Sync Application Users Roles during login process

[portal.git] / ecomp-portal-BE-os / src / main / java / org / onap / portalapp / controller / LoginController.java

diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java
index 88f7651..2fe704b 100644 (file)
--- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java
+++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java
@@ -5,7 +5,7 @@
  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
  * ===================================================================
  *
- * Unless otherwise specified, all software contained herein is licensed
+ * Unless otherwise specified, all software contained herein is licensed  
  * under the Apache License, Version 2.0 (the "License");
  * you may not use this software except in compliance with the License.
  * You may obtain a copy of the License at
@@ -16,7 +16,7 @@
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
- * limitations under the License.
+ * limitations under the License. 
  *
  * Unless otherwise specified, all documentation contained herein is licensed
  * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
@@ -33,12 +33,13 @@
  *
  * ============LICENSE_END============================================
  *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * 
  */
 package org.onap.portalapp.controller;
 
 import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID;
 
+import java.io.IOException;
 import java.net.MalformedURLException;
 import java.net.URL;
 import java.net.URLDecoder;
@@ -55,24 +56,28 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.lang.StringUtils;
 import org.json.JSONObject;
 import org.onap.portalapp.command.EPLoginBean;
-import org.onap.portalapp.controller.EPUnRestrictedBaseController;
 import org.onap.portalapp.portal.domain.SharedContext;
 import org.onap.portalapp.portal.service.EPLoginService;
 import org.onap.portalapp.portal.service.EPRoleFunctionService;
+import org.onap.portalapp.portal.service.ExternalAccessRolesService;
 import org.onap.portalapp.portal.service.SharedContextService;
 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
 import org.onap.portalapp.portal.utils.EPSystemProperties;
+import org.onap.portalapp.portal.utils.EcompPortalUtils;
 import org.onap.portalapp.util.EPUserUtils;
 import org.onap.portalapp.util.SessionCookieUtil;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.menu.MenuProperties;
-import org.onap.portalsdk.core.onboarding.util.CipherUtil;
 import org.onap.portalsdk.core.util.SystemProperties;
 import org.slf4j.MDC;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Controller;
 import org.springframework.util.StopWatch;
+import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.servlet.ModelAndView;
@@ -100,12 +105,14 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
        private SharedContextService sharedContextService;
        @Autowired
        private EPRoleFunctionService ePRoleFunctionService;
+       @Autowired
+       private ExternalAccessRolesService externalAccessRolesService ;
 
        private String viewName = "login";
 
        private String welcomeView;
 
-       @RequestMapping(value = { "/login.htm" }, method = RequestMethod.GET)
+       @GetMapping(value = { "/login.htm" })
        public ModelAndView login(HttpServletRequest request) {
                Map<String, Object> model = new HashMap<String, Object>();
                String authentication = SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM);
@@ -118,10 +125,11 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
        }
 
        @SuppressWarnings("rawtypes")
-       @RequestMapping(value = { "/open_source/login" }, method = RequestMethod.POST)
+       @PostMapping(value = { "/open_source/login" })
        @ResponseBody
        public String loginValidate(HttpServletRequest request, HttpServletResponse response) throws Exception {
 
+               String orgUserId = "";
                ObjectMapper mapper = new ObjectMapper();
                mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
                JsonNode root = mapper.readTree(request.getReader());
@@ -148,8 +156,7 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
                } else {
                        // store the currently logged in user's information in the session
                        EPUserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
-                                       commandBean.getBusinessDirectMenu(),
-                                       SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM), ePRoleFunctionService);
+                                       commandBean.getBusinessDirectMenu(), ePRoleFunctionService);
 
                        try {
                                logger.info(EELFLoggerDelegate.debugLogger, "loginValidate: store user info into share context begins");
@@ -177,6 +184,18 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
                        SessionCookieUtil.setUpUserIdCookie(request, response, loginId);
 
                        JSONObject j = new JSONObject("{success: success}");
+                       
+                       try {
+                               //if app is centralized then sync user roles from the external auth system
+                               orgUserId = commandBean.getUser().getOrgUserId();
+                               if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+                                       externalAccessRolesService.syncApplicationUserRolesFromExtAuthSystem(orgUserId);
+                                       logger.info(EELFLoggerDelegate.errorLogger, "Sync: Sync Application UserRoles From ExtAuthSystem is done..");
+                               }
+                       } catch (Exception e) {
+                               logger.info(EELFLoggerDelegate.errorLogger, "Sync: Sync Application UserRoles From ExtAuthSystem Faild..",
+                                               e);
+                       }
 
                        return j.toString();
                }
@@ -194,13 +213,13 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
         * repaired.
         */
 
-       @RequestMapping(value = { "/processSingleSignOn" }, method = RequestMethod.GET)
+       @GetMapping(value = { "/processSingleSignOn" })
        public ModelAndView processSingleSignOn(HttpServletRequest request, HttpServletResponse response) throws Exception {
 
                Map<Object, Object> model = new HashMap<Object, Object>();
                HashMap<Object, Object> additionalParamsMap = new HashMap<Object, Object>();
                EPLoginBean commandBean = new EPLoginBean();
-               MDC.put(MDC_KEY_REQUEST_ID, getRequestId(request));
+               MDC.put(MDC_KEY_REQUEST_ID, (getRequestId(request)==null || getRequestId(request).isEmpty()) ? UUID.randomUUID().toString():getRequestId(request));
                // get userId from cookie
                String orgUserId = SessionCookieUtil.getUserIdFromCookie(request, response);
                logger.info(EELFLoggerDelegate.debugLogger, "processSingleSignOn: begins with orgUserId {}", orgUserId);
@@ -230,11 +249,11 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
                                                additionalParamsMap);
 
                                stopWatch.stop();
-                               MDC.put(EPSystemProperties.MDC_TIMER, stopWatch.getTotalTimeMillis() + "ms");
+                               MDC.put(EPSystemProperties.MDC_TIMER, String.valueOf(stopWatch.getTotalTimeMillis()));
                                logger.info(EELFLoggerDelegate.debugLogger, "Operation findUser is completed.");
                        } catch (Exception e) {
                                stopWatch.stop();
-                               MDC.put(EPSystemProperties.MDC_TIMER, stopWatch.getTotalTimeMillis() + "ms");
+                               MDC.put(EPSystemProperties.MDC_TIMER, String.valueOf(stopWatch.getTotalTimeMillis()));
                                logger.info(EELFLoggerDelegate.errorLogger, "processSingleSignOn failed on user " + orgUserId, e);
                        } finally {
                                MDC.remove(EPSystemProperties.MDC_TIMER);
@@ -264,8 +283,7 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
                                                orgUserId);
 
                                EPUserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
-                                               commandBean.getBusinessDirectMenu(),
-                                               SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM), ePRoleFunctionService);
+                                               commandBean.getBusinessDirectMenu(), ePRoleFunctionService);
                                logger.info(EELFLoggerDelegate.debugLogger,
                                                "processSingleSignOn: now set up user session for {} finished", orgUserId);
 
@@ -411,4 +429,9 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
                this.sharedContextService = sharedContextService;
        }
 
+       @ExceptionHandler(Exception.class)
+       protected void handleBadRequests(Exception e, HttpServletResponse response) throws IOException {
+               logger.warn(EELFLoggerDelegate.errorLogger, "Handling bad request", e);
+               response.sendError(HttpStatus.BAD_REQUEST.value());
+       }
 }