap.portal.utils.EcompPortalUtils;
23 import org.onap.portal.utils.PortalConstants;
24 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
25 import org.onap.portalsdk.core.util.SystemProperties;
26 import org.springframework.beans.factory.annotation.Autowired;
27 import org.springframework.http.HttpEntity;
28 import org.springframework.http.HttpHeaders;
29 import org.springframework.stereotype.Service;
32 public class PortalAdminService {
34 private final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PortalAdminService.class);
36 private String SYS_ADMIN_ROLE_ID = "1";
37 private String ECOMP_APP_ID = "1";
39 private final ExternalAccessRolesService externalAccessRolesService;
40 private final FnAppService fnAppService;
41 private final FnRoleService fnRoleService;
42 private final FnUserRoleService fnUserRoleService;
43 private final FnUserService fnUserService;
44 private final EntityManager entityManager;
45 private final AAFTemplate aafTemplate;
48 public PortalAdminService(ExternalAccessRolesService externalAccessRolesService,
49 FnAppService fnAppService, FnRoleService fnRoleService,
50 FnUserRoleService fnUserRoleService, FnUserService fnUserService,
51 EntityManager entityManager, AAFTemplate aafTemplate) {
52 this.externalAccessRolesService = externalAccessRolesService;
53 this.fnAppService = fnAppService;
54 this.fnRoleService = fnRoleService;
55 this.fnUserRoleService = fnUserRoleService;
56 this.fnUserService = fnUserService;
57 this.entityManager = entityManager;
58 this.aafTemplate = aafTemplate;
63 SYS_ADMIN_ROLE_ID = SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID);
64 ECOMP_APP_ID = SystemProperties.getProperty(EPCommonSystemProperties.ECOMP_APP_ID);
68 @SuppressWarnings("unchecked")
69 public List<PortalAdmin> getPortalAdmins() {
71 List<PortalAdmin> portalAdmins = entityManager.createNamedQuery("PortalAdminDTO")
72 .setParameter("adminRoleId", SYS_ADMIN_ROLE_ID).getResultList();
73 logger.debug(EELFLoggerDelegate.debugLogger, "getPortalAdmins was successful");
75 } catch (Exception e) {
76 logger.error(EELFLoggerDelegate.errorLogger, "getPortalAdmins failed", e);
81 public FieldsValidator createPortalAdmin(String orgUserId) {
82 FieldsValidator fieldsValidator = new FieldsValidator();
83 logger.debug(EELFLoggerDelegate.debugLogger, "LR: createPortalAdmin: orgUserId is {}", orgUserId);
85 boolean createNewUser = false;
86 List<FnUser> localUserList = fnUserService.getUserWithOrgUserId(orgUserId);
87 if (!localUserList.isEmpty()) {
88 user = localUserList.get(0);
93 if (user != null && isLoggedInUserPortalAdmin(user.getId())) {
94 fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_CONFLICT);
95 logger.error(EELFLoggerDelegate.errorLogger,
96 "User '" + user.getOrgUserId() + "' already has PortalAdmin role assigned.");
97 } else if (user != null || createNewUser) {
100 user = fnUserService.getUserWithOrgUserId(orgUserId).get(0);
102 user.setActiveYn(true);
103 fnUserService.save(user);
107 FnUserRole userRole = new FnUserRole();
108 userRole.setUserId(user);
109 userRole.setRoleId(fnRoleService.getById(Long.valueOf(SYS_ADMIN_ROLE_ID)));
110 userRole.setFnAppId(fnAppService.getById(Long.valueOf(ECOMP_APP_ID)));
111 fnUserRoleService.saveOne(userRole);
113 if (user != null && EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
114 List<FnRole> roleList = externalAccessRolesService
115 .getPortalAppRoleInfo(PortalConstants.SYS_ADMIN_ROLE_ID);
116 FnRole role = new FnRole();
117 if (roleList.size() > 0) {
118 role = roleList.get(0);
120 logger.debug(EELFLoggerDelegate.debugLogger, "Requested RoleName is " + role.getRoleName());
121 addPortalAdminInExternalCentralAuth(user.getOrgUserId(), role.getRoleName());
123 } catch (Exception e) {
124 logger.error(EELFLoggerDelegate.errorLogger, "createPortalAdmin failed", e);
125 fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
128 return fieldsValidator;
131 private void addPortalAdminInExternalCentralAuth(String loginId, String portalAdminRole) throws Exception {
134 if (EPCommonSystemProperties.containsProperty(
135 EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) {
136 name = loginId + SystemProperties
137 .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
140 FnApp app = fnAppService.getById(PortalConstants.PORTAL_APP_ID);
141 String extRole = app.getAuthNamespace() + "." + portalAdminRole.replaceAll(" ", "_");
142 ObjectMapper addUserRoleMapper = new ObjectMapper();
143 ExternalAccessUser extUser = new ExternalAccessUser(name, extRole);
144 String userRole = addUserRoleMapper.writeValueAsString(extUser);
145 HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
146 aafTemplate.addPortalAdminInAAF(new HttpEntity<>(userRole, headers));
147 } catch (Exception e) {
148 if (e.getMessage().equalsIgnoreCase("409 Conflict")) {
149 logger.debug(EELFLoggerDelegate.debugLogger, "Portal Admin role already exists", e.getMessage());
151 logger.error(EELFLoggerDelegate.errorLogger, "Failed to add Portal Admin role ", e);
157 public FieldsValidator deletePortalAdmin(Long userId) {
158 FieldsValidator fieldsValidator = new FieldsValidator();
159 logger.debug(EELFLoggerDelegate.debugLogger, "deletePortalAdmin: test 1");
162 fnUserRoleService.deleteByUserIdAndRoleId(userId, SYS_ADMIN_ROLE_ID);
163 if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
165 List<FnRole> roleList = externalAccessRolesService
166 .getPortalAppRoleInfo(PortalConstants.SYS_ADMIN_ROLE_ID);
167 FnRole role = new FnRole();
168 if (roleList.size() > 0) {
169 role = roleList.get(0);
171 logger.debug(EELFLoggerDelegate.debugLogger, "Requested RoleName is " + role.getRoleName());
172 deletePortalAdminInExternalCentralAuth(userId, role.getRoleName());
174 } catch (Exception e) {
175 logger.error(EELFLoggerDelegate.errorLogger, "deletePortalAdmin failed", e);
176 fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
178 return fieldsValidator;
182 private void deletePortalAdminInExternalCentralAuth(Long userId, String portalAdminRole) throws Exception {
185 FnUser localUserList = fnUserService.getUser(userId)
186 .orElseThrow(() -> new EntityExistsException("User with id:" + userId + "do not exists."));
187 if (EPCommonSystemProperties.containsProperty(
188 EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) {
189 name = localUserList.getOrgUserId() + SystemProperties
190 .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
193 FnApp app = fnAppService.getById(PortalConstants.PORTAL_APP_ID);
194 String extRole = app.getAuthNamespace() + "." + portalAdminRole.replaceAll(" ", "_");
195 HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
196 aafTemplate.deletePortalAdminFromAAF(name, extRole, new HttpEntity<>(headers));
197 } catch (Exception e) {
198 if (e.getMessage().equalsIgnoreCase("404 Not Found")) {
199 logger.debug(EELFLoggerDelegate.debugLogger, "Portal Admin role already deleted or may not be found",
202 logger.error(EELFLoggerDelegate.errorLogger, "Failed to add Portal Admin role ", e);
208 @SuppressWarnings("unchecked")
209 private boolean isLoggedInUserPortalAdmin(Long userId) {
211 List<PortalAdmin> portalAdmins = entityManager.createNamedQuery("ActivePortalAdminDTO")
212 .setParameter("userId", userId)
213 .setParameter("adminRoleId", SYS_ADMIN_ROLE_ID)
215 logger.debug(EELFLoggerDelegate.debugLogger, portalAdmins.toString());
216 return portalAdmins.size() > 0;
217 } catch (Exception e) {
218 logger.error(EELFLoggerDelegate.errorLogger, "isLoggedInUserPortalAdmin failed", e);