package org.onap.portal.controller;
import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Comparator;
+import java.util.List;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.cxf.transport.http.HTTPException;
+import org.onap.portal.domain.db.fn.FnRole;
import org.onap.portal.domain.db.fn.FnUser;
+import org.onap.portal.domain.dto.ecomp.EPUserAppCatalogRoles;
+import org.onap.portal.domain.dto.ecomp.ExternalSystemAccess;
+import org.onap.portal.domain.dto.transport.AppWithRolesForUser;
+import org.onap.portal.domain.dto.transport.FieldsValidator;
+import org.onap.portal.domain.dto.transport.UserApplicationRoles;
import org.onap.portal.service.AdminRolesService;
+import org.onap.portal.service.ApplicationsRestClientService;
+import org.onap.portal.service.fn.FnUserRoleService;
import org.onap.portal.service.fn.FnUserService;
+import org.onap.portal.utils.EcompPortalUtils;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
@RestController
private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserRolesController.class);
private final FnUserService fnUserService;
+ private final FnUserRoleService fnUserRoleService;
private final AdminRolesService adminRolesService;
-
+ private final ApplicationsRestClientService applicationsRestClientService;
/*
private final UserRolesService userRolesService;
- private final ApplicationsRestClientService applicationsRestClientService;
private final SearchService searchService;*/
@Autowired
public UserRolesController(final FnUserService fnUserService,
- final AdminRolesService adminRolesService) {
+ FnUserRoleService fnUserRoleService,
+ final AdminRolesService adminRolesService,
+ ApplicationsRestClientService applicationsRestClientService) {
this.fnUserService = fnUserService;
+ this.fnUserRoleService = fnUserRoleService;
this.adminRolesService = adminRolesService;
+ this.applicationsRestClientService = applicationsRestClientService;
}
-/*
- @RequestMapping(value = {"/portalApi/queryUsers"}, method = RequestMethod.GET, produces = "application/json")
- @PreAuthorize("hasRole('System_Administrator') and hasRole('Account_Administrator')")
- public String getPhoneBookSearchResult(Principal principal, @RequestParam("search") String searchString,
- HttpServletResponse response) {
- FnUser user = fnUserService.loadUserByUsername(principal.getName());
+ /*
+ @RequestMapping(value = {"/portalApi/queryUsers"}, method = RequestMethod.GET, produces = "application/json")
+ @PreAuthorize("hasRole('System_Administrator') and hasRole('Account_Administrator')")
+ public String getPhoneBookSearchResult(Principal principal, @RequestParam("search") String searchString,
+ HttpServletResponse response) {
+ FnUser user = fnUserService.loadUserByUsername(principal.getName());
- String searchResult = null;
- if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)
- && !adminRolesService.isRoleAdmin(user)) {
- EcompPortalUtils.setBadPermissions(user, response, "getPhoneBookSearchResult");
- } else {
- searchString = searchString.trim();
- if (searchString.length() > 2) {
- searchResult = searchService.searchUsersInPhoneBook(searchString);
+ String searchResult = null;
+ if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)
+ && !adminRolesService.isRoleAdmin(user)) {
+ EcompPortalUtils.setBadPermissions(user, response, "getPhoneBookSearchResult");
} else {
- logger.info(EELFLoggerDelegate.errorLogger,
- "getPhoneBookSearchResult - too short search string: " + searchString);
+ searchString = searchString.trim();
+ if (searchString.length() > 2) {
+ searchResult = searchService.searchUsersInPhoneBook(searchString);
+ } else {
+ logger.info(EELFLoggerDelegate.errorLogger,
+ "getPhoneBookSearchResult - too short search string: " + searchString);
+ }
}
+ EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/queryUsers", "result =", searchResult);
+
+ return searchResult;
}
- EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/queryUsers", "result =", searchResult);
- return searchResult;
- }
- @RequestMapping(value = {"/portalApi/adminAppsRoles"}, method = {
- RequestMethod.GET}, produces = "application/json")
- public AppsListWithAdminRole getAppsWithAdminRoleStateForUser(Principal principal,
- @RequestParam("user") String orgUserId, HttpServletResponse response) {
+ @RequestMapping(value = {"/portalApi/adminAppsRoles"}, method = {
+ RequestMethod.GET}, produces = "application/json")
+ public AppsListWithAdminRole getAppsWithAdminRoleStateForUser(Principal principal,
+ @RequestParam("user") String orgUserId, HttpServletResponse response) {
- FnUser user = fnUserService.loadUserByUsername(principal.getName());
+ FnUser user = fnUserService.loadUserByUsername(principal.getName());
- AppsListWithAdminRole result = null;
- if (!adminRolesService.isSuperAdmin(user)) {
- EcompPortalUtils.setBadPermissions(user, response, "getAppsWithAdminRoleStateForUser");
- } else {
- if (EcompPortalUtils.legitimateUserId(orgUserId)) {
- result = adminRolesService.getAppsWithAdminRoleStateForUser(orgUserId);
+ AppsListWithAdminRole result = null;
+ if (!adminRolesService.isSuperAdmin(user)) {
+ EcompPortalUtils.setBadPermissions(user, response, "getAppsWithAdminRoleStateForUser");
} else {
- logger.info(EELFLoggerDelegate.errorLogger,
- "getAppsWithAdminRoleStateForUser - parms error, no Organization User ID");
- response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ if (EcompPortalUtils.legitimateUserId(orgUserId)) {
+ result = adminRolesService.getAppsWithAdminRoleStateForUser(orgUserId);
+ } else {
+ logger.info(EELFLoggerDelegate.errorLogger,
+ "getAppsWithAdminRoleStateForUser - parms error, no Organization User ID");
+ response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ }
}
- }
- StringBuilder adminAppRoles = new StringBuilder();
- if (result != null) {
- if (!result.appsRoles.isEmpty()) {
- adminAppRoles.append("User '" + result.orgUserId + "' has admin role to the apps = {");
- for (AppNameIdIsAdmin adminAppRole : result.appsRoles) {
- if (adminAppRole.isAdmin) {
- adminAppRoles.append(adminAppRole.appName + ", ");
+ StringBuilder adminAppRoles = new StringBuilder();
+ if (result != null) {
+ if (!result.appsRoles.isEmpty()) {
+ adminAppRoles.append("User '" + result.orgUserId + "' has admin role to the apps = {");
+ for (AppNameIdIsAdmin adminAppRole : result.appsRoles) {
+ if (adminAppRole.isAdmin) {
+ adminAppRoles.append(adminAppRole.appName + ", ");
+ }
}
+ adminAppRoles.append("}.");
+ } else {
+ adminAppRoles.append("User '" + result.orgUserId + "' has no Apps with Admin Role.");
}
- adminAppRoles.append("}.");
} else {
- adminAppRoles.append("User '" + result.orgUserId + "' has no Apps with Admin Role.");
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "putAppWithUserRoleStateForUser: getAppsWithAdminRoleStateForUser result is null");
}
- } else {
- logger.error(EELFLoggerDelegate.errorLogger,
- "putAppWithUserRoleStateForUser: getAppsWithAdminRoleStateForUser result is null");
- }
- logger.info(EELFLoggerDelegate.errorLogger, adminAppRoles.toString());
+ logger.info(EELFLoggerDelegate.errorLogger, adminAppRoles.toString());
- EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "get result =", result);
+ EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "get result =", result);
- return result;
- }
+ return result;
+ }
- @RequestMapping(value = {"/portalApi/adminAppsRoles"}, method = {
- RequestMethod.PUT}, produces = "application/json")
- public FieldsValidator putAppsWithAdminRoleStateForUser(Principal principal,
- @RequestBody AppsListWithAdminRole newAppsListWithAdminRoles, HttpServletResponse response) {
-
- // newAppsListWithAdminRoles.appsRoles
- FieldsValidator fieldsValidator = new FieldsValidator();
- StringBuilder newAppRoles = new StringBuilder();
- if (newAppsListWithAdminRoles != null) {
- if (!newAppsListWithAdminRoles.appsRoles.isEmpty()) {
- newAppRoles
- .append("User '" + newAppsListWithAdminRoles.orgUserId
- + "' has admin role to the apps = { ");
- for (AppNameIdIsAdmin adminAppRole : newAppsListWithAdminRoles.appsRoles) {
- if (adminAppRole.isAdmin) {
- newAppRoles.append(adminAppRole.appName + " ,");
+ @RequestMapping(value = {"/portalApi/adminAppsRoles"}, method = {
+ RequestMethod.PUT}, produces = "application/json")
+ public FieldsValidator putAppsWithAdminRoleStateForUser(Principal principal,
+ @RequestBody AppsListWithAdminRole newAppsListWithAdminRoles, HttpServletResponse response) {
+
+ // newAppsListWithAdminRoles.appsRoles
+ FieldsValidator fieldsValidator = new FieldsValidator();
+ StringBuilder newAppRoles = new StringBuilder();
+ if (newAppsListWithAdminRoles != null) {
+ if (!newAppsListWithAdminRoles.appsRoles.isEmpty()) {
+ newAppRoles
+ .append("User '" + newAppsListWithAdminRoles.orgUserId
+ + "' has admin role to the apps = { ");
+ for (AppNameIdIsAdmin adminAppRole : newAppsListWithAdminRoles.appsRoles) {
+ if (adminAppRole.isAdmin) {
+ newAppRoles.append(adminAppRole.appName + " ,");
+ }
}
+ newAppRoles.deleteCharAt(newAppRoles.length() - 1);
+ newAppRoles.append("}.");
+ } else {
+ newAppRoles.append("User '" + newAppsListWithAdminRoles.orgUserId
+ + "' has no Apps with Admin Role.");
}
- newAppRoles.deleteCharAt(newAppRoles.length() - 1);
- newAppRoles.append("}.");
} else {
- newAppRoles.append("User '" + newAppsListWithAdminRoles.orgUserId
- + "' has no Apps with Admin Role.");
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "putAppWithUserRoleStateForUser: putAppsWithAdminRoleStateForUser result is null");
+ fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
- } else {
- logger.error(EELFLoggerDelegate.errorLogger,
- "putAppWithUserRoleStateForUser: putAppsWithAdminRoleStateForUser result is null");
- fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- }
- logger.info(EELFLoggerDelegate.errorLogger, newAppRoles.toString());
+ logger.info(EELFLoggerDelegate.errorLogger, newAppRoles.toString());
- FnUser user = fnUserService.loadUserByUsername(principal.getName());
+ FnUser user = fnUserService.loadUserByUsername(principal.getName());
- boolean changesApplied = false;
+ boolean changesApplied = false;
- if (!adminRolesService.isSuperAdmin(user)) {
- EcompPortalUtils.setBadPermissions(user, response, "putAppsWithAdminRoleStateForUser");
- } else {
- changesApplied = adminRolesService.setAppsWithAdminRoleStateForUser(newAppsListWithAdminRoles);
- AuditLog auditLog = new AuditLog();
- auditLog.setUserId(user.getId());
- auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN);
- if (newAppsListWithAdminRoles != null) {
- auditLog.setAffectedRecordId(newAppsListWithAdminRoles.orgUserId);
- }
- auditLog.setComments(
- EcompPortalUtils
- .truncateString(newAppRoles.toString(), PortalConstants.AUDIT_LOG_COMMENT_SIZE));
- auditService.logActivity(auditLog, null);
-
- MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- EcompPortalUtils.calculateDateTimeDifferenceForLog(
- MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
- MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
- if (newAppsListWithAdminRoles != null) {
- logger.info(EELFLoggerDelegate.auditLogger,
- EPLogUtil.formatAuditLogMessage(
- "UserRolesController.putAppsWithAdminRoleStateForUser",
- EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN, user.getOrgUserId(),
- newAppsListWithAdminRoles.orgUserId, newAppRoles.toString()));
+ if (!adminRolesService.isSuperAdmin(user)) {
+ EcompPortalUtils.setBadPermissions(user, response, "putAppsWithAdminRoleStateForUser");
+ } else {
+ changesApplied = adminRolesService.setAppsWithAdminRoleStateForUser(newAppsListWithAdminRoles);
+ AuditLog auditLog = new AuditLog();
+ auditLog.setUserId(user.getId());
+ auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN);
+ if (newAppsListWithAdminRoles != null) {
+ auditLog.setAffectedRecordId(newAppsListWithAdminRoles.orgUserId);
+ }
+ auditLog.setComments(
+ EcompPortalUtils
+ .truncateString(newAppRoles.toString(), PortalConstants.AUDIT_LOG_COMMENT_SIZE));
+ auditService.logActivity(auditLog, null);
+
+ MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
+ EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+ MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
+ EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+ EcompPortalUtils.calculateDateTimeDifferenceForLog(
+ MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
+ MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
+ if (newAppsListWithAdminRoles != null) {
+ logger.info(EELFLoggerDelegate.auditLogger,
+ EPLogUtil.formatAuditLogMessage(
+ "UserRolesController.putAppsWithAdminRoleStateForUser",
+ EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN, user.getOrgUserId(),
+ newAppsListWithAdminRoles.orgUserId, newAppRoles.toString()));
+ }
+ MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
+ MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
+ MDC.remove(SystemProperties.MDC_TIMER);
}
- MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
- MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
- MDC.remove(SystemProperties.MDC_TIMER);
- }
- EcompPortalUtils
- .logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "put result =", changesApplied);
+ EcompPortalUtils
+ .logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "put result =", changesApplied);
- return fieldsValidator;
- }
+ return fieldsValidator;
+ }
- @RequestMapping(value = {"/portalApi/userAppRoles"}, method = {
- RequestMethod.GET}, produces = "application/json")
- public List<RoleInAppForUser> getAppRolesForUser(Principal principal,
- @RequestParam("user") String orgUserId,
- @RequestParam("app") Long appid, @RequestParam("externalRequest") Boolean extRequestValue,
- @RequestParam("isSystemUser") Boolean isSystemUser,
- HttpServletResponse response) {
- FnUser user = fnUserService.loadUserByUsername(principal.getName());
- List<RoleInAppForUser> result = null;
- String feErrorString = "";
- if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}",
- adminRolesService.isAccountAdmin(user), adminRolesService.isRoleAdmin(user));
- EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser");
- feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus());
- } else {
- if ((!isSystemUser && EcompPortalUtils.legitimateUserId(orgUserId)) || isSystemUser) {
- result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user);
- logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}",
- result, appid);
- int responseCode = EcompPortalUtils.getExternalAppResponseCode();
- if (responseCode != 0 && responseCode != 200) {
- // external error
- response.setStatus(responseCode);
- feErrorString = EcompPortalUtils.getFEErrorString(false, responseCode);
- } else if (result == null) {
- // If the result is null, there was an internal onap error
- // in the service call.
- response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- feErrorString = EcompPortalUtils.getFEErrorString(true,
- HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- }
+ @RequestMapping(value = {"/portalApi/userAppRoles"}, method = {
+ RequestMethod.GET}, produces = "application/json")
+ public List<RoleInAppForUser> getAppRolesForUser(Principal principal,
+ @RequestParam("user") String orgUserId,
+ @RequestParam("app") Long appid, @RequestParam("externalRequest") Boolean extRequestValue,
+ @RequestParam("isSystemUser") Boolean isSystemUser,
+ HttpServletResponse response) {
+ FnUser user = fnUserService.loadUserByUsername(principal.getName());
+ List<RoleInAppForUser> result = null;
+ String feErrorString = "";
+ if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}",
+ adminRolesService.isAccountAdmin(user), adminRolesService.isRoleAdmin(user));
+ EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser");
+ feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus());
} else {
- logger.info(EELFLoggerDelegate.errorLogger, "getAppRolesForUser - no Organization User ID");
- response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
- feErrorString = EcompPortalUtils.getFEErrorString(true, HttpServletResponse.SC_BAD_REQUEST);
+ if ((!isSystemUser && EcompPortalUtils.legitimateUserId(orgUserId)) || isSystemUser) {
+ result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user);
+ logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}",
+ result, appid);
+ int responseCode = EcompPortalUtils.getExternalAppResponseCode();
+ if (responseCode != 0 && responseCode != 200) {
+ // external error
+ response.setStatus(responseCode);
+ feErrorString = EcompPortalUtils.getFEErrorString(false, responseCode);
+ } else if (result == null) {
+ // If the result is null, there was an internal onap error
+ // in the service call.
+ response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ feErrorString = EcompPortalUtils.getFEErrorString(true,
+ HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ }
+ } else {
+ logger.info(EELFLoggerDelegate.errorLogger, "getAppRolesForUser - no Organization User ID");
+ response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ feErrorString = EcompPortalUtils.getFEErrorString(true, HttpServletResponse.SC_BAD_REQUEST);
+ }
}
- }
- StringBuilder sbUserApps = new StringBuilder();
- if (result != null && !result.isEmpty()) {
- sbUserApps.append("User '" + orgUserId + "' has Roles={");
- for (RoleInAppForUser appRole : result) {
- if (appRole.isApplied) {
- sbUserApps.append(appRole.roleName + ", ");
+ StringBuilder sbUserApps = new StringBuilder();
+ if (result != null && !result.isEmpty()) {
+ sbUserApps.append("User '" + orgUserId + "' has Roles={");
+ for (RoleInAppForUser appRole : result) {
+ if (appRole.isApplied) {
+ sbUserApps.append(appRole.roleName + ", ");
+ }
}
+ sbUserApps.append("} assigned to the appId '" + appid + "'.");
+ } else {
+ // Not sure creating an empty object will make any difference
+ // but would like to give it a shot for defect #DE221057
+ if (result == null) {
+ result = new ArrayList<>();
+ }
+ sbUserApps.append("User '" + orgUserId + "' and appid " + appid + " has no roles");
}
- sbUserApps.append("} assigned to the appId '" + appid + "'.");
- } else {
- // Not sure creating an empty object will make any difference
- // but would like to give it a shot for defect #DE221057
- if (result == null) {
- result = new ArrayList<>();
- }
- sbUserApps.append("User '" + orgUserId + "' and appid " + appid + " has no roles");
- }
- logger.info(EELFLoggerDelegate.errorLogger, sbUserApps.toString());
+ logger.info(EELFLoggerDelegate.errorLogger, sbUserApps.toString());
- EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "get result =", result);
- if (feErrorString != "") {
- logger.debug(EELFLoggerDelegate.debugLogger, "LR: FEErrorString to header: " + feErrorString);
+ EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "get result =", result);
+ if (feErrorString != "") {
+ logger.debug(EELFLoggerDelegate.debugLogger, "LR: FEErrorString to header: " + feErrorString);
- response.addHeader("FEErrorString", feErrorString);
- response.addHeader("Access-Control-Expose-Headers", "FEErrorString");
+ response.addHeader("FEErrorString", feErrorString);
+ response.addHeader("Access-Control-Expose-Headers", "FEErrorString");
+ }
+ return result;
}
- return result;
- }
- @RequestMapping(value = {"/portalApi/userAppRoles"}, method = {
- RequestMethod.PUT}, produces = "application/json")
- public PortalRestResponse<String> putAppWithUserRoleStateForUser(Principal principal,
- @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
- // FieldsValidator fieldsValidator = new FieldsValidator();
- PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
- StringBuilder sbUserApps = new StringBuilder();
- if (newAppRolesForUser != null) {
- sbUserApps.append("User '" + newAppRolesForUser.getOrgUserId());
- if (newAppRolesForUser.getAppId() != null && !newAppRolesForUser.getAppRoles().isEmpty()) {
- sbUserApps.append("' has roles = { ");
- for (RoleInAppForUser appRole : newAppRolesForUser.getAppRoles()) {
- if (appRole.isApplied) {
- sbUserApps.append(appRole.roleName + " ,");
+ @RequestMapping(value = {"/portalApi/userAppRoles"}, method = {
+ RequestMethod.PUT}, produces = "application/json")
+ public PortalRestResponse<String> putAppWithUserRoleStateForUser(Principal principal,
+ @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
+ // FieldsValidator fieldsValidator = new FieldsValidator();
+ PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
+ StringBuilder sbUserApps = new StringBuilder();
+ if (newAppRolesForUser != null) {
+ sbUserApps.append("User '" + newAppRolesForUser.getOrgUserId());
+ if (newAppRolesForUser.getAppId() != null && !newAppRolesForUser.getAppRoles().isEmpty()) {
+ sbUserApps.append("' has roles = { ");
+ for (RoleInAppForUser appRole : newAppRolesForUser.getAppRoles()) {
+ if (appRole.isApplied) {
+ sbUserApps.append(appRole.roleName + " ,");
+ }
}
+ sbUserApps.deleteCharAt(sbUserApps.length() - 1);
+ sbUserApps.append("} assigned for the app " + newAppRolesForUser.getAppId());
+ } else {
+ sbUserApps.append("' has no roles assigned for app " + newAppRolesForUser.getAppId());
}
- sbUserApps.deleteCharAt(sbUserApps.length() - 1);
- sbUserApps.append("} assigned for the app " + newAppRolesForUser.getAppId());
- } else {
- sbUserApps.append("' has no roles assigned for app " + newAppRolesForUser.getAppId());
}
- }
- logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}",
- sbUserApps.toString());
+ logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}",
+ sbUserApps.toString());
- FnUser user = fnUserService.loadUserByUsername(principal.getName());
- // boolean changesApplied = false;
- ExternalRequestFieldsValidator changesApplied = null;
+ FnUser user = fnUserService.loadUserByUsername(principal.getName());
+ // boolean changesApplied = false;
+ ExternalRequestFieldsValidator changesApplied = null;
- if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) {
- EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser");
- } else if (newAppRolesForUser == null) {
- logger.error(EELFLoggerDelegate.errorLogger,
- "putAppWithUserRoleStateForUser: newAppRolesForUser is null");
- } else {
- changesApplied = userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
- try {
- if (changesApplied.isResult()) {
- logger.info(EELFLoggerDelegate.applicationLogger,
- "putAppWithUserRoleStateForUser: succeeded for app {}, user {}",
- newAppRolesForUser.getAppId(),
- newAppRolesForUser.getAppId());
-
- MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- AuditLog auditLog = new AuditLog();
- auditLog.setUserId(user.getId());
- auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_USER);
- auditLog.setAffectedRecordId(newAppRolesForUser.getOrgUserId());
- auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(),
- PortalConstants.AUDIT_LOG_COMMENT_SIZE));
- auditService.logActivity(auditLog, null);
-
- MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- EcompPortalUtils.calculateDateTimeDifferenceForLog(
- MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
- MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
- logger.info(EELFLoggerDelegate.auditLogger,
- EPLogUtil.formatAuditLogMessage(
- "UserRolesController.putAppWithUserRoleStateForUser",
- EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(),
- newAppRolesForUser.getOrgUserId(), sbUserApps.toString()));
- MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
- MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
- MDC.remove(SystemProperties.MDC_TIMER);
- portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null);
+ if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) {
+ EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser");
+ } else if (newAppRolesForUser == null) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "putAppWithUserRoleStateForUser: newAppRolesForUser is null");
+ } else {
+ changesApplied = userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
+ try {
+ if (changesApplied.isResult()) {
+ logger.info(EELFLoggerDelegate.applicationLogger,
+ "putAppWithUserRoleStateForUser: succeeded for app {}, user {}",
+ newAppRolesForUser.getAppId(),
+ newAppRolesForUser.getAppId());
+
+ MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
+ EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+ AuditLog auditLog = new AuditLog();
+ auditLog.setUserId(user.getId());
+ auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_USER);
+ auditLog.setAffectedRecordId(newAppRolesForUser.getOrgUserId());
+ auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(),
+ PortalConstants.AUDIT_LOG_COMMENT_SIZE));
+ auditService.logActivity(auditLog, null);
+
+ MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
+ EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+ EcompPortalUtils.calculateDateTimeDifferenceForLog(
+ MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
+ MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
+ logger.info(EELFLoggerDelegate.auditLogger,
+ EPLogUtil.formatAuditLogMessage(
+ "UserRolesController.putAppWithUserRoleStateForUser",
+ EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(),
+ newAppRolesForUser.getOrgUserId(), sbUserApps.toString()));
+ MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
+ MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
+ MDC.remove(SystemProperties.MDC_TIMER);
+ portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null);
- }
- if (!changesApplied.isResult()) {
- throw new Exception(changesApplied.getDetailMessage());
- }
+ }
+ if (!changesApplied.isResult()) {
+ throw new Exception(changesApplied.getDetailMessage());
+ }
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger,
- "putAppWithUserRoleStateForUser: failed for app {}, user {}",
- newAppRolesForUser.getAppId(),
- newAppRolesForUser.getOrgUserId(), e);
- portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "putAppWithUserRoleStateForUser: failed for app {}, user {}",
+ newAppRolesForUser.getAppId(),
+ newAppRolesForUser.getOrgUserId(), e);
+ portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null);
+ }
}
+
+ EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied);
+ return portalResponse;
}
- EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied);
- return portalResponse;
- }
+ @RequestMapping(value = {"/portalApi/updateRemoteUserProfile"}, method = {
+ RequestMethod.GET}, produces = "application/json")
+ public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request) {
- @RequestMapping(value = {"/portalApi/updateRemoteUserProfile"}, method = {
- RequestMethod.GET}, produces = "application/json")
- public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request) {
+ String updateRemoteUserFlag = FAILURE;
+ try {
+ // saveNewUser = userService.saveNewUser(newUser);
+ String orgUserId = request.getParameter("loginId");
+ Long appId = Long.parseLong(request.getParameter("appId"));
+ userRolesService.updateRemoteUserProfile(orgUserId, appId);
- String updateRemoteUserFlag = FAILURE;
- try {
- // saveNewUser = userService.saveNewUser(newUser);
- String orgUserId = request.getParameter("loginId");
- Long appId = Long.parseLong(request.getParameter("appId"));
- userRolesService.updateRemoteUserProfile(orgUserId, appId);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "updateRemoteUserProfile failed", e);
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, updateRemoteUserFlag, e.getMessage());
+ }
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, updateRemoteUserFlag, "");
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "updateRemoteUserProfile failed", e);
- return new PortalRestResponse<>(PortalRestStatusEnum.OK, updateRemoteUserFlag, e.getMessage());
}
- return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, updateRemoteUserFlag, "");
-
- }
-
+ */
@RequestMapping(value = {"/portalApi/app/{appId}/users"}, method = {
RequestMethod.GET}, produces = "application/json")
- public List<UserApplicationRoles> getUsersFromAppEndpoint(HttpServletRequest request,
- @PathVariable("appId") Long appId) throws HTTPException {
+ public List<UserApplicationRoles> getUsersFromAppEndpoint(@PathVariable("appId") Long appId) {
try {
logger.debug(EELFLoggerDelegate.debugLogger, "/portalApi/app/{}/users was invoked", appId);
- return userRolesService.getUsersFromAppEndpoint(appId);
+ return fnUserRoleService.getUsersFromAppEndpoint(appId);
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "getUsersFromAppEndpoint failed", e);
return new ArrayList<>();
return rolesList;
}
+
@RequestMapping(value = {"/portalApi/admin/import/app/{appId}/roles"}, method = {
RequestMethod.GET}, produces = "application/json")
- public List<FnRole> importRolesFromRemoteApplication(HttpServletRequest request,
- @PathVariable("appId") Long appId)
- throws HTTPException {
- List<FnRole> rolesList = userRolesService.importRolesFromRemoteApplication(appId);
+ public List<FnRole> importRolesFromRemoteApplication(@PathVariable("appId") Long appId) throws HTTPException {
+ List<FnRole> rolesList = fnUserRoleService.importRolesFromRemoteApplication(appId);
EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/admin/import/app/{appId}/roles",
"response for appId=" + appId, rolesList);
return rolesList;
}
+
@RequestMapping(value = {"/portalApi/app/{appId}/user/{orgUserId}/roles"}, method = {
RequestMethod.GET}, produces = "application/json")
- public EcompRole testGetRoles(HttpServletRequest request, @PathVariable("appId") Long appId,
+ public EcompRole testGetRoles(@PathVariable("appId") Long appId,
@PathVariable("orgUserId") String orgUserId) throws Exception {
if (!EcompPortalUtils.legitimateUserId(orgUserId)) {
String msg = "Error /user/<user>/roles not legitimate orgUserId = " + orgUserId;
return roles[0];
}
+
@RequestMapping(value = {"/portalApi/saveUserAppRoles"}, method = {
RequestMethod.PUT}, produces = "application/json")
public FieldsValidator putAppWithUserRoleRequest(Principal principal,
try {
FnUser user = fnUserService.loadUserByUsername(principal.getName());
- fieldsValidator = userRolesService.putUserAppRolesRequest(newAppRolesForUser, user);
- response.setStatus(fieldsValidator.httpStatusCode.intValue());
+ fieldsValidator = fnUserRoleService.putUserAppRolesRequest(newAppRolesForUser, user);
+ response.setStatus(0);
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleRequest failed", e);
return fieldsValidator;
}
+
@RequestMapping(value = {"/portalApi/appCatalogRoles"}, method = {
RequestMethod.GET}, produces = "application/json")
public List<EPUserAppCatalogRoles> getUserAppCatalogRoles(Principal principal,
FnUser user = fnUserService.loadUserByUsername(principal.getName());
List<EPUserAppCatalogRoles> userAppRoleList = null;
try {
- userAppRoleList = userRolesService.getUserAppCatalogRoles(user, appName);
+ userAppRoleList = fnUserRoleService.getUserAppCatalogRoles(user, appName);
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "putUserWidgetsSortPref failed", e);
}
- Collections.sort(userAppRoleList, getUserAppCatalogRolesComparator);
+ userAppRoleList.sort(getUserAppCatalogRolesComparator);
EcompPortalUtils
.logAndSerializeObject(logger, "/portalApi/userApplicationRoles", "result =", userAppRoleList);
}
+
private Comparator<EPUserAppCatalogRoles> getUserAppCatalogRolesComparator =
- Comparator.comparing(EPUserAppCatalogRoles::getRolename);
+ Comparator.comparing(EPUserAppCatalogRoles::getRoleName);
@RequestMapping(value = "/portalApi/externalRequestAccessSystem", method = RequestMethod.GET,
produces = "application/json")
- public ExternalSystemAccess readExternalRequestAccess(HttpServletRequest request) {
+ public ExternalSystemAccess readExternalRequestAccess() {
ExternalSystemAccess result = null;
try {
- result = userRolesService.getExternalRequestAccess();
+ result = fnUserRoleService.getExternalRequestAccess();
EcompPortalUtils
.logAndSerializeObject(logger, "/portalApi/externalRequestAccessSystem", "GET result =",
result);
"readExternalRequestAccess failed: " + e.getMessage());
}
return result;
- }
-*/
+ }
@RequestMapping(value = {"/portalApi/checkIfUserIsSuperAdmin"}, method = RequestMethod.GET,
produces = "application/json")
--- /dev/null
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.dao.ep;
+
+import org.onap.portal.domain.db.ep.EpUserRolesRequest;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+@Repository
+@Transactional
+public interface EpUserRolesRequestDao extends JpaRepository<EpUserRolesRequest, Long> {
+
+}
--- /dev/null
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.dao.ep;
+
+import org.onap.portal.domain.db.ep.EpUserRolesRequestDet;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+@Repository
+@Transactional
+public interface EpUserRolesRequestDetDao extends JpaRepository<EpUserRolesRequestDet, Long> {
+
+}
public interface FnRoleDao extends JpaRepository<FnRole, Long> {
@Query
- List<FnRole> retrieveAppRoleByAppRoleIdAndByAppId(final @Param("appId") Long appId, final @Param("appRoleId") Long appRoleId);
+ List<FnRole> retrieveAppRoleByAppRoleIdAndByAppId(final @Param("appId") Long appId,
+ final @Param("appRoleId") Long appRoleId);
+
+ List<FnRole> getUserRoleOnUserIdAndAppId(final @Param("userId") Long userId, final @Param("appId") Long appId);
}
import org.hibernate.validator.constraints.SafeHtml;
import org.onap.portal.domain.db.fn.FnApp;
import org.onap.portal.domain.db.fn.FnUser;
+import org.onap.portal.domain.dto.ecomp.EPUserAppRolesRequestDetail;
/*
CREATE TABLE `ep_user_roles_request` (
fetch = FetchType.LAZY
)
private Set<EpUserRolesRequestDet> epUserRolesRequestDets;
+
+ public void setEpRequestIdDetail(Set<EpUserRolesRequestDet> epMyLoginsDetail) {
+ this.epUserRolesRequestDets = epMyLoginsDetail;
+ }
}
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
-import javax.persistence.NamedNativeQueries;
-import javax.persistence.NamedNativeQuery;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
import javax.persistence.OneToMany;
import javax.persistence.Table;
-import javax.persistence.UniqueConstraint;
import javax.validation.constraints.Digits;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;
name = "FnRole.retrieveActiveRolesOfApplication",
query = "from FnRole where active_yn = 'Y' and app_id=:appId"),
@NamedQuery(name = "FnRole.retrieveRoleToUpdateInExternalAuthSystem",
- query = "FROM FnRole where role_name =:roleName and app_id =:appId")
-})
+ query = "FROM FnRole where role_name =:roleName and app_id =:appId"),
+ @NamedQuery(
+ name = "FnRole.getUserRoleOnUserIdAndAppId",
+ query = " FROM"
+ + " FnRole fr,\n"
+ + " FnUserRole fur\n"
+ + " WHERE\n"
+ + " fr.roleId = fur.roleId\n"
+ + " AND fur.userId = :userId"
+ + " AND fur.appId = :appId\n"
+ + " AND fr.activeYn = 'y'")
+ })
@Table(name = "fn_role", indexes = {
@Index(name = "fn_role_name_app_id_idx", columnList = "role_name, app_id", unique = true)
import java.time.LocalDateTime;
import java.util.Collection;
import java.util.HashSet;
+import java.util.Iterator;
import java.util.Set;
+import java.util.SortedSet;
+import java.util.TreeSet;
import java.util.stream.Collectors;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import org.onap.portal.domain.db.ep.EpUserRolesRequest;
import org.onap.portal.domain.db.ep.EpWidgetCatalogParameter;
import org.onap.portal.domain.dto.DomainVo;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
@DynamicUpdate
public class FnUser extends DomainVo implements UserDetails, Serializable {
+ private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(FnUser.class);
+
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "user_id", nullable = false)
return this.firstName + " " + this.lastName;
}
+ public SortedSet<FnRole> getAppEPRoles(FnApp app) {
+
+ logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - app = {}", app.getAppName());
+
+ SortedSet<FnRole> roles = new TreeSet<>();
+ Set<FnUserRole> userAppRoles = getFnUserRoles();
+
+ logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - userApps = {} ", userAppRoles.size());
+
+ Iterator<FnUserRole> userAppRolesIterator = userAppRoles.iterator();
+
+ FnUserRole userAppRole;
+ // getting default app
+ while (userAppRolesIterator.hasNext()) {
+ FnUserRole tempUserApp = userAppRolesIterator.next();
+ if (tempUserApp.getAppId().getId().equals(app.getId())) {
+
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In EPUser.getAppEPRoles() - for user {}, found application {}", this.getFullName(),
+ app.getAppName());
+
+ userAppRole = tempUserApp;
+
+ FnRole role = userAppRole.getRoleId();
+ if (role.getActiveYn()) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In EPUser.getAppEPRoles() - Role {} is active - adding for user {} and app {}",
+ role.getRoleName(), this.getFullName(), app.getAppName());
+ roles.add(role);
+ } else {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In EPUser.getAppEPRoles() - Role {} is NOT active - NOT adding for user {} and app {}",
+ role.getRoleName(), this.getFullName(), app.getAppName());
+ }
+ }
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - roles = {}", roles.size());
+
+ return roles;
+ }
}
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
+import org.onap.portal.domain.db.ep.EpUserRolesRequest;
import org.onap.portal.domain.dto.DomainVo;
@Getter
private Long reqRoleId;
private String reqType;
- private EPUserAppRolesRequest epRequestIdData;
+ private EpUserRolesRequest epRequestIdData;
}
--- /dev/null
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.service;
+
+import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID;
+
+import com.google.gson.Gson;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.Base64;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import org.apache.commons.lang.StringUtils;
+import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.jaxrs.impl.ResponseImpl;
+import org.apache.cxf.transport.http.HTTPException;
+import org.onap.portal.domain.db.fn.FnApp;
+import org.onap.portal.logging.aop.EPMetricsLog;
+import org.onap.portal.logging.format.EPAppMessagesEnum;
+import org.onap.portal.logging.logic.EPLogUtil;
+import org.onap.portal.service.fn.old.AppsCacheService;
+import org.onap.portal.utils.EPCommonSystemProperties;
+import org.onap.portal.utils.EcompPortalUtils;
+import org.onap.portal.utils.SystemType;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
+import org.onap.portalsdk.core.onboarding.util.CipherUtil;
+import org.onap.portalsdk.core.util.SystemProperties;
+import org.slf4j.MDC;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Service
+public class ApplicationsRestClientService {
+
+ private static final String PASSWORD_HEADER = "password";
+ private static final String APP_USERNAME_HEADER = "username";
+ private static final String BASIC_AUTHENTICATION_HEADER = "Authorization";
+
+ private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ApplicationsRestClientService.class);
+
+ Gson gson = null;
+
+ private final AppsCacheService appsCacheService;
+
+ @Autowired
+ public ApplicationsRestClientService(AppsCacheService appsCacheService) {
+ this.appsCacheService = appsCacheService;
+ }
+
+ private static boolean isHttpSuccess(int status) {
+ return status / 100 == 2;
+ }
+
+ @EPMetricsLog
+ private void verifyResponse(Response response, String restPath) throws HTTPException {
+ int status = response.getStatus();
+ logger.debug(EELFLoggerDelegate.debugLogger, "http response status=" + status);
+ MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE, Integer.toString(status));
+ if (!isHttpSuccess(status)) {
+ String errMsg =
+ "Failed. Status=" + status + restPath + "; [" + ((ResponseImpl) response).getStatusInfo()
+ .getReasonPhrase().toString()
+ + "]";
+ URL url = null;
+ try {
+ // must not be null to avoid NPE in HTTPException constructor
+ url = new URL("http://null");
+ if (((ResponseImpl) response).getLocation() != null) {
+ url = ((ResponseImpl) response).getLocation().toURL();
+ }
+ } catch (MalformedURLException e) {
+ // never mind. it is only for the debug message.
+ logger.warn(EELFLoggerDelegate.errorLogger, "Failed to build URL", e);
+ }
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "http response failed. " + restPath + errMsg + "; url=" + url);
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeIncorrectHttpStatusError);
+ throw new HTTPException(status, errMsg, url);
+ }
+ }
+
+ private WebClient createClientForApp(long appId, String restPath) {
+ return createClientFor(appId, restPath, SystemType.APPLICATION);
+ }
+
+ private static WebClient createClientForPath(String baseUri, String path) {
+ logger.info(EELFLoggerDelegate.debugLogger, "Creating web client for " + baseUri + " + " + path);
+ WebClient client = WebClient.create(baseUri);
+ client.type(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON);
+ client.path(path);
+ return client;
+ }
+
+ //TODO Need to implement the mylogins once the endpoint is confirmed
+ @EPMetricsLog
+ private WebClient createClientFor(long appSystemId, String restPath, SystemType type) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "creating client for appId=" + appSystemId + "; restPath=" + restPath);
+ FnApp externalApp = null;
+
+ if (type == SystemType.APPLICATION) {
+ externalApp = appsCacheService.getApp(appSystemId);
+ } else {
+ // TO DO
+ }
+
+ if (externalApp != null) {
+ String appBaseUri = (type == SystemType.APPLICATION) ? externalApp.getAppRestEndpoint() : "";
+ String username = (type == SystemType.APPLICATION) ? externalApp.getAppUsername() : "";
+ String encriptedPwd = (type == SystemType.APPLICATION) ? externalApp.getAppPassword() : "";
+
+ String appName = (type == SystemType.APPLICATION) ? externalApp.getAppName() : "";
+ String decreptedAppPwd = StringUtils.EMPTY;
+
+ // Set local context
+ MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTP);
+ if (appBaseUri != null && appBaseUri.contains("https")) {
+ MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTPS);
+ }
+ MDC.put(EPCommonSystemProperties.FULL_URL, appBaseUri + restPath);
+ MDC.put(EPCommonSystemProperties.TARGET_ENTITY, appName);
+ MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, restPath);
+
+ if (!encriptedPwd.isEmpty() || encriptedPwd != null || StringUtils.isEmpty(encriptedPwd)) {
+ try {
+ decreptedAppPwd = CipherUtil.decryptPKC(encriptedPwd,
+ SystemProperties.getProperty(SystemProperties.Decryption_Key));
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "createClientFor failed to decrypt", e);
+ }
+ }
+ WebClient client = createClientForPath(appBaseUri, restPath);
+
+ if (externalApp.getAppPassword().isEmpty() || externalApp.getAppPassword() == null) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Entering in the externalApp get app password contains null : {}");
+
+ externalApp = appsCacheService.getApp(1L);
+ logger.debug(EELFLoggerDelegate.debugLogger, "external App Information : {}", externalApp);
+
+ String mechidUsername = externalApp.getAppUsername();
+ logger.debug(EELFLoggerDelegate.debugLogger, "external App mechidUsername Information : {}",
+ mechidUsername);
+
+ String password = externalApp.getAppPassword();
+ String decreptedexternalAppPwd = StringUtils.EMPTY;
+ try {
+ decreptedexternalAppPwd = CipherUtil.decryptPKC(password,
+ SystemProperties.getProperty(SystemProperties.Decryption_Key));
+ } catch (CipherUtilException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "failed to decreptedexternalAppPwd when external app pwd is null", e);
+ }
+
+ username = mechidUsername;
+ decreptedAppPwd = decreptedexternalAppPwd;
+
+ } else {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Entering in the externalApp get app password is not null : {}");
+
+ // support basic authentication for some partners
+ String encoding = Base64.getEncoder()
+ .encodeToString((username + ":" + decreptedAppPwd).getBytes());
+ String encodingStr = "Basic " + encoding;
+ client.header(BASIC_AUTHENTICATION_HEADER, encodingStr);
+ }
+
+ // But still keep code downward compatible for non compliant apps
+ client.header(APP_USERNAME_HEADER, username);
+ client.header(PASSWORD_HEADER, decreptedAppPwd);
+
+ String encoding = Base64.getEncoder()
+ .encodeToString((username + ":" + decreptedAppPwd).getBytes());
+ String encodingStr = "Basic " + encoding;
+ client.header(BASIC_AUTHENTICATION_HEADER, encodingStr);
+ client.header(SystemProperties.ECOMP_REQUEST_ID, MDC.get(MDC_KEY_REQUEST_ID));
+ client.header(SystemProperties.USERAGENT_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ String.format(
+ "check the partner application URL App %d found, baseUri=[%s], Headers: [%s=%s]",
+ appSystemId, appBaseUri,
+ APP_USERNAME_HEADER, username));
+ return client;
+ }
+ return null;
+ }
+
+ public <T> T post(Class<T> clazz, long appId, Object payload, String restPath, SystemType type)
+ throws HTTPException {
+ WebClient client = null;
+ Response response = null;
+ T t = null;
+
+ client = createClientFor(appId, restPath, type);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "POST request =", payload);
+
+ try {
+ if (client != null) {
+ response = client.post(payload);
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Unable to create the Webclient to make the '" + restPath + "' API call.");
+ }
+ } catch (Exception e) {
+ MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,
+ Integer.toString(HttpServletResponse.SC_INTERNAL_SERVER_ERROR));
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiGeneralError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while making the POST REST API call", e);
+ }
+
+ if (response != null) {
+ //verifyResponse(response);
+ verifyResponse(response, restPath);
+ // String contentType = response.getHeaderString("Content-Type");
+ if (clazz != null) {
+ String str = ((ResponseImpl) response).readEntity(String.class);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "POST result =", str);
+ try {
+ t = (T) gson.fromJson(str, clazz);
+
+ //t = gson.fromJson(str, clazz);
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
+ }
+ }
+ }
+ return t;
+ }
+
+ public <T> T post(Class<T> clazz, long appId, Object payload, String restPath) throws HTTPException {
+ return post(clazz, appId, payload, restPath, SystemType.APPLICATION);
+ }
+
+ public <T> T put(Class<T> clazz, long appId, Object payload, String restPath) throws HTTPException {
+ WebClient client = null;
+ Response response = null;
+ T t = null;
+
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Entering to createClientForApp method for payload: {} and restPath: {} and appId: {}",
+ payload.toString(), restPath, appId);
+
+ client = createClientForApp(appId, restPath);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "PUT request =", payload);
+
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Finished createClientForApp method for payload: {} and restPath: {} and appId: {}",
+ payload.toString(), restPath, appId);
+
+ try {
+ if (client != null) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Entering to PUT for payload: {} and restPath: {} and appId: {}",
+ payload.toString(), restPath, appId);
+
+ response = client.put(payload);
+
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Finished to PUT for payload: {} and restPath: {} and appId: {}",
+ payload.toString(), restPath, appId);
+
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Unable to create the Webclient to make the '" + restPath + "' API call.");
+ }
+ } catch (Exception e) {
+ MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,
+ Integer.toString(HttpServletResponse.SC_INTERNAL_SERVER_ERROR));
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiGeneralError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while making the PUT REST API call", e);
+ }
+
+ if (response != null) {
+ //verifyResponse(response);
+ verifyResponse(response, restPath);
+ String str = ((ResponseImpl) response).readEntity(String.class);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "PUT result =", str);
+ try {
+ t = gson.fromJson(str, clazz);
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
+ }
+ }
+ return t;
+ }
+
+ protected Response getResponse(long appId, String restPath) {
+ WebClient webClient = null;
+ Response response = null;
+
+ webClient = createClientForApp(appId, restPath);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "GET request =", "no-payload");
+
+ try {
+ if (webClient != null) {
+ response = webClient.get();
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Unable to create the Webclient to make the '" + restPath + "' API call.");
+ }
+ } catch (Exception e) {
+ MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,
+ Integer.toString(HttpServletResponse.SC_INTERNAL_SERVER_ERROR));
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiGeneralError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while making the GET REST API call", e);
+ }
+ return response;
+ }
+
+ public <T> T get(Class<T> clazz, long appId, String restPath) throws HTTPException {
+ T t = null;
+ Response response = getResponse(appId, restPath);
+
+ if (response != null) {
+ //verifyResponse(response);
+ verifyResponse(response, restPath);
+ /* It is not recommendable to use the implementation class org.apache.cxf.jaxrs.impl.ResponseImpl in the code,
+ but had to force this in-order to prevent conflict with the ResponseImpl class of Jersey Client which
+ doesn't work as expected. Created Portal-253 for tracking */
+ String str = ((ResponseImpl) response).readEntity(String.class);
+
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "GET result =", str);
+ try {
+ t = gson.fromJson(str, clazz);
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
+ }
+ }
+
+ return t;
+ }
+
+ public String getIncomingJsonString(final Long appId, final String restPath) throws HTTPException {
+ Response response = getResponse(appId, restPath);
+
+ if (response != null) {
+ //verifyResponse(response);
+ verifyResponse(response,restPath);
+ /* It is not recommendable to use the implementation class org.apache.cxf.jaxrs.impl.ResponseImpl in the code,
+ but had to force this in-order to prevent conflict with the ResponseImpl class of Jersey Client which
+ doesn't work as expected. Created Portal-253 for tracking */
+ String incomingJson = ((ResponseImpl)response).readEntity(String.class);
+ return incomingJson;
+ }
+
+ return "";
+ }
+}
--- /dev/null
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.service.ep;
+
+import org.onap.portal.dao.ep.EpUserRolesRequestDetDao;
+import org.onap.portal.domain.db.ep.EpUserRolesRequestDet;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+@Transactional
+public class EpUserRolesRequestDetService {
+ private final EpUserRolesRequestDetDao epUserRolesRequestDetDao;
+
+ @Autowired
+ public EpUserRolesRequestDetService(EpUserRolesRequestDetDao epUserRolesRequestDetDao) {
+ this.epUserRolesRequestDetDao = epUserRolesRequestDetDao;
+ }
+
+ public EpUserRolesRequestDet saveOne(EpUserRolesRequestDet epUserRolesRequestDet){
+ return epUserRolesRequestDetDao.save(epUserRolesRequestDet);
+ }
+}
--- /dev/null
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.service.ep;
+
+import org.onap.portal.dao.ep.EpUserRolesRequestDao;
+import org.onap.portal.domain.db.ep.EpUserRolesRequest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+@Transactional
+public class EpUserRolesRequestService {
+ private final EpUserRolesRequestDao epUserRolesRequestDao;
+
+ @Autowired
+ public EpUserRolesRequestService(EpUserRolesRequestDao epUserRolesRequestDao) {
+ this.epUserRolesRequestDao = epUserRolesRequestDao;
+ }
+
+ public EpUserRolesRequest saveOne(EpUserRolesRequest epUserRolesRequest){
+ return epUserRolesRequestDao.save(epUserRolesRequest);
+ }
+}
}
return null;
}
+
+ public List<FnRole> retrieveAppRoleByAppRoleIdAndByAppId(Long appId, Long appRoleId){
+ return Optional.of(fnRoleDao.retrieveAppRoleByAppRoleIdAndByAppId(appId, appRoleId)).orElse(new ArrayList<>());
+ }
+
+ public List<FnRole> getUserRoleOnUserIdAndAppId(final Long userId, final Long appId) {
+ return Optional.of(fnRoleDao.getUserRoleOnUserIdAndAppId(userId, appId)).orElse(new ArrayList<>());
+ }
}
package org.onap.portal.service.fn;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import java.io.IOException;
+import java.time.LocalDateTime;
import java.util.ArrayList;
-import java.util.Collections;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.LinkedHashSet;
import java.util.List;
+import java.util.Map;
import java.util.Optional;
+import java.util.Set;
+import java.util.SortedSet;
import java.util.stream.Collectors;
+import javax.persistence.EntityManager;
+import javax.persistence.Tuple;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.cxf.transport.http.HTTPException;
import org.onap.portal.dao.fn.FnUserRoleDao;
+import org.onap.portal.domain.db.ep.EpUserRolesRequest;
+import org.onap.portal.domain.db.ep.EpUserRolesRequestDet;
+import org.onap.portal.domain.db.fn.FnApp;
+import org.onap.portal.domain.db.fn.FnRole;
+import org.onap.portal.domain.db.fn.FnUser;
import org.onap.portal.domain.db.fn.FnUserRole;
+import org.onap.portal.domain.dto.ecomp.EPUserAppCatalogRoles;
+import org.onap.portal.domain.dto.ecomp.ExternalSystemAccess;
+import org.onap.portal.domain.dto.transport.AppWithRolesForUser;
+import org.onap.portal.domain.dto.transport.FieldsValidator;
+import org.onap.portal.domain.dto.transport.RemoteRole;
+import org.onap.portal.domain.dto.transport.RemoteUserWithRoles;
+import org.onap.portal.domain.dto.transport.RoleInAppForUser;
+import org.onap.portal.domain.dto.transport.UserApplicationRoles;
+import org.onap.portal.service.ApplicationsRestClientService;
+import org.onap.portal.service.ep.EpUserRolesRequestDetService;
+import org.onap.portal.service.ep.EpUserRolesRequestService;
+import org.onap.portal.utils.EPCommonSystemProperties;
+import org.onap.portal.utils.PortalConstants;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.util.SystemProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@Service
@Transactional
public class FnUserRoleService {
+
+ private static final String USER_APP_CATALOG_ROLES =
+ "select\n"
+ + " A.reqId as reqId,\n"
+ + " B.requestedRoleId.roleId as requestedRoleId,\n"
+ + " A.requestStatus as requestStatus,\n"
+ + " A.appId.appId as appId,\n"
+ + " (\n"
+ + " select\n"
+ + " roleName\n"
+ + " from\n"
+ + " FnRole\n"
+ + " where\n"
+ + " roleId = B.requestedRoleId.roleId\n"
+ + " ) as roleName\n"
+ + "from\n"
+ + " EpUserRolesRequest A\n"
+ + " left join EpUserRolesRequestDet B on A.reqId = B.reqId.reqId\n"
+ + "where\n"
+ + " A.userId.userId = :userid\n"
+ + " and A.appId IN (\n"
+ + " select\n"
+ + " appId\n"
+ + " from\n"
+ + " FnApp\n"
+ + " where\n"
+ + " appName = :appName\n"
+ + " )\n"
+ + " and A.requestStatus = 'P'\n";
+
private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(FnUserRoleService.class);
private final FnUserRoleDao fnUserRoleDao;
+ private final FnAppService fnAppService;
+ private final FnRoleService fnRoleService;
+ private final FnUserService fnUserService;
+ private final EpUserRolesRequestService epUserRolesRequestService;
+ private final EpUserRolesRequestDetService epUserRolesRequestDetService;
+ private final EntityManager entityManager;
+ private final ApplicationsRestClientService applicationsRestClientService;
@Autowired
- public FnUserRoleService(FnUserRoleDao fnUserRoleDao) {
+ public FnUserRoleService(FnUserRoleDao fnUserRoleDao, FnAppService fnAppService,
+ FnRoleService fnRoleService,
+ FnUserService fnUserService,
+ EpUserRolesRequestService epUserRolesRequestService,
+ EpUserRolesRequestDetService epUserRolesRequestDetService,
+ EntityManager entityManager,
+ ApplicationsRestClientService applicationsRestClientService) {
this.fnUserRoleDao = fnUserRoleDao;
+ this.fnAppService = fnAppService;
+ this.fnRoleService = fnRoleService;
+ this.fnUserService = fnUserService;
+ this.epUserRolesRequestService = epUserRolesRequestService;
+ this.epUserRolesRequestDetService = epUserRolesRequestDetService;
+ this.entityManager = entityManager;
+ this.applicationsRestClientService = applicationsRestClientService;
}
public List<FnUserRole> getAdminUserRoles(final Long userId, final Long roleId, final Long appId) {
return fnUserRoleDao.getAdminUserRoles(userId, roleId, appId).orElse(new ArrayList<>());
}
- public boolean isSuperAdmin(final String orgUserId, final Long roleId, final Long appId){
- List<FnUserRole> roles = getUserRolesForRoleIdAndAppId(roleId, appId).stream().filter(role -> role.getUserId().getOrgUserId().equals(orgUserId)).collect(Collectors.toList());
+ public boolean isSuperAdmin(final String orgUserId, final Long roleId, final Long appId) {
+ List<FnUserRole> roles = getUserRolesForRoleIdAndAppId(roleId, appId).stream()
+ .filter(role -> role.getUserId().getOrgUserId().equals(orgUserId)).collect(Collectors.toList());
return !roles.isEmpty();
}
- private List<FnUserRole> getUserRolesForRoleIdAndAppId(final Long roleId, final Long appId){
+ private List<FnUserRole> getUserRolesForRoleIdAndAppId(final Long roleId, final Long appId) {
return Optional.of(fnUserRoleDao.getUserRolesForRoleIdAndAppId(roleId, appId)).orElse(new ArrayList<>());
}
- public FnUserRole saveOne(final FnUserRole fnUserRole){
+ public FnUserRole saveOne(final FnUserRole fnUserRole) {
return fnUserRoleDao.save(fnUserRole);
}
+
+ public ExternalSystemAccess getExternalRequestAccess() {
+ ExternalSystemAccess res = null;
+ try {
+ res = new ExternalSystemAccess(EPCommonSystemProperties.EXTERNAL_ACCESS_ENABLE,
+ Boolean.parseBoolean(
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_ACCESS_ENABLE)));
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "getExternalRequestAccess failed" + e.getMessage());
+ }
+ return res;
+ }
+
+ public List<EPUserAppCatalogRoles> getUserAppCatalogRoles(FnUser userid, String appName) {
+ List<Tuple> tuples = entityManager.createQuery(USER_APP_CATALOG_ROLES, Tuple.class)
+ .setParameter("userid", userid.getUserId())
+ .setParameter("appName", appName)
+ .getResultList();
+ return tuples.stream().map(this::tupleToEPUserAppCatalogRoles).collect(Collectors.toList());
+ }
+
+ private EPUserAppCatalogRoles tupleToEPUserAppCatalogRoles(Tuple tuple) {
+ return new EPUserAppCatalogRoles((Long) tuple.get("reqId"), (Long) tuple.get("requestedRoleId"),
+ (String) tuple.get("roleName"), (String) tuple.get("requestStatus"), (Long) tuple.get("appId"));
+ }
+
+ private boolean postUserRolesToMylogins(AppWithRolesForUser userAppRolesData,
+ ApplicationsRestClientService applicationsRestClientService, Long appId, Long userId)
+ throws JsonProcessingException, HTTPException {
+ boolean result = false;
+ ObjectMapper mapper = new ObjectMapper();
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+ String userRolesAsString = mapper.writeValueAsString(userAppRolesData);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Should not be reached here, as the endpoint is not defined yet from the Mylogins");
+ applicationsRestClientService.post(AppWithRolesForUser.class, appId, userRolesAsString,
+ String.format("/user/%s/myLoginroles", userId));
+ return result;
+ }
+
+ public FieldsValidator putUserAppRolesRequest(AppWithRolesForUser newAppRolesForUser, FnUser user) {
+ FieldsValidator fieldsValidator = new FieldsValidator();
+ List<FnRole> appRole;
+ try {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Should not be reached here, still the endpoint is yet to be defined");
+ boolean result = postUserRolesToMylogins(newAppRolesForUser, applicationsRestClientService,
+ newAppRolesForUser.getAppId(), user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "putUserAppRolesRequest: result {}", result);
+ FnApp app = fnAppService.getById(newAppRolesForUser.getAppId());
+ EpUserRolesRequest epUserRolesRequest = new EpUserRolesRequest();
+ epUserRolesRequest.setCreatedDate(LocalDateTime.now());
+ epUserRolesRequest.setUpdatedDate(LocalDateTime.now());
+ epUserRolesRequest.setUserId(user);
+ epUserRolesRequest.setAppId(app);
+ epUserRolesRequest.setRequestStatus("P");
+ List<RoleInAppForUser> appRoleIdList = newAppRolesForUser.getAppRoles();
+ Set<EpUserRolesRequestDet> appRoleDetails = new LinkedHashSet<>();
+ epUserRolesRequestService.saveOne(epUserRolesRequest);
+ for (RoleInAppForUser userAppRoles : appRoleIdList) {
+ Boolean isAppliedVal = userAppRoles.getIsApplied();
+ if (isAppliedVal) {
+ appRole = fnRoleService
+ .retrieveAppRoleByAppRoleIdAndByAppId(newAppRolesForUser.getAppId(),
+ userAppRoles.getRoleId());
+ if (!appRole.isEmpty()) {
+ EpUserRolesRequestDet epAppRoleDetail = new EpUserRolesRequestDet();
+ epAppRoleDetail.setRequestedRoleId(appRole.get(0));
+ epAppRoleDetail.setRequestType("P");
+ epAppRoleDetail.setReqId(epUserRolesRequest);
+ epUserRolesRequestDetService.saveOne(epAppRoleDetail);
+ }
+ }
+ }
+ epUserRolesRequest.setEpRequestIdDetail(appRoleDetails);
+ fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_OK);
+
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "putUserAppRolesRequest failed", e);
+ fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ }
+ return fieldsValidator;
+ }
+
+ public List<FnRole> importRolesFromRemoteApplication(Long appId) throws HTTPException {
+ FnRole[] appRolesFull = applicationsRestClientService.get(FnRole[].class, appId, "/rolesFull");
+ List<FnRole> rolesList = Arrays.asList(appRolesFull);
+ for (FnRole externalAppRole : rolesList) {
+
+ // Try to find an existing extern role for the app in the local
+ // onap DB. If so, then use its id to update the existing external
+ // application role record.
+ Long externAppId = externalAppRole.getId();
+ FnRole existingAppRole = fnRoleService.getRole(appId, externAppId);
+ if (existingAppRole != null) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ String.format(
+ "ecomp role already exists for app=%s; appRoleId=%s. No need to import this one.",
+ appId, externAppId));
+ continue;
+ }
+ // persistExternalRoleInEcompDb(externalAppRole, appId,
+ // roleService);
+ }
+
+ return rolesList;
+ }
+
+ public List<UserApplicationRoles> getUsersFromAppEndpoint(Long appId) throws HTTPException {
+ ArrayList<UserApplicationRoles> userApplicationRoles = new ArrayList<>();
+
+ FnApp app = fnAppService.getById(appId);
+ //If local or centralized application
+ if (PortalConstants.PORTAL_APP_ID.equals(appId) || app.getAuthCentral()) {
+ List<FnUser> userList = fnUserService.getActiveUsers();
+ for (FnUser user : userList) {
+ UserApplicationRoles userWithAppRoles = convertToUserApplicationRoles(appId, user, app);
+ if (userWithAppRoles.getRoles() != null && userWithAppRoles.getRoles().size() > 0) {
+ userApplicationRoles.add(userWithAppRoles);
+ }
+ }
+
+ }
+ // remote app
+ else {
+ RemoteUserWithRoles[] remoteUsers = null;
+ String remoteUsersString = applicationsRestClientService.getIncomingJsonString(appId, "/users");
+
+ remoteUsers = doGetUsers(isAppUpgradeVersion(app), remoteUsersString);
+
+ userApplicationRoles = new ArrayList<>();
+ for (RemoteUserWithRoles remoteUser : remoteUsers) {
+ UserApplicationRoles userWithRemoteAppRoles = convertToUserApplicationRoles(appId,
+ remoteUser);
+ if (userWithRemoteAppRoles.getRoles() != null
+ && userWithRemoteAppRoles.getRoles().size() > 0) {
+ userApplicationRoles.add(userWithRemoteAppRoles);
+ } else {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "User " + userWithRemoteAppRoles.getOrgUserId()
+ + " doesn't have any roles assigned to any app.");
+ }
+ }
+ }
+
+ return userApplicationRoles;
+ }
+
+ private UserApplicationRoles convertToUserApplicationRoles(Long appId, RemoteUserWithRoles remoteUser) {
+ UserApplicationRoles userWithRemoteAppRoles = new UserApplicationRoles();
+ userWithRemoteAppRoles.setAppId(appId);
+ userWithRemoteAppRoles.setOrgUserId(remoteUser.getOrgUserId());
+ userWithRemoteAppRoles.setFirstName(remoteUser.getFirstName());
+ userWithRemoteAppRoles.setLastName(remoteUser.getLastName());
+ userWithRemoteAppRoles.setRoles(remoteUser.getRoles());
+ return userWithRemoteAppRoles;
+ }
+
+ private boolean isAppUpgradeVersion(FnApp app) {
+ return true;
+ }
+
+ private RemoteUserWithRoles[] doGetUsers(boolean postOpenSource, String remoteUsersString) {
+
+ ObjectMapper mapper = new ObjectMapper();
+ try {
+ return mapper.readValue(remoteUsersString, RemoteUserWithRoles[].class);
+ } catch (IOException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "doGetUsers : Failed : Unexpected property in incoming JSON",
+ e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "doGetUsers : Incoming JSON that caused it --> " + remoteUsersString);
+ }
+
+ return new RemoteUserWithRoles[0];
+ }
+
+ private UserApplicationRoles convertToUserApplicationRoles(Long appId, FnUser user, FnApp app) {
+ UserApplicationRoles userWithRemoteAppRoles = new UserApplicationRoles();
+ userWithRemoteAppRoles.setAppId(appId);
+ userWithRemoteAppRoles.setOrgUserId(user.getOrgUserId());
+ userWithRemoteAppRoles.setFirstName(user.getFirstName());
+ userWithRemoteAppRoles.setLastName(user.getLastName());
+ userWithRemoteAppRoles.setRoles(convertToRemoteRoleList(user, app));
+ return userWithRemoteAppRoles;
+ }
+
+ private List<RemoteRole> convertToRemoteRoleList(FnUser user, FnApp app) {
+ List<RemoteRole> roleList = new ArrayList<>();
+ SortedSet<FnRole> roleSet = user.getAppEPRoles(app);
+ for (FnRole role : roleSet) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "In convertToRemoteRoleList() - for user {}, found Name {}", user.getOrgUserId(), role.getRoleName());
+ RemoteRole rRole = new RemoteRole();
+ rRole.setId(role.getId());
+ rRole.setName(role.getRoleName());
+ roleList.add(rRole);
+ }
+
+ //Get the active roles of user for that application using query
+ List<FnRole> userEpRoleList = fnRoleService.getUserRoleOnUserIdAndAppId(user.getId(), app.getId());
+
+ for (FnRole remoteUserRoleList : userEpRoleList) {
+
+ RemoteRole remoteRoleListId = roleList.stream().filter(x -> remoteUserRoleList.getId().equals(x.getId()))
+ .findAny().orElse(null);
+ if (remoteRoleListId == null) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Adding the role to the rolelist () - for user {}, found Name {}", user.getOrgUserId(),
+
+ remoteUserRoleList.getRoleName());
+ RemoteRole role = new RemoteRole();
+ role.setId(remoteUserRoleList.getId());
+ role.setName(remoteUserRoleList.getRoleName());
+
+ roleList.add(role);
+ }
+
+ }
+
+ logger.debug(EELFLoggerDelegate.debugLogger, "rolelist size of the USER() - for user {}, found RoleListSize {}", user.getOrgUserId(), roleList.size());
+
+ return roleList;
+
+
+
+ }
}
# SQL statements and parameters
log4j.logger.org.hibernate.SQL=debug
-log4j.logger.org.hibernate.type.descriptor.sql=trace
\ No newline at end of file
+log4j.logger.org.hibernate.type.descriptor.sql=trace
+
+#PROPERTIES
+external_access_enable = false
\ No newline at end of file
spring.datasource.password=password
spring.datasource.initialization-mode=always
spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
+
+#PROPERTIES
+external_access_enable = false
\ No newline at end of file
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
+import javax.servlet.http.HttpServletRequest;
import javax.sql.DataSource;
import org.h2.tools.RunScript;
import org.hibernate.Session;
import org.onap.portal.domain.db.fn.FnRole;
import org.onap.portal.domain.db.fn.FnUser;
import org.onap.portal.domain.db.fn.FnUserRole;
+import org.onap.portal.domain.dto.ecomp.ExternalSystemAccess;
+import org.onap.portal.framework.MockitoTestSuite;
import org.onap.portal.service.fn.FnAppService;
import org.onap.portal.service.fn.FnLanguageService;
import org.onap.portal.service.fn.FnLuTimezoneService;
//Then
assertEquals(expected, actual);
}
+
+ @Test
+ void readExternalRequestAccess() {
+ ExternalSystemAccess expected = new ExternalSystemAccess("external_access_enable", false);
+ ExternalSystemAccess actual = userRolesController.readExternalRequestAccess();
+
+ assertEquals(expected.getAccessValue(), actual.getAccessValue());
+ assertEquals(expected.getKey(), actual.getKey());
+ }
}
\ No newline at end of file
--- /dev/null
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.service.fn;
+
+import static org.junit.Assert.assertEquals;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.transaction.Transactional;
+import org.junit.Assert;
+import org.junit.jupiter.api.Test;
+import org.junit.runner.RunWith;
+import org.onap.portal.domain.db.fn.FnUser;
+import org.onap.portal.domain.dto.ecomp.EPUserAppCatalogRoles;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringRunner;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest
+@Transactional
+@TestPropertySource(locations = "classpath:test.properties")
+class FnUserRoleServiceTest {
+ @Autowired
+ private FnUserRoleService fnUserRoleService;
+ @Autowired
+ private FnUserService fnUserService;
+
+ @Test
+ void getUserAppCatalogRoles() {
+ FnUser user = fnUserService.loadUserByUsername("demo");
+
+ List<EPUserAppCatalogRoles> actual = fnUserRoleService.getUserAppCatalogRoles(user, "appName");
+
+ List<EPUserAppCatalogRoles> expected = new ArrayList<>();
+
+ assertEquals(expected, actual);
+ }
+}
\ No newline at end of file
Code Review / portal.git / commitdiff