X-Git-Url: https://gerrit.onap.org/r/gitweb?p=portal.git;a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fservice%2FExternalAccessRolesServiceImpl.java;h=3778a00ff48c36d0f937fe7f7e1135440f567809;hp=eb6d730cb61fb43cacda7a52a7575ae0522631a1;hb=d13dacf060ff58d36f7d8995d185d78085bfd669;hpb=24608a9e1450c409dc3870440d29e91cc3a26bb9 diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java index eb6d730c..3778a00f 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -42,18 +42,14 @@ import java.util.ArrayList; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; -import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import java.util.Set; import java.util.SortedSet; import java.util.TreeSet; -import java.util.regex.Pattern; import java.util.stream.Collectors; import org.apache.commons.codec.DecoderException; -import org.apache.commons.codec.binary.Hex; -import org.apache.commons.lang.StringUtils; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.SessionFactory; @@ -70,6 +66,7 @@ import org.onap.portalapp.portal.domain.EPRole; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.domain.EPUserApp; import org.onap.portalapp.portal.domain.ExternalRoleDetails; +import org.onap.portalapp.portal.ecomp.model.UploadRoleFunctionExtSystem; import org.onap.portalapp.portal.exceptions.DeleteDomainObjectFailedException; import org.onap.portalapp.portal.exceptions.ExternalAuthSystemException; import org.onap.portalapp.portal.exceptions.InactiveApplicationException; @@ -79,26 +76,7 @@ import org.onap.portalapp.portal.exceptions.RoleFunctionException; import org.onap.portalapp.portal.logging.aop.EPAuditLog; import org.onap.portalapp.portal.logging.aop.EPMetricsLog; import org.onap.portalapp.portal.logging.logic.EPLogUtil; -import org.onap.portalapp.portal.transport.BulkUploadRoleFunction; -import org.onap.portalapp.portal.transport.BulkUploadUserRoles; -import org.onap.portalapp.portal.transport.CentralApp; -import org.onap.portalapp.portal.transport.CentralRole; -import org.onap.portalapp.portal.transport.CentralRoleFunction; -import org.onap.portalapp.portal.transport.CentralUser; -import org.onap.portalapp.portal.transport.CentralUserApp; -import org.onap.portalapp.portal.transport.CentralV2Role; -import org.onap.portalapp.portal.transport.CentralV2User; -import org.onap.portalapp.portal.transport.CentralV2UserApp; -import org.onap.portalapp.portal.transport.EcompUserRoles; -import org.onap.portalapp.portal.transport.ExternalAccessPerms; -import org.onap.portalapp.portal.transport.ExternalAccessPermsDetail; -import org.onap.portalapp.portal.transport.ExternalAccessRole; -import org.onap.portalapp.portal.transport.ExternalAccessRolePerms; -import org.onap.portalapp.portal.transport.ExternalAccessUser; -import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator; -import org.onap.portalapp.portal.transport.ExternalRoleDescription; -import org.onap.portalapp.portal.transport.GlobalRoleWithApplicationRoleFunction; -import org.onap.portalapp.portal.transport.LocalRole; +import org.onap.portalapp.portal.transport.*; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.portal.utils.PortalConstants; @@ -133,74 +111,40 @@ import com.fasterxml.jackson.databind.type.TypeFactory; @EPMetricsLog @EPAuditLog public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesService { - private static final String APP_ROLE_NAME_PARAM = "appRoleName"; - private static final String GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM = "getRoletoUpdateInExternalAuthSystem"; - private static final String GET_PORTAL_APP_ROLES_QUERY = "getPortalAppRoles"; - private static final String GET_ROLE_FUNCTION_QUERY = "getRoleFunction"; - private static final String FUNCTION_CODE_PARAMS = "functionCode"; - private static final String AND_FUNCTION_CD_EQUALS = " and function_cd = '"; - private static final String OWNER = ".owner"; - private static final String ADMIN = ".admin"; - private static final String ACCOUNT_ADMINISTRATOR = ".Account_Administrator"; - private static final String FUNCTION_PIPE = "|"; - - private static final String IS_NULL_STRING = "null"; - private static final String EXTERNAL_AUTH_PERMS = "perms"; - private static final String EXTERNAL_AUTH_ROLE_DESCRIPTION = "description"; - private static final String IS_EMPTY_JSON_STRING = "{}"; - private static final String CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE = "Connecting to External Auth system"; - - private static final String APP_ROLE_ID = "appRoleId"; - private static final String APP_ID = "appId"; - - private static final String PRIORITY = "priority"; - - private static final String ACTIVE = "active"; - private static final String ROLE_NAME = "name"; - - private static final String ID = "id"; - private static final String APP_ID_EQUALS = " app_id = "; - private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesServiceImpl.class); - @Autowired private DataAccessService dataAccessService; - @Autowired private EPAppService epAppService; - @Autowired private SessionFactory sessionFactory; - @Autowired EPRoleService ePRoleService; - RestTemplate template = new RestTemplate(); - - // These decode values are based on HexDecoder static final String decodeValueOfForwardSlash = "2f"; static final String decodeValueOfHiphen = "2d"; static final String decodeValueOfStar = "2a"; @SuppressWarnings("unchecked") + @Override public List getAppRoles(Long appId) throws Exception { List applicationRoles = null; final Map appParams = new HashMap<>(); @@ -226,8 +170,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map appUebkeyParams = new HashMap<>(); appUebkeyParams.put("appKey", uebkey); app = dataAccessService.executeNamedQuery("getMyAppDetailsByUebKey", appUebkeyParams, null); - if(!app.isEmpty() && !app.get(0).getEnabled() && !app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)){ - throw new InactiveApplicationException("Application:"+app.get(0).getName()+" is Unavailable"); + if (!app.isEmpty() && !app.get(0).getEnabled() + && !app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)) { + throw new InactiveApplicationException("Application:" + app.get(0).getName() + " is Unavailable"); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getApp: failed", e); @@ -237,7 +182,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * It returns single application role from external auth system + * It returns single application role from external auth system + * * @param addRole * @param app * @return JSON string which contains application role details @@ -250,8 +196,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic logger.debug(EELFLoggerDelegate.debugLogger, "getSingleAppRole: Connecting to External Auth system"); response = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "roles/" - + app.getNameSpace() - + "." + addRole + + app.getNameSpace() + "." + addRole .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), HttpMethod.GET, entity, String.class); logger.debug(EELFLoggerDelegate.debugLogger, @@ -274,11 +219,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpMethod.POST, entity, String.class); if (addResponse.getStatusCode().value() == 201) { response = true; - logger.debug(EELFLoggerDelegate.debugLogger, "addRole: Finished adding role in the External Auth system and response code: {} ", addResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRole: Finished adding role in the External Auth system and response code: {} ", + addResponse.getStatusCode().value()); } if (addResponse.getStatusCode().value() == 406) { logger.error(EELFLoggerDelegate.errorLogger, - "addRole: Failed to add in the External Auth system due to {} and status code: {}", addResponse.getBody(), addResponse.getStatusCode().value()); + "addRole: Failed to add in the External Auth system due to {} and status code: {}", + addResponse.getBody(), addResponse.getStatusCode().value()); } return response; } @@ -288,18 +236,21 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * It deletes record in external auth system * * @param delRole - * @return JSON String which has status code and response body + * @return JSON String which has status code and response body * @throws Exception */ private ResponseEntity deleteRoleInExternalSystem(String delRole) throws Exception { ResponseEntity delResponse = null; HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity entity = new HttpEntity<>(delRole, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: {} for DELETE: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, delRole); + logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: {} for DELETE: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, delRole); delResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role?force=true", HttpMethod.DELETE, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: Finished DELETE operation in the External Auth system {} and status code: {} ", delRole, delResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "deleteRoleInExternalSystem: Finished DELETE operation in the External Auth system {} and status code: {} ", + delRole, delResponse.getStatusCode().value()); return delResponse; } @@ -309,15 +260,13 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param updateExtRole * @param app * @return true if success else false - * @throws Exception - * If updateRoleInExternalSystem fails we catch it in logger for detail message + * @throws Exception If updateRoleInExternalSystem fails we catch it in logger + * for detail message */ - @SuppressWarnings("unchecked") private boolean updateRoleInExternalSystem(Role updateExtRole, EPApp app, boolean isGlobalRole) throws Exception { boolean response = false; ObjectMapper mapper = new ObjectMapper(); ResponseEntity deleteResponse = null; - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); List epRoleList = null; if (app.getId().equals(PortalConstants.PORTAL_APP_ID) || (isGlobalRole && !app.getId().equals(PortalConstants.PORTAL_APP_ID))) { @@ -325,7 +274,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { epRoleList = getPartnerAppRoleInfo(updateExtRole.getId(), app); } - // Assigning functions to global role if ((isGlobalRole && !app.getId().equals(PortalConstants.PORTAL_APP_ID))) { List globalRoleFunctionListNew = convertSetToListOfRoleFunctions(updateExtRole); @@ -357,86 +305,31 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic list = mapper.readValue(perms.toString(), TypeFactory.defaultInstance() .constructCollectionType(List.class, ExternalAccessPerms.class)); } - ExternalRoleDescription sysRoleList = mapper.readValue(desc, ExternalRoleDescription.class); // If role name or role functions are updated then delete // record in External System and add new record to avoid // conflicts - Boolean existingRoleActive; - boolean isActiveValueChanged; - // check role active status - existingRoleActive = new Boolean(sysRoleList.getActive()); - isActiveValueChanged = existingRoleActive.equals(updateExtRole.getActive()); boolean isRoleNameChanged = false; - if (!sysRoleList.getName().equals(updateExtRole.getName())) { + if (!desc.equals(updateExtRole.getName())) { isRoleNameChanged = true; - Map delRoleKeyMapper = new HashMap<>(); - delRoleKeyMapper.put(ROLE_NAME, name); - String delRoleKeyValue = mapper.writeValueAsString(delRoleKeyMapper); - deleteResponse = deleteRoleInExternalSystem(delRoleKeyValue); - if (deleteResponse.getStatusCode().value() != 200) { - logger.error(EELFLoggerDelegate.errorLogger, - "updateRoleInExternalSystem: Failed to delete role in external system due to {} ", - deleteResponse.getBody()); - throw new ExternalAuthSystemException(deleteResponse.getBody()); - } + deleteRoleInExtSystem(mapper, name); addRole(updateExtRole, app.getUebKey()); - // add partner functions to the global role in External Auth System - if(!list.isEmpty() && isGlobalRole){ - addPartnerHasRoleFunctionsToGlobalRole(list, mapper, app, updateExtRole); + // add partner functions to the global role in External + // Auth System + if (!list.isEmpty() && isGlobalRole) { + addPartnerHasRoleFunctionsToGlobalRole(list, mapper, app, updateExtRole); } - list.removeIf(perm -> EcompPortalUtils.checkNameSpaceMatching(perm.getType(), app.getNameSpace())); - // if role name is changes please ignore the previous functions in External Auth and update with user requested functions - addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, - list); + list.removeIf( + perm -> EcompPortalUtils.checkNameSpaceMatching(perm.getType(), app.getNameSpace())); + // if role name is changes please ignore the previous + // functions in External Auth + // and update with user requested functions + addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, list); } - boolean checkPriorityStatus = StringUtils.equals(String.valueOf(sysRoleList.getPriority()), - String.valueOf(updateExtRole.getPriority())); - ExternalAccessRole updateRole = new ExternalAccessRole(); - if (!isActiveValueChanged || !checkPriorityStatus || sysRoleList.getId().equals(IS_NULL_STRING) - || !sysRoleList.getId().equals(String.valueOf(epRoleList.get(0).getId()))) { - String updateDesc = ""; - List getRole; - final Map getAppRoleByName = new HashMap<>(); - getAppRoleByName.put(APP_ROLE_NAME_PARAM, updateExtRole.getName()); - if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - getRole = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, getAppRoleByName, - null); - } else { - getAppRoleByName.put("appId", String.valueOf(app.getId())); - getRole = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, - getAppRoleByName, null); - } - Map extSystemUpdateRoleJsonMapper = new LinkedHashMap<>(); - extSystemUpdateRoleJsonMapper.put(ID, String.valueOf(getRole.get(0).getId())); - extSystemUpdateRoleJsonMapper.put(ROLE_NAME, String.valueOf(updateExtRole.getName())); - extSystemUpdateRoleJsonMapper.put(ACTIVE, String.valueOf(updateExtRole.getActive())); - extSystemUpdateRoleJsonMapper.put(PRIORITY, String.valueOf(updateExtRole.getPriority())); - if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - extSystemUpdateRoleJsonMapper.put(APP_ID, "null"); - extSystemUpdateRoleJsonMapper.put(APP_ROLE_ID, "null"); - } else { - extSystemUpdateRoleJsonMapper.put(APP_ID, String.valueOf(app.getId())); - extSystemUpdateRoleJsonMapper.put(APP_ROLE_ID, - String.valueOf(getRole.get(0).getAppRoleId())); - - } - updateDesc = mapper.writeValueAsString(extSystemUpdateRoleJsonMapper); - updateRole.setName(app.getNameSpace() + "." + updateExtRole.getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - updateRole.setDescription(updateDesc); - String updateRoleDesc = mapper.writeValueAsString(updateRole); - HttpEntity entity = new HttpEntity<>(updateRoleDesc, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: {} for PUT: {}", - CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleDesc); - ResponseEntity updatePermsResponse = template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "role", - HttpMethod.PUT, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, - "updateRoleInExternalSystem: Finished updating in External Auth system {} and status code: {} ", - updateRoleDesc, updatePermsResponse.getStatusCode().value()); + // Delete role in External System if role is inactive + if (!updateExtRole.getActive()) { + deleteRoleInExtSystem(mapper, name); } - if(!isRoleNameChanged) { + if (!isRoleNameChanged) { response = addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, list); } @@ -444,17 +337,41 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { // It seems like role exists in local DB but not in External // Access system - addRole(updateExtRole, app.getUebKey()); - List roleFunctionListUpdate = convertSetToListOfRoleFunctions(updateExtRole); - response = true; - if (!roleFunctionListUpdate.isEmpty()) { - addRoleFunctionsInExternalSystem(updateExtRole, mapper, app); + if (updateExtRole.getActive()) { + addRole(updateExtRole, app.getUebKey()); + ExternalAccessRolePerms extAddRolePerms = null; + ExternalAccessPerms extAddPerms = null; + List roleFunctionListAdd = convertSetToListOfRoleFunctions(updateExtRole); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + for (RoleFunction roleFunc : roleFunctionListAdd) { + extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + roleFunc.getType(), + roleFunc.getCode(), roleFunc.getAction()); + extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, + app.getNameSpace() + "." + updateExtRole.getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + response = addRoleFuncExtSysRestAPI(mapper, extAddRolePerms, headers); + } } } } return response; } + private void deleteRoleInExtSystem(ObjectMapper mapper, String name) + throws JsonProcessingException, Exception, ExternalAuthSystemException { + ResponseEntity deleteResponse; + Map delRoleKeyMapper = new HashMap<>(); + delRoleKeyMapper.put(ROLE_NAME, name); + String delRoleKeyValue = mapper.writeValueAsString(delRoleKeyMapper); + deleteResponse = deleteRoleInExternalSystem(delRoleKeyValue); + if (deleteResponse.getStatusCode().value() != 200) { + logger.error(EELFLoggerDelegate.errorLogger, + "updateRoleInExternalSystem: Failed to delete role in external system due to {} ", + deleteResponse.getBody()); + throw new ExternalAuthSystemException(deleteResponse.getBody()); + } + } + private boolean addRemoveFunctionsToRole(Role updateExtRole, EPApp app, ObjectMapper mapper, List roleFunctionListNew, String name, List list) throws Exception { boolean response; @@ -469,21 +386,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); if (!list.isEmpty()) { for (ExternalAccessPerms perm : list) { - RoleFunction roleFunc = updateRoleFunc.get(perm.getType().substring(app.getNameSpace().length()+1) + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction()); - if (roleFunc==null) { - RoleFunction roleFuncPipeFilter = updateRoleFunc.get(perm.getInstance()); - if(roleFuncPipeFilter == null) - removePermForRole(perm, mapper, name, headers); + RoleFunction roleFunc = updateRoleFunc.get(perm.getType().substring(app.getNameSpace().length() + 1) + + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction()); + if (roleFunc == null) { + RoleFunction roleFuncPipeFilter = updateRoleFunc.get(perm.getInstance()); + if (roleFuncPipeFilter == null) + removePermForRole(perm, mapper, name, headers); } extRolePermMap.put(perm.getInstance(), perm); - extRolePermMapPipes.put( - perm.getType().substring(app.getNameSpace().length()+1) + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction(), perm); + extRolePermMapPipes.put(perm.getType().substring(app.getNameSpace().length() + 1) + FUNCTION_PIPE + + perm.getInstance() + FUNCTION_PIPE + perm.getAction(), perm); } } response = true; if (!roleFunctionListNew.isEmpty()) { for (RoleFunction roleFunc : roleFunctionListNew) { - if(roleFunc.getCode().contains(FUNCTION_PIPE)) { + if (roleFunc.getCode().contains(FUNCTION_PIPE)) { ExternalAccessPerms perm = extRolePermMapPipes.get(roleFunc.getCode()); if (perm == null) { response = addFunctionsToRoleInExternalAuthSystem(updateExtRole, app, mapper, headers, @@ -499,9 +417,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return response; } - + /* - * Adds function to the role in the external auth system while editing a role or updating new functions to a role + * Adds function to the role in the external auth system while editing a role or + * updating new functions to a role * */ private boolean addFunctionsToRoleInExternalAuthSystem(Role updateExtRole, EPApp app, ObjectMapper mapper, @@ -514,7 +433,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String action = ""; if (roleFunc.getCode().contains(FUNCTION_PIPE)) { code = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); - type = getFunctionCodeType(roleFunc.getCode()); + type = EcompPortalUtils.getFunctionType(roleFunc.getCode()); action = getFunctionCodeAction(roleFunc.getCode()); } else { code = roleFunc.getCode(); @@ -522,25 +441,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic action = "*"; } extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); - extRolePerms = new ExternalAccessRolePerms(extPerms, - app.getNameSpace() + "." - + updateExtRole.getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, - "_")); + extRolePerms = new ExternalAccessRolePerms(extPerms, app.getNameSpace() + "." + updateExtRole.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String updateRolePerms = mapper.writeValueAsString(extRolePerms); HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: {} for POST: {}", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); ResponseEntity addResponse = template.exchange( - SystemProperties.getProperty( - EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", HttpMethod.POST, entity, String.class); - if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value()!= 409) { + if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value() != 409) { response = false; logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: Connected to External Auth system but something went wrong! due to {} and statuscode: {}", - addResponse.getStatusCode().getReasonPhrase(), - addResponse.getStatusCode().value()); + addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); } else { response = true; logger.debug(EELFLoggerDelegate.debugLogger, @@ -549,7 +463,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return response; } - + private void addPartnerHasRoleFunctionsToGlobalRole(List permslist, ObjectMapper mapper, EPApp app, Role updateExtRole) throws Exception { for (ExternalAccessPerms perm : permslist) { @@ -579,19 +493,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic addResponse.getStatusCode().value()); } } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addPartnerHasRoleFunctionsToGlobalRole: Failed for POST request: {} due to ", - addPerms, e); + logger.error(EELFLoggerDelegate.errorLogger, + "addPartnerHasRoleFunctionsToGlobalRole: Failed for POST request: {} due to ", addPerms, e); } } } } @SuppressWarnings("unchecked") - private void addFunctionsTOGlobalRole(List epRoleList, Role updateExtRole, List roleFunctionListNew, ObjectMapper mapper, EPApp app, EPApp portalAppInfo) + private void addFunctionsTOGlobalRole(List epRoleList, Role updateExtRole, + List roleFunctionListNew, ObjectMapper mapper, EPApp app, EPApp portalAppInfo) throws Exception { try { logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addFunctionsTOGlobalRole"); - //GET Permissions from External Auth System + // GET Permissions from External Auth System JSONArray extPerms = getExtAuthPermissions(app); List permsDetailList = getExtAuthPerrmissonList(app, extPerms); final Map existingPermsWithRoles = new HashMap<>(); @@ -601,161 +516,143 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic for (ExternalAccessPermsDetail permDetail : permsDetailList) { existingPermsWithRoles.put(EcompPortalUtils.getFunctionCode(permDetail.getInstance()), permDetail); existingPermsWithRolesWithPipes.put(permDetail.getInstance(), permDetail); - } // Add If function does not exists for role in External Auth System for (RoleFunction roleFunc : roleFunctionListNew) { String roleFuncCode = ""; ExternalAccessPermsDetail permsDetail; - if(roleFunc.getCode().contains(FUNCTION_PIPE)) { + if (roleFunc.getCode().contains(FUNCTION_PIPE)) { roleFuncCode = roleFunc.getCode(); permsDetail = existingPermsWithRolesWithPipes.get(roleFunc.getCode()); } else { roleFuncCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); permsDetail = existingPermsWithRoles.get(roleFuncCode); } - if (null == permsDetail.getRoles() || !permsDetail.getRoles() - .contains(portalAppInfo.getNameSpace() + FUNCTION_PIPE + epRoleList.get(0).getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) { + if (null == permsDetail.getRoles() + || !permsDetail.getRoles() + .contains(portalAppInfo.getNameSpace() + FUNCTION_PIPE + + epRoleList.get(0).getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, + "_"))) { addRoleFunctionsToGlobalRoleInExternalSystem(roleFunc, updateExtRole, mapper, app, portalAppInfo); } userRquestedFunctionsMap.put(roleFuncCode, roleFunc); userRquestedFunctionsMapPipesFilter.put(EcompPortalUtils.getFunctionCode(roleFuncCode), roleFunc); - } - // Delete functions if exists in External Auth System but not in incoming request - final Map epAppRoleFuncParams = new HashMap<>(); + } + // Delete functions if exists in External Auth System but not in + // incoming + // request + final Map epAppRoleFuncParams = new HashMap<>(); epAppRoleFuncParams.put("requestedAppId", app.getId()); - epAppRoleFuncParams.put("roleId",updateExtRole.getId()); - List globalRoleFunctionList = dataAccessService.executeNamedQuery("getGlobalRoleForRequestedApp", epAppRoleFuncParams, null); - for(GlobalRoleWithApplicationRoleFunction globalRoleFunc: globalRoleFunctionList){ + epAppRoleFuncParams.put("roleId", updateExtRole.getId()); + List globalRoleFunctionList = dataAccessService + .executeNamedQuery("getGlobalRoleForRequestedApp", epAppRoleFuncParams, null); + for (GlobalRoleWithApplicationRoleFunction globalRoleFunc : globalRoleFunctionList) { String globalRoleFuncWithoutPipes = ""; RoleFunction roleFunc = null; - if(globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) { + if (globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) { globalRoleFuncWithoutPipes = globalRoleFunc.getFunctionCd(); roleFunc = userRquestedFunctionsMap.get(globalRoleFuncWithoutPipes); - }else { - globalRoleFuncWithoutPipes = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd()); + } else { + globalRoleFuncWithoutPipes = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd()); roleFunc = userRquestedFunctionsMapPipesFilter.get(globalRoleFuncWithoutPipes); } - if(roleFunc == null){ - ExternalAccessPermsDetail permDetailFromMap = globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE) ? existingPermsWithRolesWithPipes.get(globalRoleFuncWithoutPipes) : existingPermsWithRoles.get(globalRoleFuncWithoutPipes); - ExternalAccessPerms perm = new ExternalAccessPerms(permDetailFromMap.getType(), EcompPortalUtils.getFunctionCode(permDetailFromMap.getInstance()), permDetailFromMap.getAction()); - String roleName = portalAppInfo.getNameSpace()+"."+globalRoleFunc.getRoleName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); + if (roleFunc == null) { + ExternalAccessPermsDetail permDetailFromMap = globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE) + ? existingPermsWithRolesWithPipes.get(globalRoleFuncWithoutPipes) + : existingPermsWithRoles.get(globalRoleFuncWithoutPipes); + ExternalAccessPerms perm = new ExternalAccessPerms(permDetailFromMap.getType(), + EcompPortalUtils.getFunctionCode(permDetailFromMap.getInstance()), + permDetailFromMap.getAction()); + String roleName = portalAppInfo.getNameSpace() + "." + globalRoleFunc.getRoleName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); removePermForRole(perm, mapper, roleName, headers); } } logger.debug(EELFLoggerDelegate.debugLogger, "Finished addFunctionsTOGlobalRole"); } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addFunctionsTOGlobalRole: Failed",e); + logger.error(EELFLoggerDelegate.errorLogger, "addFunctionsTOGlobalRole: Failed", e); throw e; } } - private void addRoleFunctionsToGlobalRoleInExternalSystem(RoleFunction addFunction, Role globalRole, ObjectMapper mapper, EPApp app, - EPApp portalAppInfo) throws Exception { + private void addRoleFunctionsToGlobalRoleInExternalSystem(RoleFunction addFunction, Role globalRole, + ObjectMapper mapper, EPApp app, EPApp portalAppInfo) throws Exception { try { logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addRoleFunctionsToGlobalRoleInExternalSystem"); ExternalAccessRolePerms extAddRolePerms = null; ExternalAccessPerms extAddPerms = null; HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - String code = ""; - String type = ""; - String action = ""; - if (addFunction.getCode().contains(FUNCTION_PIPE)) { - code = EcompPortalUtils.getFunctionCode(addFunction.getCode()); - type = getFunctionCodeType(addFunction.getCode()); - action = getFunctionCodeAction(addFunction.getCode()); - } else { - code = addFunction.getCode(); - type = addFunction.getCode().contains("menu") ? "menu" : "url"; - action = "*"; - } - extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); - extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, - portalAppInfo.getNameSpace() + "." + globalRole.getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - String updateRolePerms = mapper.writeValueAsString(extAddRolePerms); - HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} ", - CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - ResponseEntity addResponse = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "role/perm", HttpMethod.POST, entity, String.class); - if (addResponse.getStatusCode().value() != 201) { - logger.debug(EELFLoggerDelegate.debugLogger, - "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", - addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); - } else { - logger.debug(EELFLoggerDelegate.debugLogger, - "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system and status code: {} ", - addResponse.getStatusCode().value()); - } - logger.debug(EELFLoggerDelegate.debugLogger, "Finished addRoleFunctionsToGlobalRoleInExternalSystem"); - }catch(Exception e){ - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsToGlobalRoleInExternalSystem: Failed",e); - throw e; - } - } - - /** - * - * It adds functions to the role in external auth system - * - * @param updateExtRole - * @param addPermsMapper - * @param app - * @return true if success else false - * @throws Exception - */ - private boolean addRoleFunctionsInExternalSystem(Role updateExtRole, ObjectMapper addPermsMapper, EPApp app) - throws Exception { - boolean response = false; - ExternalAccessRolePerms extAddRolePerms = null; - ExternalAccessPerms extAddPerms = null; - List roleFunctionListAdd = convertSetToListOfRoleFunctions(updateExtRole); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - for (RoleFunction roleFunc : roleFunctionListAdd) { String code = ""; - String type= ""; + String type = ""; String action = ""; - if (roleFunc.getCode().contains(FUNCTION_PIPE)) { - code = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); - type = getFunctionCodeType(roleFunc.getCode()); - action = getFunctionCodeAction(roleFunc.getCode()); + if (addFunction.getCode().contains(FUNCTION_PIPE)) { + code = EcompPortalUtils.getFunctionCode(addFunction.getCode()); + type = getFunctionCodeType(addFunction.getCode()); + action = getFunctionCodeAction(addFunction.getCode()); } else { - code = roleFunc.getCode(); - type = roleFunc.getCode().contains("menu") ? "menu" : "url"; + code = addFunction.getCode(); + type = addFunction.getCode().contains("menu") ? "menu" : "url"; action = "*"; } extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); - extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, - app.getNameSpace() + "." + updateExtRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - String updateRolePerms = addPermsMapper.writeValueAsString(extAddRolePerms); + extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, portalAppInfo.getNameSpace() + "." + globalRole + .getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + String updateRolePerms = mapper.writeValueAsString(extAddRolePerms); HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); ResponseEntity addResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", HttpMethod.POST, entity, String.class); if (addResponse.getStatusCode().value() != 201) { - response = false; logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); } else { - response = true; - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", updateRolePerms, addResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system and status code: {} ", + addResponse.getStatusCode().value()); } + logger.debug(EELFLoggerDelegate.debugLogger, "Finished addRoleFunctionsToGlobalRoleInExternalSystem"); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsToGlobalRoleInExternalSystem: Failed", e); + throw e; + } + } + + private boolean addRoleFuncExtSysRestAPI(ObjectMapper addPermsMapper, ExternalAccessRolePerms extAddRolePerms, + HttpHeaders headers) throws JsonProcessingException { + boolean response; + String updateRolePerms = addPermsMapper.writeValueAsString(extAddRolePerms); + HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); + ResponseEntity addResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", + HttpMethod.POST, entity, String.class); + if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value() != 409) { + response = false; + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", + addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); + } else { + response = true; + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", + updateRolePerms, addResponse.getStatusCode().value()); } return response; } /** * - * It converts list of functions in updateExtRole parameter to the RoleFunction object + * It converts list of functions in updateExtRole parameter to the RoleFunction + * object * * @param updateExtRole - * @return list of functions + * @return list of functions */ @SuppressWarnings("unchecked") private List convertSetToListOfRoleFunctions(Role updateExtRole) { @@ -778,28 +675,31 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param permMapper * @param name * @param headers - * @throws JsonProcessingException + * @throws JsonProcessingException * @throws Exception */ private void removePermForRole(ExternalAccessPerms perm, ObjectMapper permMapper, String name, HttpHeaders headers) throws ExternalAuthSystemException, JsonProcessingException { ExternalAccessRolePerms extAccessRolePerms = new ExternalAccessRolePerms(perm, name); String permDetails = permMapper.writeValueAsString(extAccessRolePerms); - try{ - HttpEntity deleteEntity = new HttpEntity<>(permDetails, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: {} for DELETE: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, permDetails); - ResponseEntity deletePermResponse = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/" - + name + "/perm", HttpMethod.DELETE, deleteEntity, String.class); - if (deletePermResponse.getStatusCode().value() != 200) { - throw new ExternalAuthSystemException(deletePermResponse.getBody()); - } - logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: Finished deleting permission to role in External Auth system: {} and status code: {}", - permDetails, deletePermResponse.getStatusCode().value()); - } catch(Exception e){ - if(e.getMessage().contains("404")){ - logger.error(EELFLoggerDelegate.errorLogger, "Failed to add role for DELETE request: {} due to {}", permDetails, e.getMessage()); - } else{ + try { + HttpEntity deleteEntity = new HttpEntity<>(permDetails, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: {} for DELETE: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, permDetails); + ResponseEntity deletePermResponse = template + .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "role/" + name + "/perm", HttpMethod.DELETE, deleteEntity, String.class); + if (deletePermResponse.getStatusCode().value() != 200) { + throw new ExternalAuthSystemException(deletePermResponse.getBody()); + } + logger.debug(EELFLoggerDelegate.debugLogger, + "removePermForRole: Finished deleting permission to role in External Auth system: {} and status code: {}", + permDetails, deletePermResponse.getStatusCode().value()); + } catch (Exception e) { + if (e.getMessage().contains("404")) { + logger.error(EELFLoggerDelegate.errorLogger, "Failed to add role for DELETE request: {} due to {}", + permDetails, e.getMessage()); + } else { throw e; } } @@ -811,41 +711,34 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param newRole * @param app * @return true if successfully added in the system else false - * @throws Exception - * If fails to add role in the system + * @throws Exception If fails to add role in the system */ - private void addNewRoleInExternalSystem(List newRole, EPApp app) throws Exception, HttpClientErrorException { - try{ - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - ObjectMapper mapper = new ObjectMapper(); - String addNewRole = ""; - ExternalAccessRole extRole = new ExternalAccessRole(); - String addDesc = null; - Map extSystemJsonMapper = new LinkedHashMap<>(); - extSystemJsonMapper.put(ID, String.valueOf(newRole.get(0).getId())); - extSystemJsonMapper.put(ROLE_NAME, String.valueOf(newRole.get(0).getName())); - extSystemJsonMapper.put(ACTIVE, String.valueOf(newRole.get(0).getActive())); - extSystemJsonMapper.put(PRIORITY, String.valueOf(newRole.get(0).getPriority())); - extSystemJsonMapper.put(APP_ID, String.valueOf(newRole.get(0).getAppId())); - extSystemJsonMapper.put(APP_ROLE_ID, String.valueOf(newRole.get(0).getAppRoleId())); - addDesc = mapper.writeValueAsString(extSystemJsonMapper); - extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - extRole.setDescription(addDesc); - addNewRole = mapper.writeValueAsString(extRole); - HttpEntity postEntity = new HttpEntity<>(addNewRole, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole); - ResponseEntity addNewRoleInExternalSystem = template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", - HttpMethod.POST, postEntity, String.class); + private void addNewRoleInExternalSystem(List newRole, EPApp app) + throws Exception, HttpClientErrorException { + try { + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + ObjectMapper mapper = new ObjectMapper(); + String addNewRole = ""; + ExternalAccessRole extRole = new ExternalAccessRole(); + extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRole.setDescription(String.valueOf(newRole.get(0).getName())); + addNewRole = mapper.writeValueAsString(extRole); + HttpEntity postEntity = new HttpEntity<>(addNewRole, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole); + ResponseEntity addNewRoleInExternalSystem = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", + HttpMethod.POST, postEntity, String.class); if (addNewRoleInExternalSystem.getStatusCode().value() == 201) { logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: Finished adding into External Auth system for POST: {} and status code: {}", addNewRole, addNewRoleInExternalSystem.getStatusCode().value()); } - }catch(HttpClientErrorException ht){ - dataAccessService.deleteDomainObjects(EPRole.class, " role_id = "+ newRole.get(0).getId(), null); - logger.error(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: Failed to add in External Auth system and status code: {}", - ht); + } catch (HttpClientErrorException ht) { + dataAccessService.deleteDomainObjects(EPRole.class, " role_id = " + newRole.get(0).getId(), null); + logger.error(EELFLoggerDelegate.debugLogger, + "addNewRoleInExternalSystem: Failed to add in External Auth system and status code: {}", ht); throw new HttpClientErrorException(ht.getStatusCode()); } } @@ -854,8 +747,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * * It updates existing role in the External Auth System * - * @param addRole - * It Contains role information + * @param addRole It Contains role information * @param app * @return string which is formatted to match with the external auth system * @throws JsonProcessingException @@ -864,29 +756,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic ObjectMapper mapper = new ObjectMapper(); String addNewRole = ""; ExternalAccessRole extRole = new ExternalAccessRole(); - List role = null; - String addDesc = null; - Map extSystemUpdateRole = new LinkedHashMap<>(); - if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - role = getPortalAppRoleInfo(addRole.getId()); - } else { - role = getPartnerAppRoleInfo(addRole.getId(), app); - } - extSystemUpdateRole.put(ID, String.valueOf(role.get(0).getId())); - extSystemUpdateRole.put(ROLE_NAME, String.valueOf(addRole.getName())); - extSystemUpdateRole.put(ACTIVE, String.valueOf(role.get(0).getActive())); - extSystemUpdateRole.put(PRIORITY, String.valueOf(role.get(0).getPriority())); - extSystemUpdateRole.put(APP_ID, String.valueOf(role.get(0).getAppId())); - extSystemUpdateRole.put(APP_ROLE_ID, String.valueOf(role.get(0).getAppRoleId())); - addDesc = mapper.writeValueAsString(extSystemUpdateRole); - extRole.setName(app.getNameSpace() + "." + addRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - extRole.setDescription(addDesc); + extRole.setName(app.getNameSpace() + "." + addRole.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRole.setDescription(String.valueOf(addRole.getName())); addNewRole = mapper.writeValueAsString(extRole); return addNewRole; } /** - * It create a role in the external auth system and then in our local + * It create a role in the external auth system and then in our local * * @param addRoleInDB * @param app @@ -895,7 +773,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic */ @SuppressWarnings("unchecked") @Transactional(rollbackFor = Exception.class) - private boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception { + public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception { boolean result = false; EPRole epRole = null; Set roleFunctionList = addRoleInDB.getRoleFunctions(); @@ -924,24 +802,28 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } dataAccessService.saveDomainObject(epRoleNew, null); List getRoleCreated = null; - final Map epAppRoleParams = new HashMap<>(); - final Map epAppPortalRoleParams = new HashMap<>(); + final Map epAppRoleParams = new HashMap<>(); + final Map epAppPortalRoleParams = new HashMap<>(); if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { epAppRoleParams.put("appId", String.valueOf(app.getId())); epAppRoleParams.put(APP_ROLE_NAME_PARAM, addRoleInDB.getName()); - List roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null); + List roleCreated = dataAccessService + .executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null); EPRole epUpdateRole = roleCreated.get(0); epUpdateRole.setAppRoleId(epUpdateRole.getId()); dataAccessService.saveDomainObject(epUpdateRole, null); - getRoleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null); + getRoleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, + epAppRoleParams, null); } else { epAppPortalRoleParams.put(APP_ROLE_NAME_PARAM, addRoleInDB.getName()); - getRoleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, epAppPortalRoleParams, null); + getRoleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, + epAppPortalRoleParams, null); } // Add role in External Auth system if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { addNewRoleInExternalSystem(getRoleCreated, app); } + result = true; } else { // if role already exists then update it EPRole globalRole = null; List applicationRoles; @@ -1004,20 +886,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * * @param checkRole * @param app - * @throws Exception - * If role exits + * @throws Exception If role exits */ private void checkIfRoleExitsInExternalSystem(Role checkRole, EPApp app) throws Exception { getNameSpaceIfExists(app); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - String roleName = app.getNameSpace() + "." + checkRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); + String roleName = app.getNameSpace() + "." + checkRole.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); HttpEntity checkRoleEntity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, "checkIfRoleExitsInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + logger.debug(EELFLoggerDelegate.debugLogger, "checkIfRoleExitsInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); ResponseEntity checkRoleInExternalSystem = template .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "roles/" + roleName, HttpMethod.GET, checkRoleEntity, String.class); if (!checkRoleInExternalSystem.getBody().equals(IS_EMPTY_JSON_STRING)) { - logger.debug("checkIfRoleExitsInExternalSystem: Role already exists in external system {} and status code: {} ", checkRoleInExternalSystem.getBody(), checkRoleInExternalSystem.getStatusCode().value()); + logger.debug( + "checkIfRoleExitsInExternalSystem: Role already exists in external system {} and status code: {} ", + checkRoleInExternalSystem.getBody(), checkRoleInExternalSystem.getStatusCode().value()); throw new ExternalAuthSystemException(" Role already exists in external system"); } } @@ -1031,10 +916,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @throws Exception */ @SuppressWarnings("unchecked") - private void saveRoleFunction(List roleFunctionListNew, EPApp app, List applicationRoles ,Long roleAppId) - throws Exception { - final Map getAppFunctionParams = new HashMap<>(); - + private void saveRoleFunction(List roleFunctionListNew, EPApp app, List applicationRoles, + Long roleAppId) throws Exception { + final Map getAppFunctionParams = new HashMap<>(); for (RoleFunction roleFunc : roleFunctionListNew) { String code = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); EPAppRoleFunction appRoleFunc = new EPAppRoleFunction(); @@ -1044,18 +928,18 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic getAppFunctionParams.put("appId", String.valueOf(app.getId())); getAppFunctionParams.put(FUNCTION_CODE_PARAMS, roleFunc.getCode()); // query to check if function code has pipes - List roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, getAppFunctionParams, null); - if(roleFunction.isEmpty()){ + List roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, + getAppFunctionParams, null); + if (roleFunction.isEmpty()) { getAppFunctionParams.put(FUNCTION_CODE_PARAMS, code); roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, getAppFunctionParams, null); } - if(roleFunction.size() > 1){ + if (roleFunction.size() > 1) { CentralV2RoleFunction getExactFunctionCode = appFunctionListFilter(code, roleFunction); appRoleFunc.setCode(getExactFunctionCode.getCode()); - } else{ + } else { appRoleFunc.setCode(roleFunction.get(0).getCode()); } - dataAccessService.saveDomainObject(appRoleFunc, null); } } @@ -1066,23 +950,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * * @param roleFunc * @param roleFunction - * @return CentralRoleFunction + * @return CentralRoleFunction */ private CentralV2RoleFunction appFunctionListFilter(String roleFuncCode, List roleFunction) { - final Map appFunctionsFilter = new HashMap<>(); - final Map appFunctionsFilterPipes = new HashMap<>(); + final Map appFunctionsFilter = new HashMap<>(); + final Map appFunctionsFilterPipes = new HashMap<>(); CentralV2RoleFunction getExactFunctionCode = null; - for(CentralV2RoleFunction cenRoleFunction : roleFunction){ + for (CentralV2RoleFunction cenRoleFunction : roleFunction) { appFunctionsFilter.put(cenRoleFunction.getCode(), cenRoleFunction); appFunctionsFilterPipes.put(EcompPortalUtils.getFunctionCode(cenRoleFunction.getCode()), cenRoleFunction); } getExactFunctionCode = appFunctionsFilter.get(roleFuncCode); - if(getExactFunctionCode == null){ + if (getExactFunctionCode == null) { getExactFunctionCode = appFunctionsFilterPipes.get(roleFuncCode); } return getExactFunctionCode; } - + /** * It deletes all EPAppRoleFunction records in the portal * @@ -1094,17 +978,18 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map appRoleFuncsParams = new HashMap<>(); appRoleFuncsParams.put("appId", app.getId()); appRoleFuncsParams.put("roleId", role.get(0).getId()); - List appRoleFunctionList = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); + List appRoleFunctionList = dataAccessService + .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); if (!appRoleFunctionList.isEmpty()) { for (EPAppRoleFunction approleFunction : appRoleFunctionList) { dataAccessService.deleteDomainObject(approleFunction, null); } } } - + @Override @SuppressWarnings("unchecked") - public List getUser(String loginId) throws InvalidUserException{ + public List getUser(String loginId) throws InvalidUserException { final Map userParams = new HashMap<>(); userParams.put("org_user_id", loginId); List userList = dataAccessService.executeNamedQuery("getEPUserByOrgUserId", userParams, null); @@ -1151,10 +1036,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic List app = getApp(uebkey); List appRolesList = getAppRoles(app.get(0).getId()); roleList = createCentralRoleObject(app, appRolesList, roleList, params); - if(app.get(0).getId() != PortalConstants.PORTAL_APP_ID){ - List globalRoleList = getGlobalRolesOfApplication(app.get(0).getId()); + if (app.get(0).getId() != PortalConstants.PORTAL_APP_ID) { + List globalRoleList = getGlobalRolesOfApplication(app.get(0).getId()); List globalRolesList = getGlobalRolesOfPortal(); - List portalsGlobalRolesFinlaList = new ArrayList<>(); + List portalsGlobalRolesFinlaList = new ArrayList<>(); if (!globalRolesList.isEmpty()) { for (EPRole eprole : globalRolesList) { CentralV2Role cenRole = convertRoleToCentralV2Role(eprole); @@ -1162,10 +1047,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } roleList.addAll(globalRoleList); for (CentralV2Role role : portalsGlobalRolesFinlaList) { - CentralV2Role result = roleList.stream() - .filter(x -> role.getId().equals(x.getId())).findAny().orElse(null); - if (result == null) - roleList.add(role); + CentralV2Role result = roleList.stream().filter(x -> role.getId().equals(x.getId())).findAny() + .orElse(null); + if (result == null) + roleList.add(role); } } else { for (EPRole role : globalRolesList) { @@ -1189,10 +1074,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic List finalRoleList = new ArrayList<>(); final Map params = new HashMap<>(); params.put(APP_ID, app.getId()); - List getRoleFuncList = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, null); + List getRoleFuncList = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, + null); for (CentralV2RoleFunction roleFuncItem : getRoleFuncList) { String code = EcompPortalUtils.getFunctionCode(roleFuncItem.getCode()); - String type = getFunctionCodeType(roleFuncItem.getCode()); + String type = ""; + if (roleFuncItem.getCode().contains("|")) + type = EcompPortalUtils.getFunctionType(roleFuncItem.getCode()); + else + type = getFunctionCodeType(roleFuncItem.getCode()); String action = getFunctionCodeAction(roleFuncItem.getCode()); roleFuncItem.setCode(EPUserUtils.decodeFunctionCode(code)); roleFuncItem.setType(type); @@ -1202,11 +1092,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return finalRoleList; } - @Override public String getFunctionCodeAction(String roleFuncItem) { - return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" - : EcompPortalUtils.getFunctionAction(roleFuncItem); + return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" : EcompPortalUtils.getFunctionAction(roleFuncItem); } @Override @@ -1215,9 +1103,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if ((roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu")) || (!roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))) { type = "menu"; - } else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem) - ||checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem) - ||checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) { + } else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem) || checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem) + || checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) { type = "url"; } else if (roleFuncItem.contains(FUNCTION_PIPE) && (!roleFuncItem.contains("menu") || roleFuncItem.contains("url"))) { @@ -1236,10 +1123,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private boolean checkIfCodeHasNoPipesAndHasNoTypeUrl(String roleFuncItem) { return !roleFuncItem.contains(FUNCTION_PIPE) && !roleFuncItem.contains("url"); } - + /** * - * It check whether function code has pipes and url string in it + * It check whether function code has pipes and url string in it * * @param roleFuncItem * @return true or false @@ -1250,7 +1137,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic /** * - * It check whether function code has no pipes and has url string in it + * It check whether function code has no pipes and has url string in it * * @param roleFuncItem * @return true or false @@ -1270,13 +1157,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic */ @SuppressWarnings("unchecked") private CentralV2User createEPUser(EPUser userInfo, Set userAppSet, EPApp app) throws Exception { - final Map params = new HashMap<>(); - CentralV2User userAppList = new CentralV2User(); + CentralV2User userAppList = new CentralV2User.CentralV2UserBuilder().createCentralV2User(); CentralV2User user1 = null; final Map params1 = new HashMap<>(); List globalRoleList = new ArrayList<>(); - try { if (app.getId() != PortalConstants.PORTAL_APP_ID) { params1.put("userId", userInfo.getId()); @@ -1294,14 +1179,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic && (globalRole.toLowerCase().startsWith("global_")))) { CentralV2UserApp cua = new CentralV2UserApp(); cua.setUserId(null); - CentralApp cenApp = new CentralApp(1L, epApp.getCreated(), epApp.getModified(), - epApp.getCreatedId(), epApp.getModifiedId(), epApp.getRowNum(), epApp.getName(), - epApp.getImageUrl(), epApp.getDescription(), epApp.getNotes(), epApp.getUrl(), - epApp.getAlternateUrl(), epApp.getAppRestEndpoint(), epApp.getMlAppName(), - epApp.getMlAppAdminId(), String.valueOf(epApp.getMotsId()), epApp.getAppPassword(), - String.valueOf(epApp.getOpen()), String.valueOf(epApp.getEnabled()), - epApp.getThumbnail(), epApp.getUsername(), epApp.getUebKey(), epApp.getUebSecret(), - epApp.getUebTopicName()); + CentralApp cenApp = new CentralApp.CentralAppBuilder().setId(1L).setCreated(epApp.getCreated()) + .setModified(epApp.getModified()).setCreatedId(epApp.getCreatedId()) + .setModifiedId(epApp.getModifiedId()).setRowNum(epApp.getRowNum()) + .setName(epApp.getName()).setImageUrl(epApp.getImageUrl()) + .setDescription(epApp.getDescription()).setNotes(epApp.getNotes()) + .setUrl(epApp.getUrl()).setAlternateUrl(epApp.getAlternateUrl()) + .setRestEndpoint(epApp.getAppRestEndpoint()).setMlAppName(epApp.getMlAppName()) + .setMlAppAdminId(epApp.getMlAppAdminId()).setMotsId(String.valueOf(epApp.getMotsId())) + .setAppPassword(epApp.getAppPassword()).setOpen(String.valueOf(epApp.getOpen())) + .setEnabled(String.valueOf(epApp.getEnabled())).setThumbnail(epApp.getThumbnail()) + .setUsername(epApp.getUsername()).setUebKey(epApp.getUebKey()) + .setUebSecret(epApp.getUebSecret()).setUebTopicName(epApp.getUebTopicName()) + .createCentralApp(); + cenApp.setAppPassword(EPCommonSystemProperties.APP_DISPLAY_PASSWORD); cua.setApp(cenApp); Long appId = null; if (globalRole.toLowerCase().startsWith("global_") @@ -1344,27 +1235,36 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic userApp.getRole().getName(), userApp.getRole().getActive(), userApp.getRole().getPriority(), roleFunctionSet, null, null); cua.setRole(cenRole); - userAppList.getUserApps().add(cua); } } } - - user1 = new CentralV2User(null, userInfo.getCreated(), userInfo.getModified(), userInfo.getCreatedId(), - userInfo.getModifiedId(), userInfo.getRowNum(), userInfo.getOrgId(), userInfo.getManagerId(), - userInfo.getFirstName(), userInfo.getMiddleInitial(), userInfo.getLastName(), userInfo.getPhone(), - userInfo.getFax(), userInfo.getCellular(), userInfo.getEmail(), userInfo.getAddressId(), - userInfo.getAlertMethodCd(), userInfo.getHrid(), userInfo.getOrgUserId(), userInfo.getOrgCode(), - userInfo.getAddress1(), userInfo.getAddress2(), userInfo.getCity(), userInfo.getState(), - userInfo.getZipCode(), userInfo.getCountry(), userInfo.getOrgManagerUserId(), - userInfo.getLocationClli(), userInfo.getBusinessCountryCode(), userInfo.getBusinessCountryName(), - userInfo.getBusinessUnit(), userInfo.getBusinessUnitName(), userInfo.getDepartment(), - userInfo.getDepartmentName(), userInfo.getCompanyCode(), userInfo.getCompany(), - userInfo.getZipCodeSuffix(), userInfo.getJobTitle(), userInfo.getCommandChain(), - userInfo.getSiloStatus(), userInfo.getCostCenter(), userInfo.getFinancialLocCode(), - userInfo.getLoginId(), userInfo.getLoginPwd(), userInfo.getLastLoginDate(), userInfo.getActive(), - userInfo.getInternal(), userInfo.getSelectedProfileId(), userInfo.getTimeZoneId(), - userInfo.isOnline(), userInfo.getChatId(), userAppList.getUserApps(), null); + user1 = new CentralV2User.CentralV2UserBuilder().setId(null).setCreated(userInfo.getCreated()) + .setModified(userInfo.getModified()).setCreatedId(userInfo.getCreatedId()) + .setModifiedId(userInfo.getModifiedId()).setRowNum(userInfo.getRowNum()) + .setOrgId(userInfo.getOrgId()).setManagerId(userInfo.getManagerId()) + .setFirstName(userInfo.getFirstName()).setMiddleInitial(userInfo.getMiddleInitial()) + .setLastName(userInfo.getLastName()).setPhone(userInfo.getPhone()).setFax(userInfo.getFax()) + .setCellular(userInfo.getCellular()).setEmail(userInfo.getEmail()) + .setAddressId(userInfo.getAddressId()).setAlertMethodCd(userInfo.getAlertMethodCd()) + .setHrid(userInfo.getHrid()).setOrgUserId(userInfo.getOrgUserId()).setOrgCode(userInfo.getOrgCode()) + .setAddress1(userInfo.getAddress1()).setAddress2(userInfo.getAddress2()).setCity(userInfo.getCity()) + .setState(userInfo.getState()).setZipCode(userInfo.getZipCode()).setCountry(userInfo.getCountry()) + .setOrgManagerUserId(userInfo.getOrgManagerUserId()).setLocationClli(userInfo.getLocationClli()) + .setBusinessCountryCode(userInfo.getBusinessCountryCode()) + .setBusinessCountryName(userInfo.getBusinessCountryName()) + .setBusinessUnit(userInfo.getBusinessUnit()).setBusinessUnitName(userInfo.getBusinessUnitName()) + .setDepartment(userInfo.getDepartment()).setDepartmentName(userInfo.getDepartmentName()) + .setCompanyCode(userInfo.getCompanyCode()).setCompany(userInfo.getCompany()) + .setZipCodeSuffix(userInfo.getZipCodeSuffix()).setJobTitle(userInfo.getJobTitle()) + .setCommandChain(userInfo.getCommandChain()).setSiloStatus(userInfo.getSiloStatus()) + .setCostCenter(userInfo.getCostCenter()).setFinancialLocCode(userInfo.getFinancialLocCode()) + .setLoginId(userInfo.getLoginId()).setLoginPwd(userInfo.getLoginPwd()) + .setLastLoginDate(userInfo.getLastLoginDate()).setActive(userInfo.getActive()) + .setInternal(userInfo.getInternal()).setSelectedProfileId(userInfo.getSelectedProfileId()) + .setTimeZoneId(userInfo.getTimeZoneId()).setOnline(userInfo.isOnline()) + .setChatId(userInfo.getChatId()).setUserApps(userAppList.getUserApps()).setPseudoRoles(null) + .createCentralV2User(); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "createEPUser: createEPUser failed", e); throw e; @@ -1403,11 +1303,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (roleList.isEmpty()) { return cenRole; } - } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getRoleInfo: failed", e); throw e; - } return roleList.get(0); } @@ -1417,37 +1315,40 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic List roleInfo; final Map getPartnerAppRoleParams = new HashMap<>(); getPartnerAppRoleParams.put("appRoleId", roleId); - getPartnerAppRoleParams.put("appId", app.getId()); + getPartnerAppRoleParams.put("appId", app.getId()); roleInfo = dataAccessService.executeNamedQuery("getPartnerAppRoleByRoleId", getPartnerAppRoleParams, null); - if(roleInfo.isEmpty()) { + if (roleInfo.isEmpty()) { getPartnerAppRoleParams.put("appRoleId", roleId); roleInfo = dataAccessService.executeNamedQuery("getPartnerAppRoleById", getPartnerAppRoleParams, null); } return roleInfo; } + @Override @SuppressWarnings("unchecked") - private List getPortalAppRoleInfo(Long roleId) { + public List getPortalAppRoleInfo(Long roleId) { List roleInfo; final Map getPortalAppRoleParams = new HashMap<>(); getPortalAppRoleParams.put("roleId", roleId); roleInfo = dataAccessService.executeNamedQuery("getPortalAppRoleByRoleId", getPortalAppRoleParams, null); return roleInfo; } - + /** * - * It returns list of app roles along with role functions and which went through deep copy + * It returns list of app roles along with role functions and which went through + * deep copy * * @param app * @param roleInfo * @param roleList * @param params * @return - * @throws DecoderException + * @throws DecoderException */ @SuppressWarnings("unchecked") - private List createCentralRoleObject(List app, List roleInfo, + @Override + public List createCentralRoleObject(List app, List roleInfo, List roleList, Map params) throws RoleFunctionException { for (EPRole role : roleInfo) { params.put("roleId", role.getId()); @@ -1485,7 +1386,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @Override public CentralV2RoleFunction getRoleFunction(String functionCode, String uebkey) throws Exception { String code = EcompPortalUtils.getFunctionCode(functionCode); - String encodedCode = encodeFunctionCode(code); + String encodedCode = EcompPortalUtils.encodeFunctionCode(code); CentralV2RoleFunction roleFunc = null; EPApp app = getApp(uebkey).get(0); List getRoleFuncList = null; @@ -1529,29 +1430,30 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String newfunctionTypeFormat = EcompPortalUtils.getFunctionType(functionCodeFormat); String newfunctionActionFormat = EcompPortalUtils.getFunctionAction(functionCodeFormat); roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), newfunctionCodeFormat, - getRoleFuncList.getName(), getRoleFuncList.getAppId(), newfunctionTypeFormat, newfunctionActionFormat, - getRoleFuncList.getEditUrl()); + getRoleFuncList.getName(), getRoleFuncList.getAppId(), newfunctionTypeFormat, + newfunctionActionFormat, getRoleFuncList.getEditUrl()); } else { - roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), functionCodeFormat, - getRoleFuncList.getName(), getRoleFuncList.getAppId(), - getRoleFuncList.getEditUrl()); + roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), functionCodeFormat, getRoleFuncList.getName(), + getRoleFuncList.getAppId(), getRoleFuncList.getEditUrl()); } return roleFunc; } @Override - public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp app) throws Exception { + public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp app) + throws Exception { boolean saveOrUpdateFunction = false; try { - domainCentralRoleFunction.setCode(encodeFunctionCode(domainCentralRoleFunction.getCode())); + if(EcompPortalUtils.checkFunctionCodeHasEncodePattern(domainCentralRoleFunction.getCode())) + domainCentralRoleFunction.setCode(EcompPortalUtils.encodeFunctionCode(domainCentralRoleFunction.getCode())); final Map functionParams = new HashMap<>(); functionParams.put("appId", String.valueOf(app.getId())); - if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { - addRoleFunctionInExternalSystem(domainCentralRoleFunction, app); + if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { + addRoleFunctionInExternalSystem(domainCentralRoleFunction, app); } - if(domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null){ - domainCentralRoleFunction.setCode(domainCentralRoleFunction.getType()+ - FUNCTION_PIPE+domainCentralRoleFunction.getCode()+FUNCTION_PIPE+domainCentralRoleFunction.getAction()); + if (domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null) { + domainCentralRoleFunction.setCode(domainCentralRoleFunction.getType() + FUNCTION_PIPE + + domainCentralRoleFunction.getCode() + FUNCTION_PIPE + domainCentralRoleFunction.getAction()); } domainCentralRoleFunction.setAppId(app.getId()); dataAccessService.saveDomainObject(domainCentralRoleFunction, null); @@ -1562,7 +1464,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return saveOrUpdateFunction; } - + /** * It creates application permission in external auth system * @@ -1574,24 +1476,32 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic throws Exception { ObjectMapper mapper = new ObjectMapper(); ExternalAccessPerms extPerms = new ExternalAccessPerms(); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); String type = ""; String instance = ""; String action = ""; - if((domainCentralRoleFunction.getType()!=null && domainCentralRoleFunction.getAction()!=null) || domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)){ - type = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionType(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getType(); - instance = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionCode(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getCode(); - action = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionAction(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getAction(); - } else{ + if ((domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null) + || domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)) { + type = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) + ? EcompPortalUtils.getFunctionType(domainCentralRoleFunction.getCode()) + : domainCentralRoleFunction.getType(); + instance = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) + ? EcompPortalUtils.getFunctionCode(domainCentralRoleFunction.getCode()) + : domainCentralRoleFunction.getCode(); + action = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) + ? EcompPortalUtils.getFunctionAction(domainCentralRoleFunction.getCode()) + : domainCentralRoleFunction.getAction(); + } else { type = domainCentralRoleFunction.getCode().contains("menu") ? "menu" : "url"; instance = domainCentralRoleFunction.getCode(); - action = "*"; - } + action = "*"; + } // get Permissions from External Auth System JSONArray extPermsList = getExtAuthPermissions(app); List permsDetailList = getExtAuthPerrmissonList(app, extPermsList); - String requestedPerm = type+FUNCTION_PIPE+instance+FUNCTION_PIPE+action; - boolean checkIfFunctionsExits = permsDetailList.stream().anyMatch(permsDetail -> permsDetail.getInstance().equals(requestedPerm)); + String requestedPerm = type + FUNCTION_PIPE + instance + FUNCTION_PIPE + action; + boolean checkIfFunctionsExits = permsDetailList.stream() + .anyMatch(permsDetail -> permsDetail.getInstance().equals(requestedPerm)); if (!checkIfFunctionsExits) { try { extPerms.setAction(action); @@ -1600,18 +1510,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic extPerms.setDescription(domainCentralRoleFunction.getName()); String addFunction = mapper.writeValueAsString(extPerms); HttpEntity entity = new HttpEntity<>(addFunction, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for POST: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction); - ResponseEntity addPermResponse= template.exchange( + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for POST: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction); + ResponseEntity addPermResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm", HttpMethod.POST, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ", addPermResponse.getStatusCode().value(), addFunction); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to add function in external central auth system", e); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ", + addPermResponse.getStatusCode().value(), addFunction); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to add function in external central auth system", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); throw e; - }catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionInExternalSystem: Failed to add fucntion in external central auth system", - e); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleFunctionInExternalSystem: Failed to add fucntion in external central auth system", e); throw e; } } else { @@ -1622,17 +1536,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic extPerms.setDescription(domainCentralRoleFunction.getName()); String updateRoleFunction = mapper.writeValueAsString(extPerms); HttpEntity entity = new HttpEntity<>(updateRoleFunction, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for PUT: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleFunction); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for PUT: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleFunction); ResponseEntity updatePermResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm", HttpMethod.PUT, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: Finished updating permission in External Auth system {} and response: {} ", updateRoleFunction, updatePermResponse.getStatusCode().value()); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to add function in external central auth system", e); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionInExternalSystem: Finished updating permission in External Auth system {} and response: {} ", + updateRoleFunction, updatePermResponse.getStatusCode().value()); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to add function in external central auth system", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); throw e; } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionInExternalSystem: Failed to update function in external central auth system",e); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleFunctionInExternalSystem: Failed to update function in external central auth system", + e); throw e; } } @@ -1664,7 +1584,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * It deletes app function record in portal + * It deletes app function record in portal * * @param code * @param app @@ -1673,10 +1593,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic dataAccessService.deleteDomainObjects(EPAppRoleFunction.class, APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + code + "'", null); } - + /** * - * It deletes permission in the external auth system + * It deletes permission in the external auth system * * @param domainCentralRoleFunction * @param app @@ -1705,8 +1625,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleFunctionInExternalSystem: Finished deleting permission in External Auth system {} and status code: {} ", deleteRoleFunction, delPermResponse.getStatusCode().value()); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to delete functions in External System", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to delete functions in External System", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("404 Not Found")) { @@ -1714,7 +1635,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic " deleteRoleFunctionInExternalSystem: It seems like function is already deleted in external central auth system but exists in local DB", e.getMessage()); } else { - logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleFunctionInExternalSystem: Failed to delete functions in External System", e); + logger.error(EELFLoggerDelegate.errorLogger, + "deleteRoleFunctionInExternalSystem: Failed to delete functions in External System", e); } } } @@ -1731,7 +1653,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic message = e.getMessage(); logger.error(EELFLoggerDelegate.errorLogger, "saveRoleForApplication failed", e); } - return new ExternalRequestFieldsValidator(response,message); + return new ExternalRequestFieldsValidator(response, message); } @SuppressWarnings("unchecked") @@ -1749,7 +1671,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic epRoleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, deleteRoleParams, null); } else { deleteRoleParams.put(APP_ID, String.valueOf(app.getId())); - epRoleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, deleteRoleParams, null); + epRoleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, + deleteRoleParams, null); } if (!epRoleList.isEmpty()) { transaction = localSession.beginTransaction(); @@ -1776,31 +1699,30 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return result; } - + /** * - * It deletes role for application in external auth system + * It deletes role for application in external auth system * * @param epRoleList contains role information - * @param app contains application information + * @param app contains application information * @throws Exception */ private void deleteRoleInExternalAuthSystem(List epRoleList, EPApp app) throws Exception { ResponseEntity deleteResponse; ResponseEntity res = getNameSpaceIfExists(app); if (res.getStatusCode() == HttpStatus.OK) { - // Delete Role in External System - String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}"; - deleteResponse = deleteRoleInExternalSystem(deleteRoleKey); - if (deleteResponse.getStatusCode().value() != 200 || deleteResponse.getStatusCode().value() != 404) { - EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode()); - logger.error(EELFLoggerDelegate.errorLogger, - "deleteRoleForApplication: Failed to delete role in external auth system! due to {} ", - deleteResponse.getBody()); - } - logger.debug(EELFLoggerDelegate.debugLogger, - "deleteRoleForApplication: about to commit the transaction"); + // Delete Role in External System + String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}"; + deleteResponse = deleteRoleInExternalSystem(deleteRoleKey); + if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) { + EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode()); + logger.error(EELFLoggerDelegate.errorLogger, + "deleteRoleForApplication: Failed to delete role in external auth system! due to {} ", + deleteResponse.getBody()); + } + logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleForApplication: about to commit the transaction"); } } @@ -1817,35 +1739,41 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity entity = new HttpEntity<>(headers); getNameSpaceIfExists(app); - logger.debug(EELFLoggerDelegate.debugLogger,"deleteUserRoleInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - ResponseEntity getResponse = template - .exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/" - + LoginId - + SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) - + "/" + app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), - HttpMethod.GET, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: Finished GET user roles from External Auth system and response: {} ", getResponse.getBody()); + logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + ResponseEntity getResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/" + + LoginId + + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) + + "/" + app.getNameSpace() + "." + + role.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + HttpMethod.GET, entity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, + "deleteUserRoleInExternalSystem: Finished GET user roles from External Auth system and response: {} ", + getResponse.getBody()); if (getResponse.getStatusCode().value() != 200) { throw new ExternalAuthSystemException(getResponse.getBody()); } String res = getResponse.getBody(); if (!res.equals(IS_EMPTY_JSON_STRING)) { HttpEntity userRoleentity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - ResponseEntity deleteResponse = template - .exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "userRole/" + LoginId - + SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) - + "/" + app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), - HttpMethod.DELETE, userRoleentity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + ResponseEntity deleteResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/" + + LoginId + + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) + + "/" + app.getNameSpace() + "." + + role.getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + HttpMethod.DELETE, userRoleentity, String.class); if (deleteResponse.getStatusCode().value() != 200) { throw new ExternalAuthSystemException("Failed to delete user role"); } - logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: Finished deleting user role in External Auth system and status code: {} ", deleteResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "deleteUserRoleInExternalSystem: Finished deleting user role in External Auth system and status code: {} ", + deleteResponse.getStatusCode().value()); } } @@ -1880,12 +1808,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic throw e; } return roleList; - } @Override @Transactional(rollbackFor = Exception.class) - public ExternalRequestFieldsValidator deleteDependencyRoleRecord(Long roleId, String uebkey, String LoginId) throws Exception { + public ExternalRequestFieldsValidator deleteDependencyRoleRecord(Long roleId, String uebkey, String LoginId) + throws Exception { Session localSession = sessionFactory.openSession(); String message = ""; Transaction transaction = null; @@ -1895,14 +1823,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic transaction = localSession.beginTransaction(); List epRoleList = null; app = getApp(uebkey).get(0); - if(app.getId().equals(PortalConstants.PORTAL_APP_ID)){ + if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { epRoleList = getPortalAppRoleInfo(roleId); - } else{ + } else { epRoleList = getPartnerAppRoleInfo(roleId, app); } - if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { + if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { // Delete User Role in External System before deleting role - deleteUserRoleInExternalSystem(epRoleList.get(0), app, LoginId); + deleteUserRoleInExternalSystem(epRoleList.get(0), app, LoginId); } // Delete user app roles dataAccessService.deleteDomainObjects(EPUserApp.class, @@ -1911,13 +1839,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic deleteRoleDependencyRecords(localSession, epRoleList.get(0).getId(), app.getId(), isPortalRequest); transaction.commit(); if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { - // Final call to delete role once all dependencies has been deleted + // Final call to delete role once all dependencies has been + // deleted deleteRoleInExternalAuthSystem(epRoleList, app); } - dataAccessService.deleteDomainObjects(EPRole.class, " role_id = "+ epRoleList.get(0).getId(), null); + dataAccessService.deleteDomainObjects(EPRole.class, " role_id = " + epRoleList.get(0).getId(), null); logger.debug(EELFLoggerDelegate.debugLogger, "deleteDependencyRoleRecord: committed the transaction"); response = true; - } catch(HttpClientErrorException e){ + } catch (HttpClientErrorException e) { logger.error(EELFLoggerDelegate.errorLogger, "deleteDependencyRoleRecord: HttpClientErrorException", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); message = e.getMessage(); @@ -1929,42 +1858,39 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } finally { localSession.close(); } - return new ExternalRequestFieldsValidator(response,message); + return new ExternalRequestFieldsValidator(response, message); } - + @Override @SuppressWarnings("unchecked") @Transactional public void syncRoleFunctionFromExternalAccessSystem(EPApp app) { try { - // get Permissions from External Auth System JSONArray extPerms = getExtAuthPermissions(app); List permsDetailList = getExtAuthPerrmissonList(app, extPerms); - // get functions in DB final Map params = new HashMap<>(); final Map roleFuncMap = new HashMap<>(); params.put(APP_ID, app.getId()); - List appFunctions = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, - null); + List appFunctions = dataAccessService.executeNamedQuery("getAllRoleFunctions", + params, null); if (!appFunctions.isEmpty()) { for (CentralV2RoleFunction roleFunc : appFunctions) { roleFuncMap.put(roleFunc.getCode(), roleFunc); } } - // get Roles for portal in DB List portalRoleList = getGlobalRolesOfPortal(); final Map existingPortalRolesMap = new HashMap<>(); - for(EPRole epRole : portalRoleList){ - existingPortalRolesMap.put(epRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), epRole); + for (EPRole epRole : portalRoleList) { + existingPortalRolesMap.put(epRole.getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), epRole); } - // get Roles in DB - final Map currentRolesInDB = getCurrentRolesInDB(app); - - // store External Permissions with Pipe and without Pipe (just instance) + final Map currentRolesInDB = getAppRoleNamesWithUnderscoreMap(app); + // store External Permissions with Pipe and without Pipe (just + // instance) final Map extAccessPermsContainsPipeMap = new HashMap<>(); final Map extAccessPermsMap = new HashMap<>(); for (ExternalAccessPermsDetail permsDetailInfoWithPipe : permsDetailList) { @@ -1972,7 +1898,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String finalFunctionCodeVal = EcompPortalUtils.getFunctionCode(permsDetailInfoWithPipe.getInstance()); extAccessPermsMap.put(finalFunctionCodeVal, permsDetailInfoWithPipe); } - // Add if new functions and app role functions were added in // external auth system for (ExternalAccessPermsDetail permsDetail : permsDetailList) { @@ -1984,10 +1909,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (roles != null) { // Check if function has any roles and which does not exist // in External Auth System. If exists delete in local - addRemoveIfFunctionsRolesIsSyncWithExternalAuth(app, currentRolesInDB, roleFunctionList, roles, existingPortalRolesMap); + addRemoveIfFunctionsRolesIsSyncWithExternalAuth(app, currentRolesInDB, roleFunctionList, roles, + existingPortalRolesMap); } } - // Check if function does exits in External Auth System but exits in // local then delete function and its dependencies for (CentralV2RoleFunction roleFunc : appFunctions) { @@ -2003,23 +1928,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "syncRoleFunctionFromExternalAccessSystem: Failed to delete function", e); - } } - logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished syncRoleFunctionFromExternalAccessSystem"); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "syncRoleFunctionFromExternalAccessSystem: Failed syncRoleFunctionFromExternalAccessSystem", e); - } } @SuppressWarnings("unchecked") private void addRemoveIfFunctionsRolesIsSyncWithExternalAuth(EPApp app, final Map currentRolesInDB, - List roleFunctionList, List roles, Map existingPortalRolesMap) - throws Exception { + List roleFunctionList, List roles, + Map existingPortalRolesMap) throws Exception { if (!roleFunctionList.isEmpty()) { final Map appRoleFuncParams = new HashMap<>(); final Map currentAppRoleFunctionsMap = new HashMap<>(); @@ -2033,11 +1955,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), localRole); } for (String addRole : roles) { - currentRolesInExtSystem.put(addRole.substring(addRole.indexOf(FUNCTION_PIPE)+1), addRole); + currentRolesInExtSystem.put(addRole.substring(addRole.indexOf(FUNCTION_PIPE) + 1), addRole); } for (String extAuthrole : roles) { String roleNameSpace = extAuthrole.substring(0, extAuthrole.indexOf(FUNCTION_PIPE)); - boolean isNameSpaceMatching = EcompPortalUtils.checkNameSpaceMatching(roleNameSpace, app.getNameSpace()); + boolean isNameSpaceMatching = EcompPortalUtils.checkNameSpaceMatching(roleNameSpace, + app.getNameSpace()); if (isNameSpaceMatching) { if (!currentAppRoleFunctionsMap .containsKey(extAuthrole.substring(app.getNameSpace().length() + 1))) { @@ -2063,8 +1986,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic EPAppRoleFunction addGlobalRoleFunctions = new EPAppRoleFunction(); params.put("appId", app.getId()); params.put("roleId", role.getId()); - List currentGlobalRoleFunctionsList = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", params, null); - boolean checkIfRoleFunctionExists = currentGlobalRoleFunctionsList.stream().anyMatch(currentGlobalRoleFunction -> currentGlobalRoleFunction.getCode().equals(roleFunctionList.get(0).getCode())); + List currentGlobalRoleFunctionsList = dataAccessService + .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", params, null); + boolean checkIfRoleFunctionExists = currentGlobalRoleFunctionsList.stream() + .anyMatch(currentGlobalRoleFunction -> currentGlobalRoleFunction.getCode() + .equals(roleFunctionList.get(0).getCode())); if (role != null && !checkIfRoleFunctionExists) { addGlobalRoleFunctions.setAppId(app.getId()); addGlobalRoleFunctions.setRoleId(role.getId()); @@ -2093,31 +2019,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private void deleteAppRoleFuncDoesNotExitsInExtSystem(EPApp app, CentralV2RoleFunction roleFunc) { logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleting app role function {}", - roleFunc.getCode()); + "syncRoleFunctionFromExternalAccessSystem: Deleting app role function {}", roleFunc.getCode()); dataAccessService.deleteDomainObjects(EPAppRoleFunction.class, - APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() +"'", null); + APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() + "'", null); logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleted app role function {}", - roleFunc.getCode()); - + "syncRoleFunctionFromExternalAccessSystem: Deleted app role function {}", roleFunc.getCode()); logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleting app function {}", - roleFunc.getCode()); + "syncRoleFunctionFromExternalAccessSystem: Deleting app function {}", roleFunc.getCode()); dataAccessService.deleteDomainObjects(CentralV2RoleFunction.class, - APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() +"'", null); + APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() + "'", null); logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleted app function {}", - roleFunc.getCode()); + "syncRoleFunctionFromExternalAccessSystem: Deleted app function {}", roleFunc.getCode()); } private void checkAndAddRoleInDB(EPApp app, final Map currentRolesInDB, List roleFunctionList, String roleList) throws Exception { - if (!currentRolesInDB.containsKey( - roleList.substring(app.getNameSpace().length() + 1))) { - Role role = addRoleInDBIfDoesNotExists(app, - roleList.substring(app.getNameSpace().length() + 1)); - addIfRoleDescriptionNotExitsInExtSystem(role, app); + if (!currentRolesInDB.containsKey(roleList.substring(app.getNameSpace().length() + 1))) { + Role role = addRoleInDBIfDoesNotExists(app, roleList.substring(app.getNameSpace().length() + 1)); + addRoleDescriptionInExtSystem(role, app); if (!roleFunctionList.isEmpty()) { try { if (!roleFunctionList.isEmpty()) { @@ -2129,16 +2048,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, - "syncRoleFunctionFromExternalAccessSystem: Failed to save app role function ", - e); + "syncRoleFunctionFromExternalAccessSystem: Failed to save app role function ", e); } } } } @SuppressWarnings("unchecked") - private List addGetLocalFunction(EPApp app, final Map roleFuncMap, - ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey) { + private List addGetLocalFunction(EPApp app, + final Map roleFuncMap, ExternalAccessPermsDetail permsDetail, String code, + CentralV2RoleFunction getFunctionCodeKey) { String finalFunctionCodeVal = addToLocalIfFunctionNotExists(app, roleFuncMap, permsDetail, code, getFunctionCodeKey); final Map appSyncFuncsParams = new HashMap<>(); @@ -2156,9 +2075,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } private String addToLocalIfFunctionNotExists(EPApp app, final Map roleFuncMap, - ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey - ) { - String finalFunctionCodeVal = ""; + ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey) { + String finalFunctionCodeVal = ""; if (null == getFunctionCodeKey) { finalFunctionCodeVal = EcompPortalUtils.getFunctionCode(permsDetail.getInstance()); CentralV2RoleFunction checkIfCodeStillExits = roleFuncMap.get(finalFunctionCodeVal); @@ -2176,7 +2094,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @SuppressWarnings("unchecked") @Override - public Map getCurrentRolesInDB(EPApp app) { + public Map getAppRoleNamesWithUnderscoreMap(EPApp app) { final Map currentRolesInDB = new HashMap<>(); List getCurrentRoleList = null; final Map appParams = new HashMap<>(); @@ -2193,8 +2111,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return currentRolesInDB; } - private List getExtAuthPerrmissonList(EPApp app, JSONArray extPerms) - throws IOException{ + @SuppressWarnings("unchecked") + private Map getAppRoleNamesMap(EPApp app) { + final Map currentRolesInDB = new HashMap<>(); + List getCurrentRoleList = null; + final Map appParams = new HashMap<>(); + if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { + getCurrentRoleList = dataAccessService.executeNamedQuery("getPortalAppRolesList", null, null); + } else { + appParams.put("appId", app.getId()); + getCurrentRoleList = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null); + } + for (EPRole role : getCurrentRoleList) { + currentRolesInDB.put(role.getName(), role); + } + return currentRolesInDB; + } + + private List getExtAuthPerrmissonList(EPApp app, JSONArray extPerms) throws IOException { ExternalAccessPermsDetail permDetails = null; List permsDetailList = new ArrayList<>(); for (int i = 0; i < extPerms.length(); i++) { @@ -2202,7 +2136,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (extPerms.getJSONObject(i).has("description")) { description = extPerms.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); } else { - description = extPerms.getJSONObject(i).getString("instance"); + description = extPerms.getJSONObject(i).getString("type").substring(app.getNameSpace().length() + 1) + "|" + + extPerms.getJSONObject(i).getString("instance") + "|" + + extPerms.getJSONObject(i).getString("action"); } if (extPerms.getJSONObject(i).has("roles")) { ObjectMapper rolesListMapper = new ObjectMapper(); @@ -2233,10 +2169,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpEntity entity = new HttpEntity<>(headers); logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: {} ", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - response = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "perms/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); - + response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "perms/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); String res = response.getBody(); logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished GET permissions from External Auth system and response: {} ", @@ -2251,7 +2185,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return extPerms; } - + /** * * Add function into local DB @@ -2261,13 +2195,13 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param code */ private void addFunctionInEcompDB(EPApp app, ExternalAccessPermsDetail permsDetail, String code) { - try{ - CentralV2RoleFunction addFunction = new CentralV2RoleFunction(); - addFunction.setAppId(app.getId()); - addFunction.setCode(code); - addFunction.setName(permsDetail.getDescription()); - dataAccessService.saveDomainObject(addFunction, null); - } catch(Exception e){ + try { + CentralV2RoleFunction addFunction = new CentralV2RoleFunction(); + addFunction.setAppId(app.getId()); + addFunction.setCode(code); + addFunction.setName(permsDetail.getDescription()); + dataAccessService.saveDomainObject(addFunction, null); + } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "addFunctionInEcompDB: Failed to add function", e); } } @@ -2280,27 +2214,30 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param app * @throws Exception */ - private void addIfRoleDescriptionNotExitsInExtSystem(Role role, EPApp app) throws Exception { - String addRoleNew = updateExistingRoleInExternalSystem(role, app); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + private boolean addRoleDescriptionInExtSystem(Role role, EPApp app) throws Exception { + boolean status = false; try { + String addRoleNew = updateExistingRoleInExternalSystem(role, app); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity entity = new HttpEntity<>(addRoleNew, headers); template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", HttpMethod.PUT, entity, String.class); + status = true; } catch (HttpClientErrorException e) { - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addIfRoleDescriptionNotExitsInExtSystem", - e); + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to addRoleDescriptionInExtSystem", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addIfRoleDescriptionNotExitsInExtSystem: Failed", - e); + logger.error(EELFLoggerDelegate.errorLogger, "addRoleDescriptionInExtSystem: Failed", e); } + return status; } /** * - * While sync functions form external auth system if new role found we should add in local and return Role.class object + * While sync functions form external auth system if new role found we should + * add in local and return Role.class object * * @param app * @param role @@ -2310,7 +2247,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private Role addRoleInDBIfDoesNotExists(EPApp app, String role) { Role setNewRole = new Role(); try { - // functions can have new role created in External Auth System prevent + // functions can have new role created in External Auth System + // prevent // duplication here boolean isCreated = checkIfRoleExitsElseCreateInSyncFunctions(role, app); final Map getRoleByNameParams = new HashMap<>(); @@ -2353,8 +2291,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic roleParams.put(APP_ROLE_NAME_PARAM, role); List roleCreated = null; if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, roleParams, - null); + roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null); } else { roleParams.put("appId", String.valueOf(app.getId())); roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, roleParams, @@ -2391,7 +2328,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic addRoleFunctionInExternalSystem(cenRoleFunc, app); functionsAdded++; } - } catch(HttpClientErrorException e){ + } catch (HttpClientErrorException e) { logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadFunctions failed", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { @@ -2418,6 +2355,35 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic addRoleInExternalSystem(role, app.get(0)); rolesListAdded++; } + if (!app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)) { + // Add Account Admin role in External AUTH System + try { + String addAccountAdminRole = ""; + ExternalAccessRole extRole = new ExternalAccessRole(); + extRole.setName(app.get(0).getNameSpace() + "." + PortalConstants.ADMIN_ROLE + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + addAccountAdminRole = mapper.writeValueAsString(extRole); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + HttpEntity entity = new HttpEntity<>(addAccountAdminRole, headers); + template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", + HttpMethod.POST, entity, String.class); + rolesListAdded++; + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to create Account Admin role", e); + EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); + } catch (Exception e) { + if (e.getMessage().equalsIgnoreCase("409 Conflict")) { + logger.error(EELFLoggerDelegate.errorLogger, + "bulkUploadRoles: Account Admin Role already exits but does not break functionality", + e); + } else { + logger.error(EELFLoggerDelegate.errorLogger, + "bulkUploadRoles: Failed to create Account Admin role", e.getMessage()); + } + } + } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoles: failed", e); throw e; @@ -2440,14 +2406,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", HttpMethod.POST, entity, String.class); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addRoleInExternalSystem", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addRoleInExternalSystem", + e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("409 Conflict")) { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleInExternalSystem: Role already exits but does not break functionality", e); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleInExternalSystem: Role already exits but does not break functionality", e); } else { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleInExternalSystem: Failed to addRoleInExternalSystem", e.getMessage()); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleInExternalSystem: Failed to addRoleInExternalSystem", e.getMessage()); } } } @@ -2471,15 +2440,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } } - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRolesFunctions: failed", e); } return roleFunctions; } - + /** * Its adding a role function while doing bulk upload * @@ -2488,17 +2458,27 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param app */ private void addRoleFunctionsInExternalSystem(BulkUploadRoleFunction addRoleFunc, EPRole role, EPApp app) { - String checkType = addRoleFunc.getFunctionCd().contains("menu") ? "menu" : "url"; + String type = ""; + String instance = ""; + String action = ""; + if (addRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) { + type = EcompPortalUtils.getFunctionType(addRoleFunc.getFunctionCd()); + instance = EcompPortalUtils.getFunctionCode(addRoleFunc.getFunctionCd()); + action = EcompPortalUtils.getFunctionAction(addRoleFunc.getFunctionCd()); + } else { + type = addRoleFunc.getFunctionCd().contains("menu") ? "menu" : "url"; + instance = addRoleFunc.getFunctionCd(); + action = "*"; + } ExternalAccessRolePerms extRolePerms = null; ExternalAccessPerms extPerms = null; ObjectMapper mapper = new ObjectMapper(); try { HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - - extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + checkType, addRoleFunc.getFunctionCd(), "*", + extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, instance, action, addRoleFunc.getFunctionName()); - extRolePerms = new ExternalAccessRolePerms(extPerms, - app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRolePerms = new ExternalAccessRolePerms(extPerms, app.getNameSpace() + "." + role.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String updateRolePerms = mapper.writeValueAsString(extRolePerms); HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); template.exchange( @@ -2507,21 +2487,80 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("409 Conflict")) { logger.error(EELFLoggerDelegate.errorLogger, - "addRoleFunctionsInExternalSystem: RoleFunction already exits but does not break functionality", e); + "addRoleFunctionsInExternalSystem: RoleFunction already exits but does not break functionality", + e); } else { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsInExternalSystem: Failed to addRoleFunctionsInExternalSystem", - e.getMessage()); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleFunctionsInExternalSystem: Failed to addRoleFunctionsInExternalSystem", e.getMessage()); } } } + @SuppressWarnings("unchecked") @Override - public void bulkUploadPartnerFunctions(String uebkey, List roleFunctionsList) throws Exception { + public Integer bulkUploadPartnerFunctions(String uebkey) throws Exception { EPApp app = getApp(uebkey).get(0); - CentralV2RoleFunction cenRoleFunc = null; - for (RoleFunction roleFunction : roleFunctionsList) { - cenRoleFunc = new CentralV2RoleFunction(roleFunction.getCode(), roleFunction.getName()); - addRoleFunctionInExternalSystem(cenRoleFunc, app); + final Map params = new HashMap<>(); + params.put("appId", app.getId()); + List roleFuncList = dataAccessService.executeNamedQuery("getPartnerAppFunctions", params, + null); + Integer functionsAdded = 0; + try { + for (CentralV2RoleFunction roleFunc : roleFuncList) { + addFunctionInExternalSystem(roleFunc, app); + functionsAdded++; + } + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadPartnerFunctions failed", + e); + EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerFunctions: failed", e.getMessage(), e); + } + return functionsAdded; + } + + private void addFunctionInExternalSystem(CentralV2RoleFunction roleFunc, EPApp app) throws Exception { + ObjectMapper mapper = new ObjectMapper(); + ExternalAccessPerms extPerms = new ExternalAccessPerms(); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + String type = ""; + String instance = ""; + String action = ""; + if ((roleFunc.getCode().contains(FUNCTION_PIPE)) + || (roleFunc.getType() != null && roleFunc.getAction() != null)) { + type = EcompPortalUtils.getFunctionType(roleFunc.getCode()); + instance = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); + action = EcompPortalUtils.getFunctionAction(roleFunc.getCode()); + } else { + type = roleFunc.getCode().contains("menu") ? "menu" : "url"; + instance = roleFunc.getCode(); + action = "*"; + } + try { + extPerms.setAction(action); + extPerms.setInstance(instance); + extPerms.setType(app.getNameSpace() + "." + type); + extPerms.setDescription(roleFunc.getName()); + String addFunction = mapper.writeValueAsString(extPerms); + HttpEntity entity = new HttpEntity<>(addFunction, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "addFunctionInExternalSystem: {} for POST: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction); + ResponseEntity addPermResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm", + HttpMethod.POST, entity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, + "addFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ", + addPermResponse.getStatusCode().value(), addFunction); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to add function in external central auth system", e); + EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); + throw e; + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "addFunctionInExternalSystem: Failed to add fucntion in external central auth system", e); + throw e; } } @@ -2535,47 +2574,82 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @SuppressWarnings("unchecked") @Override - public void bulkUploadPartnerRoleFunctions(String uebkey, List roleList) throws Exception { + public Integer bulkUploadPartnerRoleFunctions(String uebkey) throws Exception { EPApp app = getApp(uebkey).get(0); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - for (Role role : roleList) { - try { - Set roleFunctionList = role.getRoleFunctions(); - List roleFunctionListNew = new ArrayList<>(); - ObjectMapper roleFunctionsMapper = new ObjectMapper(); - Iterator itetaror = roleFunctionList.iterator(); - while (itetaror.hasNext()) { - Object nextValue = itetaror.next(); - RoleFunction roleFunction = roleFunctionsMapper.convertValue(nextValue, RoleFunction.class); - roleFunctionListNew.add(roleFunction); - } - List listWithoutDuplicates = roleFunctionListNew.stream().distinct() - .collect(Collectors.toList()); - for (RoleFunction roleFunction : listWithoutDuplicates) { - String checkType = roleFunction.getCode().contains("menu") ? "menu" : "url"; - ExternalAccessRolePerms extRolePerms = null; - ExternalAccessPerms extPerms = null; - ObjectMapper mapper = new ObjectMapper(); - extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + checkType, roleFunction.getCode(), - "*"); - extRolePerms = new ExternalAccessRolePerms(extPerms, - app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - String updateRolePerms = mapper.writeValueAsString(extRolePerms); - HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); - template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "role/perm", HttpMethod.PUT, entity, String.class); + List roles = getAppRoles(app.getId()); + final Map params = new HashMap<>(); + Integer roleFunctions = 0; + try { + for (EPRole role : roles) { + params.put("roleId", role.getId()); + List appRoleFunc = dataAccessService + .executeNamedQuery("uploadPartnerRoleFunctions", params, null); + if (!appRoleFunc.isEmpty()) { + for (BulkUploadRoleFunction addRoleFunc : appRoleFunc) { + addRoleFunctionsInExternalSystem(addRoleFunc, role, app); + roleFunctions++; + } } - } catch (Exception e) { - if (e.getMessage().equalsIgnoreCase("409 Conflict")) { - logger.error(EELFLoggerDelegate.errorLogger, - "bulkUploadPartnerRoleFunctions: RoleFunction already exits but does not break functionality"); + } + // upload global role functions to ext auth system + if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { + roleFunctions = bulkUploadGlobalRoleFunctions(app, roleFunctions); + } + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); + EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRolesFunctions: failed", e); + } + return roleFunctions; + } + + @SuppressWarnings("unchecked") + private Integer bulkUploadGlobalRoleFunctions(EPApp app, Integer roleFunctions) throws Exception { + try { + EPApp portalApp = epAppService.getApp(1l); + final Map params = new HashMap<>(); + params.put("appId", app.getId()); + List globalRoleFuncs = dataAccessService + .executeNamedQuery("getBulkUploadPartnerGlobalRoleFunctions", params, null); + ObjectMapper mapper = new ObjectMapper(); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + for (GlobalRoleWithApplicationRoleFunction globalRoleFunc : globalRoleFuncs) { + ExternalAccessRolePerms extRolePerms; + ExternalAccessPerms extPerms; + String type = ""; + String instance = ""; + String action = ""; + if (globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) { + type = EcompPortalUtils.getFunctionType(globalRoleFunc.getFunctionCd()); + instance = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd()); + action = EcompPortalUtils.getFunctionAction(globalRoleFunc.getFunctionCd()); } else { - logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerRoleFunctions: Failed to addRoleFunctionsInExternalSystem", - e); + type = globalRoleFunc.getFunctionCd().contains("menu") ? "menu" : "url"; + instance = globalRoleFunc.getFunctionCd(); + action = "*"; } + extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, instance, action); + extRolePerms = new ExternalAccessRolePerms(extPerms, + portalApp.getNameSpace() + "." + globalRoleFunc.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + String updateRolePerms = mapper.writeValueAsString(extRolePerms); + HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); + updateRoleFunctionInExternalSystem(updateRolePerms, entity); + roleFunctions++; } - + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to add role function in external central auth system", e); + EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); + throw e; + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "bulkUploadGlobalRoleFunctions: Failed to add role fucntion in external central auth system", e); + throw e; } + return roleFunctions; } @Override @@ -2583,53 +2657,44 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic public void syncApplicationRolesWithEcompDB(EPApp app) { try { logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Started"); - //Sync functions and roles assigned to it which also creates new roles if does not exits in portal + // Sync functions and roles assigned to it which also creates new roles if does + // not exits in portal syncRoleFunctionFromExternalAccessSystem(app); - logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished"); - + logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished"); ObjectMapper mapper = new ObjectMapper(); logger.debug(EELFLoggerDelegate.debugLogger, "Entering to getAppRolesJSONFromExtAuthSystem"); // Get Permissions from External Auth System JSONArray extRole = getAppRolesJSONFromExtAuthSystem(app); - logger.debug(EELFLoggerDelegate.debugLogger, "Entering into getExternalRoleDetailsList"); - List externalRoleDetailsList = getExternalRoleDetailsList(app, - mapper, extRole); - + // refactoring done + List externalRoleDetailsList = getExternalRoleDetailsList(app, mapper, extRole); List finalRoleList = new ArrayList<>(); for (ExternalRoleDetails externalRole : externalRoleDetailsList) { EPRole ecompRole = convertExternalRoleDetailstoEpRole(externalRole); finalRoleList.add(ecompRole); } - List applicationRolesList; applicationRolesList = getAppRoles(app.getId()); List applicationRoleIdList = new ArrayList<>(); for (EPRole applicationRole : applicationRolesList) { applicationRoleIdList.add(applicationRole.getName()); } - List roleListToBeAddInEcompDB = new ArrayList<>(); for (EPRole aafRole : finalRoleList) { if (!applicationRoleIdList.contains(aafRole.getName())) { roleListToBeAddInEcompDB.add(aafRole); } } - logger.debug(EELFLoggerDelegate.debugLogger, "Entering into inactiveRolesNotInExternalAuthSystem"); // Check if roles exits in external Access system and if not make inactive in DB inactiveRolesNotInExternalAuthSystem(app, finalRoleList, applicationRolesList); - - logger.debug(EELFLoggerDelegate.debugLogger, "Entering into checkAndUpdateRoleInDB"); - // It checks properties in the external auth system app role description and updates role in local - checkAndUpdateRoleInDB(app, finalRoleList); - logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addNewRoleInEcompDBUpdateDescInExtAuthSystem"); - // Add new roles in DB and updates role description in External Auth System + // Add new roles in DB and updates role description in External Auth System addNewRoleInEcompDBUpdateDescInExtAuthSystem(app, roleListToBeAddInEcompDB); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished"); } catch (HttpClientErrorException e) { - logger.error(EELFLoggerDelegate.errorLogger, "syncApplicationRolesWithEcompDB: Failed due to the External Auth System", e); + logger.error(EELFLoggerDelegate.errorLogger, + "syncApplicationRolesWithEcompDB: Failed due to the External Auth System", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "syncApplicationRolesWithEcompDB: Failed ", e); @@ -2658,14 +2723,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map globalRoleParams = new HashMap<>(); globalRoleParams.put("appId", String.valueOf(app.getId())); globalRoleParams.put("appRoleName", roleToBeAddedInEcompDB.getName()); - getRoleCreatedInSync = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, globalRoleParams, null); + getRoleCreatedInSync = dataAccessService + .executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, globalRoleParams, null); EPRole epUpdateRole = getRoleCreatedInSync.get(0); epUpdateRole.setAppRoleId(epUpdateRole.getId()); dataAccessService.saveDomainObject(epUpdateRole, null); } List roleList = new ArrayList<>(); final Map params = new HashMap<>(); - params.put(APP_ROLE_NAME_PARAM, roleToBeAddedInEcompDB.getName()); boolean isPortalRole = false; if (app.getId() == 1) { @@ -2674,7 +2739,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { isPortalRole = false; params.put(APP_ID, app.getId().toString()); - roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, params, null); + roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, params, + null); } EPRole role = roleList.get(0); Role aaFrole = new Role(); @@ -2692,56 +2758,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic /** * - * It checks description in External Auth System if found any changes updates in DB + * It de-activates application roles in DB if not present in External Auth + * system * * @param app - * @param finalRoleList contains list of External Auth System roles list which is converted to EPRole - */ - @SuppressWarnings("unchecked") - private void checkAndUpdateRoleInDB(EPApp app, List finalRoleList) { - for (EPRole roleItem : finalRoleList) { - final Map roleParams = new HashMap<>(); - List currentList = null; - roleParams.put(APP_ROLE_NAME_PARAM, roleItem.getName()); - if (app.getId() == 1) { - currentList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null); - } else { - roleParams.put(APP_ID, app.getId().toString()); - currentList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, roleParams, null); - } - - if (!currentList.isEmpty()) { - try { - Boolean aafRoleActive; - Boolean localRoleActive; - boolean result; - aafRoleActive = Boolean.valueOf(roleItem.getActive()); - localRoleActive = Boolean.valueOf(currentList.get(0).getActive()); - result = aafRoleActive.equals(localRoleActive); - EPRole updateRole = currentList.get(0); - - if (!result) { - updateRole.setActive(roleItem.getActive()); - dataAccessService.saveDomainObject(updateRole, null); - } - if (roleItem.getPriority() != null - && !currentList.get(0).getPriority().equals(roleItem.getPriority())) { - updateRole.setPriority(roleItem.getPriority()); - dataAccessService.saveDomainObject(updateRole, null); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, - "syncApplicationRolesWithEcompDB: Failed to update role ", e); - } - } - } - } - /** - * - * It de-activates application roles in DB if not present in External Auth system - * - * @param app - * @param finalRoleList contains list of current roles present in External Auth System + * @param finalRoleList contains list of current roles present in + * External Auth System * @param applicationRolesList contains list of current roles present in DB */ @SuppressWarnings("unchecked") @@ -2761,9 +2783,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic roleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, extRoleParams, null); } else { extRoleParams.put(APP_ID, app.getId().toString()); - roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, extRoleParams, null); + roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, + extRoleParams, null); } - if(!roleList.isEmpty()) { + if (!roleList.isEmpty()) { EPRole updateRoleInactive = roleList.get(0); updateRoleInactive.setActive(false); dataAccessService.saveDomainObject(updateRoleInactive, null); @@ -2775,38 +2798,32 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } } - + @Override @SuppressWarnings("unchecked") - public List getExternalRoleDetailsList(EPApp app, - ObjectMapper mapper, JSONArray extRole) + public List getExternalRoleDetailsList(EPApp app, ObjectMapper mapper, JSONArray extRole) throws IOException { List externalRoleDetailsList = new ArrayList<>(); - ExternalRoleDescription ApplicationRole = new ExternalRoleDescription(); - ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms(); + ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms(); List functionCodelist = new ArrayList<>(); + Map curRolesMap = getAppRoleNamesMap(app); + Map curRolesUnderscoreMap = getAppRoleNamesWithUnderscoreMap(app); for (int i = 0; i < extRole.length(); i++) { ExternalRoleDetails externalRoleDetail = new ExternalRoleDetails(); EPAppRoleFunction ePAppRoleFunction = new EPAppRoleFunction(); JSONObject Role = (JSONObject) extRole.get(i); - if (!extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) { - ApplicationRole.setActive("true"); - ApplicationRole.setAppId(IS_NULL_STRING); - ApplicationRole.setPriority(IS_NULL_STRING); - ApplicationRole.setAppRoleId(IS_NULL_STRING); - String roleName = extRole.getJSONObject(i).getString(ROLE_NAME); - ApplicationRole.setName(roleName.substring(app.getNameSpace().length() + 1)); - } else { - String desc = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); - ApplicationRole = mapper.readValue(desc, ExternalRoleDescription.class); + String name = extRole.getJSONObject(i).getString(ROLE_NAME); + String actualRoleName = name.substring(app.getNameSpace().length() + 1); + if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) { + actualRoleName = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); } - SortedSet externalAccessPermsOfRole = new TreeSet<>(); if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_PERMS)) { JSONArray extPerm = (JSONArray) Role.get(EXTERNAL_AUTH_PERMS); for (int j = 0; j < extPerm.length(); j++) { JSONObject perms = extPerm.getJSONObject(j); - boolean isNamespaceMatching = EcompPortalUtils.checkNameSpaceMatching(perms.getString("type"), app.getNameSpace()); + boolean isNamespaceMatching = EcompPortalUtils.checkNameSpaceMatching(perms.getString("type"), + app.getNameSpace()); if (isNamespaceMatching) { externalAccessPerms = new ExternalAccessPerms(perms.getString("type"), perms.getString("instance"), perms.getString("action")); @@ -2814,49 +2831,36 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic functionCodelist.add(ePAppRoleFunction.getCode()); externalAccessPermsOfRole.add(externalAccessPerms); } - } } - - if (ApplicationRole.getActive().equals(IS_NULL_STRING)) { - externalRoleDetail.setActive(false); - } else { - externalRoleDetail.setActive(Boolean.parseBoolean(ApplicationRole.getActive())); - } - externalRoleDetail.setName(ApplicationRole.getName()); - - if (ApplicationRole.getAppId().equals(IS_NULL_STRING) && app.getId() == 1) { + externalRoleDetail.setActive(true); + externalRoleDetail.setName(actualRoleName); + if (app.getId() == 1) { externalRoleDetail.setAppId(null); - } else if (ApplicationRole.getAppId().equals(IS_NULL_STRING)) { - externalRoleDetail.setAppId(app.getId()); - } else { - externalRoleDetail.setAppId(Long.parseLong(ApplicationRole.getAppId())); - } - - if (ApplicationRole.getPriority().equals(IS_NULL_STRING)) { - externalRoleDetail.setPriority(null); } else { - externalRoleDetail.setPriority(Integer.parseInt(ApplicationRole.getPriority())); - } - - if (ApplicationRole.getAppRoleId().equals(IS_NULL_STRING) && app.getId() == 1) { - externalRoleDetail.setAppRoleId(null); + externalRoleDetail.setAppId(app.getId()); } - - // get role functions from DB + EPRole currRole = null; + currRole = (!extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) + ? curRolesUnderscoreMap.get(actualRoleName) + : curRolesMap.get(actualRoleName); + Long roleId = null; + if (currRole != null) + roleId = currRole.getId(); final Map roleFunctionsMap = new HashMap<>(); - if (!ApplicationRole.getId().equals(IS_NULL_STRING)) { - final Map appRoleFuncsParams = new HashMap<>(); + final Map appRoleFuncsParams = new HashMap<>(); + if (roleId != null) { appRoleFuncsParams.put("appId", app.getId()); - appRoleFuncsParams.put("roleId", Long.valueOf(ApplicationRole.getId())); - List appRoleFunctions = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); + appRoleFuncsParams.put("roleId", roleId); + // get role functions from DB + List appRoleFunctions = dataAccessService + .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); if (!appRoleFunctions.isEmpty()) { for (EPAppRoleFunction roleFunc : appRoleFunctions) { roleFunctionsMap.put(roleFunc.getCode(), roleFunc); } } } - if (!externalAccessPermsOfRole.isEmpty()) { // Adding functions to role for (ExternalAccessPerms externalpermission : externalAccessPermsOfRole) { @@ -2868,22 +2872,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic EPAppRoleFunction checkRoleFunctionPipeExits = roleFunctionsMap.get(funcCode); if (checkRoleFunctionPipeExits == null) { try { - final Map appFuncsParams = new HashMap<>(); + final Map appFuncsParams = new HashMap<>(); appFuncsParams.put("appId", String.valueOf(app.getId())); appFuncsParams.put("functionCd", externalpermission.getInstance()); logger.debug(EELFLoggerDelegate.debugLogger, "SyncApplicationRolesWithEcompDB: Adding function to the role: {}", externalpermission.getInstance()); List roleFunction = null; - roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", appFuncsParams, null); + roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", + appFuncsParams, null); if (roleFunction.isEmpty()) { appFuncsParams.put("functionCd", funcCode); - roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", appFuncsParams, null); + roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", + appFuncsParams, null); } if (!roleFunction.isEmpty()) { EPAppRoleFunction apRoleFunction = new EPAppRoleFunction(); apRoleFunction.setAppId(app.getId()); - apRoleFunction.setRoleId(Long.parseLong(ApplicationRole.getId())); + apRoleFunction.setRoleId(roleId); apRoleFunction.setCode(roleFunction.get(0).getCode()); dataAccessService.saveDomainObject(apRoleFunction, null); } @@ -2907,9 +2913,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpEntity entity = new HttpEntity<>(headers); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: {} ", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - response = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "roles/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); + response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "roles/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); String res = response.getBody(); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :", @@ -2923,28 +2928,28 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic && !app.getId().equals(PortalConstants.PORTAL_APP_ID))) { extRole.remove(i); i--; - } + } } return extRole; } - + @Override - public JSONArray getAllUsersByRole(String roleName) throws Exception{ + public JSONArray getAllUsersByRole(String roleName) throws Exception { ResponseEntity response = null; HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity entity = new HttpEntity<>(headers); logger.debug(EELFLoggerDelegate.debugLogger, "getAllUsersByRole: {} ", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - response = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "userRoles/role/" + roleName, HttpMethod.GET, entity, String.class); + response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "userRoles/role/" + roleName, HttpMethod.GET, entity, String.class); String res = response.getBody(); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :", res); + if (res == null || res.trim().isEmpty()) + return null; JSONObject jsonObj = new JSONObject(res); JSONArray extRole = jsonObj.getJSONArray("userRole"); - return extRole; } @@ -2957,7 +2962,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic */ private EPRole convertExternalRoleDetailstoEpRole(ExternalRoleDetails externalRoleDetails) { EPRole role = new EPRole(); - role.setActive(externalRoleDetails.isActive()); + role.setActive(true); role.setAppId(externalRoleDetails.getAppId()); role.setAppRoleId(externalRoleDetails.getAppRoleId()); role.setName(externalRoleDetails.getName()); @@ -2976,7 +2981,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (app.getCentralAuth()) { userRolesList = dataAccessService.executeNamedQuery("getBulkUserRoles", params, null); for (BulkUploadUserRoles userRolesUpload : userRolesList) { - if(!userRolesUpload.getOrgUserId().equals("su1234")){ + if (!userRolesUpload.getOrgUserId().equals("su1234")) { addUserRoleInExternalSystem(userRolesUpload); userRolesAdded++; } @@ -2986,7 +2991,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * Its adding a user role in external auth system while doing bulk upload + * Its adding a user role in external auth system while doing bulk upload * * @param userRolesUpload */ @@ -3000,90 +3005,86 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); } ExternalAccessUser extUser = new ExternalAccessUser(name, - userRolesUpload.getAppNameSpace() + "." + userRolesUpload.getRoleName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + userRolesUpload.getAppNameSpace() + "." + userRolesUpload.getRoleName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String userRole = mapper.writeValueAsString(extUser); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity entity = new HttpEntity<>(userRole, headers); template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole", HttpMethod.POST, entity, String.class); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addUserRoleInExternalSystem", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to addUserRoleInExternalSystem", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("409 Conflict")) { - logger.error(EELFLoggerDelegate.errorLogger, "addUserRoleInExternalSystem: UserRole already exits but does not break functionality"); + logger.error(EELFLoggerDelegate.errorLogger, + "addUserRoleInExternalSystem: UserRole already exits but does not break functionality"); } else { - logger.error(EELFLoggerDelegate.errorLogger, "addUserRoleInExternalSystem: Failed to addUserRoleInExternalSystem", e); + logger.error(EELFLoggerDelegate.errorLogger, + "addUserRoleInExternalSystem: Failed to addUserRoleInExternalSystem", e); } } } @Override - public void deleteRoleDependencyRecords(Session localSession, Long roleId, Long appId, boolean isPortalRequest) throws Exception { + public void deleteRoleDependencyRecords(Session localSession, Long roleId, Long appId, boolean isPortalRequest) + throws Exception { try { - String sql = ""; + String sql = ""; Query query = null; - - //It should delete only when it portal's roleId - if(appId.equals(PortalConstants.PORTAL_APP_ID)){ - // Delete from fn_role_function - sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - - // Delete from fn_role_composite - sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); + // It should delete only when it portal's roleId + if (appId.equals(PortalConstants.PORTAL_APP_ID)) { + // Delete from fn_role_function + sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete from fn_role_composite + sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); } - // Delete from ep_app_role_function sql = "DELETE FROM ep_app_role_function WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete from ep_role_notification sql = "DELETE FROM ep_role_notification WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete from fn_user_pseudo_role sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete form EP_WIDGET_CATALOG_ROLE sql = "DELETE FROM EP_WIDGET_CATALOG_ROLE WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete form EP_WIDGET_CATALOG_ROLE sql = "DELETE FROM ep_user_roles_request_det WHERE requested_role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - - if(!isPortalRequest) { + if (!isPortalRequest) { // Delete form fn_menu_functional_roles sql = "DELETE FROM fn_menu_functional_roles WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); - query.executeUpdate(); + query.executeUpdate(); } } catch (Exception e) { logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleDependeciesRecord: failed ", e); throw new DeleteDomainObjectFailedException("delete Failed" + e.getMessage()); } - } - + @SuppressWarnings("unchecked") @Override public List getMenuFunctionsList(String uebkey) throws Exception { @@ -3094,8 +3095,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map appParams = new HashMap<>(); appParams.put(APP_ID, app.getId()); appMenuFunctionsList = dataAccessService.executeNamedQuery("getMenuFunctions", appParams, null); - for(String appMenuFunction : appMenuFunctionsList) { - if(appMenuFunction.contains(FUNCTION_PIPE)) { + for (String appMenuFunction : appMenuFunctionsList) { + if (appMenuFunction.contains(FUNCTION_PIPE)) { appMenuFunctionsFinalList.add(EcompPortalUtils.getFunctionCode(appMenuFunction)); } else { appMenuFunctionsFinalList.add(appMenuFunction); @@ -3108,98 +3109,91 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return appMenuFunctionsFinalList; } - @SuppressWarnings({ "unchecked"}) + @SuppressWarnings({ "unchecked" }) @Override public List getAllAppUsers(String uebkey) throws Exception { List usersList = new ArrayList<>(); - List usersfinalList = new ArrayList<>(); - try { - EPApp app = getApp(uebkey).get(0); - final Map appParams = new HashMap<>(); - appParams.put("appId", app.getId()); - List userList = (List) dataAccessService - .executeNamedQuery("ApplicationUserRoles", appParams, null); - for (EcompUserRoles ecompUserRole : userList) { - boolean found = false; - Set roles = null; - for (EcompUser user : usersfinalList) { - if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) { - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(ecompUserRole.getRoleId()); - ecompRole.setName(ecompUserRole.getRoleName()); - roles = user.getRoles(); - EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName())).findAny() - .orElse(null); - SortedSet roleFunctionSet = new TreeSet<>(); - if(role != null) - { - roleFunctionSet = (SortedSet) role.getRoleFunctions(); - } - - String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); - functionCode = EPUserUtils.decodeFunctionCode(functionCode); - EcompRoleFunction epRoleFunction = new EcompRoleFunction(); - epRoleFunction.setName(ecompUserRole.getFunctionName()); - epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); - epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); - epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); - roleFunctionSet.add(epRoleFunction); - ecompRole.setRoleFunctions(roleFunctionSet); - roles.add(ecompRole); - user.setRoles(roles); - found = true; - break; - } - } - - if (!found) { - EcompUser epUser = new EcompUser(); - epUser.setOrgId(ecompUserRole.getOrgId()); - epUser.setManagerId(ecompUserRole.getManagerId()); - epUser.setFirstName(ecompUserRole.getFirstName()); - epUser.setLastName(ecompUserRole.getLastName()); - epUser.setPhone(ecompUserRole.getPhone()); - epUser.setEmail(ecompUserRole.getEmail()); - epUser.setOrgUserId(ecompUserRole.getOrgUserId()); - epUser.setOrgCode(ecompUserRole.getOrgCode()); - epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId()); - epUser.setJobTitle(ecompUserRole.getJobTitle()); - epUser.setLoginId(ecompUserRole.getLoginId()); - epUser.setActive(true); - roles = new HashSet<>(); - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(ecompUserRole.getRoleId()); - ecompRole.setName(ecompUserRole.getRoleName()); - SortedSet roleFunctionSet = new TreeSet<>(); - - String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); - functionCode = EPUserUtils.decodeFunctionCode(functionCode); - EcompRoleFunction epRoleFunction = new EcompRoleFunction(); - epRoleFunction.setName(ecompUserRole.getFunctionName()); - epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); - epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); - epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); - roleFunctionSet.add(epRoleFunction); - ecompRole.setRoleFunctions(roleFunctionSet); - roles.add(ecompRole); - epUser.setRoles(roles); - usersfinalList.add(epUser); - } - } - ObjectMapper mapper = new ObjectMapper(); - - for (EcompUser u1 : usersfinalList) { - String str = mapper.writeValueAsString(u1); - usersList.add(str); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e); - throw e; - } - return usersfinalList; - - } - + List usersfinalList = new ArrayList<>(); + try { + EPApp app = getApp(uebkey).get(0); + final Map appParams = new HashMap<>(); + appParams.put("appId", app.getId()); + List userList = (List) dataAccessService + .executeNamedQuery("ApplicationUserRoles", appParams, null); + for (EcompUserRoles ecompUserRole : userList) { + boolean found = false; + Set roles = null; + for (EcompUser user : usersfinalList) { + if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) { + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(ecompUserRole.getRoleId()); + ecompRole.setName(ecompUserRole.getRoleName()); + roles = user.getRoles(); + EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName())) + .findAny().orElse(null); + SortedSet roleFunctionSet = new TreeSet<>(); + if (role != null) { + roleFunctionSet = (SortedSet) role.getRoleFunctions(); + } + String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + EcompRoleFunction epRoleFunction = new EcompRoleFunction(); + epRoleFunction.setName(ecompUserRole.getFunctionName()); + epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); + epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); + epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); + roleFunctionSet.add(epRoleFunction); + ecompRole.setRoleFunctions(roleFunctionSet); + roles.add(ecompRole); + user.setRoles(roles); + found = true; + break; + } + } + if (!found) { + EcompUser epUser = new EcompUser(); + epUser.setOrgId(ecompUserRole.getOrgId()); + epUser.setManagerId(ecompUserRole.getManagerId()); + epUser.setFirstName(ecompUserRole.getFirstName()); + epUser.setLastName(ecompUserRole.getLastName()); + epUser.setPhone(ecompUserRole.getPhone()); + epUser.setEmail(ecompUserRole.getEmail()); + epUser.setOrgUserId(ecompUserRole.getOrgUserId()); + epUser.setOrgCode(ecompUserRole.getOrgCode()); + epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId()); + epUser.setJobTitle(ecompUserRole.getJobTitle()); + epUser.setLoginId(ecompUserRole.getLoginId()); + epUser.setActive(true); + roles = new HashSet<>(); + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(ecompUserRole.getRoleId()); + ecompRole.setName(ecompUserRole.getRoleName()); + SortedSet roleFunctionSet = new TreeSet<>(); + String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + EcompRoleFunction epRoleFunction = new EcompRoleFunction(); + epRoleFunction.setName(ecompUserRole.getFunctionName()); + epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); + epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); + epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); + roleFunctionSet.add(epRoleFunction); + ecompRole.setRoleFunctions(roleFunctionSet); + roles.add(ecompRole); + epUser.setRoles(roles); + usersfinalList.add(epUser); + } + } + ObjectMapper mapper = new ObjectMapper(); + for (EcompUser u1 : usersfinalList) { + String str = mapper.writeValueAsString(u1); + usersList.add(str); + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e); + throw e; + } + return usersfinalList; + } @Override public Role ConvertCentralRoleToRole(String result) { @@ -3225,17 +3219,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return newRole; } - + @Override @SuppressWarnings("unchecked") public List getCentralizedAppsOfUser(String userId) { Map params = new HashMap<>(); params.put("userId", userId); List centralizedAppsList = new ArrayList<>(); - try{ - centralizedAppsList = dataAccessService - .executeNamedQuery("getCentralizedAppsOfUser", params, null); - }catch (Exception e) { + try { + centralizedAppsList = dataAccessService.executeNamedQuery("getCentralizedAppsOfUser", params, null); + } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getCentralizedAppsOfUser failed", e); } return centralizedAppsList; @@ -3316,15 +3309,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String type; String action; CentralV2RoleFunction cenRoleFun; - if(role.getFunctionCd().contains(FUNCTION_PIPE)){ + if (role.getFunctionCd().contains(FUNCTION_PIPE)) { instance = EcompPortalUtils.getFunctionCode(role.getFunctionCd()); type = EcompPortalUtils.getFunctionType(role.getFunctionCd()); action = EcompPortalUtils.getFunctionAction(role.getFunctionCd()); cenRoleFun = new CentralV2RoleFunction(null, instance, role.getFunctionName(), null, type, action, null); - } else{ + } else { type = getFunctionCodeType(role.getFunctionCd()); action = getFunctionCodeAction(role.getFunctionCd()); - cenRoleFun = new CentralV2RoleFunction(null, role.getFunctionCd(), role.getFunctionName(), null, type, action, null); + cenRoleFun = new CentralV2RoleFunction(null, role.getFunctionCd(), role.getFunctionName(), null, type, + action, null); } return cenRoleFun; } @@ -3342,28 +3336,27 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } private CentralV2Role convertRoleToCentralV2Role(EPRole role) { - return new CentralV2Role(role.getId(), role.getCreated(), role.getModified(), role.getCreatedId(), + return new CentralV2Role(role.getId(), role.getCreated(), role.getModified(), role.getCreatedId(), role.getModifiedId(), role.getRowNum(), role.getName(), role.getActive(), role.getPriority(), new TreeSet<>(), new TreeSet<>(), new TreeSet<>()); - } - + @Override - public List convertCentralRoleFunctionToRoleFunctionObject(List answer) { + public List convertCentralRoleFunctionToRoleFunctionObject( + List answer) { List addRoleFuncList = new ArrayList<>(); - for(CentralV2RoleFunction cenRoleFunc : answer){ + for (CentralV2RoleFunction cenRoleFunc : answer) { CentralRoleFunction setRoleFunc = new CentralRoleFunction(); setRoleFunc.setCode(cenRoleFunc.getCode()); setRoleFunc.setName(cenRoleFunc.getName()); addRoleFuncList.add(setRoleFunc); - } + } return addRoleFuncList; } @Override public CentralUser getUserRoles(String loginId, String uebkey) throws Exception { CentralUser sendUserRoles = null; - try { CentralV2User cenV2User = getV2UserAppRoles(loginId, uebkey); sendUserRoles = convertV2UserRolesToOlderVersion(cenV2User); @@ -3394,6 +3387,80 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return createEPUser(user, userAppSet, app); } + private List getUserAppRoles(EPApp app, EPUser user) { + final Map userParams = new HashMap<>(); + userParams.put("appId", app.getId()); + userParams.put("userId", user.getId()); + @SuppressWarnings("unchecked") + List userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles", + userParams, null); + List setUserRoles = new ArrayList<>(); + for (EPUserAppCurrentRoles role : userAppsRolesList) { + logger.debug(EELFLoggerDelegate.debugLogger, "In getUserAppRoles()- get userRolename = {}", + role.getRoleName()); + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(role.getRoleId()); + ecompRole.setName(role.getRoleName()); + setUserRoles.add(ecompRole); + } + logger.debug(EELFLoggerDelegate.debugLogger, "In getUserAppRoles()- get userrole list size = {}", + setUserRoles.size()); + return setUserRoles; + } + + @Override + public List missingUserApplicationRoles(String uebkey, String loginId, Set CurrentUserRoles) + throws Exception { + List appList = getApp(uebkey); + EPApp app = appList.get(0); + List epUserList; + epUserList = getUser(loginId); + List missingUserAppRoles = new ArrayList<>(); + List roleNamesList = CurrentUserRoles.stream().map(EcompRole::getName).collect(Collectors.toList()); + logger.debug(EELFLoggerDelegate.debugLogger, "Roles of User from hibernate :" + roleNamesList); + List userApplicationsRolesfromDB = getUserAppRoles(app, epUserList.get(0)); + if (userApplicationsRolesfromDB.size() > 0) { + missingUserAppRoles = userApplicationsRolesfromDB.stream().filter(x -> !roleNamesList.contains(x.getName())) + .collect(Collectors.toList()); + } + List MissingroleNamesList = missingUserAppRoles.stream().map(EcompRole::getName) + .collect(Collectors.toList()); + logger.debug(EELFLoggerDelegate.debugLogger, "MissingUserAppRoles():" + MissingroleNamesList); + + List finalMissingRoleList = new ArrayList<>(); + if (missingUserAppRoles.size() > 0) { + final Map params = new HashMap<>(); + for (EcompRole role : missingUserAppRoles) { + params.put("roleId", role.getId()); + params.put(APP_ID, app.getId()); + + EcompRole epRole = new EcompRole(); + epRole.setId(role.getId()); + epRole.setName(role.getName()); + @SuppressWarnings("unchecked") + List appRoleFunctionList = dataAccessService + .executeNamedQuery("getAppRoleFunctionList", params, null); + SortedSet roleFunctionSet = new TreeSet<>(); + for (CentralV2RoleFunction roleFunc : appRoleFunctionList) { + String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); + String type = getFunctionCodeType(roleFunc.getCode()); + String action = getFunctionCodeAction(roleFunc.getCode()); + EcompRoleFunction fun = new EcompRoleFunction(); + fun.setAction(action); + fun.setCode(functionCode); + fun.setType(type); + fun.setName(roleFunc.getName()); + roleFunctionSet.add(fun); + + } + epRole.setRoleFunctions(roleFunctionSet); + finalMissingRoleList.add(epRole); + } + } + + return finalMissingRoleList; + } + /** * It converts V2 CentralUser object to old version CentralUser object * @@ -3401,56 +3468,68 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @return EPUser object */ private CentralUser convertV2UserRolesToOlderVersion(CentralV2User cenV2User) { - Set userV2Apps = cenV2User.getUserApps(); - Set userApps = new TreeSet<>(); - for(CentralV2UserApp userApp : userV2Apps){ - CentralApp app = userApp.getApp(); - CentralUserApp cua = new CentralUserApp(); - cua.setUserId(null); - cua.setApp(app); - SortedSet cenRoleFunction = new TreeSet<>(); - for(CentralV2RoleFunction cenV2RoleFunc : userApp.getRole().getRoleFunctions() ){ - CentralRoleFunction cenRoleFunc = new CentralRoleFunction(cenV2RoleFunc.getCode(), cenV2RoleFunc.getName()); - cenRoleFunction.add(cenRoleFunc); - } - CentralRole role = new CentralRole(userApp.getRole().getId(), userApp.getRole().getName(), userApp.getRole().isActive(), userApp.getRole().getPriority(), - cenRoleFunction); - cua.setRole(role); - userApps.add(cua); - } - return new CentralUser(cenV2User.getId(), cenV2User.getCreated(), cenV2User.getModified(), - cenV2User.getCreatedId(),cenV2User.getModifiedId(), - cenV2User.getRowNum(), cenV2User.getOrgId(), cenV2User.getManagerId(), cenV2User.getFirstName(), - cenV2User.getMiddleInitial(), cenV2User.getLastName(), cenV2User.getPhone(), cenV2User.getFax(), - cenV2User.getCellular(),cenV2User.getEmail(),cenV2User.getAddressId(),cenV2User.getAlertMethodCd(), - cenV2User.getHrid(),cenV2User.getOrgUserId(),cenV2User.getOrgCode(),cenV2User.getAddress1(), - cenV2User.getAddress2(),cenV2User.getCity(),cenV2User.getState(),cenV2User.getZipCode(),cenV2User.getCountry(), - cenV2User.getOrgManagerUserId(),cenV2User.getLocationClli(),cenV2User.getBusinessCountryCode(), - cenV2User.getBusinessCountryName(),cenV2User.getBusinessUnit(),cenV2User.getBusinessUnitName(), - cenV2User.getDepartment(),cenV2User.getDepartmentName(),cenV2User.getCompanyCode(), - cenV2User.getCompany(),cenV2User.getZipCodeSuffix(),cenV2User.getJobTitle(), - cenV2User.getCommandChain(),cenV2User.getSiloStatus(),cenV2User.getCostCenter(), - cenV2User.getFinancialLocCode(),cenV2User.getLoginId(),cenV2User.getLoginPwd(), - cenV2User.getLastLoginDate(),cenV2User.isActive(),cenV2User.isInternal(),cenV2User.getSelectedProfileId(),cenV2User.getTimeZoneId(), - cenV2User.isOnline(),cenV2User.getChatId(), - userApps); + Set userV2Apps = cenV2User.getUserApps(); + Set userApps = new TreeSet<>(); + for (CentralV2UserApp userApp : userV2Apps) { + CentralApp app = userApp.getApp(); + CentralUserApp cua = new CentralUserApp(); + cua.setUserId(null); + cua.setApp(app); + SortedSet cenRoleFunction = new TreeSet<>(); + for (CentralV2RoleFunction cenV2RoleFunc : userApp.getRole().getRoleFunctions()) { + CentralRoleFunction cenRoleFunc = new CentralRoleFunction(cenV2RoleFunc.getCode(), + cenV2RoleFunc.getName()); + cenRoleFunction.add(cenRoleFunc); + } + CentralRole role = new CentralRole(userApp.getRole().getId(), userApp.getRole().getName(), + userApp.getRole().getActive(), userApp.getRole().getPriority(), cenRoleFunction); + cua.setRole(role); + userApps.add(cua); + } + return new CentralUser.CentralUserBuilder().setId(cenV2User.getId()).setCreated(cenV2User.getCreated()) + .setModified(cenV2User.getModified()).setCreatedId(cenV2User.getCreatedId()) + .setModifiedId(cenV2User.getModifiedId()).setRowNum(cenV2User.getRowNum()) + .setOrgId(cenV2User.getOrgId()).setManagerId(cenV2User.getManagerId()) + .setFirstName(cenV2User.getFirstName()).setMiddleInitial(cenV2User.getMiddleInitial()) + .setLastName(cenV2User.getLastName()).setPhone(cenV2User.getPhone()).setFax(cenV2User.getFax()) + .setCellular(cenV2User.getCellular()).setEmail(cenV2User.getEmail()) + .setAddressId(cenV2User.getAddressId()).setAlertMethodCd(cenV2User.getAlertMethodCd()) + .setHrid(cenV2User.getHrid()).setOrgUserId(cenV2User.getOrgUserId()).setOrgCode(cenV2User.getOrgCode()) + .setAddress1(cenV2User.getAddress1()).setAddress2(cenV2User.getAddress2()).setCity(cenV2User.getCity()) + .setState(cenV2User.getState()).setZipCode(cenV2User.getZipCode()).setCountry(cenV2User.getCountry()) + .setOrgManagerUserId(cenV2User.getOrgManagerUserId()).setLocationClli(cenV2User.getLocationClli()) + .setBusinessCountryCode(cenV2User.getBusinessCountryCode()) + .setBusinessCountryName(cenV2User.getBusinessCountryName()).setBusinessUnit(cenV2User.getBusinessUnit()) + .setBusinessUnitName(cenV2User.getBusinessUnitName()).setDepartment(cenV2User.getDepartment()) + .setDepartmentName(cenV2User.getDepartmentName()).setCompanyCode(cenV2User.getCompanyCode()) + .setCompany(cenV2User.getCompany()).setZipCodeSuffix(cenV2User.getZipCodeSuffix()) + .setJobTitle(cenV2User.getJobTitle()).setCommandChain(cenV2User.getCommandChain()) + .setSiloStatus(cenV2User.getSiloStatus()).setCostCenter(cenV2User.getCostCenter()) + .setFinancialLocCode(cenV2User.getFinancialLocCode()).setLoginId(cenV2User.getLoginId()) + .setLoginPwd(cenV2User.getLoginPwd()).setLastLoginDate(cenV2User.getLastLoginDate()) + .setActive(cenV2User.isActive()).setInternal(cenV2User.isInternal()) + .setSelectedProfileId(cenV2User.getSelectedProfileId()).setTimeZoneId(cenV2User.getTimeZoneId()) + .setOnline(cenV2User.isOnline()).setChatId(cenV2User.getChatId()).setUserApps(userApps) + .createCentralUser(); } @Override public List convertV2CentralRoleListToOldVerisonCentralRoleList(List v2CenRoleList) { List cenRoleList = new ArrayList<>(); - for(CentralV2Role v2CenRole : v2CenRoleList){ - SortedSet cenRoleFuncList = new TreeSet<>(); - for(CentralV2RoleFunction v2CenRoleFunc: v2CenRole.getRoleFunctions()){ - CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(), v2CenRoleFunc.getName()); - cenRoleFuncList.add(roleFunc); - } - CentralRole role = new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.isActive(), v2CenRole.getPriority(), cenRoleFuncList); - cenRoleList.add(role); - } + for (CentralV2Role v2CenRole : v2CenRoleList) { + SortedSet cenRoleFuncList = new TreeSet<>(); + for (CentralV2RoleFunction v2CenRoleFunc : v2CenRole.getRoleFunctions()) { + CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(), + v2CenRoleFunc.getName()); + cenRoleFuncList.add(roleFunc); + } + CentralRole role = new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.getActive(), + v2CenRole.getPriority(), cenRoleFuncList); + cenRoleList.add(role); + } return cenRoleList; } - + @Override public ResponseEntity getNameSpaceIfExists(EPApp app) throws Exception { HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); @@ -3473,7 +3552,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return response; } - + @Override public CentralRole convertV2CentralRoleToOldVerisonCentralRole(CentralV2Role v2CenRole) { SortedSet cenRoleFuncList = new TreeSet<>(); @@ -3481,7 +3560,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(), v2CenRoleFunc.getName()); cenRoleFuncList.add(roleFunc); } - return new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.isActive(), v2CenRole.getPriority(), + return new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.getActive(), v2CenRole.getPriority(), cenRoleFuncList); } @@ -3498,26 +3577,242 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic userRolesList = dataAccessService.executeNamedQuery("getBulkUsersForSingleRole", params, null); for (BulkUploadUserRoles userRolesUpload : userRolesList) { userRolesUpload.setRoleName(modifiedRoleName); - if(!userRolesUpload.getOrgUserId().equals("su1234")){ + if (!userRolesUpload.getOrgUserId().equals("su1234")) { addUserRoleInExternalSystem(userRolesUpload); userRolesAdded++; } } } return userRolesAdded; - } - + } + + @Override + public void bulkUploadRoleFunc(UploadRoleFunctionExtSystem data, EPApp app) throws Exception { + ObjectMapper mapper = new ObjectMapper(); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + try { + ExternalAccessRolePerms extRolePerms; + ExternalAccessPerms extPerms; + extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + data.getType(), + EcompPortalUtils.encodeFunctionCode(data.getInstance()), data.getAction()); + String appNameSpace = ""; + if (data.getIsGlobalRolePartnerFunc()) { + appNameSpace = epAppService.getApp(1l).getNameSpace(); + } else { + appNameSpace = app.getNameSpace(); + } + extRolePerms = new ExternalAccessRolePerms(extPerms, appNameSpace + "." + data.getRoleName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + String updateRolePerms = mapper.writeValueAsString(extRolePerms); + HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); + updateRoleFunctionInExternalSystem(updateRolePerms, entity); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to add role function in external central auth system", e); + EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); + throw e; + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "addFunctionInExternalSystem: Failed to add role fucntion in external central auth system", e); + throw e; + } + } + + private void updateRoleFunctionInExternalSystem(String updateRolePerms, HttpEntity entity) { + logger.debug(EELFLoggerDelegate.debugLogger, "bulkUploadRoleFunc: {} for POST: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); + ResponseEntity addPermResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", + HttpMethod.POST, entity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, + "bulkUploadRoleFunc: Finished adding permission for POST: {} and status code: {} ", + addPermResponse.getStatusCode().value(), updateRolePerms); + } + @Override - public String encodeFunctionCode(String funCode){ - String encodedString = funCode; - List encodingList = new ArrayList<>(); - encodingList.add(Pattern.compile("/")); - encodingList.add(Pattern.compile("-")); - for (Pattern xssInputPattern : encodingList) { - encodedString = xssInputPattern.matcher(encodedString) - .replaceAll("%" + Hex.encodeHexString(xssInputPattern.toString().getBytes())); - } - encodedString = encodedString.replaceAll("\\*", "%"+ Hex.encodeHexString("*".getBytes())); - return encodedString; + public void syncApplicationUserRolesFromExtAuthSystem(String loginId) throws Exception { + String name = ""; + if (EPCommonSystemProperties.containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) { + name = loginId + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); + } + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + HttpEntity getUserRolesEntity = new HttpEntity<>(headers); + ResponseEntity getResponse = getUserRolesFromExtAuthSystem(name, getUserRolesEntity); + List userRoleDetailList = new ArrayList<>(); + String res = getResponse.getBody(); + JSONObject jsonObj = null; + JSONArray extRoles = null; + if (!res.equals("{}")) { + jsonObj = new JSONObject(res); + extRoles = jsonObj.getJSONArray("role"); + } + updateUserRolesInLocal(userRoleDetailList, extRoles, loginId); + } + + @SuppressWarnings("unchecked") + private void updateUserRolesInLocal(List userRoleDetailList, JSONArray extRoles, + String loginId) throws InvalidUserException { + HashMap userParams = new HashMap<>(); + userParams.put("orgUserId", loginId); + // Get all centralized applications existing user roles from local + List currentUserAppRoles = dataAccessService + .executeNamedQuery("getUserCentralizedAppRoles", userParams, null); + EPUser user = getUser(loginId).get(0); + // Get all centralized applications roles from local + HashMap cenAppRolesMap = getCentralizedAppRoleList(); + HashMap currentCentralizedUserAppRolesMap = getCurrentUserCentralizedAppRoles( + currentUserAppRoles); + // Get all centralized applications + admin role from local + HashMap centralisedAppsMap = getCentralizedAdminAppsInfo(); + if (extRoles != null) { + ExternalAccessUserRoleDetail userRoleDetail = null; + for (int i = 0; i < extRoles.length(); i++) { + if (!extRoles.getJSONObject(i).getString("name").endsWith(ADMIN) + && !extRoles.getJSONObject(i).getString("name").endsWith(OWNER)) { + userRoleDetail = new ExternalAccessUserRoleDetail(extRoles.getJSONObject(i).getString("name"), + null); + userRoleDetailList.add(userRoleDetail); + } + } + addUserRolesInLocal(userRoleDetailList, user, cenAppRolesMap, currentCentralizedUserAppRolesMap, + centralisedAppsMap); + } } + + private void addUserRolesInLocal(List userRoleDetailList, EPUser user, + HashMap cenAppRolesMap, + HashMap currentCentralizedUserAppRolesMap, + HashMap centralisedAppsMap) { + for (ExternalAccessUserRoleDetail extUserRoleDetail : userRoleDetailList) { + try { + // check if user already has role in local + if (!currentCentralizedUserAppRolesMap.containsKey(extUserRoleDetail.getName())) { + CentralizedAppRoles getCenAppRole = cenAppRolesMap.get(extUserRoleDetail.getName()); + if (getCenAppRole != null) { + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Adding user role from external auth system {}", + extUserRoleDetail.toString()); + EPUserApp userApp = new EPUserApp(); + EPApp app = new EPApp(); + app.setId(getCenAppRole.getAppId()); + EPRole epRole = new EPRole(); + epRole.setId(getCenAppRole.getRoleId()); + userApp.setApp(app); + userApp.setUserId(user.getId()); + userApp.setRole(epRole); + dataAccessService.saveDomainObject(userApp, null); + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Finished user role from external auth system {}", + extUserRoleDetail.toString()); + } else if (getCenAppRole == null // check if user has app + // account admin role + && extUserRoleDetail.getName().endsWith(PortalConstants.ADMIN_ROLE.replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) { + EPApp app = centralisedAppsMap.get(extUserRoleDetail.getName()); + if (app != null) { + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Adding user role from external auth system {}", + extUserRoleDetail.toString()); + EPUserApp userApp = new EPUserApp(); + EPRole epRole = new EPRole(); + epRole.setId(PortalConstants.ACCOUNT_ADMIN_ROLE_ID); + userApp.setApp(app); + userApp.setUserId(user.getId()); + userApp.setRole(epRole); + dataAccessService.saveDomainObject(userApp, null); + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Finished user role from external auth system {}", + extUserRoleDetail.toString()); + } + } + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "addUserRolesInLocal - Failed to update user role in local from external auth system {} ", + extUserRoleDetail.toString(), e); + } + } + } + + @SuppressWarnings("unchecked") + private HashMap getCentralizedAdminAppsInfo() { + List centralizedApps = dataAccessService.executeNamedQuery("getCentralizedApps", null, null); + HashMap centralisedAppsMap = new HashMap<>(); + for (EPApp cenApp : centralizedApps) { + centralisedAppsMap.put( + cenApp.getNameSpace() + "." + + PortalConstants.ADMIN_ROLE.replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + cenApp); + } + return centralisedAppsMap; + } + + private HashMap getCurrentUserCentralizedAppRoles( + List currentUserAppRoles) { + HashMap currentCentralizedUserAppRolesMap = new HashMap<>(); + for (CentralizedAppRoles cenAppUserRole : currentUserAppRoles) { + currentCentralizedUserAppRolesMap.put( + cenAppUserRole.getAppNameSpace() + "." + + cenAppUserRole.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + cenAppUserRole); + } + return currentCentralizedUserAppRolesMap; + } + + @SuppressWarnings("unchecked") + private HashMap getCentralizedAppRoleList() { + List centralizedAppRoles = dataAccessService + .executeNamedQuery("getAllCentralizedAppsRoles", null, null); + HashMap cenAppRolesMap = new HashMap<>(); + for (CentralizedAppRoles CentralizedAppRole : centralizedAppRoles) { + cenAppRolesMap.put( + CentralizedAppRole.getAppNameSpace() + "." + + CentralizedAppRole.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + CentralizedAppRole); + } + return cenAppRolesMap; + } + + @Override + public ResponseEntity getUserRolesFromExtAuthSystem(String name, HttpEntity getUserRolesEntity) { + logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to external system to get current user roles"); + ResponseEntity getResponse = template + .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "roles/user/" + name, HttpMethod.GET, getUserRolesEntity, String.class); + if (getResponse.getStatusCode().value() == 200) { + logger.debug(EELFLoggerDelegate.debugLogger, + "getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}", + getResponse.getBody()); + } else { + logger.error(EELFLoggerDelegate.errorLogger, + "getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}", + getResponse.getBody()); + EPLogUtil.logExternalAuthAccessAlarm(logger, getResponse.getStatusCode()); + } + return getResponse; + } + + @Override + public Integer updateAppRoleDescription(String uebkey) { + Integer roleDescUpdated = 0; + EPApp app; + try { + app = getApp(uebkey).get(0); + List roles = getAppRoles(app.getId()); + for (EPRole epRole : roles) { + Role role = new Role(); + role.setName(epRole.getName()); + boolean status = addRoleDescriptionInExtSystem(role, app); + if (status) + roleDescUpdated++; + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription: Failed! ", e); + } + return roleDescUpdated; + } + }