From: Dominik Mizyn Date: Wed, 20 Nov 2019 12:43:48 +0000 (+0100) Subject: getAppRolesForUser() method up in UserRolesController X-Git-Tag: 3.2.0~65 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=portal.git;a=commitdiff_plain;h=39fb119cdaea6bd8d801b22d195db39f6d8faaca getAppRolesForUser() method up in UserRolesController This patch provid getAppRolesForUser() method up in UserRolesController, minor changes in domain classes and some essential services to provide this method. Issue-ID: PORTAL-710 Change-Id: I3701b580425f10ddf608d7333f9770728d073e1b Signed-off-by: Dominik Mizyn --- diff --git a/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java b/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java index da3026e1..87c8dff5 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java @@ -88,31 +88,31 @@ import org.springframework.web.bind.annotation.RestController; @Configuration public class UserRolesController { - private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserRolesController.class); + private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserRolesController.class); - private final FnUserService fnUserService; - private final FnUserRoleService fnUserRoleService; - private final AdminRolesService adminRolesService; - private final ApplicationsRestClientService applicationsRestClientService; - private final AuditServiceImpl auditService = new AuditServiceImpl(); + private final FnUserService fnUserService; + private final FnUserRoleService fnUserRoleService; + private final AdminRolesService adminRolesService; + private final ApplicationsRestClientService applicationsRestClientService; + private final AuditServiceImpl auditService = new AuditServiceImpl(); /* private final UserRolesService userRolesService; private final SearchService searchService;*/ - private static final String FAILURE = "failure"; + private static final String FAILURE = "failure"; - @Autowired - public UserRolesController(final FnUserService fnUserService, - FnUserRoleService fnUserRoleService, - final AdminRolesService adminRolesService, - ApplicationsRestClientService applicationsRestClientService) { - this.fnUserService = fnUserService; - this.fnUserRoleService = fnUserRoleService; - this.adminRolesService = adminRolesService; - this.applicationsRestClientService = applicationsRestClientService; - } + @Autowired + public UserRolesController(final FnUserService fnUserService, + FnUserRoleService fnUserRoleService, + final AdminRolesService adminRolesService, + ApplicationsRestClientService applicationsRestClientService) { + this.fnUserService = fnUserService; + this.fnUserRoleService = fnUserRoleService; + this.adminRolesService = adminRolesService; + this.applicationsRestClientService = applicationsRestClientService; + } /* @@ -260,317 +260,317 @@ public class UserRolesController { return fieldsValidator; } - - - @RequestMapping(value = {"/portalApi/userAppRoles"}, method = { - RequestMethod.GET}, produces = "application/json") - public List getAppRolesForUser(Principal principal, - @RequestParam("user") String orgUserId, - @RequestParam("app") Long appid, @RequestParam("externalRequest") Boolean extRequestValue, - @RequestParam("isSystemUser") Boolean isSystemUser, - HttpServletResponse response) { - FnUser user = fnUserService.loadUserByUsername(principal.getName()); - List result = null; - String feErrorString = ""; - if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) { - logger.debug(EELFLoggerDelegate.debugLogger, - "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}", - adminRolesService.isAccountAdmin(user), adminRolesService.isRoleAdmin(user)); - EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser"); - feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus()); - } else { - if ((!isSystemUser && EcompPortalUtils.legitimateUserId(orgUserId)) || isSystemUser) { - result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user); - logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}", - result, appid); - int responseCode = EcompPortalUtils.getExternalAppResponseCode(); - if (responseCode != 0 && responseCode != 200) { - // external error - response.setStatus(responseCode); - feErrorString = EcompPortalUtils.getFEErrorString(false, responseCode); - } else if (result == null) { - // If the result is null, there was an internal onap error - // in the service call. - response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - feErrorString = EcompPortalUtils.getFEErrorString(true, - HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - } - } else { - logger.info(EELFLoggerDelegate.errorLogger, "getAppRolesForUser - no Organization User ID"); - response.setStatus(HttpServletResponse.SC_BAD_REQUEST); - feErrorString = EcompPortalUtils.getFEErrorString(true, HttpServletResponse.SC_BAD_REQUEST); - } - } - - StringBuilder sbUserApps = new StringBuilder(); - if (result != null && !result.isEmpty()) { - sbUserApps.append("User '" + orgUserId + "' has Roles={"); - for (RoleInAppForUser appRole : result) { - if (appRole.isApplied) { - sbUserApps.append(appRole.roleName + ", "); - } - } - sbUserApps.append("} assigned to the appId '" + appid + "'."); - } else { - // Not sure creating an empty object will make any difference - // but would like to give it a shot for defect #DE221057 - if (result == null) { - result = new ArrayList<>(); - } - sbUserApps.append("User '" + orgUserId + "' and appid " + appid + " has no roles"); - } - logger.info(EELFLoggerDelegate.errorLogger, sbUserApps.toString()); - - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "get result =", result); - if (feErrorString != "") { - logger.debug(EELFLoggerDelegate.debugLogger, "LR: FEErrorString to header: " + feErrorString); - - response.addHeader("FEErrorString", feErrorString); - response.addHeader("Access-Control-Expose-Headers", "FEErrorString"); - } - return result; - } - */ - - @RequestMapping(value = {"/portalApi/userAppRoles"}, method = { - RequestMethod.PUT}, produces = "application/json") - public PortalRestResponse putAppWithUserRoleStateForUser(Principal principal, - @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) { - // FieldsValidator fieldsValidator = new FieldsValidator(); - PortalRestResponse portalResponse = new PortalRestResponse<>(); - StringBuilder sbUserApps = new StringBuilder(); - if (newAppRolesForUser != null) { - sbUserApps.append("User '").append(newAppRolesForUser.getOrgUserId()); - if (newAppRolesForUser.getAppId() != null && !newAppRolesForUser.getAppRoles().isEmpty()) { - sbUserApps.append("' has roles = { "); - for (RoleInAppForUser appRole : newAppRolesForUser.getAppRoles()) { - if (appRole.getIsApplied()) { - sbUserApps.append(appRole.getRoleName()).append(" ,"); - } - } - sbUserApps.deleteCharAt(sbUserApps.length() - 1); - sbUserApps.append("} assigned for the app ").append(newAppRolesForUser.getAppId()); - } else { - sbUserApps.append("' has no roles assigned for app ").append(newAppRolesForUser.getAppId()); - } - } - logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}", - sbUserApps.toString()); - - FnUser user = fnUserService.loadUserByUsername(principal.getName()); - // boolean changesApplied = false; - ExternalRequestFieldsValidator changesApplied = null; - - if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) { - EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser"); - } else if (newAppRolesForUser == null) { - logger.error(EELFLoggerDelegate.errorLogger, - "putAppWithUserRoleStateForUser: newAppRolesForUser is null"); - } else { - changesApplied = adminRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser); - try { - if (changesApplied.isResult()) { - logger.info(EELFLoggerDelegate.applicationLogger, - "putAppWithUserRoleStateForUser: succeeded for app {}, user {}", - newAppRolesForUser.getAppId(), - newAppRolesForUser.getAppId()); - - MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, - EPEELFLoggerAdvice.getCurrentDateTimeUTC()); - AuditLog auditLog = new AuditLog(); - auditLog.setUserId(user.getId()); - auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_USER); - auditLog.setAffectedRecordId(newAppRolesForUser.getOrgUserId()); - auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(), - PortalConstants.AUDIT_LOG_COMMENT_SIZE)); - auditService.logActivity(auditLog, null); - - MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, - EPEELFLoggerAdvice.getCurrentDateTimeUTC()); - EcompPortalUtils.calculateDateTimeDifferenceForLog( - MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP), - MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP)); - logger.info(EELFLoggerDelegate.auditLogger, - EPLogUtil.formatAuditLogMessage( - "UserRolesController.putAppWithUserRoleStateForUser", - EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(), - newAppRolesForUser.getOrgUserId(), sbUserApps.toString())); - MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP); - MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP); - MDC.remove(SystemProperties.MDC_TIMER); - portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null); - - } - if (!changesApplied.isResult()) { - throw new Exception(changesApplied.getDetailMessage()); - } - - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, - "putAppWithUserRoleStateForUser: failed for app {}, user {}", - newAppRolesForUser.getAppId(), - newAppRolesForUser.getOrgUserId(), e); - portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null); - } - } - - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied); - return portalResponse; - } - - @RequestMapping(value = {"/portalApi/updateRemoteUserProfile"}, method = { - RequestMethod.GET}, produces = "application/json") - public PortalRestResponse updateRemoteUserProfile(HttpServletRequest request) { - - String updateRemoteUserFlag = FAILURE; - try { - // saveNewUser = userService.saveNewUser(newUser); - String orgUserId = request.getParameter("loginId"); - long appId = Long.parseLong(request.getParameter("appId")); - fnUserRoleService.updateRemoteUserProfile(orgUserId, appId); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "updateRemoteUserProfile failed", e); - return new PortalRestResponse<>(PortalRestStatusEnum.OK, updateRemoteUserFlag, e.getMessage()); - } - return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, updateRemoteUserFlag, ""); - - } - - @RequestMapping(value = {"/portalApi/app/{appId}/users"}, method = { - RequestMethod.GET}, produces = "application/json") - public List getUsersFromAppEndpoint(@PathVariable("appId") Long appId) { - try { - logger.debug(EELFLoggerDelegate.debugLogger, "/portalApi/app/{}/users was invoked", appId); - return fnUserRoleService.getUsersFromAppEndpoint(appId); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "getUsersFromAppEndpoint failed", e); - return new ArrayList<>(); - } - } - - @RequestMapping(value = {"/portalApi/app/{appId}/roles"}, method = { - RequestMethod.GET}, produces = "application/json") - public List testGetRoles(HttpServletRequest request, @PathVariable("appId") Long appId) - throws HTTPException { - EcompRole[] appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles"); - List rolesList = Arrays.asList(appRoles); - EcompPortalUtils - .logAndSerializeObject(logger, "/portalApi/app/{appId}/roles", "response for appId=" + appId, - rolesList); - - return rolesList; - } - - - @RequestMapping(value = {"/portalApi/admin/import/app/{appId}/roles"}, method = { - RequestMethod.GET}, produces = "application/json") - public List importRolesFromRemoteApplication(@PathVariable("appId") Long appId) throws HTTPException { - List rolesList = fnUserRoleService.importRolesFromRemoteApplication(appId); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/admin/import/app/{appId}/roles", - "response for appId=" + appId, rolesList); - - return rolesList; - } - - - @RequestMapping(value = {"/portalApi/app/{appId}/user/{orgUserId}/roles"}, method = { - RequestMethod.GET}, produces = "application/json") - public EcompRole testGetRoles(@PathVariable("appId") Long appId, - @PathVariable("orgUserId") String orgUserId) throws Exception { - if (!EcompPortalUtils.legitimateUserId(orgUserId)) { - String msg = "Error /user//roles not legitimate orgUserId = " + orgUserId; - logger.error(EELFLoggerDelegate.errorLogger, msg); - throw new Exception(msg); - } - EcompRole[] roles = applicationsRestClientService.get(EcompRole[].class, appId, - String.format("/user/%s/roles", orgUserId)); - if (roles.length != 1) { - String msg = - "Error /user//roles returned array. expected size 1 recieved size = " + roles.length; - logger.error(EELFLoggerDelegate.errorLogger, msg); - throw new Exception(msg); - } - - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/app/{appId}/user/{orgUserId}/roles", - "response for appId='" + appId + "' and orgUserId='" + orgUserId + "'", roles[0]); - return roles[0]; - } - - - @RequestMapping(value = {"/portalApi/saveUserAppRoles"}, method = { - RequestMethod.PUT}, produces = "application/json") - public FieldsValidator putAppWithUserRoleRequest(Principal principal, - @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) { - FieldsValidator fieldsValidator = null; - FnUser user = fnUserService.loadUserByUsername(principal.getName()); - try { - fieldsValidator = fnUserRoleService.putUserAppRolesRequest(newAppRolesForUser, user); - response.setStatus(0); - - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleRequest failed", e); - - } - // return fieldsValidator; - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/saveUserAppRoles", "PUT result =", - response.getStatus()); - return fieldsValidator; - } - - - @SuppressWarnings("ConstantConditions") - @RequestMapping(value = {"/portalApi/appCatalogRoles"}, method = { - RequestMethod.GET}, produces = "application/json") - public List getUserAppCatalogRoles(Principal principal, - @RequestParam("appName") String appName) { - FnUser user = fnUserService.loadUserByUsername(principal.getName()); - List userAppRoleList = null; - try { - userAppRoleList = fnUserRoleService.getUserAppCatalogRoles(user, appName); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "putUserWidgetsSortPref failed", e); - - } - userAppRoleList.sort(getUserAppCatalogRolesComparator); - EcompPortalUtils - .logAndSerializeObject(logger, "/portalApi/userApplicationRoles", "result =", userAppRoleList); - - return userAppRoleList; - - } - - - private Comparator getUserAppCatalogRolesComparator = - Comparator.comparing(EPUserAppCatalogRoles::getRoleName); - - @RequestMapping(value = "/portalApi/externalRequestAccessSystem", method = RequestMethod.GET, - produces = "application/json") - public ExternalSystemAccess readExternalRequestAccess() { - ExternalSystemAccess result = null; - try { - result = fnUserRoleService.getExternalRequestAccess(); - EcompPortalUtils - .logAndSerializeObject(logger, "/portalApi/externalRequestAccessSystem", "GET result =", - result); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, - "readExternalRequestAccess failed: " + e.getMessage()); - } - return result; - - } - - @RequestMapping(value = {"/portalApi/checkIfUserIsSuperAdmin"}, method = RequestMethod.GET, - produces = "application/json") - public boolean checkIfUserIsSuperAdmin(Principal principal) { - FnUser user = fnUserService.loadUserByUsername(principal.getName()); - - boolean isSuperAdmin = false; - try { - isSuperAdmin = adminRolesService.isSuperAdmin(user.getOrgUserId()); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "checkIfUserIsSuperAdmin failed: " + e.getMessage()); - } - return isSuperAdmin; - } +*/ + + @RequestMapping(value = {"/portalApi/userAppRoles"}, method = { + RequestMethod.GET}, produces = "application/json") + public List getAppRolesForUser(Principal principal, + @RequestParam("user") String orgUserId, + @RequestParam("app") Long appid, @RequestParam("externalRequest") Boolean extRequestValue, + @RequestParam("isSystemUser") Boolean isSystemUser, + HttpServletResponse response) { + FnUser user = fnUserService.loadUserByUsername(principal.getName()); + List result = null; + String feErrorString = ""; + if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user.getUserId())) { + logger.debug(EELFLoggerDelegate.debugLogger, + "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}", + adminRolesService.isAccountAdmin(user), adminRolesService.isRoleAdmin(user.getUserId())); + EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser"); + feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus()); + } else { + if (isSystemUser || EcompPortalUtils.legitimateUserId(orgUserId)) { + result = adminRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user.getUserId()); + logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}", + result, appid); + int responseCode = EcompPortalUtils.getExternalAppResponseCode(); + if (responseCode != 0 && responseCode != 200) { + // external error + response.setStatus(responseCode); + feErrorString = EcompPortalUtils.getFEErrorString(false, responseCode); + } else if (result == null) { + // If the result is null, there was an internal onap error + // in the service call. + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + feErrorString = EcompPortalUtils.getFEErrorString(true, + HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } else { + logger.info(EELFLoggerDelegate.errorLogger, "getAppRolesForUser - no Organization User ID"); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + feErrorString = EcompPortalUtils.getFEErrorString(true, HttpServletResponse.SC_BAD_REQUEST); + } + } + + StringBuilder sbUserApps = new StringBuilder(); + if (result != null && !result.isEmpty()) { + sbUserApps.append("User '").append(orgUserId).append("' has Roles={"); + for (RoleInAppForUser appRole : result) { + if (appRole.getIsApplied()) { + sbUserApps.append(appRole.getRoleName()).append(", "); + } + } + sbUserApps.append("} assigned to the appId '").append(appid).append("'."); + } else { + // Not sure creating an empty object will make any difference + // but would like to give it a shot for defect #DE221057 + if (result == null) { + result = new ArrayList<>(); + } + sbUserApps.append("User '").append(orgUserId).append("' and appid ").append(appid).append(" has no roles"); + } + logger.info(EELFLoggerDelegate.errorLogger, sbUserApps.toString()); + + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "get result =", result); + if (!feErrorString.isEmpty()) { + logger.debug(EELFLoggerDelegate.debugLogger, "LR: FEErrorString to header: " + feErrorString); + + response.addHeader("FEErrorString", feErrorString); + response.addHeader("Access-Control-Expose-Headers", "FEErrorString"); + } + return result; + } + + + @RequestMapping(value = {"/portalApi/userAppRoles"}, method = { + RequestMethod.PUT}, produces = "application/json") + public PortalRestResponse putAppWithUserRoleStateForUser(Principal principal, + @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) { + // FieldsValidator fieldsValidator = new FieldsValidator(); + PortalRestResponse portalResponse = new PortalRestResponse<>(); + StringBuilder sbUserApps = new StringBuilder(); + if (newAppRolesForUser != null) { + sbUserApps.append("User '").append(newAppRolesForUser.getOrgUserId()); + if (newAppRolesForUser.getAppId() != null && !newAppRolesForUser.getAppRoles().isEmpty()) { + sbUserApps.append("' has roles = { "); + for (RoleInAppForUser appRole : newAppRolesForUser.getAppRoles()) { + if (appRole.getIsApplied()) { + sbUserApps.append(appRole.getRoleName()).append(" ,"); + } + } + sbUserApps.deleteCharAt(sbUserApps.length() - 1); + sbUserApps.append("} assigned for the app ").append(newAppRolesForUser.getAppId()); + } else { + sbUserApps.append("' has no roles assigned for app ").append(newAppRolesForUser.getAppId()); + } + } + logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}", + sbUserApps.toString()); + + FnUser user = fnUserService.loadUserByUsername(principal.getName()); + // boolean changesApplied = false; + ExternalRequestFieldsValidator changesApplied = null; + + if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user.getUserId())) { + EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser"); + } else if (newAppRolesForUser == null) { + logger.error(EELFLoggerDelegate.errorLogger, + "putAppWithUserRoleStateForUser: newAppRolesForUser is null"); + } else { + changesApplied = adminRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser); + try { + if (changesApplied.isResult()) { + logger.info(EELFLoggerDelegate.applicationLogger, + "putAppWithUserRoleStateForUser: succeeded for app {}, user {}", + newAppRolesForUser.getAppId(), + newAppRolesForUser.getAppId()); + + MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, + EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + AuditLog auditLog = new AuditLog(); + auditLog.setUserId(user.getId()); + auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_USER); + auditLog.setAffectedRecordId(newAppRolesForUser.getOrgUserId()); + auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(), + PortalConstants.AUDIT_LOG_COMMENT_SIZE)); + auditService.logActivity(auditLog, null); + + MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, + EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + EcompPortalUtils.calculateDateTimeDifferenceForLog( + MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP), + MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP)); + logger.info(EELFLoggerDelegate.auditLogger, + EPLogUtil.formatAuditLogMessage( + "UserRolesController.putAppWithUserRoleStateForUser", + EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(), + newAppRolesForUser.getOrgUserId(), sbUserApps.toString())); + MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP); + MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP); + MDC.remove(SystemProperties.MDC_TIMER); + portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null); + + } + if (!changesApplied.isResult()) { + throw new Exception(changesApplied.getDetailMessage()); + } + + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "putAppWithUserRoleStateForUser: failed for app {}, user {}", + newAppRolesForUser.getAppId(), + newAppRolesForUser.getOrgUserId(), e); + portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null); + } + } + + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied); + return portalResponse; + } + + @RequestMapping(value = {"/portalApi/updateRemoteUserProfile"}, method = { + RequestMethod.GET}, produces = "application/json") + public PortalRestResponse updateRemoteUserProfile(HttpServletRequest request) { + + String updateRemoteUserFlag = FAILURE; + try { + // saveNewUser = userService.saveNewUser(newUser); + String orgUserId = request.getParameter("loginId"); + long appId = Long.parseLong(request.getParameter("appId")); + fnUserRoleService.updateRemoteUserProfile(orgUserId, appId); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "updateRemoteUserProfile failed", e); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, updateRemoteUserFlag, e.getMessage()); + } + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, updateRemoteUserFlag, ""); + + } + + @RequestMapping(value = {"/portalApi/app/{appId}/users"}, method = { + RequestMethod.GET}, produces = "application/json") + public List getUsersFromAppEndpoint(@PathVariable("appId") Long appId) { + try { + logger.debug(EELFLoggerDelegate.debugLogger, "/portalApi/app/{}/users was invoked", appId); + return fnUserRoleService.getUsersFromAppEndpoint(appId); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getUsersFromAppEndpoint failed", e); + return new ArrayList<>(); + } + } + + @RequestMapping(value = {"/portalApi/app/{appId}/roles"}, method = { + RequestMethod.GET}, produces = "application/json") + public List testGetRoles(HttpServletRequest request, @PathVariable("appId") Long appId) + throws HTTPException { + EcompRole[] appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles"); + List rolesList = Arrays.asList(appRoles); + EcompPortalUtils + .logAndSerializeObject(logger, "/portalApi/app/{appId}/roles", "response for appId=" + appId, + rolesList); + + return rolesList; + } + + + @RequestMapping(value = {"/portalApi/admin/import/app/{appId}/roles"}, method = { + RequestMethod.GET}, produces = "application/json") + public List importRolesFromRemoteApplication(@PathVariable("appId") Long appId) throws HTTPException { + List rolesList = fnUserRoleService.importRolesFromRemoteApplication(appId); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/admin/import/app/{appId}/roles", + "response for appId=" + appId, rolesList); + + return rolesList; + } + + + @RequestMapping(value = {"/portalApi/app/{appId}/user/{orgUserId}/roles"}, method = { + RequestMethod.GET}, produces = "application/json") + public EcompRole testGetRoles(@PathVariable("appId") Long appId, + @PathVariable("orgUserId") String orgUserId) throws Exception { + if (!EcompPortalUtils.legitimateUserId(orgUserId)) { + String msg = "Error /user//roles not legitimate orgUserId = " + orgUserId; + logger.error(EELFLoggerDelegate.errorLogger, msg); + throw new Exception(msg); + } + EcompRole[] roles = applicationsRestClientService.get(EcompRole[].class, appId, + String.format("/user/%s/roles", orgUserId)); + if (roles.length != 1) { + String msg = + "Error /user//roles returned array. expected size 1 recieved size = " + roles.length; + logger.error(EELFLoggerDelegate.errorLogger, msg); + throw new Exception(msg); + } + + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/app/{appId}/user/{orgUserId}/roles", + "response for appId='" + appId + "' and orgUserId='" + orgUserId + "'", roles[0]); + return roles[0]; + } + + + @RequestMapping(value = {"/portalApi/saveUserAppRoles"}, method = { + RequestMethod.PUT}, produces = "application/json") + public FieldsValidator putAppWithUserRoleRequest(Principal principal, + @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) { + FieldsValidator fieldsValidator = null; + FnUser user = fnUserService.loadUserByUsername(principal.getName()); + try { + fieldsValidator = fnUserRoleService.putUserAppRolesRequest(newAppRolesForUser, user); + response.setStatus(0); + + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleRequest failed", e); + + } + // return fieldsValidator; + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/saveUserAppRoles", "PUT result =", + response.getStatus()); + return fieldsValidator; + } + + + @SuppressWarnings("ConstantConditions") + @RequestMapping(value = {"/portalApi/appCatalogRoles"}, method = { + RequestMethod.GET}, produces = "application/json") + public List getUserAppCatalogRoles(Principal principal, + @RequestParam("appName") String appName) { + FnUser user = fnUserService.loadUserByUsername(principal.getName()); + List userAppRoleList = null; + try { + userAppRoleList = fnUserRoleService.getUserAppCatalogRoles(user, appName); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "putUserWidgetsSortPref failed", e); + + } + userAppRoleList.sort(getUserAppCatalogRolesComparator); + EcompPortalUtils + .logAndSerializeObject(logger, "/portalApi/userApplicationRoles", "result =", userAppRoleList); + + return userAppRoleList; + + } + + + private Comparator getUserAppCatalogRolesComparator = + Comparator.comparing(EPUserAppCatalogRoles::getRoleName); + + @RequestMapping(value = "/portalApi/externalRequestAccessSystem", method = RequestMethod.GET, + produces = "application/json") + public ExternalSystemAccess readExternalRequestAccess() { + ExternalSystemAccess result = null; + try { + result = fnUserRoleService.getExternalRequestAccess(); + EcompPortalUtils + .logAndSerializeObject(logger, "/portalApi/externalRequestAccessSystem", "GET result =", + result); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "readExternalRequestAccess failed: " + e.getMessage()); + } + return result; + + } + + @RequestMapping(value = {"/portalApi/checkIfUserIsSuperAdmin"}, method = RequestMethod.GET, + produces = "application/json") + public boolean checkIfUserIsSuperAdmin(Principal principal) { + FnUser user = fnUserService.loadUserByUsername(principal.getName()); + + boolean isSuperAdmin = false; + try { + isSuperAdmin = adminRolesService.isSuperAdmin(user.getOrgUserId()); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "checkIfUserIsSuperAdmin failed: " + e.getMessage()); + } + return isSuperAdmin; + } } diff --git a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnAppDao.java b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnAppDao.java index 616ee2d1..a1be3bd1 100644 --- a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnAppDao.java +++ b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnAppDao.java @@ -1,7 +1,10 @@ package org.onap.portal.dao.fn; +import java.util.List; import org.onap.portal.domain.db.fn.FnApp; import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; import org.springframework.stereotype.Repository; import org.springframework.transaction.annotation.Transactional; @@ -9,4 +12,7 @@ import org.springframework.transaction.annotation.Transactional; @Transactional public interface FnAppDao extends JpaRepository { + @Query + List getByUebKey(final @Param("uebKey") String uebKey); + } diff --git a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnMenuFunctionalDao.java b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnMenuFunctionalDao.java new file mode 100644 index 00000000..0c8ac4a9 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnMenuFunctionalDao.java @@ -0,0 +1,56 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.dao.fn; + +import java.util.List; +import org.onap.portal.domain.db.fn.FnMenuFunctional; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; +import org.springframework.stereotype.Repository; +import org.springframework.transaction.annotation.Transactional; + +@Transactional +@Repository +public interface FnMenuFunctionalDao extends JpaRepository { + @Query + List retrieveByMenuId(final @Param("menuId") Long menuId); +} diff --git a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnMenuFunctionalRolesDao.java b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnMenuFunctionalRolesDao.java new file mode 100644 index 00000000..10b189bb --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnMenuFunctionalRolesDao.java @@ -0,0 +1,62 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.dao.fn; + +import java.util.List; +import org.onap.portal.domain.db.fn.FnMenuFunctionalRoles; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; +import org.springframework.stereotype.Repository; +import org.springframework.transaction.annotation.Transactional; + +@Transactional +@Repository +public interface FnMenuFunctionalRolesDao extends JpaRepository { + + @Query + List retrieveByRoleId(final @Param("roleId") Long roleId); + + @Query + List retrieveByMenuId(final @Param("menuId") Long menuId); + + +} diff --git a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnRoleDao.java b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnRoleDao.java index a87f31cc..b428ea11 100644 --- a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnRoleDao.java +++ b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnRoleDao.java @@ -68,6 +68,12 @@ public interface FnRoleDao extends JpaRepository { @Query List retrieveAppRolesByAppId(final @Param("appId") Long id); + @Query + List retrieveActiveRolesOfApplication(final @Param("appId") Long appId); + @Query List retrieveAppRolesByRoleNameAndByAppId(final @Param("roleName") String roleName, final @Param("appId") Long appId); + + @Query + List getGlobalRolesOfPortal(); } diff --git a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnUserRoleDao.java b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnUserRoleDao.java index efb56b29..952d5163 100644 --- a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnUserRoleDao.java +++ b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnUserRoleDao.java @@ -65,4 +65,7 @@ public interface FnUserRoleDao extends JpaRepository { @Query List retrieveByAppIdAndUserId(final @Param("appId") Long appId, final @Param("userId") String userId); + + @Query + List retrieveByAppIdAndRoleId(final @Param("appId") Long appId, final @Param("roleId") Long roleId); } diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpAppFunction.java b/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpAppFunction.java index 533309df..5cccdcbd 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpAppFunction.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpAppFunction.java @@ -101,62 +101,64 @@ CREATE TABLE `ep_app_function` ( @IdClass(EpAppFunctionId.class) @NoArgsConstructor @AllArgsConstructor -public class EpAppFunction extends DomainVo implements Serializable{ - @Id - @ManyToOne(cascade = CascadeType.ALL, fetch = FetchType.LAZY) - @JoinColumn(name = "app_id") - @Valid - private FnApp appId; - @Id - @Column(name = "function_cd", length = 250, nullable = false) - @Size(max = 250) - @NotNull - @SafeHtml - private String functionCd; - @Column(name = "function_name", length = 250, nullable = false) - @Size(max = 250) - @NotNull - @SafeHtml - private String functionName; +public class EpAppFunction extends DomainVo implements Serializable { - private Long roleId; - private String type; - @SafeHtml - private String action; - @SafeHtml - private String editUrl; + @Id + @ManyToOne(cascade = CascadeType.ALL, fetch = FetchType.LAZY) + @JoinColumn(name = "app_id") + @Valid + private FnApp appId; + @Id + @Column(name = "function_cd", length = 250, nullable = false) + @Size(max = 250) + @NotNull + @SafeHtml + private String functionCd; + @Column(name = "function_name", length = 250, nullable = false) + @Size(max = 250) + @NotNull + @SafeHtml + private String functionName; - @OneToMany( - targetEntity = EpAppRoleFunction.class, - mappedBy = "epAppFunction", - cascade = CascadeType.ALL, - fetch = FetchType.LAZY - ) - private Set epAppRoleFunctions; + private Long roleId; + private String type; + @SafeHtml + private String action; + @SafeHtml + private String editUrl; - public EpAppFunction(Long id, String code, String name, FnApp appId, String type, String action,String editUrl) { - super(); - this.id = id; - this.functionCd = code; - this.functionName = name; - this.appId = appId; - this.type = type; - this.action = action; - this.editUrl = editUrl; - } + @OneToMany( + targetEntity = EpAppRoleFunction.class, + mappedBy = "epAppFunction", + cascade = CascadeType.ALL, + fetch = FetchType.LAZY + ) + private Set epAppRoleFunctions; - @Getter - @Setter - @EqualsAndHashCode - @NoArgsConstructor - @AllArgsConstructor - public static class EpAppFunctionId implements Serializable { - @Valid - private FnApp appId; - @Size(max = 250) - @NotNull - @SafeHtml - private String functionCd; - } + public EpAppFunction(Long id, String code, String name, FnApp appId, String type, String action, String editUrl) { + super(); + this.id = id; + this.functionCd = code; + this.functionName = name; + this.appId = appId; + this.type = type; + this.action = action; + this.editUrl = editUrl; + } + + @Getter + @Setter + @EqualsAndHashCode + @NoArgsConstructor + @AllArgsConstructor + public static class EpAppFunctionId implements Serializable { + + @Valid + private FnApp appId; + @Size(max = 250) + @NotNull + @SafeHtml + private String functionCd; + } } diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnApp.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnApp.java index bada8e14..9beee463 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnApp.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnApp.java @@ -102,9 +102,13 @@ CREATE TABLE `fn_app` ( */ @NamedQueries({ - @NamedQuery( - name = "FnApp.retrieveWhereAuthCentralIsYAndOpenIsNAndAuthNamespaceIsNotNull", - query = "from FnApp where auth_central = 'Y' and open = 'N' and auth_namespace is not null") + @NamedQuery( + name = "FnApp.retrieveWhereAuthCentralIsYAndOpenIsNAndAuthNamespaceIsNotNull", + query = "from FnApp where authCentral = 'Y' and open = 'N' and authNamespace is not null"), + @NamedQuery( + name = "FnApp.getByUebKey", + query = "from FnApp where uebKey = :uebKey" + ) }) @Table(name = "fn_app") @@ -117,162 +121,162 @@ CREATE TABLE `fn_app` ( @Entity public class FnApp extends DomainVo implements Serializable { - @Id - @GeneratedValue(strategy = GenerationType.AUTO) - @Column(name = "app_Id", length = 11, nullable = false) - @Digits(integer = 11, fraction = 0) - private Long appId; - @Column(name = "app_name", length = 100, nullable = false, columnDefinition = "varchar(100) not null default '?'") - @Size(max = 100) - @SafeHtml - @NotNull - private String appName; - @Column(name = "app_image_url", length = 256) - @Size(max = 256) - @SafeHtml - private String appImageUrl; - @Column(name = "app_description", length = 512) - @Size(max = 256) - @SafeHtml - private String appDescription; - @Column(name = "app_notes", length = 4096) - @Size(max = 4096) - @SafeHtml - private String appNotes; - @Column(name = "app_url", length = 256) - @Size(max = 256) - @SafeHtml - //TODO URL - @URL - private String appUrl; - @Column(name = "app_alternate_url", length = 256) - @Size(max = 256) - @SafeHtml - private String appAlternateUrl; - @Column(name = "app_rest_endpoint", length = 2000) - @Size(max = 2000) - @SafeHtml - private String appRestEndpoint; - @Column(name = "ml_app_name", length = 50, nullable = false, columnDefinition = "varchar(50) not null default '?'") - @Size(max = 50) - @SafeHtml - @NotNull - private String ml_app_name; - @Column(name = "ml_app_admin_id", length = 7, nullable = false, columnDefinition = "varchar(7) not null default '?'") - @Size(max = 7) - @SafeHtml - @NotNull - private String mlAppAdminId; - @Column(name = "mots_id", length = 11) - @Digits(integer = 11, fraction = 0) - private Long motsId; - @Column(name = "app_password", length = 256, nullable = false, columnDefinition = "varchar(256) not null default '?'") - @Size(max = 256) - @SafeHtml - @NotNull - private String appPassword; - @Column(name = "_open", length = 1, columnDefinition = "char(1) default 'N'") - private Boolean open; - @Column(name = "_enabled", length = 1, columnDefinition = "char(1) default 'N'") - private Boolean enabled; - @Column(name = "active_yn", length = 1, columnDefinition = "char(1) default 'Y'") - @Pattern(regexp = "[YNyn]") - @Size(max = 1) - @NotNull - @SafeHtml - private String activeYn; - @Column(name = "_thumbnail", columnDefinition = "mediumblob null default null") - private byte[] thumbnail; - @Column(name = "app_username", length = 50) - @Size(max = 50) - @SafeHtml - private String appUsername; - @Column(name = "ueb_key", length = 256) - @Size(max = 256) - @SafeHtml - private String uebKey; - @Column(name = "ueb_secret", length = 256) - @Size(max = 256) - @SafeHtml - private String uebSecret; - @Column(name = "ueb_topic_name", length = 256) - @Size(max = 256) - @SafeHtml - private String uebTopicName; - @Column(name = "app_type", length = 11, columnDefinition = "int(11) not null default 1") - @Digits(integer = 11, fraction = 0) - private Long appType; - @Column(name = "auth_central", length = 1, columnDefinition = "char(1) not null default 'N'", nullable = false) - private Boolean authCentral; - @Column(name = "auth_namespace", length = 100) - @Size(max = 100) - @SafeHtml - private String authNamespace; - @OneToMany( - targetEntity = FnMenuFunctionalRoles.class, - mappedBy = "appId", - cascade = CascadeType.ALL, - fetch = FetchType.LAZY - ) - private Set fnMenuFunctionalRoles; - @OneToMany( - targetEntity = EpUserRolesRequest.class, - mappedBy = "appId", - cascade = CascadeType.ALL, - fetch = FetchType.LAZY - ) - private Set epUserRolesRequests; - @OneToMany( - targetEntity = EpAppFunction.class, - mappedBy = "appId", - cascade = CascadeType.ALL, - fetch = FetchType.LAZY - ) - private Set epAppFunctions; - @OneToMany( - targetEntity = EpAppRoleFunction.class, - mappedBy = "appId", - cascade = CascadeType.ALL, - fetch = FetchType.LAZY - ) - private Set epAppRoleFunctions; - @OneToMany( - targetEntity = FnUserRole.class, - mappedBy = "appId", - cascade = CascadeType.ALL, - fetch = FetchType.LAZY - ) - private Set fnUserRoles; - @OneToMany( - targetEntity = EpWebAnalyticsSource.class, - mappedBy = "appId", - cascade = CascadeType.ALL, - fetch = FetchType.LAZY - ) - private Set epWebAnalyticsSources; - @OneToMany( - targetEntity = EpWidgetCatalogRole.class, - mappedBy = "appId", - cascade = CascadeType.ALL, - fetch = FetchType.LAZY - ) - private Set epWidgetCatalogRoles; - @OneToMany( - targetEntity = EpMicroservice.class, - mappedBy = "appId", - cascade = CascadeType.ALL, - fetch = FetchType.LAZY - ) - private Set epMicroservices; - @OneToMany( - targetEntity = FnPersUserAppSel.class, - mappedBy = "appId", - cascade = CascadeType.ALL, - fetch = FetchType.LAZY - ) - private Set fnPersUserAppSels; + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + @Column(name = "app_Id", length = 11, nullable = false) + @Digits(integer = 11, fraction = 0) + private Long appId; + @Column(name = "app_name", length = 100, nullable = false, columnDefinition = "varchar(100) not null default '?'") + @Size(max = 100) + @SafeHtml + @NotNull + private String appName; + @Column(name = "app_image_url", length = 256) + @Size(max = 256) + @SafeHtml + private String appImageUrl; + @Column(name = "app_description", length = 512) + @Size(max = 256) + @SafeHtml + private String appDescription; + @Column(name = "app_notes", length = 4096) + @Size(max = 4096) + @SafeHtml + private String appNotes; + @Column(name = "app_url", length = 256) + @Size(max = 256) + @SafeHtml + //TODO URL + @URL + private String appUrl; + @Column(name = "app_alternate_url", length = 256) + @Size(max = 256) + @SafeHtml + private String appAlternateUrl; + @Column(name = "app_rest_endpoint", length = 2000) + @Size(max = 2000) + @SafeHtml + private String appRestEndpoint; + @Column(name = "ml_app_name", length = 50, nullable = false, columnDefinition = "varchar(50) not null default '?'") + @Size(max = 50) + @SafeHtml + @NotNull + private String ml_app_name; + @Column(name = "ml_app_admin_id", length = 7, nullable = false, columnDefinition = "varchar(7) not null default '?'") + @Size(max = 7) + @SafeHtml + @NotNull + private String mlAppAdminId; + @Column(name = "mots_id", length = 11) + @Digits(integer = 11, fraction = 0) + private Long motsId; + @Column(name = "app_password", length = 256, nullable = false, columnDefinition = "varchar(256) not null default '?'") + @Size(max = 256) + @SafeHtml + @NotNull + private String appPassword; + @Column(name = "_open", length = 1, columnDefinition = "char(1) default 'N'") + private Boolean open; + @Column(name = "_enabled", length = 1, columnDefinition = "char(1) default 'N'") + private Boolean enabled; + @Column(name = "active_yn", length = 1, columnDefinition = "char(1) default 'Y'") + @Pattern(regexp = "[YNyn]") + @Size(max = 1) + @NotNull + @SafeHtml + private String activeYn; + @Column(name = "_thumbnail", columnDefinition = "mediumblob null default null") + private byte[] thumbnail; + @Column(name = "app_username", length = 50) + @Size(max = 50) + @SafeHtml + private String appUsername; + @Column(name = "ueb_key", length = 256) + @Size(max = 256) + @SafeHtml + private String uebKey; + @Column(name = "ueb_secret", length = 256) + @Size(max = 256) + @SafeHtml + private String uebSecret; + @Column(name = "ueb_topic_name", length = 256) + @Size(max = 256) + @SafeHtml + private String uebTopicName; + @Column(name = "app_type", length = 11, columnDefinition = "int(11) not null default 1") + @Digits(integer = 11, fraction = 0) + private Long appType; + @Column(name = "auth_central", length = 1, columnDefinition = "char(1) not null default 'N'", nullable = false) + private Boolean authCentral; + @Column(name = "auth_namespace", length = 100) + @Size(max = 100) + @SafeHtml + private String authNamespace; + @OneToMany( + targetEntity = FnMenuFunctionalRoles.class, + mappedBy = "appId", + cascade = CascadeType.ALL, + fetch = FetchType.LAZY + ) + private Set fnMenuFunctionalRoles; + @OneToMany( + targetEntity = EpUserRolesRequest.class, + mappedBy = "appId", + cascade = CascadeType.ALL, + fetch = FetchType.LAZY + ) + private Set epUserRolesRequests; + @OneToMany( + targetEntity = EpAppFunction.class, + mappedBy = "appId", + cascade = CascadeType.ALL, + fetch = FetchType.LAZY + ) + private Set epAppFunctions; + @OneToMany( + targetEntity = EpAppRoleFunction.class, + mappedBy = "appId", + cascade = CascadeType.ALL, + fetch = FetchType.LAZY + ) + private Set epAppRoleFunctions; + @OneToMany( + targetEntity = FnUserRole.class, + mappedBy = "appId", + cascade = CascadeType.ALL, + fetch = FetchType.LAZY + ) + private Set fnUserRoles; + @OneToMany( + targetEntity = EpWebAnalyticsSource.class, + mappedBy = "appId", + cascade = CascadeType.ALL, + fetch = FetchType.LAZY + ) + private Set epWebAnalyticsSources; + @OneToMany( + targetEntity = EpWidgetCatalogRole.class, + mappedBy = "appId", + cascade = CascadeType.ALL, + fetch = FetchType.LAZY + ) + private Set epWidgetCatalogRoles; + @OneToMany( + targetEntity = EpMicroservice.class, + mappedBy = "appId", + cascade = CascadeType.ALL, + fetch = FetchType.LAZY + ) + private Set epMicroservices; + @OneToMany( + targetEntity = FnPersUserAppSel.class, + mappedBy = "appId", + cascade = CascadeType.ALL, + fetch = FetchType.LAZY + ) + private Set fnPersUserAppSels; - public Boolean isRestrictedApp() { - return (this.appType == 2); - } + public Boolean isRestrictedApp() { + return (this.appType == 2); + } } diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnFunction.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnFunction.java index 3375fd09..7bd9c386 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnFunction.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnFunction.java @@ -52,6 +52,7 @@ import javax.persistence.Table; import javax.validation.constraints.NotNull; import javax.validation.constraints.Size; import lombok.AllArgsConstructor; +import lombok.Builder; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; @@ -68,6 +69,7 @@ CREATE TABLE `fn_function` ( @Table(name = "fn_function") @NoArgsConstructor @AllArgsConstructor +@Builder @Getter @Setter @Entity @@ -82,6 +84,10 @@ public class FnFunction implements Serializable { @SafeHtml @NotNull private String functionName; + private String code; + private String name; + private String type; + private String action; @OneToMany( targetEntity = FnRestrictedUrl.class, mappedBy = "functionCd", diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnMenuFunctional.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnMenuFunctional.java index e348a01f..e1e2787c 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnMenuFunctional.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnMenuFunctional.java @@ -54,6 +54,8 @@ import javax.persistence.JoinColumn; import javax.persistence.JoinTable; import javax.persistence.ManyToMany; import javax.persistence.ManyToOne; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; import javax.persistence.OneToMany; import javax.persistence.Table; import javax.validation.Valid; @@ -83,6 +85,14 @@ CREATE TABLE `fn_menu_functional` ( ) */ +@NamedQueries({ + @NamedQuery( + name = "FnMenuFunctional.retrieveByMenuId", + query = "from FnMenuFunctionalRoles where menuId =:menuId" + ) +} +) + @Table(name = "fn_menu_functional", indexes = {@Index(columnList = "parent_menu_id", name = "fk_fn_menu_func_parent_menu_id_idx") }) @NoArgsConstructor diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnMenuFunctionalRoles.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnMenuFunctionalRoles.java index 3e9ae0e0..ff7cadc5 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnMenuFunctionalRoles.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnMenuFunctionalRoles.java @@ -51,6 +51,8 @@ import javax.persistence.Id; import javax.persistence.Index; import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; import javax.persistence.Table; import javax.validation.Valid; import javax.validation.constraints.Digits; @@ -76,6 +78,17 @@ CREATE TABLE `fn_menu_functional_roles` ( ) */ +@NamedQueries({ + @NamedQuery( + name = "FnMenuFunctionalRoles.retrieveByRoleId", + query = "from FnMenuFunctionalRoles where roleId.roleId =:roleId"), + @NamedQuery( + name = "FnMenuFunctionalRoles.retrieveByMenuId", + query = "from FnMenuFunctionalRoles where menuId.menuId =:menuId" + ) +} +) + @Table(name = "fn_menu_functional_roles", indexes = { @Index(columnList = "menu_id", name = "fk_fn_menu_func_roles_menu_id_idx"), @Index(columnList = "app_id", name = "fk_fn_menu_func_roles_app_id_idx"), diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRole.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRole.java index 80617ba9..3de581b1 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRole.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRole.java @@ -63,6 +63,7 @@ import javax.validation.constraints.Digits; import javax.validation.constraints.NotNull; import javax.validation.constraints.Size; import lombok.AllArgsConstructor; +import lombok.Builder; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; @@ -110,7 +111,7 @@ CREATE TABLE `fn_role` ( query = "FROM FnRole where roleName =:roleName and appId is null"), @NamedQuery( name = "FnRole.retrieveActiveRolesOfApplication", - query = "from FnRole where active_yn = 'Y' and appId=:appId"), + query = "from FnRole where activeYn = 'Y' and appId=:appId"), @NamedQuery( name = "FnRole.getUserRoleOnUserIdAndAppId", query = " FROM" @@ -120,7 +121,16 @@ CREATE TABLE `fn_role` ( + " fr.roleId = fur.roleId\n" + " AND fur.userId = :userId" + " AND fur.appId = :appId\n" - + " AND fr.activeYn = 'y'") + + " AND fr.activeYn = 'y'"), + @NamedQuery( + name = "FnRole.getGlobalRolesOfPortal", + query = "from" + + " FnRole" + + " where" + + " roleName like 'global_%'" + + " and appId is null" + + " and activeYn = 'Y'" + ) }) @Table(name = "fn_role", indexes = { @@ -128,6 +138,7 @@ CREATE TABLE `fn_role` ( }) @NoArgsConstructor @AllArgsConstructor +@Builder @Getter @Setter @Entity diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleFunction.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleFunction.java index 944d7395..90df5905 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleFunction.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleFunction.java @@ -53,11 +53,13 @@ import javax.persistence.Table; import javax.validation.Valid; import javax.validation.constraints.NotNull; import lombok.AllArgsConstructor; +import lombok.Builder; import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; import org.onap.portal.domain.db.fn.FnRoleFunction.FnRoleFunctionId; +import org.onap.portal.domain.dto.DomainVo; /* CREATE TABLE `fn_role_function` ( @@ -77,11 +79,12 @@ CREATE TABLE `fn_role_function` ( }) @NoArgsConstructor @AllArgsConstructor +@Builder @Getter @Setter @Entity @IdClass(FnRoleFunctionId.class) -public class FnRoleFunction implements Serializable{ +public class FnRoleFunction extends DomainVo implements Serializable{ @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL) @JoinColumn(name = "role_Id", nullable = false) @@ -96,6 +99,7 @@ public class FnRoleFunction implements Serializable{ @Id private FnFunction functionCd; + @Getter @Setter @NoArgsConstructor diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleV.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleV.java index e1c4cded..ad9c2ccd 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleV.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleV.java @@ -70,7 +70,7 @@ public class FnRoleV implements Serializable { @Column(name = "role_name") private String roleName; @Column(name = "active_yn") - private String activeYn; + private Boolean activeYn; @Column(name = "priority") private BigInteger priority; @Column(name = "app_Id") diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUserRole.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUserRole.java index f3fdec1e..10020f09 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUserRole.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUserRole.java @@ -87,79 +87,83 @@ CREATE TABLE `fn_user_role` ( */ @NamedNativeQueries({ - @NamedNativeQuery( - name = "FnUserRole.retrieveUserRoleOnUserIdAndRoleIdAndAppId", - query = "FROM FnUserRole where user_id= :userId" - + " and role_id= :roleId" - + " and app_id= :appId"), - @NamedNativeQuery( - name = "FnUserRole.retrieveCachedAppRolesForUser", - query = "FROM FnUserRole where user_id= :userId" - + " and user_id= :userId" - + " and app_id= :appId"), - @NamedNativeQuery( - name = "FnUserRole.isSuperAdmin", - query = "SELECT" - + " user.USER_ID as userId," - + " user.org_user_id as orgUserId," - + " userrole.ROLE_ID as roleId," - + " userrole.APP_ID as appId" - + " FROM" - + " fn_user_role userrole" - + " INNER JOIN fn_user user ON user.USER_ID = userrole.USER_ID" - + " WHERE" - + " user.org_user_id = :orgUserId" - + " AND userrole.ROLE_ID =:roleId" - + " AND userrole.APP_ID =:appId", - resultSetMapping = "UserRole", - resultClass = UserRole.class - ) + @NamedNativeQuery( + name = "FnUserRole.retrieveUserRoleOnUserIdAndRoleIdAndAppId", + query = "FROM FnUserRole where user_id= :userId" + + " and role_id= :roleId" + + " and app_id= :appId"), + @NamedNativeQuery( + name = "FnUserRole.retrieveCachedAppRolesForUser", + query = "FROM FnUserRole where user_id= :userId" + + " and user_id= :userId" + + " and app_id= :appId"), + @NamedNativeQuery( + name = "FnUserRole.isSuperAdmin", + query = "SELECT" + + " user.USER_ID as userId," + + " user.org_user_id as orgUserId," + + " userrole.ROLE_ID as roleId," + + " userrole.APP_ID as appId" + + " FROM" + + " fn_user_role userrole" + + " INNER JOIN fn_user user ON user.USER_ID = userrole.USER_ID" + + " WHERE" + + " user.org_user_id = :orgUserId" + + " AND userrole.ROLE_ID =:roleId" + + " AND userrole.APP_ID =:appId", + resultSetMapping = "UserRole", + resultClass = UserRole.class + ) }) @SqlResultSetMapping( - name = "UserRole", - classes = { - @ConstructorResult( - targetClass = UserRole.class, - columns = { - @ColumnResult(name = "userId", type = Long.class), - @ColumnResult(name = "orgUserId", type = String.class), - @ColumnResult(name = "roleId", type = Long.class), - @ColumnResult(name = "appId", type = Long.class) - } - ) - } + name = "UserRole", + classes = { + @ConstructorResult( + targetClass = UserRole.class, + columns = { + @ColumnResult(name = "userId", type = Long.class), + @ColumnResult(name = "orgUserId", type = String.class), + @ColumnResult(name = "roleId", type = Long.class), + @ColumnResult(name = "appId", type = Long.class) + } + ) + } ) @NamedQueries({ - @NamedQuery( - name = "FnUserRole.getAdminUserRoles", - query = "FROM FnUserRole fn " - + "WHERE fn.userId.userId = :userId " - + "AND fn.roleId.roleId = :roleId " - + "AND fn.appId.appId = :appId"), - @NamedQuery( - name = "FnUserRole.getUserRolesForRoleIdAndAppId", - query = "FROM\n" - + " FnUserRole userrole\n" - + "WHERE\n" - + " userrole.roleId.roleId = :roleId\n" - + " AND userrole.appId.appId = :appId"), - @NamedQuery( - name = "FnUserRole.retrieveByAppIdAndUserId", - query = "from FnUserRole where appId.appId =:appId and userId.userId =:userId" - ) + @NamedQuery( + name = "FnUserRole.getAdminUserRoles", + query = "FROM FnUserRole fn " + + " WHERE fn.userId.userId = :userId " + + " AND fn.roleId.roleId = :roleId " + + " AND fn.appId.appId = :appId"), + @NamedQuery( + name = "FnUserRole.getUserRolesForRoleIdAndAppId", + query = "FROM" + + " FnUserRole userrole" + + " WHERE" + + " userrole.roleId.roleId = :roleId" + + " AND userrole.appId.appId = :appId"), + @NamedQuery( + name = "FnUserRole.retrieveByAppIdAndUserId", + query = "from FnUserRole where appId.appId =:appId and userId.userId =:userId" + ), + @NamedQuery( + name = "FnUserRole.retrieveByAppIdAndRoleId", + query = "from FnUserRole where appId.appId =:appId and roleId.roleId =:roleId" + ) }) @Table( - name = "fn_user_role", - indexes = { - @Index(name = "fn_user_role_role_id", columnList = "role_id"), - @Index(name = "fn_user_role_user_id", columnList = "user_id"), - @Index(name = "fk_fn_user__ref_178_fn_app_idx", columnList = "app_id")}, - uniqueConstraints = { - @UniqueConstraint(name = "fn_user_role_id", columnNames = {"role_id", "user_id", "app_id"}) - }) + name = "fn_user_role", + indexes = { + @Index(name = "fn_user_role_role_id", columnList = "role_id"), + @Index(name = "fn_user_role_user_id", columnList = "user_id"), + @Index(name = "fk_fn_user__ref_178_fn_app_idx", columnList = "app_id")}, + uniqueConstraints = { + @UniqueConstraint(name = "fn_user_role_id", columnNames = {"role_id", "user_id", "app_id"}) + }) @NoArgsConstructor @AllArgsConstructor @Builder @@ -168,23 +172,23 @@ CREATE TABLE `fn_user_role` ( @Entity public class FnUserRole implements Serializable { - @Id - @GeneratedValue(strategy = GenerationType.AUTO) - @Column(name = "id", columnDefinition = "int(11) auto_increment") - private Long id; - @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL) - @JoinColumn(name = "user_id") - @Valid - private FnUser userId; - @OneToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL) - @JoinColumn(name = "role_id") - @Valid - private FnRole roleId; - @Column(name = "priority", length = 4, columnDefinition = "decimal(4,0) DEFAULT NULL") - @Digits(integer = 4, fraction = 0) - private Long priority; - @ManyToOne(cascade = CascadeType.ALL, fetch = FetchType.LAZY) - @JoinColumn(name = "app_Id") - @Valid - private FnApp appId; + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + @Column(name = "id", columnDefinition = "int(11) auto_increment") + private Long id; + @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL) + @JoinColumn(name = "user_id") + @Valid + private FnUser userId; + @OneToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL) + @JoinColumn(name = "role_id") + @Valid + private FnRole roleId; + @Column(name = "priority", length = 4, columnDefinition = "decimal(4,0) DEFAULT NULL") + @Digits(integer = 4, fraction = 0) + private Long priority; + @ManyToOne(cascade = CascadeType.ALL, fetch = FetchType.LAZY) + @JoinColumn(name = "app_Id") + @Valid + private FnApp appId; } \ No newline at end of file diff --git a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/CentralV2Role.java b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/CentralV2Role.java index 84fa0fbd..267d23dc 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/CentralV2Role.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/CentralV2Role.java @@ -51,6 +51,7 @@ import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; import org.onap.portal.domain.db.ep.EpAppFunction; +import org.onap.portal.domain.db.fn.FnRoleFunction; @Getter @Setter @@ -71,8 +72,11 @@ public class CentralV2Role implements Serializable, Comparable { private String name; private boolean active; private Integer priority; - private SortedSet roleFunctions = new TreeSet<>(); + @Builder.Default + private SortedSet roleFunctions = new TreeSet<>(); + @Builder.Default private SortedSet childRoles = new TreeSet<>(); + @Builder.Default private SortedSet parentRoles = new TreeSet<>(); public CentralV2Role(Long id, String name) { @@ -80,7 +84,7 @@ public class CentralV2Role implements Serializable, Comparable { this.name = name; } - public void addRoleFunction(EpAppFunction roleFunction) { + public void addRoleFunction(FnRoleFunction roleFunction) { this.roleFunctions.add(roleFunction); } diff --git a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/EPUserAppCurrentRoles.java b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/EPUserAppCurrentRoles.java index 249aee11..d994f6a0 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/EPUserAppCurrentRoles.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/EPUserAppCurrentRoles.java @@ -42,11 +42,47 @@ package org.onap.portal.domain.dto.transport; import com.fasterxml.jackson.annotation.JsonInclude; import java.io.Serializable; +import javax.persistence.ColumnResult; +import javax.persistence.ConstructorResult; +import javax.persistence.NamedNativeQuery; +import javax.persistence.SqlResultSetMapping; import lombok.AllArgsConstructor; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; +@NamedNativeQuery( + name = "EPUserAppCurrentRoles", + query = "select\n" + + " distinct fu.role_id,\n" + + " fr.user_id,\n" + + " fu.role_name,\n" + + " fu.priority\n" + + " from\n" + + " fn_role fu\n" + + " left outer join fn_user_role fr ON fu.role_id = fr.role_id\n" + + " and fu.app_id = fr.app_id\n" + + " and fr.role_id != 999\n" + + " where\n" + + " fu.app_id = :appId\n" + + " and fr.user_id = :userId\n" + + " and fu.active_yn = 'Y'\n", + resultSetMapping = "EPUserAppCurrentRoles" +) + +@SqlResultSetMapping( + name = "EPUserAppCurrentRoles", + classes = @ConstructorResult( + targetClass = EPUserAppCurrentRoles.class, + columns = { + @ColumnResult(name = "roleName"), + @ColumnResult(name = "userId"), + @ColumnResult(name = "priority"), + @ColumnResult(name = "roleId") + } + ) +) + @Getter @Setter @NoArgsConstructor diff --git a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/GlobalRoleWithApplicationRoleFunction.java b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/GlobalRoleWithApplicationRoleFunction.java index c8b92f9d..07a1f512 100644 --- a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/GlobalRoleWithApplicationRoleFunction.java +++ b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/GlobalRoleWithApplicationRoleFunction.java @@ -42,6 +42,7 @@ package org.onap.portal.domain.dto.transport; import java.io.Serializable; import lombok.AllArgsConstructor; +import lombok.Builder; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; @@ -50,19 +51,20 @@ import lombok.ToString; @Getter @Setter @ToString +@Builder @NoArgsConstructor @AllArgsConstructor public class GlobalRoleWithApplicationRoleFunction implements Serializable { - private static final long serialVersionUID = 1L; + private static final long serialVersionUID = 1L; - private Long roleId; - private String roleName; - private boolean active; - private Integer priority; - private String functionCd; - private String functionName; - private long appId; - private long roleAppId; + private Long roleId; + private String roleName; + private Boolean active; + private Integer priority; + private String functionCd; + private String functionName; + private Long appId; + private Long roleAppId; } diff --git a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/Role.java b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/Role.java new file mode 100644 index 00000000..92eabbb0 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/Role.java @@ -0,0 +1,127 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.domain.dto.transport; + +import com.fasterxml.jackson.annotation.JsonIgnore; +import java.util.Iterator; +import java.util.Set; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import org.onap.portal.domain.db.fn.FnRoleComposite; +import org.onap.portal.domain.db.fn.FnRoleFunction; +import org.onap.portal.domain.dto.DomainVo; +import org.onap.portalsdk.core.domain.RoleFunction; + +@Getter +@Setter +@Builder +@AllArgsConstructor +@NoArgsConstructor +public class Role extends DomainVo { + + private static final long serialVersionUID = 1L; + + private String name; + private boolean active; + private Integer priority; + private Set roleFunctions; + private Set childRoles; + @JsonIgnore + private Set parentRoles; + + public String getEditUrl() { + return "/role.htm?role_id=" + this.getId(); + } + + public String getToggleActiveImage() { + return "/static/fusion/images/" + (this.isActive() ? "active.png" : "inactive.png"); + } + + public String getToggleActiveAltText() { + return this.isActive() ? "Click to Deactivate Role" : "Click to Activate Role"; + } + + public void removeChildRole(Long roleId) { + Iterator i = this.childRoles.iterator(); + + while (i.hasNext()) { + org.onap.portalsdk.core.domain.Role childRole = (org.onap.portalsdk.core.domain.Role) i.next(); + if (childRole.getId().equals(roleId)) { + this.childRoles.remove(childRole); + break; + } + } + + } + + public void removeParentRole(Long roleId) { + + for (Object role : this.parentRoles) { + org.onap.portalsdk.core.domain.Role parentRole = (org.onap.portalsdk.core.domain.Role) role; + if (parentRole.getId().equals(roleId)) { + this.parentRoles.remove(parentRole); + break; + } + } + + } + + public void removeRoleFunction(String roleFunctionCd) { + + for (Object function : this.roleFunctions) { + RoleFunction roleFunction = (RoleFunction) function; + if (roleFunction.getCode().equals(roleFunctionCd)) { + this.roleFunctions.remove(roleFunction); + break; + } + } + + } + + public int compareTo(Object obj) { + String c1 = this.getName(); + String c2 = ((org.onap.portalsdk.core.domain.Role) obj).getName(); + return c1 != null && c2 != null ? c1.compareTo(c2) : 1; + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/exception/DeleteDomainObjectFailedException.java b/portal-BE/src/main/java/org/onap/portal/exception/DeleteDomainObjectFailedException.java new file mode 100644 index 00000000..135ab08e --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/exception/DeleteDomainObjectFailedException.java @@ -0,0 +1,50 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.exception; + +public class DeleteDomainObjectFailedException extends Exception{ + + private static final long serialVersionUID = -4591508985449251121L; + + public DeleteDomainObjectFailedException(String msg) { + super(msg); + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java index 74b3548a..9081feab 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java @@ -52,48 +52,61 @@ import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.Set; import java.util.SortedSet; import java.util.TreeSet; import java.util.stream.Collectors; import javax.persistence.EntityManager; import javax.persistence.Query; +import javax.persistence.Tuple; import org.apache.commons.lang.StringUtils; import org.apache.cxf.transport.http.HTTPException; import org.hibernate.Session; -import org.hibernate.SessionFactory; import org.hibernate.Transaction; import org.json.JSONArray; import org.json.JSONObject; +import org.onap.portal.domain.db.ep.EpAppFunction; import org.onap.portal.domain.db.ep.EpUserRolesRequest; import org.onap.portal.domain.db.ep.EpUserRolesRequestDet; import org.onap.portal.domain.db.fn.FnApp; +import org.onap.portal.domain.db.fn.FnFunction; +import org.onap.portal.domain.db.fn.FnMenuFunctional; +import org.onap.portal.domain.db.fn.FnMenuFunctionalRoles; import org.onap.portal.domain.db.fn.FnRole; +import org.onap.portal.domain.db.fn.FnRoleFunction; import org.onap.portal.domain.db.fn.FnUser; import org.onap.portal.domain.db.fn.FnUserRole; import org.onap.portal.domain.dto.transport.AppWithRolesForUser; import org.onap.portal.domain.dto.transport.CentralV2Role; +import org.onap.portal.domain.dto.transport.EPUserAppCurrentRoles; import org.onap.portal.domain.dto.transport.EcompUserAppRoles; import org.onap.portal.domain.dto.transport.ExternalAccessUser; import org.onap.portal.domain.dto.transport.ExternalAccessUserRoleDetail; import org.onap.portal.domain.dto.transport.ExternalRequestFieldsValidator; import org.onap.portal.domain.dto.transport.ExternalRoleDescription; import org.onap.portal.domain.dto.transport.RemoteRoleV1; +import org.onap.portal.domain.dto.transport.Role; import org.onap.portal.domain.dto.transport.RoleInAppForUser; import org.onap.portal.domain.dto.transport.RolesInAppForUser; +import org.onap.portal.exception.DeleteDomainObjectFailedException; import org.onap.portal.exception.SyncUserRolesException; import org.onap.portal.logging.format.EPAppMessagesEnum; import org.onap.portal.logging.logic.EPLogUtil; +import org.onap.portal.service.ep.EpAppFunctionService; import org.onap.portal.service.ep.EpUserRolesRequestDetService; import org.onap.portal.service.ep.EpUserRolesRequestService; import org.onap.portal.service.fn.FnAppService; +import org.onap.portal.service.fn.FnMenuFunctionalRolesService; +import org.onap.portal.service.fn.FnMenuFunctionalService; import org.onap.portal.service.fn.FnRoleService; import org.onap.portal.service.fn.FnUserRoleService; import org.onap.portal.service.fn.FnUserService; import org.onap.portal.utils.EPCommonSystemProperties; +import org.onap.portal.utils.EPUserUtils; import org.onap.portal.utils.EcompPortalUtils; import org.onap.portal.utils.PortalConstants; -import org.onap.portalsdk.core.domain.Role; +import org.onap.portalsdk.core.domain.RoleFunction; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.restful.domain.EcompRole; import org.onap.portalsdk.core.util.SystemProperties; @@ -126,8 +139,11 @@ public class AdminRolesService { private final FnUserService fnUserService; private final FnRoleService fnRoleService; private final FnAppService fnAppService; + private final FnMenuFunctionalService fnMenuFunctionalService; private final FnUserRoleService fnUserRoleService; + private final EpAppFunctionService epAppFunctionService; private final EcompUserAppRolesService ecompUserAppRolesService; + private final FnMenuFunctionalRolesService fnMenuFunctionalRolesService; private final ApplicationsRestClientService applicationsRestClientService; private final EpUserRolesRequestDetService epUserRolesRequestDetService; private final ExternalAccessRolesService externalAccessRolesService; @@ -138,8 +154,11 @@ public class AdminRolesService { final EntityManager entityManager, final FnUserService fnUserService, FnRoleService fnRoleService, FnAppService fnAppService, + FnMenuFunctionalService fnMenuFunctionalService, final FnUserRoleService fnUserRoleService, + EpAppFunctionService epAppFunctionService, EcompUserAppRolesService ecompUserAppRolesService, + FnMenuFunctionalRolesService fnMenuFunctionalRolesService, ApplicationsRestClientService applicationsRestClientService, EpUserRolesRequestDetService epUserRolesRequestDetService, ExternalAccessRolesService externalAccessRolesService, @@ -149,8 +168,11 @@ public class AdminRolesService { this.fnUserService = fnUserService; this.fnRoleService = fnRoleService; this.fnAppService = fnAppService; + this.fnMenuFunctionalService = fnMenuFunctionalService; this.fnUserRoleService = fnUserRoleService; + this.epAppFunctionService = epAppFunctionService; this.ecompUserAppRolesService = ecompUserAppRolesService; + this.fnMenuFunctionalRolesService = fnMenuFunctionalRolesService; this.applicationsRestClientService = applicationsRestClientService; this.epUserRolesRequestDetService = epUserRolesRequestDetService; this.externalAccessRolesService = externalAccessRolesService; @@ -172,8 +194,6 @@ public class AdminRolesService { public boolean isAccountAdmin(FnUser user) { try { - final Map userParams = new HashMap<>(); - userParams.put("userId", user.getId()); logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId()); List userAdminApps = getAdminAppsForTheUser(user.getId()); logger.debug(EELFLoggerDelegate.debugLogger, @@ -200,7 +220,7 @@ public class AdminRolesService { return false; } - public boolean isUser(FnUser user) { + boolean isUser(FnUser user) { try { FnUser currentUser = fnUserService.getUser(user.getId()).orElseThrow(Exception::new); if (currentUser != null && currentUser.getId() != null) { @@ -224,10 +244,10 @@ public class AdminRolesService { return false; } - public boolean isRoleAdmin(FnUser user) { + public boolean isRoleAdmin(Long userId) { try { logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access"); - List getRoleFuncListOfUser = fnUserRoleService.getRoleFunctionsOfUserforAlltheApplications(user.getId()); + List getRoleFuncListOfUser = fnUserRoleService.getRoleFunctionsOfUserforAlltheApplications(userId); logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser", getRoleFuncListOfUser); Set getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser); @@ -258,14 +278,14 @@ public class AdminRolesService { return false; } - public boolean isAccountAdminOfApplication(FnUser user, FnApp app) { + private boolean isAccountAdminOfApplication(Long userId, FnApp app) { boolean isApplicationAccountAdmin = false; try { - logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId()); - List userAdminApps = getAdminAppsForTheUser(user.getId()); + logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, userId); + List userAdminApps = getAdminAppsForTheUser(userId); if (!userAdminApps.isEmpty()) { isApplicationAccountAdmin = userAdminApps.contains(app.getId()); - logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(), + logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", userId, app.getId()); } } catch (Exception e) { @@ -275,7 +295,7 @@ public class AdminRolesService { } logger.debug(EELFLoggerDelegate.debugLogger, "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin, - user.getOrgUserId()); + userId); return isApplicationAccountAdmin; } @@ -305,12 +325,12 @@ public class AdminRolesService { try { FnApp app = fnAppService.getById(appId); - boolean checkIfUserisApplicationAccAdmin = isAccountAdminOfApplication(user, + boolean checkIfUserisApplicationAccAdmin = isAccountAdminOfApplication(user.getUserId(), app); Set rolesGotDeletedFromApprover = new TreeSet<>(); boolean checkIfUserIsOnlyRoleAdmin = - isRoleAdmin(user) && !checkIfUserisApplicationAccAdmin; + isRoleAdmin(user.getUserId()) && !checkIfUserisApplicationAccAdmin; if (checkIfUserIsOnlyRoleAdmin) { for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { if (!roleInAppForUser.getIsApplied()) { @@ -485,11 +505,10 @@ public class AdminRolesService { roleInAppForUserList.removeIf(role -> role.getIsApplied().equals(false)); SortedSet roles = new TreeSet<>(); - List getAppRoles = externalAccessRolesService.getAppRoles(app.getId()); + List getAppRoles = fnRoleService.getAppRoles(app.getId()); List appList = new ArrayList<>(); appList.add(app); List roleList = new ArrayList<>(); - Map params = new HashMap<>(); List userRoles = new ArrayList<>(); @@ -537,7 +556,7 @@ public class AdminRolesService { } private FnRole roleToFnRole(Role role) { - return new FnRole(role.getId(), role.getName(), role.getActive(), role.getPriority(), role.getRoleFunctions(), + return new FnRole(role.getId(), role.getName(), role.isActive(), role.getPriority(), role.getRoleFunctions(), role.getChildRoles(), role.getParentRoles()); } @@ -1200,6 +1219,452 @@ public class AdminRolesService { } } + private Role fnRoleToRole(final FnRole role) { + return Role.builder().name(role.getRoleName()).active(role.getActiveYn()).priority(role.getPriority()) + .roleFunctions(role.getFnRoleFunctions()).childRoles(role.getChildRoles()).parentRoles(role.getParentRoles()) + .build(); + } + + @SuppressWarnings("unchecked") + public List getAppRolesForUser(Long appId, String orgUserId, Boolean extRequestValue, Long userId) { + List rolesInAppForUser = null; + FnApp app = fnAppService.getById(appId); + logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - app = {}", app); + try { + // for onap portal app, no need to make a remote call + List roleList = new ArrayList<>(); + if (!PortalConstants.PORTAL_APP_ID.equals(appId)) { + if (app.getAuthCentral()) { + List cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey()); + for (CentralV2Role cenRole : cenRoleList) { + Role role = new Role(); + role.setActive(cenRole.isActive()); + role.setId(cenRole.getId()); + role.setName(cenRole.getName()); + role.setPriority(cenRole.getPriority()); + roleList.add(role); + } + } else { + Optional user = fnUserService.getUser(userId); + if (user.isPresent()){ + roleList = user.get().getFnRoles().stream().map(this::fnRoleToRole).collect(Collectors.toList()); + } + } + List activeRoleList = new ArrayList<>(); + for (Role role : roleList) { + if (role.isActive()) { + if (role.getId() != 1) { // prevent portal admin from being added + activeRoleList.add(role); + } else if (extRequestValue) { + activeRoleList.add(role); + } + } + + } + FnUser localUser = getUserFromApp(Long.toString(userId), app, applicationsRestClientService); + // If localUser does not exists return roles + Set roleSet = null; + FnRole[] roleSetList = null; + if (localUser != null) { + roleSet = localUser.getAppEPRoles(app); + roleSetList = roleSet.toArray(new FnRole[0]); + } + rolesInAppForUser = fnUserRoleService + .constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue); + return rolesInAppForUser; + } + + EcompRole[] appRoles = null; + boolean checkIfUserIsApplicationAccAdmin = false; + List roles = new ArrayList<>(); + if (app.getAuthCentral()) { + List applicationRoles = fnRoleService.retrieveActiveRolesOfApplication(app.getId()); + FnApp application = fnAppService.getById(appId); + checkIfUserIsApplicationAccAdmin = isAccountAdminOfApplication(userId, + application); + + List roleSetWithFunctioncds = new ArrayList<>(); + for (FnRole role : applicationRoles) { + List cenRoleFuncList = epAppFunctionService.getAppRoleFunctionList(role.getId(), app.getId()); + for (EpAppFunction roleFunc : cenRoleFuncList) { + + String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getFunctionCd()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + String type = externalAccessRolesService.getFunctionCodeType(roleFunc.getFunctionCd()); + String action = externalAccessRolesService.getFunctionCodeAction(roleFunc.getFunctionCd()); + String name = roleFunc.getFunctionName(); + + FnFunction function = new FnFunction(); + function.setAction(action); + function.setType(type); + function.setCode(functionCode); + function.setName(name); + role.getFnRoleFunctions().add(new FnRoleFunction(role, function)); + + } + roleSetWithFunctioncds.add(role); + + + } + + for (FnRole role1 : roleSetWithFunctioncds) { + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(role1.getId()); + ecompRole.setName(role1.getRoleName()); + ecompRole.setRoleFunctions(role1.getRoleFunctions()); + roles.add(ecompRole); + + } + if (checkIfUserIsApplicationAccAdmin) { + appRoles = roles.toArray(new EcompRole[roles.size()]); + logger.debug(EELFLoggerDelegate.debugLogger, + "In getAppRolesForUser() If Logged in user checkIfUserisApplicationAccAdmin- appRoles = {}", appRoles); + } else if (isRoleAdmin(userId) && !checkIfUserIsApplicationAccAdmin) { + List roleAdminAppRoles = new ArrayList<>(); + List roleAdminAppRolesNames = new ArrayList<>(); + String QUERY = + "select distinct fr.role_name as roleName from fn_user_role fu, ep_app_role_function ep, ep_app_function ea, fn_role fr" + + " where fu.role_id = ep.role_id" + + " and fu.app_id = ep.app_id" + + " and fu.user_id = :userId" + + " and fu.role_id = fr.role_id and fr.active_yn='Y'" + + " and ea.function_cd = ep.function_cd and ea.function_cd like 'approver|%'" + + " and exists" + + " (" + + " select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id" + + " and ur.app_id = fa.app_id and fa.enabled = 'Y')"; + List tuples = entityManager.createNativeQuery(QUERY, Tuple.class) + .setParameter("userId", userId) + .getResultList(); + List getUserApproverRoles = tuples.stream().map(tuple -> (String) tuple.get("roleName")) + .collect(Collectors.toList()); + + List userapproverRolesList = new ArrayList<>(); + for (String str : getUserApproverRoles) { + EcompRole epRole = roles.stream().filter(x -> str.equals(x.getName())).findAny().orElse(null); + if (epRole != null) { + userapproverRolesList.add(epRole); + } + } + for (EcompRole role : userapproverRolesList) { + + List roleFunList = new ArrayList<>(role.getRoleFunctions()); + boolean checkIfFunctionsExits = roleFunList.stream() + .anyMatch(roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver")); + if (checkIfFunctionsExits) { + roleAdminAppRoles.add(role); + List filteredList = roleFunList.stream() + .filter(x -> "Approver".equalsIgnoreCase(x.getType())).collect(Collectors.toList()); + roleAdminAppRolesNames.addAll(filteredList.stream().map(RoleFunction::getCode) + .collect(Collectors.toList())); + } + } + for (String name : roleAdminAppRolesNames) { + roles.stream().filter(x -> name.equals(x.getName())).findAny().ifPresent(roleAdminAppRoles::add); + + } + appRoles = roleAdminAppRoles.toArray(new EcompRole[0]); + + } + } else { + appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles"); + } + // Test this error case, for generating an internal ONAP Portal + // error + // EcompRole[] appRoles = null; + // If there is an exception in the rest client api, then null will + // be returned. + if (appRoles != null) { + if (!app.getAuthCentral()) { + syncAppRoles(appId, appRoles); + } + EcompRole[] userAppRoles = null; + try { + try { + if (app.getAuthCentral()) { + List actualUser = fnUserService.getUserWithOrgUserId(Long.toString(userId)); + List userAppsRolesList = entityManager + .createNamedQuery("EPUserAppCurrentRoles") + .setParameter("appId", app.getId()) + .setParameter("userId", actualUser.get(0).getId()) + .getResultList(); + List setUserRoles = new ArrayList<>(); + for (EPUserAppCurrentRoles role : userAppsRolesList) { + logger.debug(EELFLoggerDelegate.debugLogger, + "In getAppRolesForUser() - userAppsRolesList get userRolename = {}", role.getRoleName()); + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(role.getRoleId()); + ecompRole.setName(role.getRoleName()); + setUserRoles.add(ecompRole); + } + + boolean checkIfUserisAccAdmin = setUserRoles.stream() + .anyMatch(ecompRole -> ecompRole.getId() == 999L); + + if (!checkIfUserisAccAdmin) { + List appRolesList = Arrays.asList(appRoles); + Set finalUserAppRolesList = new HashSet<>(); + + List roleNames = new ArrayList<>(); + for (EcompRole role : setUserRoles) { + EcompRole epRole = appRolesList.stream() + .filter(x -> role.getName().equals(x.getName())).findAny().orElse(null); + List roleFunList = new ArrayList<>(); + + if (epRole != null) { + if (epRole.getRoleFunctions().size() > 0) { + roleFunList.addAll(epRole.getRoleFunctions()); + } + boolean checkIfFunctionsExits = roleFunList.stream().anyMatch( + roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver")); + if (checkIfFunctionsExits) { + finalUserAppRolesList.add(role); + List filteredList = roleFunList.stream() + .filter(x -> "Approver".equalsIgnoreCase(x.getType())) + .collect(Collectors.toList()); + roleNames = filteredList.stream().map(RoleFunction::getCode) + .collect(Collectors.toList()); + } else { + roleNames.add(epRole.getName()); + } + } + for (String name : roleNames) { + EcompRole ecompRole = appRolesList.stream() + .filter(x -> name.equals(x.getName())).findAny().orElse(null); + if (ecompRole != null) { + finalUserAppRolesList.add(ecompRole); + } + } + } + for (String name : roleNames) { + boolean checkIfFunctionsExits = userAppsRolesList.stream().anyMatch( + role -> role.getRoleName().equalsIgnoreCase(name)); + if (checkIfFunctionsExits) { + appRolesList.stream().filter(x -> name.equals(x.getName())) + .findAny().ifPresent(setUserRoles::add); + } + } + userAppRoles = setUserRoles.toArray(new EcompRole[0]); + } + } else { + userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId, + String.format("/user/%s/roles", userId)); + } + } catch (HTTPException e) { + // Some apps are returning 400 if user is not found. + if (e.getResponseCode() == 400) { + logger.debug(EELFLoggerDelegate.debugLogger, + "getAppRolesForUser caught exception with response code 400; continuing", e); + } else { + // Other response code, let it come thru. + throw e; + } + } + if (userAppRoles == null) { + if (EcompPortalUtils.getExternalAppResponseCode() == 400) { + EcompPortalUtils.setExternalAppResponseCode(200); + String message = String.format( + "getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, " + + "assuming user doesn't exist, app is framework SDK based, and things are ok. " + + "Overriding to 200 until framework SDK returns a useful response.", + Long.toString(appId), userId); + logger.warn(EELFLoggerDelegate.applicationLogger, message); + } + } + + HashMap appRolesActiveMap = hashMapFromEcompRoles(appRoles); + ArrayList activeRoles = new ArrayList<>(); + if (userAppRoles != null) { + for (EcompRole userAppRole : userAppRoles) { + if (appRolesActiveMap.containsKey(userAppRole.getId())) { + EcompRole role = new EcompRole(); + role.setId(userAppRole.getId()); + role.setName(userAppRole.getName()); + activeRoles.add(role); + } + } + } + EcompRole[] userAppRolesActive = activeRoles.toArray(new EcompRole[0]); + + boolean checkIfUserisRoleAdmin = isRoleAdmin(userId) && !checkIfUserIsApplicationAccAdmin; + + // If the remote application isn't down we MUST sync user + // roles here in case we have this user here! + syncUserRoles(Long.toString(userId), appId, userAppRolesActive, extRequestValue, null, checkIfUserisRoleAdmin, + appRoles); + } catch (Exception e) { + // TODO: we may need to check if user exists, maybe remote + // app is down. + String message = String.format( + "getAppRolesForUser: user %s does not exist in remote application %s", userId, + Long.toString(appId)); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + userAppRoles = new EcompRole[0]; + } + rolesInAppForUser = fnUserRoleService.constructRolesInAppForUserGet(appRoles, userAppRoles); + } + } catch (Exception e) { + String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId, + Long.toString(appId)); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + } + return rolesInAppForUser; + } + + private void syncAppRoles(Long appId, EcompRole[] appRoles) throws Exception { + logger.debug(EELFLoggerDelegate.debugLogger, "entering syncAppRoles for appId: " + appId); + HashMap newRolesMap = hashMapFromEcompRoles(appRoles); + try { + List currentAppRoles = fnRoleService.retrieveAppRolesByAppId(appId); + + List obsoleteRoles = new ArrayList<>(); + for (FnRole oldAppRole : currentAppRoles) { + if (oldAppRole.getAppRoleId() != null) { + EcompRole role; + role = newRolesMap.get(oldAppRole.getAppRoleId()); + if (role != null) { + if (!(role.getName() == null || oldAppRole.getRoleName().equals(role.getName()))) { + oldAppRole.setRoleName(role.getName()); + } + oldAppRole.setActiveYn(true); + newRolesMap.remove(oldAppRole.getAppRoleId()); + } else { + obsoleteRoles.add(oldAppRole); + } + } else { + obsoleteRoles.add(oldAppRole); + } + } + Collection newRolesToAdd = newRolesMap.values(); + if (obsoleteRoles.size() > 0) { + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: we have obsolete roles to delete"); + for (FnRole role : obsoleteRoles) { + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: obsolete role: " + role.toString()); + Long roleId = role.getId(); + List userRoles = fnUserRoleService.retrieveByAppIdAndRoleId(appId, roleId); + + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: number of userRoles to delete: " + userRoles.size()); + for (FnUserRole userRole : userRoles) { + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: about to delete userRole: " + userRole.toString()); + fnUserRoleService.deleteById(userRole.getId()); + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: finished deleting userRole: " + userRole.toString()); + } + List funcMenuRoles = fnMenuFunctionalRolesService.retrieveByroleId(roleId); + int numMenuRoles = funcMenuRoles.size(); + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: number of funcMenuRoles for roleId: " + roleId + ": " + numMenuRoles); + for (FnMenuFunctionalRoles funcMenuRole : funcMenuRoles) { + Long menuId = funcMenuRole.getMenuId().getMenuId(); + // If this is the only role for this menu item, then the + // app and roles will be gone, + // so must null out the url too, to be consistent + List funcMenuRoles2 = fnMenuFunctionalRolesService.retrieveByMenuId(menuId); + int numMenuRoles2 = funcMenuRoles2.size(); + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: number of funcMenuRoles for menuId: " + menuId + ": " + numMenuRoles2); + fnMenuFunctionalRolesService.delete(funcMenuRole); + + if (numMenuRoles2 == 1) { + // If this is the only role for this menu item, then + // the app and roles will be gone, + // so must null out the url too, to be consistent + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: There is exactly 1 menu item for this role, so emptying the url"); + List funcMenuItems = fnMenuFunctionalService.retrieveByMenuId(menuId); + if (funcMenuItems.size() > 0) { + logger.debug(EELFLoggerDelegate.debugLogger, "got the menu item"); + FnMenuFunctional funcMenuItem = funcMenuItems.get(0); + funcMenuItem.setUrl(""); + } + } + } + boolean isPortalRequest = true; + deleteRoleDependencyRecords(roleId, appId, isPortalRequest); + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to delete the role: " + role.toString()); + fnRoleService.delete(role); + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: deleted the role"); + } + } + for (EcompRole role : newRolesToAdd) { + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to add missing role: " + role.toString()); + FnRole newRole = new FnRole(); + // Attention! All roles from remote application supposed to be + // active! + newRole.setActiveYn(true); + newRole.setRoleName(role.getName()); + newRole.setAppId(appId); + newRole.setAppRoleId(role.getId()); + fnRoleService.saveOne(newRole); + } + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to commit the transaction"); + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: committed the transaction"); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "syncAppRoles failed", e); + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + throw new Exception(e); + } + } + + private void deleteRoleDependencyRecords(Long roleId, Long appId, boolean isPortalRequest) + throws Exception { + Session localSession = entityManager.unwrap(Session.class); + try { + String sql; + Query query; + // It should delete only when it portal's roleId + if (appId.equals(PortalConstants.PORTAL_APP_ID)) { + // Delete from fn_role_function + sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete from fn_role_composite + sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + } + // Delete from ep_app_role_function + sql = "DELETE FROM ep_app_role_function WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete from ep_role_notification + sql = "DELETE FROM ep_role_notification WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete from fn_user_pseudo_role + sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete form EP_WIDGET_CATALOG_ROLE + sql = "DELETE FROM EP_WIDGET_CATALOG_ROLE WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete form EP_WIDGET_CATALOG_ROLE + sql = "DELETE FROM ep_user_roles_request_det WHERE requested_role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + if (!isPortalRequest) { + // Delete form fn_menu_functional_roles + sql = "DELETE FROM fn_menu_functional_roles WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + } + } catch (Exception e) { + logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleDependeciesRecord: failed ", e); + throw new DeleteDomainObjectFailedException("delete Failed" + e.getMessage()); + } + } + private void checkIfRoleInactive(FnRole epRole) throws Exception { if (!epRole.getActiveYn()) { throw new Exception(epRole.getRoleName() + " role is unavailable"); diff --git a/portal-BE/src/main/java/org/onap/portal/service/ExternalAccessRolesService.java b/portal-BE/src/main/java/org/onap/portal/service/ExternalAccessRolesService.java index e1ad4305..76e29d69 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/ExternalAccessRolesService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/ExternalAccessRolesService.java @@ -40,18 +40,28 @@ package org.onap.portal.service; +import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.SortedSet; import java.util.TreeSet; +import java.util.stream.Collectors; +import javax.persistence.EntityManager; +import javax.persistence.Tuple; import org.onap.portal.domain.db.ep.EpAppFunction; import org.onap.portal.domain.db.fn.FnApp; +import org.onap.portal.domain.db.fn.FnFunction; import org.onap.portal.domain.db.fn.FnRole; +import org.onap.portal.domain.db.fn.FnRoleFunction; import org.onap.portal.domain.dto.transport.CentralV2Role; +import org.onap.portal.domain.dto.transport.GlobalRoleWithApplicationRoleFunction; +import org.onap.portal.domain.dto.transport.Role; import org.onap.portal.exception.RoleFunctionException; import org.onap.portal.logging.logic.EPLogUtil; import org.onap.portal.service.ep.EpAppFunctionService; +import org.onap.portal.service.fn.FnAppService; import org.onap.portal.service.fn.FnRoleService; import org.onap.portal.utils.EPCommonSystemProperties; import org.onap.portal.utils.EPUserUtils; @@ -87,20 +97,50 @@ public class ExternalAccessRolesService { private static final String ROLE_NAME = "name"; private static final String APP_ID_EQUALS = " app_id = "; + private static final String GET_GLOBAL_ROLE_WITH_APPLICATION_ROLE_FUNCTIONS = "select" + + " distinct d.roleId as roleId," + + " d.roleName as roleName," + + " d.activeYn as active," + + " d.priority as priority," + + " c.epAppFunction.functionCd as functionCd," + + " e.functionName as functionName," + + " c.epAppFunction.appId as appId," + + " c.roleAppId as roleAppId" + + " from" + + " FnUserRole a," + + " FnApp b," + + " EpAppRoleFunction c," + + " FnRole d," + + " EpAppFunction e" + + " where" + + " b.appId = c.appId.appId" + + " and a.appId = c.roleAppId" + + " and b.enabled = 'Y'" + + " and c.fnRole.roleId = d.roleId" + + " and d.activeYn = 'Y'" + + " and e.functionCd = c.epAppFunction.functionCd" + + " and c.appId.appId = :appId" + + " and e.appId.appId = c.appId.appId"; + private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesService.class); private RestTemplate template = new RestTemplate(); private final FnRoleService fnRoleService; + private final FnAppService fnAppService; + private final EntityManager entityManager; private final EpAppFunctionService epAppFunctionService; @Autowired public ExternalAccessRolesService(FnRoleService fnRoleService, + FnAppService fnAppService, EntityManager entityManager, EpAppFunctionService epAppFunctionService) { this.fnRoleService = fnRoleService; + this.fnAppService = fnAppService; + this.entityManager = entityManager; this.epAppFunctionService = epAppFunctionService; } - public String getFunctionCodeType(String roleFuncItem) { + String getFunctionCodeType(String roleFuncItem) { String type = null; if ((roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu")) || (!roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))) { @@ -127,11 +167,11 @@ public class ExternalAccessRolesService { return !roleFuncItem.contains(FUNCTION_PIPE) && !roleFuncItem.contains("url"); } - public List getPortalAppRoleInfo(Long roleId) { + List getPortalAppRoleInfo(Long roleId) { return fnRoleService.retrieveAppRoleByRoleIdWhereAppIdIsNull(roleId); } - public ResponseEntity getUserRolesFromExtAuthSystem(String name, HttpEntity getUserRolesEntity) { + ResponseEntity getUserRolesFromExtAuthSystem(String name, HttpEntity getUserRolesEntity) { logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to external system to get current user roles"); ResponseEntity getResponse = template .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) @@ -149,7 +189,7 @@ public class ExternalAccessRolesService { return getResponse; } - public Map getAppRoleNamesWithUnderscoreMap(FnApp app) { + Map getAppRoleNamesWithUnderscoreMap(FnApp app) { final Map currentRolesInDB = new HashMap<>(); List getCurrentRoleList = null; final Map appParams = new HashMap<>(); @@ -166,20 +206,18 @@ public class ExternalAccessRolesService { return currentRolesInDB; } - public List createCentralRoleObject(List app, List roleInfo, + List createCentralRoleObject(List app, List roleInfo, List roleList) throws RoleFunctionException { for (FnRole role : roleInfo) { List cenRoleFuncList = epAppFunctionService .getAppRoleFunctionList(role.getId(), app.get(0).getId()); - SortedSet roleFunctionSet = new TreeSet<>(); + SortedSet roleFunctionSet = new TreeSet<>(); for (EpAppFunction roleFunc : cenRoleFuncList) { String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getFunctionCd()); functionCode = EPUserUtils.decodeFunctionCode(functionCode); String type = getFunctionCodeType(roleFunc.getFunctionCd()); String action = getFunctionCodeAction(roleFunc.getFunctionCd()); - EpAppFunction cenRoleFunc = new EpAppFunction(role.getId(), functionCode, - roleFunc.getFunctionName(), null, type, action, null); - roleFunctionSet.add(cenRoleFunc); + FnRoleFunction cenRoleFunc = new FnRoleFunction(role, FnFunction.builder().code(functionCode).name(roleFunc.getFunctionName()).type(type).action(action).build()); } SortedSet childRoles = new TreeSet<>(); SortedSet parentRoles = new TreeSet<>(); @@ -202,22 +240,134 @@ public class ExternalAccessRolesService { return roleList; } - private String getFunctionCodeAction(String roleFuncItem) { + String getFunctionCodeAction(String roleFuncItem) { return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" : EcompPortalUtils.getFunctionAction(roleFuncItem); } - public List getAppRoles(Long appId) { - List applicationRoles; + List getRolesForApp(String uebkey) throws Exception { + logger.debug(EELFLoggerDelegate.debugLogger, "getRolesForApp: Entering into getRolesForApp"); + List roleList = new ArrayList<>(); try { - if (appId == 1) { - applicationRoles = fnRoleService.retrieveAppRolesWhereAppIdIsNull(); - } else { - applicationRoles = fnRoleService.retrieveAppRolesByAppId(appId); + List app = fnAppService.getByUebKey(uebkey); + List appRolesList = fnRoleService.getAppRoles(app.get(0).getId()); + roleList = createCentralRoleObject(app, appRolesList, roleList); + if (app.get(0).getId() != PortalConstants.PORTAL_APP_ID) { + List globalRoleList = getGlobalRolesOfApplication(app.get(0).getId()); + List globalRolesList = fnRoleService.getGlobalRolesOfPortal(); + List portalsGlobalRolesFinlaList = new ArrayList<>(); + if (!globalRolesList.isEmpty()) { + for (FnRole eprole : globalRolesList) { + CentralV2Role cenRole = convertRoleToCentralV2Role(eprole); + portalsGlobalRolesFinlaList.add(cenRole); + } + roleList.addAll(globalRoleList); + for (CentralV2Role role : portalsGlobalRolesFinlaList) { + CentralV2Role result = roleList.stream().filter(x -> role.getId().equals(x.getId())).findAny() + .orElse(null); + if (result == null) { + roleList.add(role); + } + } + } else { + for (FnRole role : globalRolesList) { + CentralV2Role cenRole = convertRoleToCentralV2Role(role); + roleList.add(cenRole); + } + } } } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles: failed", e); + logger.error(EELFLoggerDelegate.errorLogger, "getRolesForApp: Failed!", e); throw e; } - return applicationRoles; + logger.debug(EELFLoggerDelegate.debugLogger, "getRolesForApp: Finished!"); + return roleList.stream().distinct().collect(Collectors.toList()); + } + + private CentralV2Role convertRoleToCentralV2Role(FnRole role) { + return CentralV2Role.builder().id(role.getId()).created(role.getCreated()) + .modified(role.getModified()).createdId(role.getCreatedId().getUserId()) + .modifiedId(role.getModifiedId().getUserId()) + .rowNum(role.getRowNum()).name(role.getRoleName()).active(role.getActiveYn()) + .priority(role.getPriority()).roleFunctions(new TreeSet<>()).childRoles(new TreeSet<>()) + .parentRoles(new TreeSet<>()).build(); + } + + private List getGlobalRolesOfApplication(Long appId) { + List globalRoles = new ArrayList<>(); + try { + List tuples = entityManager.createQuery(GET_GLOBAL_ROLE_WITH_APPLICATION_ROLE_FUNCTIONS, Tuple.class) + .setParameter("appId", appId) + .getResultList(); + globalRoles = tuples.stream().map(this::tupleToGlobalRoleWithApplicationRoleFunction).collect(Collectors.toList()); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getCentralizedAppsOfUser failed", e); + } + List roleList = new ArrayList<>(); + if (globalRoles.size() > 0) { + roleList = finalListOfCentralRoles(globalRoles); + } + return roleList; + } + + private GlobalRoleWithApplicationRoleFunction tupleToGlobalRoleWithApplicationRoleFunction(Tuple tuple) { + return GlobalRoleWithApplicationRoleFunction.builder().roleId((Long) tuple.get("roleId")) + .roleName((String) tuple.get("roleName")) + .functionCd((String) tuple.get("functionCd")).functionName((String) tuple.get("functionName")) + .active((Boolean) tuple.get("active")).priority((Integer) tuple.get("priority")) + .appId((Long) tuple.get("appId")).roleAppId((Long) tuple.get("roleAppId")).build(); + } + + private List finalListOfCentralRoles(List globalRoles) { + List rolesfinalList = new ArrayList<>(); + for (GlobalRoleWithApplicationRoleFunction role : globalRoles) { + boolean found = false; + for (CentralV2Role cenRole : rolesfinalList) { + if (role.getRoleId().equals(cenRole.getId())) { + SortedSet roleFunctions = cenRole.getRoleFunctions(); + FnRoleFunction cenRoleFun = createCentralRoleFunctionForGlobalRole(role); + roleFunctions.add(cenRoleFun); + cenRole.setRoleFunctions(roleFunctions); + found = true; + break; + } + } + if (!found) { + CentralV2Role cenrole = new CentralV2Role(); + cenrole.setName(role.getRoleName()); + cenrole.setId(role.getRoleId()); + cenrole.setActive(role.getActive()); + cenrole.setPriority(role.getPriority()); + SortedSet roleFunctions = new TreeSet<>(); + FnRoleFunction cenRoleFun = createCentralRoleFunctionForGlobalRole(role); + roleFunctions.add(cenRoleFun); + cenrole.setRoleFunctions(roleFunctions); + rolesfinalList.add(cenrole); + } + } + return rolesfinalList; + } + + private FnRoleFunction createCentralRoleFunctionForGlobalRole(GlobalRoleWithApplicationRoleFunction role) { + String instance; + String type; + String action; + FnRoleFunction cenRoleFun = null; + if (role.getFunctionCd().contains(FUNCTION_PIPE)) { + instance = EcompPortalUtils.getFunctionCode(role.getFunctionCd()); + type = EcompPortalUtils.getFunctionType(role.getFunctionCd()); + action = EcompPortalUtils.getFunctionAction(role.getFunctionCd()); + cenRoleFun = FnRoleFunction.builder().build(); + FnRole fnRole = FnRole.builder().build(); + FnFunction fnFunction = FnFunction.builder().functionCd(instance).name(role.getFunctionName()).type(type).action(action).build(); + cenRoleFun.setRoleId(fnRole); + cenRoleFun.setFunctionCd(fnFunction); + } else { + type = getFunctionCodeType(role.getFunctionCd()); + action = getFunctionCodeAction(role.getFunctionCd()); + FnFunction fnFunction = FnFunction.builder().functionCd(role.getFunctionCd()).name(role.getFunctionName()).type(type).action(action).build(); + cenRoleFun.setRoleId(new FnRole()); + cenRoleFun.setFunctionCd(fnFunction); + } + return cenRoleFun; } } diff --git a/portal-BE/src/main/java/org/onap/portal/service/ep/EpAppFunctionService.java b/portal-BE/src/main/java/org/onap/portal/service/ep/EpAppFunctionService.java index b3691fce..012983d3 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/ep/EpAppFunctionService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/ep/EpAppFunctionService.java @@ -40,7 +40,12 @@ package org.onap.portal.service.ep; +import java.util.ArrayList; import java.util.List; +import java.util.Optional; +import java.util.function.Function; +import java.util.function.Predicate; +import java.util.stream.Collectors; import org.onap.portal.dao.ep.EpAppFunctionDao; import org.onap.portal.domain.db.ep.EpAppFunction; import org.springframework.beans.factory.annotation.Autowired; @@ -57,6 +62,18 @@ public class EpAppFunctionService { } public List getAppRoleFunctionList(final Long roleId, final Long appId) { - return epAppFunctionDao.getAppRoleFunctionList(roleId, appId); + + return Optional.of(epAppFunctionDao.getAppRoleFunctionList(roleId, appId)) + .orElse(new ArrayList<>()) + .stream() + .filter(distinctByKey(EpAppFunction::getAppId)) + .filter(distinctByKey(EpAppFunction::getFunctionCd)) + .filter(distinctByKey(EpAppFunction::getFunctionName)) + .collect(Collectors.toList()); + } + + private Predicate distinctByKey(Function keyExtractor) { + List seen = new ArrayList<>(); + return t -> seen.add(keyExtractor.apply(t)); } } diff --git a/portal-BE/src/main/java/org/onap/portal/service/fn/FnAppService.java b/portal-BE/src/main/java/org/onap/portal/service/fn/FnAppService.java index a3920e31..4e79ba57 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/fn/FnAppService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/fn/FnAppService.java @@ -81,6 +81,10 @@ public class FnAppService { return Optional.of(fnAppDao.getOne(id)).orElseThrow(EntityExistsException::new); } + public List getByUebKey(final String uebKey){ + return Optional.of(fnAppDao.getByUebKey(uebKey)).orElse(new ArrayList<>()); + } + public void createOnboardingFromApp(FnApp app, OnboardingApp onboardingApp) { onboardingApp.setId(app.getId()); onboardingApp.setName(app.getAppName()); diff --git a/portal-BE/src/main/java/org/onap/portal/service/fn/FnMenuFunctionalRolesService.java b/portal-BE/src/main/java/org/onap/portal/service/fn/FnMenuFunctionalRolesService.java new file mode 100644 index 00000000..c1747da1 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/service/fn/FnMenuFunctionalRolesService.java @@ -0,0 +1,76 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.service.fn; + +import java.util.ArrayList; +import java.util.List; +import java.util.Optional; +import org.onap.portal.dao.fn.FnMenuFunctionalRolesDao; +import org.onap.portal.domain.db.fn.FnMenuFunctionalRoles; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +@Service +public class FnMenuFunctionalRolesService { + private final FnMenuFunctionalRolesDao fnMenuFunctionalRolesDao; + + @Autowired + public FnMenuFunctionalRolesService(FnMenuFunctionalRolesDao fnMenuFunctionalRolesDao) { + this.fnMenuFunctionalRolesDao = fnMenuFunctionalRolesDao; + } + + public void deleteById(final Long id){ + fnMenuFunctionalRolesDao.deleteById(id); + } + + public void delete(final FnMenuFunctionalRoles id){ + fnMenuFunctionalRolesDao.delete(id); + } + + public List retrieveByroleId(final Long roleId){ + return Optional.of(fnMenuFunctionalRolesDao.retrieveByRoleId(roleId)).orElse(new ArrayList<>()); + } + + public List retrieveByMenuId(final Long menuId){ + return Optional.of(fnMenuFunctionalRolesDao.retrieveByMenuId(menuId)).orElse(new ArrayList<>()); + } + +} diff --git a/portal-BE/src/main/java/org/onap/portal/service/fn/FnMenuFunctionalService.java b/portal-BE/src/main/java/org/onap/portal/service/fn/FnMenuFunctionalService.java new file mode 100644 index 00000000..97f3188a --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/service/fn/FnMenuFunctionalService.java @@ -0,0 +1,65 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.service.fn; + +import java.util.ArrayList; +import java.util.List; +import java.util.Optional; +import org.onap.portal.dao.fn.FnMenuFunctionalDao; +import org.onap.portal.domain.db.fn.FnMenuFunctional; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +@Service +public class FnMenuFunctionalService { + + private final FnMenuFunctionalDao fnMenuFunctionalDao; + + @Autowired + public FnMenuFunctionalService(FnMenuFunctionalDao fnMenuFunctionalDao) { + this.fnMenuFunctionalDao = fnMenuFunctionalDao; + } + + public List retrieveByMenuId(final Long menuId) { + return Optional.of(fnMenuFunctionalDao.retrieveByMenuId(menuId)).orElse(new ArrayList<>()); + } + +} diff --git a/portal-BE/src/main/java/org/onap/portal/service/fn/FnRoleService.java b/portal-BE/src/main/java/org/onap/portal/service/fn/FnRoleService.java index aa859dbd..b0c4e60e 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/fn/FnRoleService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/fn/FnRoleService.java @@ -43,9 +43,12 @@ package org.onap.portal.service.fn; import java.util.ArrayList; import java.util.List; import java.util.Optional; +import java.util.Set; import javax.persistence.EntityExistsException; +import javax.print.attribute.standard.Fidelity; import org.onap.portal.dao.fn.FnRoleDao; import org.onap.portal.domain.db.fn.FnRole; +import org.onap.portal.service.ExternalAccessRolesService; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @@ -70,9 +73,6 @@ public class FnRoleService { } public FnRole getRole(final Long appId, final Long appRoleId) { - - String sql = "SELECT * FROM fn_role where APP_ID = :appId AND APP_ROLE_ID = :appRoleId"; - List roles = Optional.of(fnRoleDao.retrieveAppRoleByAppRoleIdAndByAppId(appId, appRoleId)) .orElse(new ArrayList<>()); if (!roles.isEmpty()) { @@ -87,6 +87,21 @@ public class FnRoleService { return null; } + public List getAppRoles(Long appId) { + List applicationRoles; + try { + if (appId == 1) { + applicationRoles = retrieveAppRolesWhereAppIdIsNull(); + } else { + applicationRoles = retrieveAppRolesByAppId(appId); + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles: failed", e); + throw e; + } + return applicationRoles; + } + public List retrieveAppRoleByAppRoleIdAndByAppId(final Long appId, final Long appRoleId) { return Optional.of(fnRoleDao.retrieveAppRoleByAppRoleIdAndByAppId(appId, appRoleId)).orElse(new ArrayList<>()); } @@ -110,4 +125,26 @@ public class FnRoleService { public List retrieveAppRolesByRoleNameAndByAppId(final String roleName, final Long appId) { return Optional.of(fnRoleDao.retrieveAppRolesByRoleNameAndByAppId(roleName, appId)).orElse(new ArrayList<>()); } + + public List retrieveActiveRolesOfApplication(final Long appId) { + return Optional.of(fnRoleDao.retrieveActiveRolesOfApplication(appId)).orElse(new ArrayList<>()); + } + + public List getGlobalRolesOfPortal() { + List globalRoles = new ArrayList<>(); + try { + globalRoles = Optional.of(fnRoleDao.getGlobalRolesOfPortal()).orElse(new ArrayList<>()); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getGlobalRolesOfPortal failed", e); + } + return globalRoles; + } + + public void delete(FnRole role) { + fnRoleDao.delete(role); + } + + public FnRole saveOne(final FnRole role){ + return fnRoleDao.save(role); + } } diff --git a/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserRoleService.java b/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserRoleService.java index 7772c8f0..cadc3439 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserRoleService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserRoleService.java @@ -47,24 +47,17 @@ import java.io.IOException; import java.time.LocalDateTime; import java.util.ArrayList; import java.util.Arrays; -import java.util.Collection; -import java.util.HashMap; +import java.util.HashSet; import java.util.LinkedHashSet; import java.util.List; -import java.util.Map; import java.util.Optional; import java.util.Set; import java.util.SortedSet; import java.util.stream.Collectors; import javax.persistence.EntityManager; -import javax.persistence.Query; import javax.persistence.Tuple; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang.StringUtils; import org.apache.cxf.transport.http.HTTPException; -import org.hibernate.Session; -import org.hibernate.SessionFactory; -import org.hibernate.Transaction; import org.onap.portal.dao.fn.FnUserRoleDao; import org.onap.portal.domain.db.ep.EpUserRolesRequest; import org.onap.portal.domain.db.ep.EpUserRolesRequestDet; @@ -75,21 +68,17 @@ import org.onap.portal.domain.db.fn.FnUserRole; import org.onap.portal.domain.dto.ecomp.EPUserAppCatalogRoles; import org.onap.portal.domain.dto.ecomp.ExternalSystemAccess; import org.onap.portal.domain.dto.transport.AppWithRolesForUser; -import org.onap.portal.domain.dto.transport.ExternalAccessUserRoleDetail; import org.onap.portal.domain.dto.transport.FieldsValidator; import org.onap.portal.domain.dto.transport.RemoteRole; import org.onap.portal.domain.dto.transport.RemoteUserWithRoles; +import org.onap.portal.domain.dto.transport.Role; import org.onap.portal.domain.dto.transport.RoleInAppForUser; import org.onap.portal.domain.dto.transport.UserApplicationRoles; -import org.onap.portal.exception.SyncUserRolesException; -import org.onap.portal.logging.format.EPAppMessagesEnum; -import org.onap.portal.logging.logic.EPLogUtil; import org.onap.portal.service.ApplicationsRestClientService; -import org.onap.portal.service.ExternalAccessRolesService; +import org.onap.portal.service.ep.EpAppFunctionService; import org.onap.portal.service.ep.EpUserRolesRequestDetService; import org.onap.portal.service.ep.EpUserRolesRequestService; import org.onap.portal.utils.EPCommonSystemProperties; -import org.onap.portal.utils.EcompPortalUtils; import org.onap.portal.utils.PortalConstants; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.restful.domain.EcompRole; @@ -97,7 +86,6 @@ import org.onap.portalsdk.core.util.SystemProperties; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; -import org.springframework.web.client.RestTemplate; @Service @Transactional @@ -164,6 +152,7 @@ public class FnUserRoleService { private final FnAppService fnAppService; private final FnRoleService fnRoleService; private final FnUserService fnUserService; + private final EpAppFunctionService epAppFunctionService; private final EpUserRolesRequestService epUserRolesRequestService; private final EpUserRolesRequestDetService epUserRolesRequestDetService; private final EntityManager entityManager; @@ -175,6 +164,7 @@ public class FnUserRoleService { FnAppService fnAppService, FnRoleService fnRoleService, FnUserService fnUserService, + EpAppFunctionService epAppFunctionService, EpUserRolesRequestService epUserRolesRequestService, EpUserRolesRequestDetService epUserRolesRequestDetService, EntityManager entityManager, @@ -183,12 +173,17 @@ public class FnUserRoleService { this.fnAppService = fnAppService; this.fnRoleService = fnRoleService; this.fnUserService = fnUserService; + this.epAppFunctionService = epAppFunctionService; this.epUserRolesRequestService = epUserRolesRequestService; this.epUserRolesRequestDetService = epUserRolesRequestDetService; this.entityManager = entityManager; this.applicationsRestClientService = applicationsRestClientService; } + public List retrieveByAppIdAndRoleId(final Long appId, final Long roleId) { + return Optional.of(fnUserRoleDao.retrieveByAppIdAndRoleId(appId, roleId)).orElse(new ArrayList<>()); + } + public List getAdminUserRoles(final Long userId, final Long roleId, final Long appId) { return fnUserRoleDao.getAdminUserRoles(userId, roleId, appId).orElse(new ArrayList<>()); } @@ -480,4 +475,68 @@ public class FnUserRoleService { public void deleteById(final Long id) { fnUserRoleDao.deleteById(id); } + + public List constructRolesInAppForUserGet(List appRoles, FnRole[] userAppRoles, + Boolean extRequestValue) { + List rolesInAppForUser = new ArrayList<>(); + + Set userAppRolesMap = new HashSet<>(); + if (userAppRoles != null) { + for (FnRole ecompRole : userAppRoles) { + userAppRolesMap.add(ecompRole.getAppId()); + } + logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - userAppRolesMap = {}", + userAppRolesMap); + + } else { + logger.error(EELFLoggerDelegate.errorLogger, + "constructRolesInAppForUserGet has received userAppRoles list empty."); + } + + if (appRoles != null) { + for (Role ecompRole : appRoles) { + logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - appRoles not null = {}", + ecompRole); + + if (ecompRole.getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID) && !extRequestValue) { + continue; + } + RoleInAppForUser roleForUser = new RoleInAppForUser(ecompRole.getId(), ecompRole.getName()); + roleForUser.setIsApplied(userAppRolesMap.contains(ecompRole.getId())); + rolesInAppForUser.add(roleForUser); + logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - rolesInAppForUser = {}", + rolesInAppForUser); + + } + } else { + logger.error(EELFLoggerDelegate.errorLogger, + "constructRolesInAppForUser has received appRoles list empty."); + } + return rolesInAppForUser; + } + + public List constructRolesInAppForUserGet(EcompRole[] appRoles, EcompRole[] userAppRoles) { + List rolesInAppForUser = new ArrayList<>(); + + Set userAppRolesMap = new HashSet<>(); + if (userAppRoles != null) { + for (EcompRole ecompRole : userAppRoles) { + userAppRolesMap.add(ecompRole.getId()); + } + } else { + logger.error(EELFLoggerDelegate.errorLogger, + "constructRolesInAppForUserGet has received userAppRoles list empty"); + } + + if (appRoles != null) { + for (EcompRole ecompRole : appRoles) { + RoleInAppForUser roleForUser = new RoleInAppForUser(ecompRole.getId(), ecompRole.getName()); + roleForUser.setIsApplied(userAppRolesMap.contains(ecompRole.getId())); + rolesInAppForUser.add(roleForUser); + } + } else { + logger.error(EELFLoggerDelegate.errorLogger, "constructRolesInAppForUser has received appRoles list empty"); + } + return rolesInAppForUser; + } }