import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
+import java.util.Set;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import org.json.simple.JSONObject;
import org.onap.portalapp.controller.EPRestrictedBaseController;
+import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
+import org.onap.portalapp.portal.exceptions.RoleFunctionException;
import org.onap.portalapp.portal.logging.aop.EPAuditLog;
import org.onap.portalapp.portal.logging.logic.EPLogUtil;
import org.onap.portalapp.portal.scheduler.SchedulerProperties;
import org.onap.portalapp.portal.scheduler.wrapper.GetTimeSlotsWrapper;
import org.onap.portalapp.portal.scheduler.wrapper.PostCreateNewVnfWrapper;
import org.onap.portalapp.portal.scheduler.wrapper.PostSubmitVnfChangeTimeSlotsWrapper;
+import org.onap.portalapp.portal.service.AdminRolesService;
import org.onap.portalapp.portal.utils.PortalConstants;
+import org.onap.portalapp.util.EPUserUtils;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.service.DataAccessService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
@Autowired
private SchedulerRestInterface schedulerRestController;
+
+ @Autowired
+ private AdminRolesService adminRolesService;
private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerController.class);
@RequestMapping(value = "/get_time_slots/{scheduler_request}", method = RequestMethod.GET, produces = "application/json")
public ResponseEntity<String> getTimeSlots(HttpServletRequest request,
@PathVariable("scheduler_request") String scheduler_request) throws Exception {
- try {
-
- Date startingTime = new Date();
- String startTimeRequest = requestDateFormat.format(startingTime);
- logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler GET Timeslots for startTimeRequest: ",
- startTimeRequest);
- logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {} ", scheduler_request);
-
- String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_GET_TIME_SLOTS)
- + scheduler_request;
-
- GetTimeSlotsWrapper schedulerResWrapper = getTimeSlots(scheduler_request, path, scheduler_request);
-
- Date endTime = new Date();
- String endTimeRequest = requestDateFormat.format(endTime);
- logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - GET for EndTimeRequest = {}",
- endTimeRequest);
- return (new ResponseEntity<String>(schedulerResWrapper.getResponse(),
- HttpStatus.valueOf(schedulerResWrapper.getStatus())));
- } catch (Exception e) {
- GetTimeSlotsWrapper schedulerResWrapper=new GetTimeSlotsWrapper();
- schedulerResWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
- schedulerResWrapper.setEntity(e.getMessage());
- logger.error(EELFLoggerDelegate.errorLogger, "Exception with getTimeslots", e);
- return (new ResponseEntity<String>(schedulerResWrapper.getResponse(), HttpStatus.INTERNAL_SERVER_ERROR));
+ if (checkIfUserISValidToMakeSchedule(request)) {
+ try {
+ Date startingTime = new Date();
+ String startTimeRequest = requestDateFormat.format(startingTime);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Controller Scheduler GET Timeslots for startTimeRequest: ", startTimeRequest);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {} ", scheduler_request);
+
+ String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_GET_TIME_SLOTS)
+ + scheduler_request;
+
+ GetTimeSlotsWrapper schedulerResWrapper = getTimeSlots(scheduler_request, path, scheduler_request);
+
+ Date endTime = new Date();
+ String endTimeRequest = requestDateFormat.format(endTime);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - GET for EndTimeRequest = {}",
+ endTimeRequest);
+ return (new ResponseEntity<String>(schedulerResWrapper.getResponse(),
+ HttpStatus.valueOf(schedulerResWrapper.getStatus())));
+ } catch (Exception e) {
+ GetTimeSlotsWrapper schedulerResWrapper = new GetTimeSlotsWrapper();
+ schedulerResWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
+ schedulerResWrapper.setEntity(e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception with getTimeslots", e);
+ return (new ResponseEntity<String>(schedulerResWrapper.getResponse(),
+ HttpStatus.INTERNAL_SERVER_ERROR));
+ }
+ }else{
+ return (new ResponseEntity<String>("User is unauthorized to make this call", HttpStatus.UNAUTHORIZED));
}
-
}
protected GetTimeSlotsWrapper getTimeSlots(String request, String path, String uuid) throws Exception {
@RequestMapping(value = "/post_create_new_vnf_change", method = RequestMethod.POST, produces = "application/json")
public ResponseEntity<String> postCreateNewVNFChange(HttpServletRequest request,
@RequestBody JSONObject scheduler_request) throws Exception {
- try {
- Date startingTime = new Date();
- String startTimeRequest = requestDateFormat.format(startingTime);
+ if (checkIfUserISValidToMakeSchedule(request)) {
+ try {
+ Date startingTime = new Date();
+ String startTimeRequest = requestDateFormat.format(startingTime);
- logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler POST : post_create_new_vnf_change",
- startTimeRequest);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler POST : post_create_new_vnf_change",
+ startTimeRequest);
- // Generating uuid
- String uuid = UUID.randomUUID().toString();
+ // Generating uuid
+ String uuid = UUID.randomUUID().toString();
- scheduler_request.put("scheduleId", uuid);
- logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid);
+ scheduler_request.put("scheduleId", uuid);
+ logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid);
- // adding uuid to the request payload
- scheduler_request.put("scheduleId", uuid);
- logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {}", scheduler_request.toString());
+ // adding uuid to the request payload
+ scheduler_request.put("scheduleId", uuid);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {}", scheduler_request.toString());
- String path = SchedulerProperties
- .getProperty(SchedulerProperties.SCHEDULER_CREATE_NEW_VNF_CHANGE_INSTANCE_VAL) + uuid;
+ String path = SchedulerProperties
+ .getProperty(SchedulerProperties.SCHEDULER_CREATE_NEW_VNF_CHANGE_INSTANCE_VAL) + uuid;
- PostCreateNewVnfWrapper responseWrapper = postSchedulingRequest(scheduler_request, path, uuid);
+ PostCreateNewVnfWrapper responseWrapper = postSchedulingRequest(scheduler_request, path, uuid);
- Date endTime = new Date();
- String endTimeRequest = requestDateFormat.format(endTime);
- logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - POST= {}", endTimeRequest);
+ Date endTime = new Date();
+ String endTimeRequest = requestDateFormat.format(endTime);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - POST= {}", endTimeRequest);
- return new ResponseEntity<String>(responseWrapper.getResponse(),
- HttpStatus.valueOf(responseWrapper.getStatus()));
- } catch (Exception e) {
- PostCreateNewVnfWrapper responseWrapper=new PostCreateNewVnfWrapper();
- responseWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
- responseWrapper.setEntity(e.getMessage());
- logger.error(EELFLoggerDelegate.errorLogger, "Exception with postCreateNewVNFChange ", e);
- return (new ResponseEntity<String>(responseWrapper.getResponse(), HttpStatus.INTERNAL_SERVER_ERROR));
+ return new ResponseEntity<String>(responseWrapper.getResponse(),
+ HttpStatus.valueOf(responseWrapper.getStatus()));
+ } catch (Exception e) {
+ PostCreateNewVnfWrapper responseWrapper = new PostCreateNewVnfWrapper();
+ responseWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
+ responseWrapper.setEntity(e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception with postCreateNewVNFChange ", e);
+ return (new ResponseEntity<String>(responseWrapper.getResponse(), HttpStatus.INTERNAL_SERVER_ERROR));
+ }
+ }else{
+ return (new ResponseEntity<String>("User is unauthorized to make this call",HttpStatus.UNAUTHORIZED));
}
}
@RequestMapping(value = "/submit_vnf_change_timeslots", method = RequestMethod.POST, produces = "application/json")
public ResponseEntity<String> postSubmitVnfChangeTimeslots(HttpServletRequest request,
@RequestBody JSONObject scheduler_request) throws Exception {
+ if (checkIfUserISValidToMakeSchedule(request)) {
try {
Date startingTime = new Date();
String startTimeRequest = requestDateFormat.format(startingTime);
endTimeRequest);
return (new ResponseEntity<String>(responseWrapper.getResponse(),HttpStatus.valueOf(responseWrapper.getStatus())));
- } catch (Exception e) {
- PostSubmitVnfChangeTimeSlotsWrapper responseWrapper=new PostSubmitVnfChangeTimeSlotsWrapper();
- responseWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
- responseWrapper.setEntity(e.getMessage());
- logger.error(EELFLoggerDelegate.errorLogger, "Exception with Post submit Vnf change Timeslots", e);
- return (new ResponseEntity<String>(responseWrapper.getResponse(), HttpStatus.INTERNAL_SERVER_ERROR));
+ } catch (Exception e) {
+ PostSubmitVnfChangeTimeSlotsWrapper responseWrapper = new PostSubmitVnfChangeTimeSlotsWrapper();
+ responseWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
+ responseWrapper.setEntity(e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception with Post submit Vnf change Timeslots", e);
+ return (new ResponseEntity<String>(responseWrapper.getResponse(), HttpStatus.INTERNAL_SERVER_ERROR));
+ }
+ }else{
+ return (new ResponseEntity<String>("User is unauthorized to make this call",HttpStatus.UNAUTHORIZED));
}
}
* Get Scheduler UI constant values from properties file
*
* @return Rest response wrapped around a String; e.g., "success" or "ERROR"
+ * @throws Exception
*/
@RequestMapping(value = "/get_scheduler_constant", method = RequestMethod.GET, produces = "application/json")
public PortalRestResponse<Map<String, String>> getSchedulerConstant(HttpServletRequest request,
- HttpServletResponse response) {
+ HttpServletResponse response) throws Exception {
logger.debug(EELFLoggerDelegate.debugLogger, "get scheduler constant");
PortalRestResponse<Map<String, String>> portalRestResponse = null;
- String errorMsg = " is not defined in property file. Please check the property file and make sure all the schedule constant values are defined";
- HashMap<String, String> constantMap = new HashMap<>();
- constantMap.put(SchedulerProperties.SCHEDULER_DOMAIN_NAME, "domainName");
- constantMap.put(SchedulerProperties.SCHEDULER_SCHEDULE_NAME, "scheduleName");
- constantMap.put(SchedulerProperties.SCHEDULER_WORKFLOW_NAME, "workflowName");
- constantMap.put(SchedulerProperties.SCHEDULER_CALLBACK_URL, "callbackUrl");
- constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_TYPE, "approvalType");
- constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_SUBMIT_STATUS, "approvalSubmitStatus");
- constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_REJECT_STATUS, "approvalRejectStatus");
- constantMap.put(SchedulerProperties.SCHEDULER_POLICY_NAME, "policyName");
- constantMap.put(SchedulerProperties.SCHEDULER_INTERVAL_GET_TIMESLOT_RATE, "intervalRate");
- constantMap.put(SchedulerProperties.SCHEDULER_GROUP_ID, "groupId");
- try {
- Map<String, String> map = new HashMap<>();
- for (Map.Entry<String, String> entry : constantMap.entrySet()) {
- if (SchedulerProperties.containsProperty(entry.getKey()))
- map.put(entry.getValue(), SchedulerProperties.getProperty(entry.getKey()));
- else
- throw new Exception(entry.getKey() + errorMsg);
+
+ if (checkIfUserISValidToMakeSchedule(request)) {
+ String errorMsg = " is not defined in property file. Please check the property file and make sure all the schedule constant values are defined";
+ HashMap<String, String> constantMap = new HashMap<>();
+ constantMap.put(SchedulerProperties.SCHEDULER_DOMAIN_NAME, "domainName");
+ constantMap.put(SchedulerProperties.SCHEDULER_SCHEDULE_NAME, "scheduleName");
+ constantMap.put(SchedulerProperties.SCHEDULER_WORKFLOW_NAME, "workflowName");
+ constantMap.put(SchedulerProperties.SCHEDULER_CALLBACK_URL, "callbackUrl");
+ constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_TYPE, "approvalType");
+ constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_SUBMIT_STATUS, "approvalSubmitStatus");
+ constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_REJECT_STATUS, "approvalRejectStatus");
+ constantMap.put(SchedulerProperties.SCHEDULER_POLICY_NAME, "policyName");
+ constantMap.put(SchedulerProperties.SCHEDULER_INTERVAL_GET_TIMESLOT_RATE, "intervalRate");
+ constantMap.put(SchedulerProperties.SCHEDULER_GROUP_ID, "groupId");
+ try {
+ Map<String, String> map = new HashMap<>();
+ for (Map.Entry<String, String> entry : constantMap.entrySet()) {
+ if (SchedulerProperties.containsProperty(entry.getKey()))
+ map.put(entry.getValue(), SchedulerProperties.getProperty(entry.getKey()));
+ else
+ throw new Exception(entry.getKey() + errorMsg);
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger, " portalRestResponse - getSchedulerConstant= {}", map);
+ portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.OK, "success",
+ map);
+
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "getSchedulerConstant failed", e);
+ portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.ERROR,
+ e.getMessage(), null);
}
- logger.debug(EELFLoggerDelegate.debugLogger, " portalRestResponse - getSchedulerConstant= {}",
- map);
- portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.OK, "success", map);
-
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "getSchedulerConstant failed", e);
- portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.ERROR, e.getMessage(),
- null);
+
}
- return portalRestResponse;
+ else{
+ logger.error(EELFLoggerDelegate.errorLogger, "getSchedulerConstant failed: User unauthorized to make this call");
+ portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.ERROR, "failed : Unauthorized", null);
+ }
+ return portalRestResponse;
}
+ private String getPath(HttpServletRequest request)
+ {
+ String requestURI = request.getRequestURI();
+ String portalApiPath = "";
+ if (requestURI != null) {
+ String[] uriArray = requestURI.split("/portalApi/");
+ if (uriArray.length > 1) {
+ portalApiPath = uriArray[1];
+ }
+ }
+ return portalApiPath;
+ }
+
+ private boolean checkIfUserISValidToMakeSchedule(HttpServletRequest request) throws Exception
+ {
+ EPUser user = EPUserUtils.getUserSession(request);
+ String portalApiPath = getPath(request);
+ Set<String> functionCodeList = adminRolesService.getAllAppsFunctionsOfUser(user.getId().toString());
+ boolean isValidUser = EPUserUtils.matchRoleFunctions(portalApiPath, functionCodeList);
+// boolean isValidUser = functionCodeList.stream().anyMatch(x -> functionCodeList.contains(portalApiPath));
+ return isValidUser;
+ }
}
Code Review / portal.git / blobdiff