portal-BE/src/main/java/org/onap/portal/service/PortalAdminService.java

   1 package org.onap.portal.service;
   2
   3 import com.fasterxml.jackson.databind.ObjectMapper;
   4 import java.util.List;
   5 import javax.annotation.PostConstruct;
   6 import javax.persistence.EntityExistsException;
   7 import javax.persistence.EntityManager;
   8 import javax.servlet.http.HttpServletResponse;
   9 import org.onap.portal.domain.db.fn.FnApp;
  10 import org.onap.portal.domain.db.fn.FnRole;
  11 import org.onap.portal.domain.db.fn.FnUser;
  12 import org.onap.portal.domain.db.fn.FnUserRole;
  13 import org.onap.portal.domain.dto.transport.ExternalAccessUser;
  14 import org.onap.portal.domain.dto.transport.FieldsValidator;
  15 import org.onap.portal.domain.dto.transport.PortalAdmin;
  16 import org.onap.portal.restTemplates.AAFTemplate;
  17 import org.onap.portal.service.app.FnAppService;
  18 import org.onap.portal.service.role.FnRoleService;
  19 import org.onap.portal.service.user.FnUserService;
  20 import org.onap.portal.service.userRole.FnUserRoleService;
  21 import org.onap.portal.utils.EPCommonSystemProperties;
  22 import org.onap.portal.utils.EcompPortalUtils;
  23 import org.onap.portal.utils.PortalConstants;
  24 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
  25 import org.onap.portalsdk.core.util.SystemProperties;
  26 import org.springframework.beans.factory.annotation.Autowired;
  27 import org.springframework.http.HttpEntity;
  28 import org.springframework.http.HttpHeaders;
  29 import org.springframework.stereotype.Service;
  30
  31 @Service
  32 public class PortalAdminService {
  33
  34     private final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PortalAdminService.class);
  35
  36     private String SYS_ADMIN_ROLE_ID = "1";
  37     private String ECOMP_APP_ID = "1";
  38
  39     private final ExternalAccessRolesService externalAccessRolesService;
  40     private final FnAppService fnAppService;
  41     private final FnRoleService fnRoleService;
  42     private final FnUserRoleService fnUserRoleService;
  43     private final FnUserService fnUserService;
  44     private final EntityManager entityManager;
  45     private final AAFTemplate aafTemplate;
  46
  47     @Autowired
  48     public PortalAdminService(ExternalAccessRolesService externalAccessRolesService,
  49         FnAppService fnAppService, FnRoleService fnRoleService,
  50         FnUserRoleService fnUserRoleService, FnUserService fnUserService,
  51         EntityManager entityManager, AAFTemplate aafTemplate) {
  52         this.externalAccessRolesService = externalAccessRolesService;
  53         this.fnAppService = fnAppService;
  54         this.fnRoleService = fnRoleService;
  55         this.fnUserRoleService = fnUserRoleService;
  56         this.fnUserService = fnUserService;
  57         this.entityManager = entityManager;
  58         this.aafTemplate = aafTemplate;
  59     }
  60
  61     @PostConstruct
  62     public void init() {
  63         SYS_ADMIN_ROLE_ID = SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID);
  64         ECOMP_APP_ID = SystemProperties.getProperty(EPCommonSystemProperties.ECOMP_APP_ID);
  65     }
  66
  67
  68     @SuppressWarnings("unchecked")
  69     public List<PortalAdmin> getPortalAdmins() {
  70         try {
  71             List<PortalAdmin> portalAdmins = entityManager.createNamedQuery("PortalAdminDTO")
  72                 .setParameter("adminRoleId", SYS_ADMIN_ROLE_ID).getResultList();
  73             logger.debug(EELFLoggerDelegate.debugLogger, "getPortalAdmins was successful");
  74             return portalAdmins;
  75         } catch (Exception e) {
  76             logger.error(EELFLoggerDelegate.errorLogger, "getPortalAdmins failed", e);
  77             return null;
  78         }
  79     }
  80
  81     public FieldsValidator createPortalAdmin(String orgUserId) {
  82         FieldsValidator fieldsValidator = new FieldsValidator();
  83         logger.debug(EELFLoggerDelegate.debugLogger, "LR: createPortalAdmin: orgUserId is {}", orgUserId);
  84         FnUser user = null;
  85         boolean createNewUser = false;
  86         List<FnUser> localUserList = fnUserService.getUserWithOrgUserId(orgUserId);
  87         if (!localUserList.isEmpty()) {
  88             user = localUserList.get(0);
  89         } else {
  90             createNewUser = true;
  91         }
  92
  93         if (user != null && isLoggedInUserPortalAdmin(user.getId())) {
  94             fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_CONFLICT);
  95             logger.error(EELFLoggerDelegate.errorLogger,
  96                 "User '" + user.getOrgUserId() + "' already has PortalAdmin role assigned.");
  97         } else if (user != null || createNewUser) {
  98             try {
  99                 if (createNewUser) {
 100                     user = fnUserService.getUserWithOrgUserId(orgUserId).get(0);
 101                     if (user != null) {
 102                         user.setActiveYn(true);
 103                         fnUserService.save(user);
 104                     }
 105                 }
 106                 if (user != null) {
 107                     FnUserRole userRole = new FnUserRole();
 108                     userRole.setUserId(user);
 109                     userRole.setRoleId(fnRoleService.getById(Long.valueOf(SYS_ADMIN_ROLE_ID)));
 110                     userRole.setFnAppId(fnAppService.getById(Long.valueOf(ECOMP_APP_ID)));
 111                     fnUserRoleService.saveOne(userRole);
 112                 }
 113                 if (user != null && EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
 114                     List<FnRole> roleList = externalAccessRolesService
 115                         .getPortalAppRoleInfo(PortalConstants.SYS_ADMIN_ROLE_ID);
 116                     FnRole role = new FnRole();
 117                     if (roleList.size() > 0) {
 118                         role = roleList.get(0);
 119                     }
 120                     logger.debug(EELFLoggerDelegate.debugLogger, "Requested RoleName is  " + role.getRoleName());
 121                     addPortalAdminInExternalCentralAuth(user.getOrgUserId(), role.getRoleName());
 122                 }
 123             } catch (Exception e) {
 124                 logger.error(EELFLoggerDelegate.errorLogger, "createPortalAdmin failed", e);
 125                 fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
 126             }
 127         }
 128         return fieldsValidator;
 129     }
 130
 131     private void addPortalAdminInExternalCentralAuth(String loginId, String portalAdminRole) throws Exception {
 132         try {
 133             String name = "";
 134             if (EPCommonSystemProperties.containsProperty(
 135                 EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) {
 136                 name = loginId + SystemProperties
 137                     .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
 138             }
 139             //TODO HARDCODED ID
 140             FnApp app = fnAppService.getById(PortalConstants.PORTAL_APP_ID);
 141             String extRole = app.getAuthNamespace() + "." + portalAdminRole.replaceAll(" ", "_");
 142             ObjectMapper addUserRoleMapper = new ObjectMapper();
 143             ExternalAccessUser extUser = new ExternalAccessUser(name, extRole);
 144             String userRole = addUserRoleMapper.writeValueAsString(extUser);
 145             HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 146             aafTemplate.addPortalAdminInAAF(new HttpEntity<>(userRole, headers));
 147         } catch (Exception e) {
 148             if (e.getMessage().equalsIgnoreCase("409 Conflict")) {
 149                 logger.debug(EELFLoggerDelegate.debugLogger, "Portal Admin role already exists", e.getMessage());
 150             } else {
 151                 logger.error(EELFLoggerDelegate.errorLogger, "Failed to add Portal Admin role ", e);
 152                 throw e;
 153             }
 154         }
 155     }
 156
 157     public FieldsValidator deletePortalAdmin(Long userId) {
 158         FieldsValidator fieldsValidator = new FieldsValidator();
 159         logger.debug(EELFLoggerDelegate.debugLogger, "deletePortalAdmin: test 1");
 160         try {
 161             //TODO HARDCODED ID
 162             fnUserRoleService.deleteByUserIdAndRoleId(userId, SYS_ADMIN_ROLE_ID);
 163             if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
 164
 165                 List<FnRole> roleList = externalAccessRolesService
 166                     .getPortalAppRoleInfo(PortalConstants.SYS_ADMIN_ROLE_ID);
 167                 FnRole role = new FnRole();
 168                 if (roleList.size() > 0) {
 169                     role = roleList.get(0);
 170                 }
 171                 logger.debug(EELFLoggerDelegate.debugLogger, "Requested RoleName is  " + role.getRoleName());
 172                 deletePortalAdminInExternalCentralAuth(userId, role.getRoleName());
 173             }
 174         } catch (Exception e) {
 175             logger.error(EELFLoggerDelegate.errorLogger, "deletePortalAdmin failed", e);
 176             fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
 177         }
 178         return fieldsValidator;
 179     }
 180
 181
 182     private void deletePortalAdminInExternalCentralAuth(Long userId, String portalAdminRole) throws Exception {
 183         try {
 184             String name = "";
 185             FnUser localUserList = fnUserService.getUser(userId)
 186                 .orElseThrow(() -> new EntityExistsException("User with id:" + userId + "do not exists."));
 187             if (EPCommonSystemProperties.containsProperty(
 188                 EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) {
 189                 name = localUserList.getOrgUserId() + SystemProperties
 190                     .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
 191             }
 192             //TODO HARDCODED ID
 193             FnApp app = fnAppService.getById(PortalConstants.PORTAL_APP_ID);
 194             String extRole = app.getAuthNamespace() + "." + portalAdminRole.replaceAll(" ", "_");
 195             HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
 196             aafTemplate.deletePortalAdminFromAAF(name, extRole, new HttpEntity<>(headers));
 197         } catch (Exception e) {
 198             if (e.getMessage().equalsIgnoreCase("404 Not Found")) {
 199                 logger.debug(EELFLoggerDelegate.debugLogger, "Portal Admin role already deleted or may not be found",
 200                     e.getMessage());
 201             } else {
 202                 logger.error(EELFLoggerDelegate.errorLogger, "Failed to add Portal Admin role ", e);
 203                 throw e;
 204             }
 205         }
 206     }
 207
 208     @SuppressWarnings("unchecked")
 209     private boolean isLoggedInUserPortalAdmin(Long userId) {
 210         try {
 211             List<PortalAdmin> portalAdmins = entityManager.createNamedQuery("ActivePortalAdminDTO")
 212                 .setParameter("userId", userId)
 213                 .setParameter("adminRoleId", SYS_ADMIN_ROLE_ID)
 214                 .getResultList();
 215             logger.debug(EELFLoggerDelegate.debugLogger, portalAdmins.toString());
 216             return portalAdmins.size() > 0;
 217         } catch (Exception e) {
 218             logger.error(EELFLoggerDelegate.errorLogger, "isLoggedInUserPortalAdmin failed", e);
 219             return false;
 220         }
 221     }
 222 }