X-Git-Url: https://gerrit.onap.org/r/gitweb?p=portal.git;a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fservice%2FExternalAccessRolesServiceImpl.java;h=331a822152b35ff0d72c3abce158906d72a3380b;hp=f83a8e3490bb1002bda45b2443dcd798468f04b2;hb=eb34f877f352e8d9cd8f2e62693a2692e7f62dc3;hpb=47bcf09a62fb260a60b90d4f6c8406d956ab5a8a diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java index f83a8e34..331a8221 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java @@ -47,11 +47,9 @@ import java.util.Map; import java.util.Set; import java.util.SortedSet; import java.util.TreeSet; -import java.util.regex.Pattern; import java.util.stream.Collectors; import org.apache.commons.codec.DecoderException; -import org.apache.commons.codec.binary.Hex; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.SessionFactory; @@ -78,27 +76,7 @@ import org.onap.portalapp.portal.exceptions.RoleFunctionException; import org.onap.portalapp.portal.logging.aop.EPAuditLog; import org.onap.portalapp.portal.logging.aop.EPMetricsLog; import org.onap.portalapp.portal.logging.logic.EPLogUtil; -import org.onap.portalapp.portal.transport.BulkUploadRoleFunction; -import org.onap.portalapp.portal.transport.BulkUploadUserRoles; -import org.onap.portalapp.portal.transport.CentralApp; -import org.onap.portalapp.portal.transport.CentralRole; -import org.onap.portalapp.portal.transport.CentralRoleFunction; -import org.onap.portalapp.portal.transport.CentralUser; -import org.onap.portalapp.portal.transport.CentralUserApp; -import org.onap.portalapp.portal.transport.CentralV2Role; -import org.onap.portalapp.portal.transport.CentralV2User; -import org.onap.portalapp.portal.transport.CentralV2UserApp; -import org.onap.portalapp.portal.transport.CentralizedAppRoles; -import org.onap.portalapp.portal.transport.EcompUserRoles; -import org.onap.portalapp.portal.transport.ExternalAccessPerms; -import org.onap.portalapp.portal.transport.ExternalAccessPermsDetail; -import org.onap.portalapp.portal.transport.ExternalAccessRole; -import org.onap.portalapp.portal.transport.ExternalAccessRolePerms; -import org.onap.portalapp.portal.transport.ExternalAccessUser; -import org.onap.portalapp.portal.transport.ExternalAccessUserRoleDetail; -import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator; -import org.onap.portalapp.portal.transport.GlobalRoleWithApplicationRoleFunction; -import org.onap.portalapp.portal.transport.LocalRole; +import org.onap.portalapp.portal.transport.*; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.portal.utils.PortalConstants; @@ -133,64 +111,40 @@ import com.fasterxml.jackson.databind.type.TypeFactory; @EPMetricsLog @EPAuditLog public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesService { - private static final String APP_ROLE_NAME_PARAM = "appRoleName"; - private static final String GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM = "getRoletoUpdateInExternalAuthSystem"; - private static final String GET_PORTAL_APP_ROLES_QUERY = "getPortalAppRoles"; - private static final String GET_ROLE_FUNCTION_QUERY = "getRoleFunction"; - private static final String FUNCTION_CODE_PARAMS = "functionCode"; - private static final String AND_FUNCTION_CD_EQUALS = " and function_cd = '"; - private static final String OWNER = ".owner"; - private static final String ADMIN = ".admin"; - private static final String ACCOUNT_ADMINISTRATOR = ".Account_Administrator"; - private static final String FUNCTION_PIPE = "|"; - private static final String EXTERNAL_AUTH_PERMS = "perms"; - private static final String EXTERNAL_AUTH_ROLE_DESCRIPTION = "description"; - private static final String IS_EMPTY_JSON_STRING = "{}"; - private static final String CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE = "Connecting to External Auth system"; - private static final String APP_ID = "appId"; - private static final String ROLE_NAME = "name"; - private static final String APP_ID_EQUALS = " app_id = "; - private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesServiceImpl.class); - @Autowired private DataAccessService dataAccessService; - @Autowired private EPAppService epAppService; - @Autowired private SessionFactory sessionFactory; - @Autowired EPRoleService ePRoleService; - RestTemplate template = new RestTemplate(); - - // These decode values are based on HexDecoder static final String decodeValueOfForwardSlash = "2f"; static final String decodeValueOfHiphen = "2d"; static final String decodeValueOfStar = "2a"; @SuppressWarnings("unchecked") + @Override public List getAppRoles(Long appId) throws Exception { List applicationRoles = null; final Map appParams = new HashMap<>(); @@ -216,8 +170,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map appUebkeyParams = new HashMap<>(); appUebkeyParams.put("appKey", uebkey); app = dataAccessService.executeNamedQuery("getMyAppDetailsByUebKey", appUebkeyParams, null); - if(!app.isEmpty() && !app.get(0).getEnabled() && !app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)){ - throw new InactiveApplicationException("Application:"+app.get(0).getName()+" is Unavailable"); + if (!app.isEmpty() && !app.get(0).getEnabled() + && !app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)) { + throw new InactiveApplicationException("Application:" + app.get(0).getName() + " is Unavailable"); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getApp: failed", e); @@ -227,7 +182,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * It returns single application role from external auth system + * It returns single application role from external auth system + * * @param addRole * @param app * @return JSON string which contains application role details @@ -240,8 +196,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic logger.debug(EELFLoggerDelegate.debugLogger, "getSingleAppRole: Connecting to External Auth system"); response = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "roles/" - + app.getNameSpace() - + "." + addRole + + app.getNameSpace() + "." + addRole .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), HttpMethod.GET, entity, String.class); logger.debug(EELFLoggerDelegate.debugLogger, @@ -264,11 +219,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpMethod.POST, entity, String.class); if (addResponse.getStatusCode().value() == 201) { response = true; - logger.debug(EELFLoggerDelegate.debugLogger, "addRole: Finished adding role in the External Auth system and response code: {} ", addResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRole: Finished adding role in the External Auth system and response code: {} ", + addResponse.getStatusCode().value()); } if (addResponse.getStatusCode().value() == 406) { logger.error(EELFLoggerDelegate.errorLogger, - "addRole: Failed to add in the External Auth system due to {} and status code: {}", addResponse.getBody(), addResponse.getStatusCode().value()); + "addRole: Failed to add in the External Auth system due to {} and status code: {}", + addResponse.getBody(), addResponse.getStatusCode().value()); } return response; } @@ -278,18 +236,21 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * It deletes record in external auth system * * @param delRole - * @return JSON String which has status code and response body + * @return JSON String which has status code and response body * @throws Exception */ private ResponseEntity deleteRoleInExternalSystem(String delRole) throws Exception { ResponseEntity delResponse = null; HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity entity = new HttpEntity<>(delRole, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: {} for DELETE: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, delRole); + logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: {} for DELETE: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, delRole); delResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role?force=true", HttpMethod.DELETE, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: Finished DELETE operation in the External Auth system {} and status code: {} ", delRole, delResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "deleteRoleInExternalSystem: Finished DELETE operation in the External Auth system {} and status code: {} ", + delRole, delResponse.getStatusCode().value()); return delResponse; } @@ -299,8 +260,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param updateExtRole * @param app * @return true if success else false - * @throws Exception - * If updateRoleInExternalSystem fails we catch it in logger for detail message + * @throws Exception If updateRoleInExternalSystem fails we catch it in logger + * for detail message */ private boolean updateRoleInExternalSystem(Role updateExtRole, EPApp app, boolean isGlobalRole) throws Exception { boolean response = false; @@ -352,13 +313,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic isRoleNameChanged = true; deleteRoleInExtSystem(mapper, name); addRole(updateExtRole, app.getUebKey()); - // add partner functions to the global role in External Auth System + // add partner functions to the global role in External + // Auth System if (!list.isEmpty() && isGlobalRole) { addPartnerHasRoleFunctionsToGlobalRole(list, mapper, app, updateExtRole); } list.removeIf( perm -> EcompPortalUtils.checkNameSpaceMatching(perm.getType(), app.getNameSpace())); - // if role name is changes please ignore the previous functions in External Auth + // if role name is changes please ignore the previous + // functions in External Auth // and update with user requested functions addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, list); } @@ -423,21 +386,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); if (!list.isEmpty()) { for (ExternalAccessPerms perm : list) { - RoleFunction roleFunc = updateRoleFunc.get(perm.getType().substring(app.getNameSpace().length()+1) + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction()); - if (roleFunc==null) { - RoleFunction roleFuncPipeFilter = updateRoleFunc.get(perm.getInstance()); - if(roleFuncPipeFilter == null) - removePermForRole(perm, mapper, name, headers); + RoleFunction roleFunc = updateRoleFunc.get(perm.getType().substring(app.getNameSpace().length() + 1) + + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction()); + if (roleFunc == null) { + RoleFunction roleFuncPipeFilter = updateRoleFunc.get(perm.getInstance()); + if (roleFuncPipeFilter == null) + removePermForRole(perm, mapper, name, headers); } extRolePermMap.put(perm.getInstance(), perm); - extRolePermMapPipes.put( - perm.getType().substring(app.getNameSpace().length()+1) + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction(), perm); + extRolePermMapPipes.put(perm.getType().substring(app.getNameSpace().length() + 1) + FUNCTION_PIPE + + perm.getInstance() + FUNCTION_PIPE + perm.getAction(), perm); } } response = true; if (!roleFunctionListNew.isEmpty()) { for (RoleFunction roleFunc : roleFunctionListNew) { - if(roleFunc.getCode().contains(FUNCTION_PIPE)) { + if (roleFunc.getCode().contains(FUNCTION_PIPE)) { ExternalAccessPerms perm = extRolePermMapPipes.get(roleFunc.getCode()); if (perm == null) { response = addFunctionsToRoleInExternalAuthSystem(updateExtRole, app, mapper, headers, @@ -453,9 +417,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return response; } - + /* - * Adds function to the role in the external auth system while editing a role or updating new functions to a role + * Adds function to the role in the external auth system while editing a role or + * updating new functions to a role * */ private boolean addFunctionsToRoleInExternalAuthSystem(Role updateExtRole, EPApp app, ObjectMapper mapper, @@ -468,7 +433,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String action = ""; if (roleFunc.getCode().contains(FUNCTION_PIPE)) { code = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); - type = getFunctionCodeType(roleFunc.getCode()); + type = EcompPortalUtils.getFunctionType(roleFunc.getCode()); action = getFunctionCodeAction(roleFunc.getCode()); } else { code = roleFunc.getCode(); @@ -476,25 +441,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic action = "*"; } extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); - extRolePerms = new ExternalAccessRolePerms(extPerms, - app.getNameSpace() + "." - + updateExtRole.getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, - "_")); + extRolePerms = new ExternalAccessRolePerms(extPerms, app.getNameSpace() + "." + updateExtRole.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String updateRolePerms = mapper.writeValueAsString(extRolePerms); HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: {} for POST: {}", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); ResponseEntity addResponse = template.exchange( - SystemProperties.getProperty( - EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", HttpMethod.POST, entity, String.class); - if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value()!= 409) { + if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value() != 409) { response = false; logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: Connected to External Auth system but something went wrong! due to {} and statuscode: {}", - addResponse.getStatusCode().getReasonPhrase(), - addResponse.getStatusCode().value()); + addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); } else { response = true; logger.debug(EELFLoggerDelegate.debugLogger, @@ -503,7 +463,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return response; } - + private void addPartnerHasRoleFunctionsToGlobalRole(List permslist, ObjectMapper mapper, EPApp app, Role updateExtRole) throws Exception { for (ExternalAccessPerms perm : permslist) { @@ -533,19 +493,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic addResponse.getStatusCode().value()); } } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addPartnerHasRoleFunctionsToGlobalRole: Failed for POST request: {} due to ", - addPerms, e); + logger.error(EELFLoggerDelegate.errorLogger, + "addPartnerHasRoleFunctionsToGlobalRole: Failed for POST request: {} due to ", addPerms, e); } } } } @SuppressWarnings("unchecked") - private void addFunctionsTOGlobalRole(List epRoleList, Role updateExtRole, List roleFunctionListNew, ObjectMapper mapper, EPApp app, EPApp portalAppInfo) + private void addFunctionsTOGlobalRole(List epRoleList, Role updateExtRole, + List roleFunctionListNew, ObjectMapper mapper, EPApp app, EPApp portalAppInfo) throws Exception { try { logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addFunctionsTOGlobalRole"); - //GET Permissions from External Auth System + // GET Permissions from External Auth System JSONArray extPerms = getExtAuthPermissions(app); List permsDetailList = getExtAuthPerrmissonList(app, extPerms); final Map existingPermsWithRoles = new HashMap<>(); @@ -555,99 +516,108 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic for (ExternalAccessPermsDetail permDetail : permsDetailList) { existingPermsWithRoles.put(EcompPortalUtils.getFunctionCode(permDetail.getInstance()), permDetail); existingPermsWithRolesWithPipes.put(permDetail.getInstance(), permDetail); - } // Add If function does not exists for role in External Auth System for (RoleFunction roleFunc : roleFunctionListNew) { String roleFuncCode = ""; ExternalAccessPermsDetail permsDetail; - if(roleFunc.getCode().contains(FUNCTION_PIPE)) { + if (roleFunc.getCode().contains(FUNCTION_PIPE)) { roleFuncCode = roleFunc.getCode(); permsDetail = existingPermsWithRolesWithPipes.get(roleFunc.getCode()); } else { roleFuncCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); permsDetail = existingPermsWithRoles.get(roleFuncCode); } - if (null == permsDetail.getRoles() || !permsDetail.getRoles() - .contains(portalAppInfo.getNameSpace() + FUNCTION_PIPE + epRoleList.get(0).getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) { + if (null == permsDetail.getRoles() + || !permsDetail.getRoles() + .contains(portalAppInfo.getNameSpace() + FUNCTION_PIPE + + epRoleList.get(0).getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, + "_"))) { addRoleFunctionsToGlobalRoleInExternalSystem(roleFunc, updateExtRole, mapper, app, portalAppInfo); } userRquestedFunctionsMap.put(roleFuncCode, roleFunc); userRquestedFunctionsMapPipesFilter.put(EcompPortalUtils.getFunctionCode(roleFuncCode), roleFunc); - } - // Delete functions if exists in External Auth System but not in incoming request - final Map epAppRoleFuncParams = new HashMap<>(); + } + // Delete functions if exists in External Auth System but not in + // incoming + // request + final Map epAppRoleFuncParams = new HashMap<>(); epAppRoleFuncParams.put("requestedAppId", app.getId()); - epAppRoleFuncParams.put("roleId",updateExtRole.getId()); - List globalRoleFunctionList = dataAccessService.executeNamedQuery("getGlobalRoleForRequestedApp", epAppRoleFuncParams, null); - for(GlobalRoleWithApplicationRoleFunction globalRoleFunc: globalRoleFunctionList){ + epAppRoleFuncParams.put("roleId", updateExtRole.getId()); + List globalRoleFunctionList = dataAccessService + .executeNamedQuery("getGlobalRoleForRequestedApp", epAppRoleFuncParams, null); + for (GlobalRoleWithApplicationRoleFunction globalRoleFunc : globalRoleFunctionList) { String globalRoleFuncWithoutPipes = ""; RoleFunction roleFunc = null; - if(globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) { + if (globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) { globalRoleFuncWithoutPipes = globalRoleFunc.getFunctionCd(); roleFunc = userRquestedFunctionsMap.get(globalRoleFuncWithoutPipes); - }else { - globalRoleFuncWithoutPipes = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd()); + } else { + globalRoleFuncWithoutPipes = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd()); roleFunc = userRquestedFunctionsMapPipesFilter.get(globalRoleFuncWithoutPipes); } - if(roleFunc == null){ - ExternalAccessPermsDetail permDetailFromMap = globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE) ? existingPermsWithRolesWithPipes.get(globalRoleFuncWithoutPipes) : existingPermsWithRoles.get(globalRoleFuncWithoutPipes); - ExternalAccessPerms perm = new ExternalAccessPerms(permDetailFromMap.getType(), EcompPortalUtils.getFunctionCode(permDetailFromMap.getInstance()), permDetailFromMap.getAction()); - String roleName = portalAppInfo.getNameSpace()+"."+globalRoleFunc.getRoleName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); + if (roleFunc == null) { + ExternalAccessPermsDetail permDetailFromMap = globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE) + ? existingPermsWithRolesWithPipes.get(globalRoleFuncWithoutPipes) + : existingPermsWithRoles.get(globalRoleFuncWithoutPipes); + ExternalAccessPerms perm = new ExternalAccessPerms(permDetailFromMap.getType(), + EcompPortalUtils.getFunctionCode(permDetailFromMap.getInstance()), + permDetailFromMap.getAction()); + String roleName = portalAppInfo.getNameSpace() + "." + globalRoleFunc.getRoleName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); removePermForRole(perm, mapper, roleName, headers); } } logger.debug(EELFLoggerDelegate.debugLogger, "Finished addFunctionsTOGlobalRole"); } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addFunctionsTOGlobalRole: Failed",e); + logger.error(EELFLoggerDelegate.errorLogger, "addFunctionsTOGlobalRole: Failed", e); throw e; } } - private void addRoleFunctionsToGlobalRoleInExternalSystem(RoleFunction addFunction, Role globalRole, ObjectMapper mapper, EPApp app, - EPApp portalAppInfo) throws Exception { + private void addRoleFunctionsToGlobalRoleInExternalSystem(RoleFunction addFunction, Role globalRole, + ObjectMapper mapper, EPApp app, EPApp portalAppInfo) throws Exception { try { logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addRoleFunctionsToGlobalRoleInExternalSystem"); ExternalAccessRolePerms extAddRolePerms = null; ExternalAccessPerms extAddPerms = null; HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - String code = ""; - String type = ""; - String action = ""; - if (addFunction.getCode().contains(FUNCTION_PIPE)) { - code = EcompPortalUtils.getFunctionCode(addFunction.getCode()); - type = getFunctionCodeType(addFunction.getCode()); - action = getFunctionCodeAction(addFunction.getCode()); - } else { - code = addFunction.getCode(); - type = addFunction.getCode().contains("menu") ? "menu" : "url"; - action = "*"; - } - extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); - extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, - portalAppInfo.getNameSpace() + "." + globalRole.getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - String updateRolePerms = mapper.writeValueAsString(extAddRolePerms); - HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} ", - CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - ResponseEntity addResponse = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "role/perm", HttpMethod.POST, entity, String.class); - if (addResponse.getStatusCode().value() != 201) { - logger.debug(EELFLoggerDelegate.debugLogger, - "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", - addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); - } else { - logger.debug(EELFLoggerDelegate.debugLogger, - "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system and status code: {} ", - addResponse.getStatusCode().value()); - } + String code = ""; + String type = ""; + String action = ""; + if (addFunction.getCode().contains(FUNCTION_PIPE)) { + code = EcompPortalUtils.getFunctionCode(addFunction.getCode()); + type = getFunctionCodeType(addFunction.getCode()); + action = getFunctionCodeAction(addFunction.getCode()); + } else { + code = addFunction.getCode(); + type = addFunction.getCode().contains("menu") ? "menu" : "url"; + action = "*"; + } + extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); + extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, portalAppInfo.getNameSpace() + "." + globalRole + .getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + String updateRolePerms = mapper.writeValueAsString(extAddRolePerms); + HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + ResponseEntity addResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", + HttpMethod.POST, entity, String.class); + if (addResponse.getStatusCode().value() != 201) { + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", + addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); + } else { + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system and status code: {} ", + addResponse.getStatusCode().value()); + } logger.debug(EELFLoggerDelegate.debugLogger, "Finished addRoleFunctionsToGlobalRoleInExternalSystem"); - }catch(Exception e){ - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsToGlobalRoleInExternalSystem: Failed",e); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsToGlobalRoleInExternalSystem: Failed", e); throw e; } } @@ -657,7 +627,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic boolean response; String updateRolePerms = addPermsMapper.writeValueAsString(extAddRolePerms); HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); ResponseEntity addResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", HttpMethod.POST, entity, String.class); @@ -668,17 +639,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); } else { response = true; - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", updateRolePerms, addResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", + updateRolePerms, addResponse.getStatusCode().value()); } return response; } /** * - * It converts list of functions in updateExtRole parameter to the RoleFunction object + * It converts list of functions in updateExtRole parameter to the RoleFunction + * object * * @param updateExtRole - * @return list of functions + * @return list of functions */ @SuppressWarnings("unchecked") private List convertSetToListOfRoleFunctions(Role updateExtRole) { @@ -701,28 +675,31 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param permMapper * @param name * @param headers - * @throws JsonProcessingException + * @throws JsonProcessingException * @throws Exception */ private void removePermForRole(ExternalAccessPerms perm, ObjectMapper permMapper, String name, HttpHeaders headers) throws ExternalAuthSystemException, JsonProcessingException { ExternalAccessRolePerms extAccessRolePerms = new ExternalAccessRolePerms(perm, name); String permDetails = permMapper.writeValueAsString(extAccessRolePerms); - try{ - HttpEntity deleteEntity = new HttpEntity<>(permDetails, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: {} for DELETE: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, permDetails); - ResponseEntity deletePermResponse = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/" - + name + "/perm", HttpMethod.DELETE, deleteEntity, String.class); - if (deletePermResponse.getStatusCode().value() != 200) { - throw new ExternalAuthSystemException(deletePermResponse.getBody()); - } - logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: Finished deleting permission to role in External Auth system: {} and status code: {}", - permDetails, deletePermResponse.getStatusCode().value()); - } catch(Exception e){ - if(e.getMessage().contains("404")){ - logger.error(EELFLoggerDelegate.errorLogger, "Failed to add role for DELETE request: {} due to {}", permDetails, e.getMessage()); - } else{ + try { + HttpEntity deleteEntity = new HttpEntity<>(permDetails, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: {} for DELETE: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, permDetails); + ResponseEntity deletePermResponse = template + .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "role/" + name + "/perm", HttpMethod.DELETE, deleteEntity, String.class); + if (deletePermResponse.getStatusCode().value() != 200) { + throw new ExternalAuthSystemException(deletePermResponse.getBody()); + } + logger.debug(EELFLoggerDelegate.debugLogger, + "removePermForRole: Finished deleting permission to role in External Auth system: {} and status code: {}", + permDetails, deletePermResponse.getStatusCode().value()); + } catch (Exception e) { + if (e.getMessage().contains("404")) { + logger.error(EELFLoggerDelegate.errorLogger, "Failed to add role for DELETE request: {} due to {}", + permDetails, e.getMessage()); + } else { throw e; } } @@ -734,32 +711,34 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param newRole * @param app * @return true if successfully added in the system else false - * @throws Exception - * If fails to add role in the system + * @throws Exception If fails to add role in the system */ - private void addNewRoleInExternalSystem(List newRole, EPApp app) throws Exception, HttpClientErrorException { - try{ - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - ObjectMapper mapper = new ObjectMapper(); - String addNewRole = ""; - ExternalAccessRole extRole = new ExternalAccessRole(); - extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - extRole.setDescription(String.valueOf(newRole.get(0).getName())); - addNewRole = mapper.writeValueAsString(extRole); - HttpEntity postEntity = new HttpEntity<>(addNewRole, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole); - ResponseEntity addNewRoleInExternalSystem = template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", - HttpMethod.POST, postEntity, String.class); + private void addNewRoleInExternalSystem(List newRole, EPApp app) + throws Exception, HttpClientErrorException { + try { + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + ObjectMapper mapper = new ObjectMapper(); + String addNewRole = ""; + ExternalAccessRole extRole = new ExternalAccessRole(); + extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRole.setDescription(String.valueOf(newRole.get(0).getName())); + addNewRole = mapper.writeValueAsString(extRole); + HttpEntity postEntity = new HttpEntity<>(addNewRole, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole); + ResponseEntity addNewRoleInExternalSystem = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", + HttpMethod.POST, postEntity, String.class); if (addNewRoleInExternalSystem.getStatusCode().value() == 201) { logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: Finished adding into External Auth system for POST: {} and status code: {}", addNewRole, addNewRoleInExternalSystem.getStatusCode().value()); } - }catch(HttpClientErrorException ht){ - dataAccessService.deleteDomainObjects(EPRole.class, " role_id = "+ newRole.get(0).getId(), null); - logger.error(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: Failed to add in External Auth system and status code: {}", - ht); + } catch (HttpClientErrorException ht) { + dataAccessService.deleteDomainObjects(EPRole.class, " role_id = " + newRole.get(0).getId(), null); + logger.error(EELFLoggerDelegate.debugLogger, + "addNewRoleInExternalSystem: Failed to add in External Auth system and status code: {}", ht); throw new HttpClientErrorException(ht.getStatusCode()); } } @@ -768,8 +747,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * * It updates existing role in the External Auth System * - * @param addRole - * It Contains role information + * @param addRole It Contains role information * @param app * @return string which is formatted to match with the external auth system * @throws JsonProcessingException @@ -778,14 +756,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic ObjectMapper mapper = new ObjectMapper(); String addNewRole = ""; ExternalAccessRole extRole = new ExternalAccessRole(); - extRole.setName(app.getNameSpace() + "." + addRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRole.setName(app.getNameSpace() + "." + addRole.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); extRole.setDescription(String.valueOf(addRole.getName())); addNewRole = mapper.writeValueAsString(extRole); return addNewRole; } /** - * It create a role in the external auth system and then in our local + * It create a role in the external auth system and then in our local * * @param addRoleInDB * @param app @@ -794,7 +773,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic */ @SuppressWarnings("unchecked") @Transactional(rollbackFor = Exception.class) - public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception { + public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception { boolean result = false; EPRole epRole = null; Set roleFunctionList = addRoleInDB.getRoleFunctions(); @@ -823,24 +802,28 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } dataAccessService.saveDomainObject(epRoleNew, null); List getRoleCreated = null; - final Map epAppRoleParams = new HashMap<>(); - final Map epAppPortalRoleParams = new HashMap<>(); + final Map epAppRoleParams = new HashMap<>(); + final Map epAppPortalRoleParams = new HashMap<>(); if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { epAppRoleParams.put("appId", String.valueOf(app.getId())); epAppRoleParams.put(APP_ROLE_NAME_PARAM, addRoleInDB.getName()); - List roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null); + List roleCreated = dataAccessService + .executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null); EPRole epUpdateRole = roleCreated.get(0); epUpdateRole.setAppRoleId(epUpdateRole.getId()); dataAccessService.saveDomainObject(epUpdateRole, null); - getRoleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null); + getRoleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, + epAppRoleParams, null); } else { epAppPortalRoleParams.put(APP_ROLE_NAME_PARAM, addRoleInDB.getName()); - getRoleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, epAppPortalRoleParams, null); + getRoleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, + epAppPortalRoleParams, null); } // Add role in External Auth system if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { addNewRoleInExternalSystem(getRoleCreated, app); } + result = true; } else { // if role already exists then update it EPRole globalRole = null; List applicationRoles; @@ -903,20 +886,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * * @param checkRole * @param app - * @throws Exception - * If role exits + * @throws Exception If role exits */ private void checkIfRoleExitsInExternalSystem(Role checkRole, EPApp app) throws Exception { getNameSpaceIfExists(app); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - String roleName = app.getNameSpace() + "." + checkRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); + String roleName = app.getNameSpace() + "." + checkRole.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); HttpEntity checkRoleEntity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, "checkIfRoleExitsInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + logger.debug(EELFLoggerDelegate.debugLogger, "checkIfRoleExitsInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); ResponseEntity checkRoleInExternalSystem = template .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "roles/" + roleName, HttpMethod.GET, checkRoleEntity, String.class); if (!checkRoleInExternalSystem.getBody().equals(IS_EMPTY_JSON_STRING)) { - logger.debug("checkIfRoleExitsInExternalSystem: Role already exists in external system {} and status code: {} ", checkRoleInExternalSystem.getBody(), checkRoleInExternalSystem.getStatusCode().value()); + logger.debug( + "checkIfRoleExitsInExternalSystem: Role already exists in external system {} and status code: {} ", + checkRoleInExternalSystem.getBody(), checkRoleInExternalSystem.getStatusCode().value()); throw new ExternalAuthSystemException(" Role already exists in external system"); } } @@ -930,10 +916,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @throws Exception */ @SuppressWarnings("unchecked") - private void saveRoleFunction(List roleFunctionListNew, EPApp app, List applicationRoles ,Long roleAppId) - throws Exception { - final Map getAppFunctionParams = new HashMap<>(); - + private void saveRoleFunction(List roleFunctionListNew, EPApp app, List applicationRoles, + Long roleAppId) throws Exception { + final Map getAppFunctionParams = new HashMap<>(); for (RoleFunction roleFunc : roleFunctionListNew) { String code = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); EPAppRoleFunction appRoleFunc = new EPAppRoleFunction(); @@ -943,18 +928,18 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic getAppFunctionParams.put("appId", String.valueOf(app.getId())); getAppFunctionParams.put(FUNCTION_CODE_PARAMS, roleFunc.getCode()); // query to check if function code has pipes - List roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, getAppFunctionParams, null); - if(roleFunction.isEmpty()){ + List roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, + getAppFunctionParams, null); + if (roleFunction.isEmpty()) { getAppFunctionParams.put(FUNCTION_CODE_PARAMS, code); roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, getAppFunctionParams, null); } - if(roleFunction.size() > 1){ + if (roleFunction.size() > 1) { CentralV2RoleFunction getExactFunctionCode = appFunctionListFilter(code, roleFunction); appRoleFunc.setCode(getExactFunctionCode.getCode()); - } else{ + } else { appRoleFunc.setCode(roleFunction.get(0).getCode()); } - dataAccessService.saveDomainObject(appRoleFunc, null); } } @@ -965,23 +950,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * * @param roleFunc * @param roleFunction - * @return CentralRoleFunction + * @return CentralRoleFunction */ private CentralV2RoleFunction appFunctionListFilter(String roleFuncCode, List roleFunction) { - final Map appFunctionsFilter = new HashMap<>(); - final Map appFunctionsFilterPipes = new HashMap<>(); + final Map appFunctionsFilter = new HashMap<>(); + final Map appFunctionsFilterPipes = new HashMap<>(); CentralV2RoleFunction getExactFunctionCode = null; - for(CentralV2RoleFunction cenRoleFunction : roleFunction){ + for (CentralV2RoleFunction cenRoleFunction : roleFunction) { appFunctionsFilter.put(cenRoleFunction.getCode(), cenRoleFunction); appFunctionsFilterPipes.put(EcompPortalUtils.getFunctionCode(cenRoleFunction.getCode()), cenRoleFunction); } getExactFunctionCode = appFunctionsFilter.get(roleFuncCode); - if(getExactFunctionCode == null){ + if (getExactFunctionCode == null) { getExactFunctionCode = appFunctionsFilterPipes.get(roleFuncCode); } return getExactFunctionCode; } - + /** * It deletes all EPAppRoleFunction records in the portal * @@ -993,17 +978,18 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map appRoleFuncsParams = new HashMap<>(); appRoleFuncsParams.put("appId", app.getId()); appRoleFuncsParams.put("roleId", role.get(0).getId()); - List appRoleFunctionList = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); + List appRoleFunctionList = dataAccessService + .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); if (!appRoleFunctionList.isEmpty()) { for (EPAppRoleFunction approleFunction : appRoleFunctionList) { dataAccessService.deleteDomainObject(approleFunction, null); } } } - + @Override @SuppressWarnings("unchecked") - public List getUser(String loginId) throws InvalidUserException{ + public List getUser(String loginId) throws InvalidUserException { final Map userParams = new HashMap<>(); userParams.put("org_user_id", loginId); List userList = dataAccessService.executeNamedQuery("getEPUserByOrgUserId", userParams, null); @@ -1050,10 +1036,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic List app = getApp(uebkey); List appRolesList = getAppRoles(app.get(0).getId()); roleList = createCentralRoleObject(app, appRolesList, roleList, params); - if(app.get(0).getId() != PortalConstants.PORTAL_APP_ID){ - List globalRoleList = getGlobalRolesOfApplication(app.get(0).getId()); + if (app.get(0).getId() != PortalConstants.PORTAL_APP_ID) { + List globalRoleList = getGlobalRolesOfApplication(app.get(0).getId()); List globalRolesList = getGlobalRolesOfPortal(); - List portalsGlobalRolesFinlaList = new ArrayList<>(); + List portalsGlobalRolesFinlaList = new ArrayList<>(); if (!globalRolesList.isEmpty()) { for (EPRole eprole : globalRolesList) { CentralV2Role cenRole = convertRoleToCentralV2Role(eprole); @@ -1061,10 +1047,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } roleList.addAll(globalRoleList); for (CentralV2Role role : portalsGlobalRolesFinlaList) { - CentralV2Role result = roleList.stream() - .filter(x -> role.getId().equals(x.getId())).findAny().orElse(null); - if (result == null) - roleList.add(role); + CentralV2Role result = roleList.stream().filter(x -> role.getId().equals(x.getId())).findAny() + .orElse(null); + if (result == null) + roleList.add(role); } } else { for (EPRole role : globalRolesList) { @@ -1088,10 +1074,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic List finalRoleList = new ArrayList<>(); final Map params = new HashMap<>(); params.put(APP_ID, app.getId()); - List getRoleFuncList = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, null); + List getRoleFuncList = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, + null); for (CentralV2RoleFunction roleFuncItem : getRoleFuncList) { String code = EcompPortalUtils.getFunctionCode(roleFuncItem.getCode()); - String type = getFunctionCodeType(roleFuncItem.getCode()); + String type = ""; + if (roleFuncItem.getCode().contains("|")) + type = EcompPortalUtils.getFunctionType(roleFuncItem.getCode()); + else + type = getFunctionCodeType(roleFuncItem.getCode()); String action = getFunctionCodeAction(roleFuncItem.getCode()); roleFuncItem.setCode(EPUserUtils.decodeFunctionCode(code)); roleFuncItem.setType(type); @@ -1101,11 +1092,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return finalRoleList; } - @Override public String getFunctionCodeAction(String roleFuncItem) { - return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" - : EcompPortalUtils.getFunctionAction(roleFuncItem); + return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" : EcompPortalUtils.getFunctionAction(roleFuncItem); } @Override @@ -1114,9 +1103,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if ((roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu")) || (!roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))) { type = "menu"; - } else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem) - ||checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem) - ||checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) { + } else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem) || checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem) + || checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) { type = "url"; } else if (roleFuncItem.contains(FUNCTION_PIPE) && (!roleFuncItem.contains("menu") || roleFuncItem.contains("url"))) { @@ -1135,10 +1123,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private boolean checkIfCodeHasNoPipesAndHasNoTypeUrl(String roleFuncItem) { return !roleFuncItem.contains(FUNCTION_PIPE) && !roleFuncItem.contains("url"); } - + /** * - * It check whether function code has pipes and url string in it + * It check whether function code has pipes and url string in it * * @param roleFuncItem * @return true or false @@ -1149,7 +1137,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic /** * - * It check whether function code has no pipes and has url string in it + * It check whether function code has no pipes and has url string in it * * @param roleFuncItem * @return true or false @@ -1170,7 +1158,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @SuppressWarnings("unchecked") private CentralV2User createEPUser(EPUser userInfo, Set userAppSet, EPApp app) throws Exception { final Map params = new HashMap<>(); - CentralV2User userAppList = new CentralV2User(); + CentralV2User userAppList = new CentralV2User.CentralV2UserBuilder().createCentralV2User(); CentralV2User user1 = null; final Map params1 = new HashMap<>(); List globalRoleList = new ArrayList<>(); @@ -1199,6 +1187,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String.valueOf(epApp.getOpen()), String.valueOf(epApp.getEnabled()), epApp.getThumbnail(), epApp.getUsername(), epApp.getUebKey(), epApp.getUebSecret(), epApp.getUebTopicName()); + cenApp.setAppPassword(EPCommonSystemProperties.APP_DISPLAY_PASSWORD); cua.setApp(cenApp); Long appId = null; if (globalRole.toLowerCase().startsWith("global_") @@ -1241,27 +1230,36 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic userApp.getRole().getName(), userApp.getRole().getActive(), userApp.getRole().getPriority(), roleFunctionSet, null, null); cua.setRole(cenRole); - userAppList.getUserApps().add(cua); } } } - - user1 = new CentralV2User(null, userInfo.getCreated(), userInfo.getModified(), userInfo.getCreatedId(), - userInfo.getModifiedId(), userInfo.getRowNum(), userInfo.getOrgId(), userInfo.getManagerId(), - userInfo.getFirstName(), userInfo.getMiddleInitial(), userInfo.getLastName(), userInfo.getPhone(), - userInfo.getFax(), userInfo.getCellular(), userInfo.getEmail(), userInfo.getAddressId(), - userInfo.getAlertMethodCd(), userInfo.getHrid(), userInfo.getOrgUserId(), userInfo.getOrgCode(), - userInfo.getAddress1(), userInfo.getAddress2(), userInfo.getCity(), userInfo.getState(), - userInfo.getZipCode(), userInfo.getCountry(), userInfo.getOrgManagerUserId(), - userInfo.getLocationClli(), userInfo.getBusinessCountryCode(), userInfo.getBusinessCountryName(), - userInfo.getBusinessUnit(), userInfo.getBusinessUnitName(), userInfo.getDepartment(), - userInfo.getDepartmentName(), userInfo.getCompanyCode(), userInfo.getCompany(), - userInfo.getZipCodeSuffix(), userInfo.getJobTitle(), userInfo.getCommandChain(), - userInfo.getSiloStatus(), userInfo.getCostCenter(), userInfo.getFinancialLocCode(), - userInfo.getLoginId(), userInfo.getLoginPwd(), userInfo.getLastLoginDate(), userInfo.getActive(), - userInfo.getInternal(), userInfo.getSelectedProfileId(), userInfo.getTimeZoneId(), - userInfo.isOnline(), userInfo.getChatId(), userAppList.getUserApps(), null); + user1 = new CentralV2User.CentralV2UserBuilder().setId(null).setCreated(userInfo.getCreated()) + .setModified(userInfo.getModified()).setCreatedId(userInfo.getCreatedId()) + .setModifiedId(userInfo.getModifiedId()).setRowNum(userInfo.getRowNum()) + .setOrgId(userInfo.getOrgId()).setManagerId(userInfo.getManagerId()) + .setFirstName(userInfo.getFirstName()).setMiddleInitial(userInfo.getMiddleInitial()) + .setLastName(userInfo.getLastName()).setPhone(userInfo.getPhone()).setFax(userInfo.getFax()) + .setCellular(userInfo.getCellular()).setEmail(userInfo.getEmail()) + .setAddressId(userInfo.getAddressId()).setAlertMethodCd(userInfo.getAlertMethodCd()) + .setHrid(userInfo.getHrid()).setOrgUserId(userInfo.getOrgUserId()).setOrgCode(userInfo.getOrgCode()) + .setAddress1(userInfo.getAddress1()).setAddress2(userInfo.getAddress2()).setCity(userInfo.getCity()) + .setState(userInfo.getState()).setZipCode(userInfo.getZipCode()).setCountry(userInfo.getCountry()) + .setOrgManagerUserId(userInfo.getOrgManagerUserId()).setLocationClli(userInfo.getLocationClli()) + .setBusinessCountryCode(userInfo.getBusinessCountryCode()) + .setBusinessCountryName(userInfo.getBusinessCountryName()) + .setBusinessUnit(userInfo.getBusinessUnit()).setBusinessUnitName(userInfo.getBusinessUnitName()) + .setDepartment(userInfo.getDepartment()).setDepartmentName(userInfo.getDepartmentName()) + .setCompanyCode(userInfo.getCompanyCode()).setCompany(userInfo.getCompany()) + .setZipCodeSuffix(userInfo.getZipCodeSuffix()).setJobTitle(userInfo.getJobTitle()) + .setCommandChain(userInfo.getCommandChain()).setSiloStatus(userInfo.getSiloStatus()) + .setCostCenter(userInfo.getCostCenter()).setFinancialLocCode(userInfo.getFinancialLocCode()) + .setLoginId(userInfo.getLoginId()).setLoginPwd(userInfo.getLoginPwd()) + .setLastLoginDate(userInfo.getLastLoginDate()).setActive(userInfo.getActive()) + .setInternal(userInfo.getInternal()).setSelectedProfileId(userInfo.getSelectedProfileId()) + .setTimeZoneId(userInfo.getTimeZoneId()).setOnline(userInfo.isOnline()) + .setChatId(userInfo.getChatId()).setUserApps(userAppList.getUserApps()).setPseudoRoles(null) + .createCentralV2User(); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "createEPUser: createEPUser failed", e); throw e; @@ -1300,11 +1298,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (roleList.isEmpty()) { return cenRole; } - } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getRoleInfo: failed", e); throw e; - } return roleList.get(0); } @@ -1314,9 +1310,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic List roleInfo; final Map getPartnerAppRoleParams = new HashMap<>(); getPartnerAppRoleParams.put("appRoleId", roleId); - getPartnerAppRoleParams.put("appId", app.getId()); + getPartnerAppRoleParams.put("appId", app.getId()); roleInfo = dataAccessService.executeNamedQuery("getPartnerAppRoleByRoleId", getPartnerAppRoleParams, null); - if(roleInfo.isEmpty()) { + if (roleInfo.isEmpty()) { getPartnerAppRoleParams.put("appRoleId", roleId); roleInfo = dataAccessService.executeNamedQuery("getPartnerAppRoleById", getPartnerAppRoleParams, null); } @@ -1331,20 +1327,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic roleInfo = dataAccessService.executeNamedQuery("getPortalAppRoleByRoleId", getPortalAppRoleParams, null); return roleInfo; } - + /** * - * It returns list of app roles along with role functions and which went through deep copy + * It returns list of app roles along with role functions and which went through + * deep copy * * @param app * @param roleInfo * @param roleList * @param params * @return - * @throws DecoderException + * @throws DecoderException */ @SuppressWarnings("unchecked") - private List createCentralRoleObject(List app, List roleInfo, + @Override + public List createCentralRoleObject(List app, List roleInfo, List roleList, Map params) throws RoleFunctionException { for (EPRole role : roleInfo) { params.put("roleId", role.getId()); @@ -1382,7 +1380,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @Override public CentralV2RoleFunction getRoleFunction(String functionCode, String uebkey) throws Exception { String code = EcompPortalUtils.getFunctionCode(functionCode); - String encodedCode = encodeFunctionCode(code); + String encodedCode = EcompPortalUtils.encodeFunctionCode(code); CentralV2RoleFunction roleFunc = null; EPApp app = getApp(uebkey).get(0); List getRoleFuncList = null; @@ -1426,29 +1424,30 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String newfunctionTypeFormat = EcompPortalUtils.getFunctionType(functionCodeFormat); String newfunctionActionFormat = EcompPortalUtils.getFunctionAction(functionCodeFormat); roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), newfunctionCodeFormat, - getRoleFuncList.getName(), getRoleFuncList.getAppId(), newfunctionTypeFormat, newfunctionActionFormat, - getRoleFuncList.getEditUrl()); + getRoleFuncList.getName(), getRoleFuncList.getAppId(), newfunctionTypeFormat, + newfunctionActionFormat, getRoleFuncList.getEditUrl()); } else { - roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), functionCodeFormat, - getRoleFuncList.getName(), getRoleFuncList.getAppId(), - getRoleFuncList.getEditUrl()); + roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), functionCodeFormat, getRoleFuncList.getName(), + getRoleFuncList.getAppId(), getRoleFuncList.getEditUrl()); } return roleFunc; } @Override - public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp app) throws Exception { + public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp app) + throws Exception { boolean saveOrUpdateFunction = false; try { - domainCentralRoleFunction.setCode(encodeFunctionCode(domainCentralRoleFunction.getCode())); + if(EcompPortalUtils.checkFunctionCodeHasEncodePattern(domainCentralRoleFunction.getCode())) + domainCentralRoleFunction.setCode(EcompPortalUtils.encodeFunctionCode(domainCentralRoleFunction.getCode())); final Map functionParams = new HashMap<>(); functionParams.put("appId", String.valueOf(app.getId())); - if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { - addRoleFunctionInExternalSystem(domainCentralRoleFunction, app); + if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { + addRoleFunctionInExternalSystem(domainCentralRoleFunction, app); } - if(domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null){ - domainCentralRoleFunction.setCode(domainCentralRoleFunction.getType()+ - FUNCTION_PIPE+domainCentralRoleFunction.getCode()+FUNCTION_PIPE+domainCentralRoleFunction.getAction()); + if (domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null) { + domainCentralRoleFunction.setCode(domainCentralRoleFunction.getType() + FUNCTION_PIPE + + domainCentralRoleFunction.getCode() + FUNCTION_PIPE + domainCentralRoleFunction.getAction()); } domainCentralRoleFunction.setAppId(app.getId()); dataAccessService.saveDomainObject(domainCentralRoleFunction, null); @@ -1459,7 +1458,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return saveOrUpdateFunction; } - + /** * It creates application permission in external auth system * @@ -1471,24 +1470,32 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic throws Exception { ObjectMapper mapper = new ObjectMapper(); ExternalAccessPerms extPerms = new ExternalAccessPerms(); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); String type = ""; String instance = ""; String action = ""; - if((domainCentralRoleFunction.getType()!=null && domainCentralRoleFunction.getAction()!=null) || domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)){ - type = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionType(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getType(); - instance = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionCode(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getCode(); - action = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionAction(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getAction(); - } else{ + if ((domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null) + || domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)) { + type = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) + ? EcompPortalUtils.getFunctionType(domainCentralRoleFunction.getCode()) + : domainCentralRoleFunction.getType(); + instance = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) + ? EcompPortalUtils.getFunctionCode(domainCentralRoleFunction.getCode()) + : domainCentralRoleFunction.getCode(); + action = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) + ? EcompPortalUtils.getFunctionAction(domainCentralRoleFunction.getCode()) + : domainCentralRoleFunction.getAction(); + } else { type = domainCentralRoleFunction.getCode().contains("menu") ? "menu" : "url"; instance = domainCentralRoleFunction.getCode(); - action = "*"; - } + action = "*"; + } // get Permissions from External Auth System JSONArray extPermsList = getExtAuthPermissions(app); List permsDetailList = getExtAuthPerrmissonList(app, extPermsList); - String requestedPerm = type+FUNCTION_PIPE+instance+FUNCTION_PIPE+action; - boolean checkIfFunctionsExits = permsDetailList.stream().anyMatch(permsDetail -> permsDetail.getInstance().equals(requestedPerm)); + String requestedPerm = type + FUNCTION_PIPE + instance + FUNCTION_PIPE + action; + boolean checkIfFunctionsExits = permsDetailList.stream() + .anyMatch(permsDetail -> permsDetail.getInstance().equals(requestedPerm)); if (!checkIfFunctionsExits) { try { extPerms.setAction(action); @@ -1497,18 +1504,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic extPerms.setDescription(domainCentralRoleFunction.getName()); String addFunction = mapper.writeValueAsString(extPerms); HttpEntity entity = new HttpEntity<>(addFunction, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for POST: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction); - ResponseEntity addPermResponse= template.exchange( + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for POST: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction); + ResponseEntity addPermResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm", HttpMethod.POST, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ", addPermResponse.getStatusCode().value(), addFunction); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to add function in external central auth system", e); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ", + addPermResponse.getStatusCode().value(), addFunction); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to add function in external central auth system", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); throw e; - }catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionInExternalSystem: Failed to add fucntion in external central auth system", - e); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleFunctionInExternalSystem: Failed to add fucntion in external central auth system", e); throw e; } } else { @@ -1519,17 +1530,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic extPerms.setDescription(domainCentralRoleFunction.getName()); String updateRoleFunction = mapper.writeValueAsString(extPerms); HttpEntity entity = new HttpEntity<>(updateRoleFunction, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for PUT: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleFunction); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for PUT: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleFunction); ResponseEntity updatePermResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm", HttpMethod.PUT, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: Finished updating permission in External Auth system {} and response: {} ", updateRoleFunction, updatePermResponse.getStatusCode().value()); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to add function in external central auth system", e); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionInExternalSystem: Finished updating permission in External Auth system {} and response: {} ", + updateRoleFunction, updatePermResponse.getStatusCode().value()); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to add function in external central auth system", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); throw e; } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionInExternalSystem: Failed to update function in external central auth system",e); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleFunctionInExternalSystem: Failed to update function in external central auth system", + e); throw e; } } @@ -1561,7 +1578,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * It deletes app function record in portal + * It deletes app function record in portal * * @param code * @param app @@ -1570,10 +1587,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic dataAccessService.deleteDomainObjects(EPAppRoleFunction.class, APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + code + "'", null); } - + /** * - * It deletes permission in the external auth system + * It deletes permission in the external auth system * * @param domainCentralRoleFunction * @param app @@ -1602,8 +1619,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleFunctionInExternalSystem: Finished deleting permission in External Auth system {} and status code: {} ", deleteRoleFunction, delPermResponse.getStatusCode().value()); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to delete functions in External System", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to delete functions in External System", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("404 Not Found")) { @@ -1611,7 +1629,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic " deleteRoleFunctionInExternalSystem: It seems like function is already deleted in external central auth system but exists in local DB", e.getMessage()); } else { - logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleFunctionInExternalSystem: Failed to delete functions in External System", e); + logger.error(EELFLoggerDelegate.errorLogger, + "deleteRoleFunctionInExternalSystem: Failed to delete functions in External System", e); } } } @@ -1628,7 +1647,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic message = e.getMessage(); logger.error(EELFLoggerDelegate.errorLogger, "saveRoleForApplication failed", e); } - return new ExternalRequestFieldsValidator(response,message); + return new ExternalRequestFieldsValidator(response, message); } @SuppressWarnings("unchecked") @@ -1646,7 +1665,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic epRoleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, deleteRoleParams, null); } else { deleteRoleParams.put(APP_ID, String.valueOf(app.getId())); - epRoleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, deleteRoleParams, null); + epRoleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, + deleteRoleParams, null); } if (!epRoleList.isEmpty()) { transaction = localSession.beginTransaction(); @@ -1673,31 +1693,30 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return result; } - + /** * - * It deletes role for application in external auth system + * It deletes role for application in external auth system * * @param epRoleList contains role information - * @param app contains application information + * @param app contains application information * @throws Exception */ private void deleteRoleInExternalAuthSystem(List epRoleList, EPApp app) throws Exception { ResponseEntity deleteResponse; ResponseEntity res = getNameSpaceIfExists(app); if (res.getStatusCode() == HttpStatus.OK) { - // Delete Role in External System - String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}"; - deleteResponse = deleteRoleInExternalSystem(deleteRoleKey); - if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) { - EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode()); - logger.error(EELFLoggerDelegate.errorLogger, - "deleteRoleForApplication: Failed to delete role in external auth system! due to {} ", - deleteResponse.getBody()); - } - logger.debug(EELFLoggerDelegate.debugLogger, - "deleteRoleForApplication: about to commit the transaction"); + // Delete Role in External System + String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}"; + deleteResponse = deleteRoleInExternalSystem(deleteRoleKey); + if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) { + EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode()); + logger.error(EELFLoggerDelegate.errorLogger, + "deleteRoleForApplication: Failed to delete role in external auth system! due to {} ", + deleteResponse.getBody()); + } + logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleForApplication: about to commit the transaction"); } } @@ -1714,35 +1733,41 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity entity = new HttpEntity<>(headers); getNameSpaceIfExists(app); - logger.debug(EELFLoggerDelegate.debugLogger,"deleteUserRoleInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - ResponseEntity getResponse = template - .exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/" - + LoginId - + SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) - + "/" + app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), - HttpMethod.GET, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: Finished GET user roles from External Auth system and response: {} ", getResponse.getBody()); + logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + ResponseEntity getResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/" + + LoginId + + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) + + "/" + app.getNameSpace() + "." + + role.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + HttpMethod.GET, entity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, + "deleteUserRoleInExternalSystem: Finished GET user roles from External Auth system and response: {} ", + getResponse.getBody()); if (getResponse.getStatusCode().value() != 200) { throw new ExternalAuthSystemException(getResponse.getBody()); } String res = getResponse.getBody(); if (!res.equals(IS_EMPTY_JSON_STRING)) { HttpEntity userRoleentity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - ResponseEntity deleteResponse = template - .exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "userRole/" + LoginId - + SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) - + "/" + app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), - HttpMethod.DELETE, userRoleentity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + ResponseEntity deleteResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/" + + LoginId + + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) + + "/" + app.getNameSpace() + "." + + role.getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + HttpMethod.DELETE, userRoleentity, String.class); if (deleteResponse.getStatusCode().value() != 200) { throw new ExternalAuthSystemException("Failed to delete user role"); } - logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: Finished deleting user role in External Auth system and status code: {} ", deleteResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "deleteUserRoleInExternalSystem: Finished deleting user role in External Auth system and status code: {} ", + deleteResponse.getStatusCode().value()); } } @@ -1777,12 +1802,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic throw e; } return roleList; - } @Override @Transactional(rollbackFor = Exception.class) - public ExternalRequestFieldsValidator deleteDependencyRoleRecord(Long roleId, String uebkey, String LoginId) throws Exception { + public ExternalRequestFieldsValidator deleteDependencyRoleRecord(Long roleId, String uebkey, String LoginId) + throws Exception { Session localSession = sessionFactory.openSession(); String message = ""; Transaction transaction = null; @@ -1792,14 +1817,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic transaction = localSession.beginTransaction(); List epRoleList = null; app = getApp(uebkey).get(0); - if(app.getId().equals(PortalConstants.PORTAL_APP_ID)){ + if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { epRoleList = getPortalAppRoleInfo(roleId); - } else{ + } else { epRoleList = getPartnerAppRoleInfo(roleId, app); } - if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { + if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { // Delete User Role in External System before deleting role - deleteUserRoleInExternalSystem(epRoleList.get(0), app, LoginId); + deleteUserRoleInExternalSystem(epRoleList.get(0), app, LoginId); } // Delete user app roles dataAccessService.deleteDomainObjects(EPUserApp.class, @@ -1808,13 +1833,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic deleteRoleDependencyRecords(localSession, epRoleList.get(0).getId(), app.getId(), isPortalRequest); transaction.commit(); if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { - // Final call to delete role once all dependencies has been deleted + // Final call to delete role once all dependencies has been + // deleted deleteRoleInExternalAuthSystem(epRoleList, app); } - dataAccessService.deleteDomainObjects(EPRole.class, " role_id = "+ epRoleList.get(0).getId(), null); + dataAccessService.deleteDomainObjects(EPRole.class, " role_id = " + epRoleList.get(0).getId(), null); logger.debug(EELFLoggerDelegate.debugLogger, "deleteDependencyRoleRecord: committed the transaction"); response = true; - } catch(HttpClientErrorException e){ + } catch (HttpClientErrorException e) { logger.error(EELFLoggerDelegate.errorLogger, "deleteDependencyRoleRecord: HttpClientErrorException", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); message = e.getMessage(); @@ -1826,42 +1852,39 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } finally { localSession.close(); } - return new ExternalRequestFieldsValidator(response,message); + return new ExternalRequestFieldsValidator(response, message); } - + @Override @SuppressWarnings("unchecked") @Transactional public void syncRoleFunctionFromExternalAccessSystem(EPApp app) { try { - // get Permissions from External Auth System JSONArray extPerms = getExtAuthPermissions(app); List permsDetailList = getExtAuthPerrmissonList(app, extPerms); - // get functions in DB final Map params = new HashMap<>(); final Map roleFuncMap = new HashMap<>(); params.put(APP_ID, app.getId()); - List appFunctions = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, - null); + List appFunctions = dataAccessService.executeNamedQuery("getAllRoleFunctions", + params, null); if (!appFunctions.isEmpty()) { for (CentralV2RoleFunction roleFunc : appFunctions) { roleFuncMap.put(roleFunc.getCode(), roleFunc); } } - // get Roles for portal in DB List portalRoleList = getGlobalRolesOfPortal(); final Map existingPortalRolesMap = new HashMap<>(); - for(EPRole epRole : portalRoleList){ - existingPortalRolesMap.put(epRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), epRole); + for (EPRole epRole : portalRoleList) { + existingPortalRolesMap.put(epRole.getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), epRole); } - // get Roles in DB - final Map currentRolesInDB = getCurrentRolesInDB(app); - - // store External Permissions with Pipe and without Pipe (just instance) + final Map currentRolesInDB = getAppRoleNamesWithUnderscoreMap(app); + // store External Permissions with Pipe and without Pipe (just + // instance) final Map extAccessPermsContainsPipeMap = new HashMap<>(); final Map extAccessPermsMap = new HashMap<>(); for (ExternalAccessPermsDetail permsDetailInfoWithPipe : permsDetailList) { @@ -1869,7 +1892,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String finalFunctionCodeVal = EcompPortalUtils.getFunctionCode(permsDetailInfoWithPipe.getInstance()); extAccessPermsMap.put(finalFunctionCodeVal, permsDetailInfoWithPipe); } - // Add if new functions and app role functions were added in // external auth system for (ExternalAccessPermsDetail permsDetail : permsDetailList) { @@ -1881,10 +1903,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (roles != null) { // Check if function has any roles and which does not exist // in External Auth System. If exists delete in local - addRemoveIfFunctionsRolesIsSyncWithExternalAuth(app, currentRolesInDB, roleFunctionList, roles, existingPortalRolesMap); + addRemoveIfFunctionsRolesIsSyncWithExternalAuth(app, currentRolesInDB, roleFunctionList, roles, + existingPortalRolesMap); } } - // Check if function does exits in External Auth System but exits in // local then delete function and its dependencies for (CentralV2RoleFunction roleFunc : appFunctions) { @@ -1900,23 +1922,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "syncRoleFunctionFromExternalAccessSystem: Failed to delete function", e); - } } - logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished syncRoleFunctionFromExternalAccessSystem"); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "syncRoleFunctionFromExternalAccessSystem: Failed syncRoleFunctionFromExternalAccessSystem", e); - } } @SuppressWarnings("unchecked") private void addRemoveIfFunctionsRolesIsSyncWithExternalAuth(EPApp app, final Map currentRolesInDB, - List roleFunctionList, List roles, Map existingPortalRolesMap) - throws Exception { + List roleFunctionList, List roles, + Map existingPortalRolesMap) throws Exception { if (!roleFunctionList.isEmpty()) { final Map appRoleFuncParams = new HashMap<>(); final Map currentAppRoleFunctionsMap = new HashMap<>(); @@ -1930,11 +1949,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), localRole); } for (String addRole : roles) { - currentRolesInExtSystem.put(addRole.substring(addRole.indexOf(FUNCTION_PIPE)+1), addRole); + currentRolesInExtSystem.put(addRole.substring(addRole.indexOf(FUNCTION_PIPE) + 1), addRole); } for (String extAuthrole : roles) { String roleNameSpace = extAuthrole.substring(0, extAuthrole.indexOf(FUNCTION_PIPE)); - boolean isNameSpaceMatching = EcompPortalUtils.checkNameSpaceMatching(roleNameSpace, app.getNameSpace()); + boolean isNameSpaceMatching = EcompPortalUtils.checkNameSpaceMatching(roleNameSpace, + app.getNameSpace()); if (isNameSpaceMatching) { if (!currentAppRoleFunctionsMap .containsKey(extAuthrole.substring(app.getNameSpace().length() + 1))) { @@ -1960,8 +1980,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic EPAppRoleFunction addGlobalRoleFunctions = new EPAppRoleFunction(); params.put("appId", app.getId()); params.put("roleId", role.getId()); - List currentGlobalRoleFunctionsList = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", params, null); - boolean checkIfRoleFunctionExists = currentGlobalRoleFunctionsList.stream().anyMatch(currentGlobalRoleFunction -> currentGlobalRoleFunction.getCode().equals(roleFunctionList.get(0).getCode())); + List currentGlobalRoleFunctionsList = dataAccessService + .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", params, null); + boolean checkIfRoleFunctionExists = currentGlobalRoleFunctionsList.stream() + .anyMatch(currentGlobalRoleFunction -> currentGlobalRoleFunction.getCode() + .equals(roleFunctionList.get(0).getCode())); if (role != null && !checkIfRoleFunctionExists) { addGlobalRoleFunctions.setAppId(app.getId()); addGlobalRoleFunctions.setRoleId(role.getId()); @@ -1990,31 +2013,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private void deleteAppRoleFuncDoesNotExitsInExtSystem(EPApp app, CentralV2RoleFunction roleFunc) { logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleting app role function {}", - roleFunc.getCode()); + "syncRoleFunctionFromExternalAccessSystem: Deleting app role function {}", roleFunc.getCode()); dataAccessService.deleteDomainObjects(EPAppRoleFunction.class, - APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() +"'", null); + APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() + "'", null); logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleted app role function {}", - roleFunc.getCode()); - + "syncRoleFunctionFromExternalAccessSystem: Deleted app role function {}", roleFunc.getCode()); logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleting app function {}", - roleFunc.getCode()); + "syncRoleFunctionFromExternalAccessSystem: Deleting app function {}", roleFunc.getCode()); dataAccessService.deleteDomainObjects(CentralV2RoleFunction.class, - APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() +"'", null); + APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() + "'", null); logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleted app function {}", - roleFunc.getCode()); + "syncRoleFunctionFromExternalAccessSystem: Deleted app function {}", roleFunc.getCode()); } private void checkAndAddRoleInDB(EPApp app, final Map currentRolesInDB, List roleFunctionList, String roleList) throws Exception { - if (!currentRolesInDB.containsKey( - roleList.substring(app.getNameSpace().length() + 1))) { - Role role = addRoleInDBIfDoesNotExists(app, - roleList.substring(app.getNameSpace().length() + 1)); - addIfRoleDescriptionNotExitsInExtSystem(role, app); + if (!currentRolesInDB.containsKey(roleList.substring(app.getNameSpace().length() + 1))) { + Role role = addRoleInDBIfDoesNotExists(app, roleList.substring(app.getNameSpace().length() + 1)); + addRoleDescriptionInExtSystem(role, app); if (!roleFunctionList.isEmpty()) { try { if (!roleFunctionList.isEmpty()) { @@ -2026,16 +2042,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, - "syncRoleFunctionFromExternalAccessSystem: Failed to save app role function ", - e); + "syncRoleFunctionFromExternalAccessSystem: Failed to save app role function ", e); } } } } @SuppressWarnings("unchecked") - private List addGetLocalFunction(EPApp app, final Map roleFuncMap, - ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey) { + private List addGetLocalFunction(EPApp app, + final Map roleFuncMap, ExternalAccessPermsDetail permsDetail, String code, + CentralV2RoleFunction getFunctionCodeKey) { String finalFunctionCodeVal = addToLocalIfFunctionNotExists(app, roleFuncMap, permsDetail, code, getFunctionCodeKey); final Map appSyncFuncsParams = new HashMap<>(); @@ -2053,9 +2069,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } private String addToLocalIfFunctionNotExists(EPApp app, final Map roleFuncMap, - ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey - ) { - String finalFunctionCodeVal = ""; + ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey) { + String finalFunctionCodeVal = ""; if (null == getFunctionCodeKey) { finalFunctionCodeVal = EcompPortalUtils.getFunctionCode(permsDetail.getInstance()); CentralV2RoleFunction checkIfCodeStillExits = roleFuncMap.get(finalFunctionCodeVal); @@ -2073,7 +2088,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @SuppressWarnings("unchecked") @Override - public Map getCurrentRolesInDB(EPApp app) { + public Map getAppRoleNamesWithUnderscoreMap(EPApp app) { final Map currentRolesInDB = new HashMap<>(); List getCurrentRoleList = null; final Map appParams = new HashMap<>(); @@ -2090,8 +2105,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return currentRolesInDB; } - private List getExtAuthPerrmissonList(EPApp app, JSONArray extPerms) - throws IOException{ + @SuppressWarnings("unchecked") + private Map getAppRoleNamesMap(EPApp app) { + final Map currentRolesInDB = new HashMap<>(); + List getCurrentRoleList = null; + final Map appParams = new HashMap<>(); + if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { + getCurrentRoleList = dataAccessService.executeNamedQuery("getPortalAppRolesList", null, null); + } else { + appParams.put("appId", app.getId()); + getCurrentRoleList = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null); + } + for (EPRole role : getCurrentRoleList) { + currentRolesInDB.put(role.getName(), role); + } + return currentRolesInDB; + } + + private List getExtAuthPerrmissonList(EPApp app, JSONArray extPerms) throws IOException { ExternalAccessPermsDetail permDetails = null; List permsDetailList = new ArrayList<>(); for (int i = 0; i < extPerms.length(); i++) { @@ -2099,8 +2130,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (extPerms.getJSONObject(i).has("description")) { description = extPerms.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); } else { - description = extPerms.getJSONObject(i).getString("type")+"|"+extPerms.getJSONObject(i).getString("instance") - +"|"+extPerms.getJSONObject(i).getString("action"); + description = extPerms.getJSONObject(i).getString("type").substring(app.getNameSpace().length() + 1) + "|" + + extPerms.getJSONObject(i).getString("instance") + "|" + + extPerms.getJSONObject(i).getString("action"); } if (extPerms.getJSONObject(i).has("roles")) { ObjectMapper rolesListMapper = new ObjectMapper(); @@ -2131,10 +2163,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpEntity entity = new HttpEntity<>(headers); logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: {} ", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - response = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "perms/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); - + response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "perms/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); String res = response.getBody(); logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished GET permissions from External Auth system and response: {} ", @@ -2149,7 +2179,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return extPerms; } - + /** * * Add function into local DB @@ -2159,13 +2189,13 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param code */ private void addFunctionInEcompDB(EPApp app, ExternalAccessPermsDetail permsDetail, String code) { - try{ - CentralV2RoleFunction addFunction = new CentralV2RoleFunction(); - addFunction.setAppId(app.getId()); - addFunction.setCode(code); - addFunction.setName(permsDetail.getDescription()); - dataAccessService.saveDomainObject(addFunction, null); - } catch(Exception e){ + try { + CentralV2RoleFunction addFunction = new CentralV2RoleFunction(); + addFunction.setAppId(app.getId()); + addFunction.setCode(code); + addFunction.setName(permsDetail.getDescription()); + dataAccessService.saveDomainObject(addFunction, null); + } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "addFunctionInEcompDB: Failed to add function", e); } } @@ -2178,27 +2208,30 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param app * @throws Exception */ - private void addIfRoleDescriptionNotExitsInExtSystem(Role role, EPApp app) throws Exception { - String addRoleNew = updateExistingRoleInExternalSystem(role, app); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + private boolean addRoleDescriptionInExtSystem(Role role, EPApp app) throws Exception { + boolean status = false; try { + String addRoleNew = updateExistingRoleInExternalSystem(role, app); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity entity = new HttpEntity<>(addRoleNew, headers); template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", HttpMethod.PUT, entity, String.class); + status = true; } catch (HttpClientErrorException e) { - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addIfRoleDescriptionNotExitsInExtSystem", - e); + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to addRoleDescriptionInExtSystem", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addIfRoleDescriptionNotExitsInExtSystem: Failed", - e); + logger.error(EELFLoggerDelegate.errorLogger, "addRoleDescriptionInExtSystem: Failed", e); } + return status; } /** * - * While sync functions form external auth system if new role found we should add in local and return Role.class object + * While sync functions form external auth system if new role found we should + * add in local and return Role.class object * * @param app * @param role @@ -2208,7 +2241,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private Role addRoleInDBIfDoesNotExists(EPApp app, String role) { Role setNewRole = new Role(); try { - // functions can have new role created in External Auth System prevent + // functions can have new role created in External Auth System + // prevent // duplication here boolean isCreated = checkIfRoleExitsElseCreateInSyncFunctions(role, app); final Map getRoleByNameParams = new HashMap<>(); @@ -2251,8 +2285,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic roleParams.put(APP_ROLE_NAME_PARAM, role); List roleCreated = null; if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, - null); + roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null); } else { roleParams.put("appId", String.valueOf(app.getId())); roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, roleParams, @@ -2289,7 +2322,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic addRoleFunctionInExternalSystem(cenRoleFunc, app); functionsAdded++; } - } catch(HttpClientErrorException e){ + } catch (HttpClientErrorException e) { logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadFunctions failed", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { @@ -2367,14 +2400,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", HttpMethod.POST, entity, String.class); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addRoleInExternalSystem", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addRoleInExternalSystem", + e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("409 Conflict")) { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleInExternalSystem: Role already exits but does not break functionality", e); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleInExternalSystem: Role already exits but does not break functionality", e); } else { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleInExternalSystem: Failed to addRoleInExternalSystem", e.getMessage()); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleInExternalSystem: Failed to addRoleInExternalSystem", e.getMessage()); } } } @@ -2398,15 +2434,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } } - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRolesFunctions: failed", e); } return roleFunctions; } - + /** * Its adding a role function while doing bulk upload * @@ -2418,14 +2455,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String type = ""; String instance = ""; String action = ""; - if(addRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)){ - type = EcompPortalUtils.getFunctionType(addRoleFunc.getFunctionCd()); + if (addRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) { + type = EcompPortalUtils.getFunctionType(addRoleFunc.getFunctionCd()); instance = EcompPortalUtils.getFunctionCode(addRoleFunc.getFunctionCd()); action = EcompPortalUtils.getFunctionAction(addRoleFunc.getFunctionCd()); - } else{ + } else { type = addRoleFunc.getFunctionCd().contains("menu") ? "menu" : "url"; instance = addRoleFunc.getFunctionCd(); - action = "*"; + action = "*"; } ExternalAccessRolePerms extRolePerms = null; ExternalAccessPerms extPerms = null; @@ -2434,8 +2471,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, instance, action, addRoleFunc.getFunctionName()); - extRolePerms = new ExternalAccessRolePerms(extPerms, - app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRolePerms = new ExternalAccessRolePerms(extPerms, app.getNameSpace() + "." + role.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String updateRolePerms = mapper.writeValueAsString(extRolePerms); HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); template.exchange( @@ -2444,10 +2481,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("409 Conflict")) { logger.error(EELFLoggerDelegate.errorLogger, - "addRoleFunctionsInExternalSystem: RoleFunction already exits but does not break functionality", e); + "addRoleFunctionsInExternalSystem: RoleFunction already exits but does not break functionality", + e); } else { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsInExternalSystem: Failed to addRoleFunctionsInExternalSystem", - e.getMessage()); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleFunctionsInExternalSystem: Failed to addRoleFunctionsInExternalSystem", e.getMessage()); } } } @@ -2467,7 +2505,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic functionsAdded++; } } catch (HttpClientErrorException e) { - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadPartnerFunctions failed", e); + logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadPartnerFunctions failed", + e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerFunctions: failed", e.getMessage(), e); @@ -2517,7 +2556,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic "addFunctionInExternalSystem: Failed to add fucntion in external central auth system", e); throw e; } - } + } @Override public void bulkUploadPartnerRoles(String uebkey, List roleList) throws Exception { @@ -2537,8 +2576,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic try { for (EPRole role : roles) { params.put("roleId", role.getId()); - List appRoleFunc = dataAccessService.executeNamedQuery("uploadPartnerRoleFunctions", - params, null); + List appRoleFunc = dataAccessService + .executeNamedQuery("uploadPartnerRoleFunctions", params, null); if (!appRoleFunc.isEmpty()) { for (BulkUploadRoleFunction addRoleFunc : appRoleFunc) { addRoleFunctionsInExternalSystem(addRoleFunc, role, app); @@ -2547,11 +2586,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } // upload global role functions to ext auth system - if(!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { + if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { roleFunctions = bulkUploadGlobalRoleFunctions(app, roleFunctions); } - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRolesFunctions: failed", e); @@ -2585,8 +2625,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic action = "*"; } extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, instance, action); - extRolePerms = new ExternalAccessRolePerms(extPerms, portalApp.getNameSpace() + "." + globalRoleFunc.getRoleName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRolePerms = new ExternalAccessRolePerms(extPerms, + portalApp.getNameSpace() + "." + globalRoleFunc.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String updateRolePerms = mapper.writeValueAsString(extRolePerms); HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); updateRoleFunctionInExternalSystem(updateRolePerms, entity); @@ -2610,54 +2651,44 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic public void syncApplicationRolesWithEcompDB(EPApp app) { try { logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Started"); - //Sync functions and roles assigned to it which also creates new roles if does not exits in portal + // Sync functions and roles assigned to it which also creates new roles if does + // not exits in portal syncRoleFunctionFromExternalAccessSystem(app); - logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished"); - + logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished"); ObjectMapper mapper = new ObjectMapper(); logger.debug(EELFLoggerDelegate.debugLogger, "Entering to getAppRolesJSONFromExtAuthSystem"); // Get Permissions from External Auth System JSONArray extRole = getAppRolesJSONFromExtAuthSystem(app); - logger.debug(EELFLoggerDelegate.debugLogger, "Entering into getExternalRoleDetailsList"); - //refactoring done - List externalRoleDetailsList = getExternalRoleDetailsList(app, - mapper, extRole); - + // refactoring done + List externalRoleDetailsList = getExternalRoleDetailsList(app, mapper, extRole); List finalRoleList = new ArrayList<>(); for (ExternalRoleDetails externalRole : externalRoleDetailsList) { EPRole ecompRole = convertExternalRoleDetailstoEpRole(externalRole); finalRoleList.add(ecompRole); } - List applicationRolesList; applicationRolesList = getAppRoles(app.getId()); List applicationRoleIdList = new ArrayList<>(); for (EPRole applicationRole : applicationRolesList) { - applicationRoleIdList.add(applicationRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + applicationRoleIdList.add(applicationRole.getName()); } - List roleListToBeAddInEcompDB = new ArrayList<>(); for (EPRole aafRole : finalRoleList) { if (!applicationRoleIdList.contains(aafRole.getName())) { roleListToBeAddInEcompDB.add(aafRole); } } - logger.debug(EELFLoggerDelegate.debugLogger, "Entering into inactiveRolesNotInExternalAuthSystem"); // Check if roles exits in external Access system and if not make inactive in DB inactiveRolesNotInExternalAuthSystem(app, finalRoleList, applicationRolesList); - - logger.debug(EELFLoggerDelegate.debugLogger, "Entering into checkAndUpdateRoleInDB"); - // It checks properties in the external auth system app role description and updates role in local - checkAndUpdateRoleInDB(app, finalRoleList); - logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addNewRoleInEcompDBUpdateDescInExtAuthSystem"); - // Add new roles in DB and updates role description in External Auth System + // Add new roles in DB and updates role description in External Auth System addNewRoleInEcompDBUpdateDescInExtAuthSystem(app, roleListToBeAddInEcompDB); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished"); } catch (HttpClientErrorException e) { - logger.error(EELFLoggerDelegate.errorLogger, "syncApplicationRolesWithEcompDB: Failed due to the External Auth System", e); + logger.error(EELFLoggerDelegate.errorLogger, + "syncApplicationRolesWithEcompDB: Failed due to the External Auth System", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "syncApplicationRolesWithEcompDB: Failed ", e); @@ -2686,14 +2717,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map globalRoleParams = new HashMap<>(); globalRoleParams.put("appId", String.valueOf(app.getId())); globalRoleParams.put("appRoleName", roleToBeAddedInEcompDB.getName()); - getRoleCreatedInSync = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, globalRoleParams, null); + getRoleCreatedInSync = dataAccessService + .executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, globalRoleParams, null); EPRole epUpdateRole = getRoleCreatedInSync.get(0); epUpdateRole.setAppRoleId(epUpdateRole.getId()); dataAccessService.saveDomainObject(epUpdateRole, null); } List roleList = new ArrayList<>(); final Map params = new HashMap<>(); - params.put(APP_ROLE_NAME_PARAM, roleToBeAddedInEcompDB.getName()); boolean isPortalRole = false; if (app.getId() == 1) { @@ -2702,7 +2733,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { isPortalRole = false; params.put(APP_ID, app.getId().toString()); - roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, params, null); + roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, params, + null); } EPRole role = roleList.get(0); Role aaFrole = new Role(); @@ -2720,56 +2752,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic /** * - * It checks description in External Auth System if found any changes updates in DB - * - * @param app - * @param finalRoleList contains list of External Auth System roles list which is converted to EPRole - */ - @SuppressWarnings("unchecked") - private void checkAndUpdateRoleInDB(EPApp app, List finalRoleList) { - for (EPRole roleItem : finalRoleList) { - final Map roleParams = new HashMap<>(); - List currentList = null; - roleParams.put(APP_ROLE_NAME_PARAM, roleItem.getName()); - if (app.getId() == 1) { - currentList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null); - } else { - roleParams.put(APP_ID, app.getId().toString()); - currentList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, roleParams, null); - } - - if (!currentList.isEmpty()) { - try { - Boolean aafRoleActive; - Boolean localRoleActive; - boolean result; - aafRoleActive = Boolean.valueOf(roleItem.getActive()); - localRoleActive = Boolean.valueOf(currentList.get(0).getActive()); - result = aafRoleActive.equals(localRoleActive); - EPRole updateRole = currentList.get(0); - - if (!result) { - updateRole.setActive(roleItem.getActive()); - dataAccessService.saveDomainObject(updateRole, null); - } - if (roleItem.getPriority() != null - && !currentList.get(0).getPriority().equals(roleItem.getPriority())) { - updateRole.setPriority(roleItem.getPriority()); - dataAccessService.saveDomainObject(updateRole, null); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, - "syncApplicationRolesWithEcompDB: Failed to update role ", e); - } - } - } - } - /** - * - * It de-activates application roles in DB if not present in External Auth system + * It de-activates application roles in DB if not present in External Auth + * system * * @param app - * @param finalRoleList contains list of current roles present in External Auth System + * @param finalRoleList contains list of current roles present in + * External Auth System * @param applicationRolesList contains list of current roles present in DB */ @SuppressWarnings("unchecked") @@ -2789,9 +2777,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic roleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, extRoleParams, null); } else { extRoleParams.put(APP_ID, app.getId().toString()); - roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, extRoleParams, null); + roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, + extRoleParams, null); } - if(!roleList.isEmpty()) { + if (!roleList.isEmpty()) { EPRole updateRoleInactive = roleList.get(0); updateRoleInactive.setActive(false); dataAccessService.saveDomainObject(updateRoleInactive, null); @@ -2803,22 +2792,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } } - + @Override @SuppressWarnings("unchecked") - public List getExternalRoleDetailsList(EPApp app, - ObjectMapper mapper, JSONArray extRole) + public List getExternalRoleDetailsList(EPApp app, ObjectMapper mapper, JSONArray extRole) throws IOException { List externalRoleDetailsList = new ArrayList<>(); ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms(); List functionCodelist = new ArrayList<>(); - Map curRolesMap = getCurrentRolesInDB(app); + Map curRolesMap = getAppRoleNamesMap(app); + Map curRolesUnderscoreMap = getAppRoleNamesWithUnderscoreMap(app); for (int i = 0; i < extRole.length(); i++) { ExternalRoleDetails externalRoleDetail = new ExternalRoleDetails(); EPAppRoleFunction ePAppRoleFunction = new EPAppRoleFunction(); JSONObject Role = (JSONObject) extRole.get(i); String name = extRole.getJSONObject(i).getString(ROLE_NAME); - String actualRoleName = name.substring(app.getNameSpace().length() + 1); + String actualRoleName = name.substring(app.getNameSpace().length() + 1); if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) { actualRoleName = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); } @@ -2836,7 +2825,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic functionCodelist.add(ePAppRoleFunction.getCode()); externalAccessPermsOfRole.add(externalAccessPerms); } - } } externalRoleDetail.setActive(true); @@ -2846,18 +2834,19 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { externalRoleDetail.setAppId(app.getId()); } - // get role functions from DB - EPRole currRole = curRolesMap.get(actualRoleName - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + EPRole currRole = null; + currRole = (!extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) + ? curRolesUnderscoreMap.get(actualRoleName) + : curRolesMap.get(actualRoleName); Long roleId = null; if (currRole != null) roleId = currRole.getId(); - // get role functions from DB final Map roleFunctionsMap = new HashMap<>(); final Map appRoleFuncsParams = new HashMap<>(); if (roleId != null) { appRoleFuncsParams.put("appId", app.getId()); appRoleFuncsParams.put("roleId", roleId); + // get role functions from DB List appRoleFunctions = dataAccessService .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); if (!appRoleFunctions.isEmpty()) { @@ -2918,9 +2907,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpEntity entity = new HttpEntity<>(headers); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: {} ", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - response = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "roles/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); + response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "roles/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); String res = response.getBody(); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :", @@ -2934,31 +2922,28 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic && !app.getId().equals(PortalConstants.PORTAL_APP_ID))) { extRole.remove(i); i--; - } + } } return extRole; } - + @Override - public JSONArray getAllUsersByRole(String roleName) throws Exception{ + public JSONArray getAllUsersByRole(String roleName) throws Exception { ResponseEntity response = null; HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity entity = new HttpEntity<>(headers); logger.debug(EELFLoggerDelegate.debugLogger, "getAllUsersByRole: {} ", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - response = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "userRoles/role/" + roleName, HttpMethod.GET, entity, String.class); + response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "userRoles/role/" + roleName, HttpMethod.GET, entity, String.class); String res = response.getBody(); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :", res); - if(res == null || res.trim().isEmpty()) + if (res == null || res.trim().isEmpty()) return null; - JSONObject jsonObj = new JSONObject(res); JSONArray extRole = jsonObj.getJSONArray("userRole"); - return extRole; } @@ -2990,7 +2975,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (app.getCentralAuth()) { userRolesList = dataAccessService.executeNamedQuery("getBulkUserRoles", params, null); for (BulkUploadUserRoles userRolesUpload : userRolesList) { - if(!userRolesUpload.getOrgUserId().equals("su1234")){ + if (!userRolesUpload.getOrgUserId().equals("su1234")) { addUserRoleInExternalSystem(userRolesUpload); userRolesAdded++; } @@ -3000,7 +2985,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * Its adding a user role in external auth system while doing bulk upload + * Its adding a user role in external auth system while doing bulk upload * * @param userRolesUpload */ @@ -3014,90 +2999,86 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); } ExternalAccessUser extUser = new ExternalAccessUser(name, - userRolesUpload.getAppNameSpace() + "." + userRolesUpload.getRoleName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + userRolesUpload.getAppNameSpace() + "." + userRolesUpload.getRoleName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String userRole = mapper.writeValueAsString(extUser); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity entity = new HttpEntity<>(userRole, headers); template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole", HttpMethod.POST, entity, String.class); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addUserRoleInExternalSystem", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to addUserRoleInExternalSystem", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("409 Conflict")) { - logger.error(EELFLoggerDelegate.errorLogger, "addUserRoleInExternalSystem: UserRole already exits but does not break functionality"); + logger.error(EELFLoggerDelegate.errorLogger, + "addUserRoleInExternalSystem: UserRole already exits but does not break functionality"); } else { - logger.error(EELFLoggerDelegate.errorLogger, "addUserRoleInExternalSystem: Failed to addUserRoleInExternalSystem", e); + logger.error(EELFLoggerDelegate.errorLogger, + "addUserRoleInExternalSystem: Failed to addUserRoleInExternalSystem", e); } } } @Override - public void deleteRoleDependencyRecords(Session localSession, Long roleId, Long appId, boolean isPortalRequest) throws Exception { + public void deleteRoleDependencyRecords(Session localSession, Long roleId, Long appId, boolean isPortalRequest) + throws Exception { try { - String sql = ""; + String sql = ""; Query query = null; - - //It should delete only when it portal's roleId - if(appId.equals(PortalConstants.PORTAL_APP_ID)){ - // Delete from fn_role_function - sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - - // Delete from fn_role_composite - sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); + // It should delete only when it portal's roleId + if (appId.equals(PortalConstants.PORTAL_APP_ID)) { + // Delete from fn_role_function + sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete from fn_role_composite + sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); } - // Delete from ep_app_role_function sql = "DELETE FROM ep_app_role_function WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete from ep_role_notification sql = "DELETE FROM ep_role_notification WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete from fn_user_pseudo_role sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete form EP_WIDGET_CATALOG_ROLE sql = "DELETE FROM EP_WIDGET_CATALOG_ROLE WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete form EP_WIDGET_CATALOG_ROLE sql = "DELETE FROM ep_user_roles_request_det WHERE requested_role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - - if(!isPortalRequest) { + if (!isPortalRequest) { // Delete form fn_menu_functional_roles sql = "DELETE FROM fn_menu_functional_roles WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); - query.executeUpdate(); + query.executeUpdate(); } } catch (Exception e) { logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleDependeciesRecord: failed ", e); throw new DeleteDomainObjectFailedException("delete Failed" + e.getMessage()); } - } - + @SuppressWarnings("unchecked") @Override public List getMenuFunctionsList(String uebkey) throws Exception { @@ -3108,8 +3089,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map appParams = new HashMap<>(); appParams.put(APP_ID, app.getId()); appMenuFunctionsList = dataAccessService.executeNamedQuery("getMenuFunctions", appParams, null); - for(String appMenuFunction : appMenuFunctionsList) { - if(appMenuFunction.contains(FUNCTION_PIPE)) { + for (String appMenuFunction : appMenuFunctionsList) { + if (appMenuFunction.contains(FUNCTION_PIPE)) { appMenuFunctionsFinalList.add(EcompPortalUtils.getFunctionCode(appMenuFunction)); } else { appMenuFunctionsFinalList.add(appMenuFunction); @@ -3122,98 +3103,91 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return appMenuFunctionsFinalList; } - @SuppressWarnings({ "unchecked"}) + @SuppressWarnings({ "unchecked" }) @Override public List getAllAppUsers(String uebkey) throws Exception { List usersList = new ArrayList<>(); - List usersfinalList = new ArrayList<>(); - try { - EPApp app = getApp(uebkey).get(0); - final Map appParams = new HashMap<>(); - appParams.put("appId", app.getId()); - List userList = (List) dataAccessService - .executeNamedQuery("ApplicationUserRoles", appParams, null); - for (EcompUserRoles ecompUserRole : userList) { - boolean found = false; - Set roles = null; - for (EcompUser user : usersfinalList) { - if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) { - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(ecompUserRole.getRoleId()); - ecompRole.setName(ecompUserRole.getRoleName()); - roles = user.getRoles(); - EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName())).findAny() - .orElse(null); - SortedSet roleFunctionSet = new TreeSet<>(); - if(role != null) - { - roleFunctionSet = (SortedSet) role.getRoleFunctions(); - } - - String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); - functionCode = EPUserUtils.decodeFunctionCode(functionCode); - EcompRoleFunction epRoleFunction = new EcompRoleFunction(); - epRoleFunction.setName(ecompUserRole.getFunctionName()); - epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); - epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); - epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); - roleFunctionSet.add(epRoleFunction); - ecompRole.setRoleFunctions(roleFunctionSet); - roles.add(ecompRole); - user.setRoles(roles); - found = true; - break; - } - } - - if (!found) { - EcompUser epUser = new EcompUser(); - epUser.setOrgId(ecompUserRole.getOrgId()); - epUser.setManagerId(ecompUserRole.getManagerId()); - epUser.setFirstName(ecompUserRole.getFirstName()); - epUser.setLastName(ecompUserRole.getLastName()); - epUser.setPhone(ecompUserRole.getPhone()); - epUser.setEmail(ecompUserRole.getEmail()); - epUser.setOrgUserId(ecompUserRole.getOrgUserId()); - epUser.setOrgCode(ecompUserRole.getOrgCode()); - epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId()); - epUser.setJobTitle(ecompUserRole.getJobTitle()); - epUser.setLoginId(ecompUserRole.getLoginId()); - epUser.setActive(true); - roles = new HashSet<>(); - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(ecompUserRole.getRoleId()); - ecompRole.setName(ecompUserRole.getRoleName()); - SortedSet roleFunctionSet = new TreeSet<>(); - - String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); - functionCode = EPUserUtils.decodeFunctionCode(functionCode); - EcompRoleFunction epRoleFunction = new EcompRoleFunction(); - epRoleFunction.setName(ecompUserRole.getFunctionName()); - epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); - epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); - epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); - roleFunctionSet.add(epRoleFunction); - ecompRole.setRoleFunctions(roleFunctionSet); - roles.add(ecompRole); - epUser.setRoles(roles); - usersfinalList.add(epUser); - } - } - ObjectMapper mapper = new ObjectMapper(); - - for (EcompUser u1 : usersfinalList) { - String str = mapper.writeValueAsString(u1); - usersList.add(str); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e); - throw e; - } - return usersfinalList; - - } - + List usersfinalList = new ArrayList<>(); + try { + EPApp app = getApp(uebkey).get(0); + final Map appParams = new HashMap<>(); + appParams.put("appId", app.getId()); + List userList = (List) dataAccessService + .executeNamedQuery("ApplicationUserRoles", appParams, null); + for (EcompUserRoles ecompUserRole : userList) { + boolean found = false; + Set roles = null; + for (EcompUser user : usersfinalList) { + if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) { + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(ecompUserRole.getRoleId()); + ecompRole.setName(ecompUserRole.getRoleName()); + roles = user.getRoles(); + EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName())) + .findAny().orElse(null); + SortedSet roleFunctionSet = new TreeSet<>(); + if (role != null) { + roleFunctionSet = (SortedSet) role.getRoleFunctions(); + } + String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + EcompRoleFunction epRoleFunction = new EcompRoleFunction(); + epRoleFunction.setName(ecompUserRole.getFunctionName()); + epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); + epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); + epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); + roleFunctionSet.add(epRoleFunction); + ecompRole.setRoleFunctions(roleFunctionSet); + roles.add(ecompRole); + user.setRoles(roles); + found = true; + break; + } + } + if (!found) { + EcompUser epUser = new EcompUser(); + epUser.setOrgId(ecompUserRole.getOrgId()); + epUser.setManagerId(ecompUserRole.getManagerId()); + epUser.setFirstName(ecompUserRole.getFirstName()); + epUser.setLastName(ecompUserRole.getLastName()); + epUser.setPhone(ecompUserRole.getPhone()); + epUser.setEmail(ecompUserRole.getEmail()); + epUser.setOrgUserId(ecompUserRole.getOrgUserId()); + epUser.setOrgCode(ecompUserRole.getOrgCode()); + epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId()); + epUser.setJobTitle(ecompUserRole.getJobTitle()); + epUser.setLoginId(ecompUserRole.getLoginId()); + epUser.setActive(true); + roles = new HashSet<>(); + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(ecompUserRole.getRoleId()); + ecompRole.setName(ecompUserRole.getRoleName()); + SortedSet roleFunctionSet = new TreeSet<>(); + String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + EcompRoleFunction epRoleFunction = new EcompRoleFunction(); + epRoleFunction.setName(ecompUserRole.getFunctionName()); + epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); + epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); + epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); + roleFunctionSet.add(epRoleFunction); + ecompRole.setRoleFunctions(roleFunctionSet); + roles.add(ecompRole); + epUser.setRoles(roles); + usersfinalList.add(epUser); + } + } + ObjectMapper mapper = new ObjectMapper(); + for (EcompUser u1 : usersfinalList) { + String str = mapper.writeValueAsString(u1); + usersList.add(str); + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e); + throw e; + } + return usersfinalList; + } @Override public Role ConvertCentralRoleToRole(String result) { @@ -3239,17 +3213,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return newRole; } - + @Override @SuppressWarnings("unchecked") public List getCentralizedAppsOfUser(String userId) { Map params = new HashMap<>(); params.put("userId", userId); List centralizedAppsList = new ArrayList<>(); - try{ - centralizedAppsList = dataAccessService - .executeNamedQuery("getCentralizedAppsOfUser", params, null); - }catch (Exception e) { + try { + centralizedAppsList = dataAccessService.executeNamedQuery("getCentralizedAppsOfUser", params, null); + } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getCentralizedAppsOfUser failed", e); } return centralizedAppsList; @@ -3330,15 +3303,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String type; String action; CentralV2RoleFunction cenRoleFun; - if(role.getFunctionCd().contains(FUNCTION_PIPE)){ + if (role.getFunctionCd().contains(FUNCTION_PIPE)) { instance = EcompPortalUtils.getFunctionCode(role.getFunctionCd()); type = EcompPortalUtils.getFunctionType(role.getFunctionCd()); action = EcompPortalUtils.getFunctionAction(role.getFunctionCd()); cenRoleFun = new CentralV2RoleFunction(null, instance, role.getFunctionName(), null, type, action, null); - } else{ + } else { type = getFunctionCodeType(role.getFunctionCd()); action = getFunctionCodeAction(role.getFunctionCd()); - cenRoleFun = new CentralV2RoleFunction(null, role.getFunctionCd(), role.getFunctionName(), null, type, action, null); + cenRoleFun = new CentralV2RoleFunction(null, role.getFunctionCd(), role.getFunctionName(), null, type, + action, null); } return cenRoleFun; } @@ -3356,28 +3330,27 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } private CentralV2Role convertRoleToCentralV2Role(EPRole role) { - return new CentralV2Role(role.getId(), role.getCreated(), role.getModified(), role.getCreatedId(), + return new CentralV2Role(role.getId(), role.getCreated(), role.getModified(), role.getCreatedId(), role.getModifiedId(), role.getRowNum(), role.getName(), role.getActive(), role.getPriority(), new TreeSet<>(), new TreeSet<>(), new TreeSet<>()); - } - + @Override - public List convertCentralRoleFunctionToRoleFunctionObject(List answer) { + public List convertCentralRoleFunctionToRoleFunctionObject( + List answer) { List addRoleFuncList = new ArrayList<>(); - for(CentralV2RoleFunction cenRoleFunc : answer){ + for (CentralV2RoleFunction cenRoleFunc : answer) { CentralRoleFunction setRoleFunc = new CentralRoleFunction(); setRoleFunc.setCode(cenRoleFunc.getCode()); setRoleFunc.setName(cenRoleFunc.getName()); addRoleFuncList.add(setRoleFunc); - } + } return addRoleFuncList; } @Override public CentralUser getUserRoles(String loginId, String uebkey) throws Exception { CentralUser sendUserRoles = null; - try { CentralV2User cenV2User = getV2UserAppRoles(loginId, uebkey); sendUserRoles = convertV2UserRolesToOlderVersion(cenV2User); @@ -3408,6 +3381,80 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return createEPUser(user, userAppSet, app); } + private List getUserAppRoles(EPApp app, EPUser user) { + final Map userParams = new HashMap<>(); + userParams.put("appId", app.getId()); + userParams.put("userId", user.getId()); + @SuppressWarnings("unchecked") + List userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles", + userParams, null); + List setUserRoles = new ArrayList<>(); + for (EPUserAppCurrentRoles role : userAppsRolesList) { + logger.debug(EELFLoggerDelegate.debugLogger, "In getUserAppRoles()- get userRolename = {}", + role.getRoleName()); + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(role.getRoleId()); + ecompRole.setName(role.getRoleName()); + setUserRoles.add(ecompRole); + } + logger.debug(EELFLoggerDelegate.debugLogger, "In getUserAppRoles()- get userrole list size = {}", + setUserRoles.size()); + return setUserRoles; + } + + @Override + public List missingUserApplicationRoles(String uebkey, String loginId, Set CurrentUserRoles) + throws Exception { + List appList = getApp(uebkey); + EPApp app = appList.get(0); + List epUserList; + epUserList = getUser(loginId); + List missingUserAppRoles = new ArrayList<>(); + List roleNamesList = CurrentUserRoles.stream().map(EcompRole::getName).collect(Collectors.toList()); + logger.debug(EELFLoggerDelegate.debugLogger, "Roles of User from hibernate :" + roleNamesList); + List userApplicationsRolesfromDB = getUserAppRoles(app, epUserList.get(0)); + if (userApplicationsRolesfromDB.size() > 0) { + missingUserAppRoles = userApplicationsRolesfromDB.stream().filter(x -> !roleNamesList.contains(x.getName())) + .collect(Collectors.toList()); + } + List MissingroleNamesList = missingUserAppRoles.stream().map(EcompRole::getName) + .collect(Collectors.toList()); + logger.debug(EELFLoggerDelegate.debugLogger, "MissingUserAppRoles():" + MissingroleNamesList); + + List finalMissingRoleList = new ArrayList<>(); + if (missingUserAppRoles.size() > 0) { + final Map params = new HashMap<>(); + for (EcompRole role : missingUserAppRoles) { + params.put("roleId", role.getId()); + params.put(APP_ID, app.getId()); + + EcompRole epRole = new EcompRole(); + epRole.setId(role.getId()); + epRole.setName(role.getName()); + @SuppressWarnings("unchecked") + List appRoleFunctionList = dataAccessService + .executeNamedQuery("getAppRoleFunctionList", params, null); + SortedSet roleFunctionSet = new TreeSet<>(); + for (CentralV2RoleFunction roleFunc : appRoleFunctionList) { + String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); + String type = getFunctionCodeType(roleFunc.getCode()); + String action = getFunctionCodeAction(roleFunc.getCode()); + EcompRoleFunction fun = new EcompRoleFunction(); + fun.setAction(action); + fun.setCode(functionCode); + fun.setType(type); + fun.setName(roleFunc.getName()); + roleFunctionSet.add(fun); + + } + epRole.setRoleFunctions(roleFunctionSet); + finalMissingRoleList.add(epRole); + } + } + + return finalMissingRoleList; + } + /** * It converts V2 CentralUser object to old version CentralUser object * @@ -3415,56 +3462,68 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @return EPUser object */ private CentralUser convertV2UserRolesToOlderVersion(CentralV2User cenV2User) { - Set userV2Apps = cenV2User.getUserApps(); - Set userApps = new TreeSet<>(); - for(CentralV2UserApp userApp : userV2Apps){ - CentralApp app = userApp.getApp(); - CentralUserApp cua = new CentralUserApp(); - cua.setUserId(null); - cua.setApp(app); - SortedSet cenRoleFunction = new TreeSet<>(); - for(CentralV2RoleFunction cenV2RoleFunc : userApp.getRole().getRoleFunctions() ){ - CentralRoleFunction cenRoleFunc = new CentralRoleFunction(cenV2RoleFunc.getCode(), cenV2RoleFunc.getName()); - cenRoleFunction.add(cenRoleFunc); - } - CentralRole role = new CentralRole(userApp.getRole().getId(), userApp.getRole().getName(), userApp.getRole().getActive(), userApp.getRole().getPriority(), - cenRoleFunction); - cua.setRole(role); - userApps.add(cua); - } - return new CentralUser(cenV2User.getId(), cenV2User.getCreated(), cenV2User.getModified(), - cenV2User.getCreatedId(),cenV2User.getModifiedId(), - cenV2User.getRowNum(), cenV2User.getOrgId(), cenV2User.getManagerId(), cenV2User.getFirstName(), - cenV2User.getMiddleInitial(), cenV2User.getLastName(), cenV2User.getPhone(), cenV2User.getFax(), - cenV2User.getCellular(),cenV2User.getEmail(),cenV2User.getAddressId(),cenV2User.getAlertMethodCd(), - cenV2User.getHrid(),cenV2User.getOrgUserId(),cenV2User.getOrgCode(),cenV2User.getAddress1(), - cenV2User.getAddress2(),cenV2User.getCity(),cenV2User.getState(),cenV2User.getZipCode(),cenV2User.getCountry(), - cenV2User.getOrgManagerUserId(),cenV2User.getLocationClli(),cenV2User.getBusinessCountryCode(), - cenV2User.getBusinessCountryName(),cenV2User.getBusinessUnit(),cenV2User.getBusinessUnitName(), - cenV2User.getDepartment(),cenV2User.getDepartmentName(),cenV2User.getCompanyCode(), - cenV2User.getCompany(),cenV2User.getZipCodeSuffix(),cenV2User.getJobTitle(), - cenV2User.getCommandChain(),cenV2User.getSiloStatus(),cenV2User.getCostCenter(), - cenV2User.getFinancialLocCode(),cenV2User.getLoginId(),cenV2User.getLoginPwd(), - cenV2User.getLastLoginDate(),cenV2User.isActive(),cenV2User.isInternal(),cenV2User.getSelectedProfileId(),cenV2User.getTimeZoneId(), - cenV2User.isOnline(),cenV2User.getChatId(), - userApps); + Set userV2Apps = cenV2User.getUserApps(); + Set userApps = new TreeSet<>(); + for (CentralV2UserApp userApp : userV2Apps) { + CentralApp app = userApp.getApp(); + CentralUserApp cua = new CentralUserApp(); + cua.setUserId(null); + cua.setApp(app); + SortedSet cenRoleFunction = new TreeSet<>(); + for (CentralV2RoleFunction cenV2RoleFunc : userApp.getRole().getRoleFunctions()) { + CentralRoleFunction cenRoleFunc = new CentralRoleFunction(cenV2RoleFunc.getCode(), + cenV2RoleFunc.getName()); + cenRoleFunction.add(cenRoleFunc); + } + CentralRole role = new CentralRole(userApp.getRole().getId(), userApp.getRole().getName(), + userApp.getRole().getActive(), userApp.getRole().getPriority(), cenRoleFunction); + cua.setRole(role); + userApps.add(cua); + } + return new CentralUser.CentralUserBuilder().setId(cenV2User.getId()).setCreated(cenV2User.getCreated()) + .setModified(cenV2User.getModified()).setCreatedId(cenV2User.getCreatedId()) + .setModifiedId(cenV2User.getModifiedId()).setRowNum(cenV2User.getRowNum()) + .setOrgId(cenV2User.getOrgId()).setManagerId(cenV2User.getManagerId()) + .setFirstName(cenV2User.getFirstName()).setMiddleInitial(cenV2User.getMiddleInitial()) + .setLastName(cenV2User.getLastName()).setPhone(cenV2User.getPhone()).setFax(cenV2User.getFax()) + .setCellular(cenV2User.getCellular()).setEmail(cenV2User.getEmail()) + .setAddressId(cenV2User.getAddressId()).setAlertMethodCd(cenV2User.getAlertMethodCd()) + .setHrid(cenV2User.getHrid()).setOrgUserId(cenV2User.getOrgUserId()).setOrgCode(cenV2User.getOrgCode()) + .setAddress1(cenV2User.getAddress1()).setAddress2(cenV2User.getAddress2()).setCity(cenV2User.getCity()) + .setState(cenV2User.getState()).setZipCode(cenV2User.getZipCode()).setCountry(cenV2User.getCountry()) + .setOrgManagerUserId(cenV2User.getOrgManagerUserId()).setLocationClli(cenV2User.getLocationClli()) + .setBusinessCountryCode(cenV2User.getBusinessCountryCode()) + .setBusinessCountryName(cenV2User.getBusinessCountryName()).setBusinessUnit(cenV2User.getBusinessUnit()) + .setBusinessUnitName(cenV2User.getBusinessUnitName()).setDepartment(cenV2User.getDepartment()) + .setDepartmentName(cenV2User.getDepartmentName()).setCompanyCode(cenV2User.getCompanyCode()) + .setCompany(cenV2User.getCompany()).setZipCodeSuffix(cenV2User.getZipCodeSuffix()) + .setJobTitle(cenV2User.getJobTitle()).setCommandChain(cenV2User.getCommandChain()) + .setSiloStatus(cenV2User.getSiloStatus()).setCostCenter(cenV2User.getCostCenter()) + .setFinancialLocCode(cenV2User.getFinancialLocCode()).setLoginId(cenV2User.getLoginId()) + .setLoginPwd(cenV2User.getLoginPwd()).setLastLoginDate(cenV2User.getLastLoginDate()) + .setActive(cenV2User.isActive()).setInternal(cenV2User.isInternal()) + .setSelectedProfileId(cenV2User.getSelectedProfileId()).setTimeZoneId(cenV2User.getTimeZoneId()) + .setOnline(cenV2User.isOnline()).setChatId(cenV2User.getChatId()).setUserApps(userApps) + .createCentralUser(); } @Override public List convertV2CentralRoleListToOldVerisonCentralRoleList(List v2CenRoleList) { List cenRoleList = new ArrayList<>(); - for(CentralV2Role v2CenRole : v2CenRoleList){ - SortedSet cenRoleFuncList = new TreeSet<>(); - for(CentralV2RoleFunction v2CenRoleFunc: v2CenRole.getRoleFunctions()){ - CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(), v2CenRoleFunc.getName()); - cenRoleFuncList.add(roleFunc); - } - CentralRole role = new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.getActive(), v2CenRole.getPriority(), cenRoleFuncList); - cenRoleList.add(role); - } + for (CentralV2Role v2CenRole : v2CenRoleList) { + SortedSet cenRoleFuncList = new TreeSet<>(); + for (CentralV2RoleFunction v2CenRoleFunc : v2CenRole.getRoleFunctions()) { + CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(), + v2CenRoleFunc.getName()); + cenRoleFuncList.add(roleFunc); + } + CentralRole role = new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.getActive(), + v2CenRole.getPriority(), cenRoleFuncList); + cenRoleList.add(role); + } return cenRoleList; } - + @Override public ResponseEntity getNameSpaceIfExists(EPApp app) throws Exception { HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); @@ -3487,7 +3546,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return response; } - + @Override public CentralRole convertV2CentralRoleToOldVerisonCentralRole(CentralV2Role v2CenRole) { SortedSet cenRoleFuncList = new TreeSet<>(); @@ -3512,29 +3571,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic userRolesList = dataAccessService.executeNamedQuery("getBulkUsersForSingleRole", params, null); for (BulkUploadUserRoles userRolesUpload : userRolesList) { userRolesUpload.setRoleName(modifiedRoleName); - if(!userRolesUpload.getOrgUserId().equals("su1234")){ + if (!userRolesUpload.getOrgUserId().equals("su1234")) { addUserRoleInExternalSystem(userRolesUpload); userRolesAdded++; } } } return userRolesAdded; - } - - @Override - public String encodeFunctionCode(String funCode){ - String encodedString = funCode; - List encodingList = new ArrayList<>(); - encodingList.add(Pattern.compile("/")); - encodingList.add(Pattern.compile("-")); - for (Pattern xssInputPattern : encodingList) { - encodedString = xssInputPattern.matcher(encodedString) - .replaceAll("%" + Hex.encodeHexString(xssInputPattern.toString().getBytes())); - } - encodedString = encodedString.replaceAll("\\*", "%"+ Hex.encodeHexString("*".getBytes())); - return encodedString; - } - + } + @Override public void bulkUploadRoleFunc(UploadRoleFunctionExtSystem data, EPApp app) throws Exception { ObjectMapper mapper = new ObjectMapper(); @@ -3542,18 +3587,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic try { ExternalAccessRolePerms extRolePerms; ExternalAccessPerms extPerms; - extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + data.getType(), encodeFunctionCode(data.getInstance()), data.getAction()); + extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + data.getType(), + EcompPortalUtils.encodeFunctionCode(data.getInstance()), data.getAction()); String appNameSpace = ""; - if(data.getIsGlobalRolePartnerFunc()) { - appNameSpace = epAppService.getApp(1l).getNameSpace(); + if (data.getIsGlobalRolePartnerFunc()) { + appNameSpace = epAppService.getApp(1l).getNameSpace(); } else { - appNameSpace = app.getNameSpace(); + appNameSpace = app.getNameSpace(); } - extRolePerms = new ExternalAccessRolePerms(extPerms, - appNameSpace + "." - + data.getRoleName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, - "_")); + extRolePerms = new ExternalAccessRolePerms(extPerms, appNameSpace + "." + data.getRoleName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String updateRolePerms = mapper.writeValueAsString(extRolePerms); HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); updateRoleFunctionInExternalSystem(updateRolePerms, entity); @@ -3567,7 +3610,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic "addFunctionInExternalSystem: Failed to add role fucntion in external central auth system", e); throw e; } - } private void updateRoleFunctionInExternalSystem(String updateRolePerms, HttpEntity entity) { @@ -3580,7 +3622,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic "bulkUploadRoleFunc: Finished adding permission for POST: {} and status code: {} ", addPermResponse.getStatusCode().value(), updateRolePerms); } - + @Override public void syncApplicationUserRolesFromExtAuthSystem(String loginId) throws Exception { String name = ""; @@ -3641,7 +3683,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (!currentCentralizedUserAppRolesMap.containsKey(extUserRoleDetail.getName())) { CentralizedAppRoles getCenAppRole = cenAppRolesMap.get(extUserRoleDetail.getName()); if (getCenAppRole != null) { - logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Adding user role from external auth system {}", + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Adding user role from external auth system {}", extUserRoleDetail.toString()); EPUserApp userApp = new EPUserApp(); EPApp app = new EPApp(); @@ -3652,14 +3695,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic userApp.setUserId(user.getId()); userApp.setRole(epRole); dataAccessService.saveDomainObject(userApp, null); - logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Finished user role from external auth system {}", + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Finished user role from external auth system {}", extUserRoleDetail.toString()); - } else if (getCenAppRole == null // check if user has app account admin role + } else if (getCenAppRole == null // check if user has app + // account admin role && extUserRoleDetail.getName().endsWith(PortalConstants.ADMIN_ROLE.replaceAll( EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) { EPApp app = centralisedAppsMap.get(extUserRoleDetail.getName()); if (app != null) { - logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Adding user role from external auth system {}", + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Adding user role from external auth system {}", extUserRoleDetail.toString()); EPUserApp userApp = new EPUserApp(); EPRole epRole = new EPRole(); @@ -3668,7 +3714,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic userApp.setUserId(user.getId()); userApp.setRole(epRole); dataAccessService.saveDomainObject(userApp, null); - logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Finished user role from external auth system {}", + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Finished user role from external auth system {}", extUserRoleDetail.toString()); } } @@ -3683,13 +3730,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @SuppressWarnings("unchecked") private HashMap getCentralizedAdminAppsInfo() { - List centralizedApps = dataAccessService - .executeNamedQuery("getCentralizedApps", null, null); + List centralizedApps = dataAccessService.executeNamedQuery("getCentralizedApps", null, null); HashMap centralisedAppsMap = new HashMap<>(); for (EPApp cenApp : centralizedApps) { - centralisedAppsMap.put(cenApp.getNameSpace()+ "." + - PortalConstants.ADMIN_ROLE.replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), cenApp); + centralisedAppsMap.put( + cenApp.getNameSpace() + "." + + PortalConstants.ADMIN_ROLE.replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + cenApp); } return centralisedAppsMap; } @@ -3699,9 +3747,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HashMap currentCentralizedUserAppRolesMap = new HashMap<>(); for (CentralizedAppRoles cenAppUserRole : currentUserAppRoles) { currentCentralizedUserAppRolesMap.put( - cenAppUserRole.getAppNameSpace() + "." + cenAppUserRole.getRoleName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), - cenAppUserRole); + cenAppUserRole.getAppNameSpace() + "." + + cenAppUserRole.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + cenAppUserRole); } return currentCentralizedUserAppRolesMap; } @@ -3713,13 +3762,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HashMap cenAppRolesMap = new HashMap<>(); for (CentralizedAppRoles CentralizedAppRole : centralizedAppRoles) { cenAppRolesMap.put( - CentralizedAppRole.getAppNameSpace() + "." + CentralizedAppRole.getRoleName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + CentralizedAppRole.getAppNameSpace() + "." + + CentralizedAppRole.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), CentralizedAppRole); } return cenAppRolesMap; } - + @Override public ResponseEntity getUserRolesFromExtAuthSystem(String name, HttpEntity getUserRolesEntity) { logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to external system to get current user roles"); @@ -3727,14 +3777,36 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "roles/user/" + name, HttpMethod.GET, getUserRolesEntity, String.class); if (getResponse.getStatusCode().value() == 200) { - logger.debug(EELFLoggerDelegate.debugLogger, "getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}", + logger.debug(EELFLoggerDelegate.debugLogger, + "getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}", + getResponse.getBody()); + } else { + logger.error(EELFLoggerDelegate.errorLogger, + "getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}", getResponse.getBody()); - - }else{ - logger.error(EELFLoggerDelegate.errorLogger, "getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}",getResponse.getBody() ); EPLogUtil.logExternalAuthAccessAlarm(logger, getResponse.getStatusCode()); } return getResponse; } + @Override + public Integer updateAppRoleDescription(String uebkey) { + Integer roleDescUpdated = 0; + EPApp app; + try { + app = getApp(uebkey).get(0); + List roles = getAppRoles(app.getId()); + for (EPRole epRole : roles) { + Role role = new Role(); + role.setName(epRole.getName()); + boolean status = addRoleDescriptionInExtSystem(role, app); + if (status) + roleDescUpdated++; + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription: Failed! ", e); + } + return roleDescUpdated; + } + }