* ============LICENSE_START==========================================
* ONAP Portal
* ===================================================================
- * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
* ===================================================================
*
* Unless otherwise specified, all software contained herein is licensed
client = new EPUser();
client.setOrgUserId(userId);
client.setSystemUser(true);
- client.setFirstName(userId.substring(0,userId.indexOf("@")));
+ if (userId.indexOf("@") != -1) {
+ client.setFirstName(userId.substring(0,userId.indexOf("@")));
+ }
+ else {
+ client.setFirstName(userId);
+ }
}
if (client == null) {
String msg = "createLocalUserIfNecessary: cannot create user " + userId
.setParameter("appId",appId)
.list();
for (EPRole role : roles) {
- if (!extRequestValue && app.getCentralAuth()) {
+ if (!extRequestValue && app.getRolesInAAF()) {
rolesMap.put(role.getId(), role);
} else {
rolesMap.put(role.getAppRoleId(), role);
}
}
}
-
applyChangesToUserAppRolesForMyLoginsRequest(user, appId);
Boolean systemUser = (newAppRolesForUser.getIsSystemUser() != null ? newAppRolesForUser.getIsSystemUser() : false);
- if ((app.getCentralAuth() || app.getId().equals(PortalConstants.PORTAL_APP_ID)) && systemUser) {
+ if ((app.getRolesInAAF() || app.getId().equals(PortalConstants.PORTAL_APP_ID)) && systemUser) {
Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper,
applicationsRestClientService, appId, userId);
result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, "Portal",
systemUser,rolesGotDeletedByApprover,false);
- }else if (!app.getCentralAuth() && systemUser)
+ }else if (!app.getRolesInAAF() && systemUser)
{
throw new Exception("For non-centralized application we cannot add systemUser");
}
else{ // if centralized app
- if (app.getCentralAuth()) {
- if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
+ if (app.getRolesInAAF()) {
+
+ if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && (app.getAppAck() != null && app.getAppAck())) {
+ logger.debug(EELFLoggerDelegate.debugLogger,"setAppWithUserRoleStateForUser: calling pushRemoteUser method for Central application");
+ logger.debug(EELFLoggerDelegate.debugLogger,"setAppWithUserRoleStateForUser:"+app.getAppAck());
pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService,
applicationsRestClientService,false);
}
userRolesInLocalApp);
List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.roles;
if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
-
// Apply changes in external Access system
updateUserRolesInExternalSystem(app, rolesInAppForUser.orgUserId, roleAppUserList,
epRequestValue,false,rolesGotDeletedFromApprover,checkIfUserisOnlyRoleAdmin);
result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, "Portal", systemUser,rolesGotDeletedFromApprover,checkIfUserisOnlyRoleAdmin);
}
// In case if portal is not centralized then follow existing approach
- else if(!app.getCentralAuth() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){
+ else if(!app.getRolesInAAF() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){
Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper,
applicationsRestClientService, appId, userId);
RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId,
result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, "Portal",false,rolesGotDeletedByApprover,false);
} else{// remote app
EPUser remoteAppUser = null;
- if(!app.getCentralAuth() && !app.getId().equals(PortalConstants.PORTAL_APP_ID)){
+ if(!app.getRolesInAAF() && !app.getId().equals(PortalConstants.PORTAL_APP_ID)){
remoteAppUser = checkIfRemoteUserExits(userId, app, applicationsRestClientService);
-
+
if (remoteAppUser == null) {
remoteAppUser = addRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, applicationsRestClientService);
}
* @param roleInAppUser Contains list of active roles
*/
@SuppressWarnings("unchecked")
- private void updateUserRolesInExternalSystem(EPApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser, boolean isPortalRequest,boolean isSystemUser,Set<EcompRole> deletedRolesByApprover,boolean isLoggedInUserRoleAdminofApp) throws Exception
+ private void updateUserRolesInExternalSystem(EPApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser, boolean isPortalRequest,boolean nonHumanUserId,Set<EcompRole> deletedRolesByApprover,boolean isLoggedInUserRoleAdminofApp) throws Exception
{
try {
// check if user exists
userParams.put("orgUserIdValue", orgUserId);
List<EPUser> userInfo = checkIfUserExists(userParams);
if (userInfo.isEmpty()) {
- createLocalUserIfNecessary(orgUserId, isSystemUser);
+ createLocalUserIfNecessary(orgUserId, nonHumanUserId);
}
String name = "";
if (EPCommonSystemProperties
- .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) && !isSystemUser) {
- name = orgUserId
- + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+ .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) && !nonHumanUserId) {
+ if(orgUserId.indexOf("@") ==-1) {
+ name = orgUserId + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+ }else {
+ name = orgUserId;
+ }
} else {
name = orgUserId;
+ if(nonHumanUserId && orgUserId!=null) {
+ if(orgUserId.indexOf("@") ==-1) {
+ name = orgUserId + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+ }
+ }
}
ObjectMapper mapper = new ObjectMapper();
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
}
//If Non-Centralized app make sure you sync app roles before assigning to user
- if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && !app.getCentralAuth()) {
+ if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && !app.getRolesInAAF()) {
logger.debug(EELFLoggerDelegate.debugLogger, "setExternalRequestUserAppRole: Starting GET roles for app {}",app.getId());
EcompRole[] appRoles = applicationsRestClientService.get(EcompRole[].class, app.getId(), "/roles");
logger.debug(EELFLoggerDelegate.debugLogger, "setExternalRequestUserAppRole: Finshed GET roles for app {} and payload {}",app.getId(), appRoles);
.anyMatch(roleList -> roleList.getRoleId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID));
}
// if Centralized app
- if (app.getCentralAuth()) {
+ if (app.getRolesInAAF()) {
// We should add If user does not exist in remote application
try {
// If adding just account admin role dont make remote application user call or
// if request has only single non admin role then make remote call
if (!(app.getId().equals(PortalConstants.PORTAL_APP_ID) && reqType.equals("DELETE"))
+ && (app.getAppAck() != null && app.getAppAck())
&& ((checkIfAdminRoleExists && roleInAppForUserList.size() > 1)
|| (!checkIfAdminRoleExists && roleInAppForUserList.size() >= 1))) {
// check if admin role exist then delete
return (role.getRoleId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID));
});
String orgUserIdNewOrExist = (userInfo.size() != 0 || !userInfo.isEmpty()) ? user.getOrgUserId() : orgUserId;
+
pushRemoteUser(remoteUserRoles, orgUserIdNewOrExist , app, mapper, searchService,
applicationsRestClientService,true);
}
result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest, reqType,false,rolesGotDeletedByApprover,false);
}
// If local application is not centralized
- else if(!app.getCentralAuth() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){
+ else if(!app.getRolesInAAF() && app.getId().equals(PortalConstants.PORTAL_APP_ID)){
Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper,
applicationsRestClientService, app.getId(), orgUserId);
RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId, app.getId(),
// for onap portal app, no need to make a remote call
List<Role> roleList = new ArrayList<>();
if (appId == PortalConstants.PORTAL_APP_ID) {
- if(app.getCentralAuth()){
+ if(app.getRolesInAAF()){
List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey());
for(CentralV2Role cenRole : cenRoleList){
Role role = new Role();
EcompRole[] appRoles = null;
boolean checkIfUserisApplicationAccAdmin = false;
List<EcompRole> roles = new ArrayList<>();
- if (app.getCentralAuth()) {
+ if (app.getRolesInAAF()) {
final Map<String, Long> appParams = new HashMap<>();
appParams.put("appId", app.getId());
List<EPRole> applicationRoles = dataAccessService.executeNamedQuery("getActiveRolesOfApplication",
// If there is an exception in the rest client api, then null will
// be returned.
if (appRoles != null) {
- if(!app.getCentralAuth()) {
+ if(!app.getRolesInAAF()) {
syncAppRoles(sessionFactory, appId, appRoles);
}
EcompRole[] userAppRoles = null;
try {
try {
- if(app.getCentralAuth()){
+ if(app.getRolesInAAF()){
final Map<String, String> params = new HashMap<>();
final Map<String, Long> userParams = new HashMap<>();
params.put("orgUserIdValue", userId);
EPApp app = appsService.getApp(appId);
//If local or centralized application
- if (appId == PortalConstants.PORTAL_APP_ID || app.getCentralAuth()) {
+ if (appId == PortalConstants.PORTAL_APP_ID || app.getRolesInAAF()) {
Map<String, Object> params = new HashMap<>();
params.put("id", app.getId());
params.put("active", true);
Code Review / portal.git / blobdiff