Code Review / sdc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 342f9f8)
Remove need for USER_ID header 38/134638/11
authorvasraz <vasyl.razinkov@est.tech>
Thu, 25 May 2023 11:31:58 +0000 (12:31 +0100)
committerMichael Morris <michael.morris@est.tech>
Mon, 29 May 2023 11:59:56 +0000 (11:59 +0000)
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: I5dd1e34343bebec8a26786f402dc2b9b818e7f10
Issue-ID: SDC-4508

catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java patch | blob | history
catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json patch | blob | history
catalog-be/src/test/resources/config/catalog-be/configuration.yaml patch | blob | history
catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java patch | blob | history
docs/configuration.rst patch | blob | history
docs/index.rst patch | blob | history
docs/spelling_wordlist.txt patch | blob | history
docs/useradministration.rst [new file with mode: 0644] patch | blob

diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
index 42b0291..13abdd3 100644 (file)
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
@@ -25,10 +25,14 @@ import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.lang3.StringUtils;
 import org.onap.sdc.security.AuthenticationCookie;
 import org.onap.sdc.security.IUsersThreadLocalHolder;
 import org.onap.sdc.security.PortalClient;
 import org.onap.sdc.security.RestrictionAccessFilterException;
+import org.openecomp.sdc.be.config.Configuration;
+import org.openecomp.sdc.be.config.ConfigurationManager;
 import org.openecomp.sdc.be.model.User;
 import org.openecomp.sdc.be.user.UserBusinessLogic;
 import org.openecomp.sdc.common.api.Constants;
@@ -41,15 +45,15 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
 
     private static final Logger log = Logger.getLogger(ThreadLocalUtils.class);
     @Autowired
-    PortalClient portalClient;
+    private PortalClient portalClient;
     @Autowired
-    UserBusinessLogic userBusinessLogic;
+    private UserBusinessLogic userBusinessLogic;
 
     @Override
     public void setUserContext(AuthenticationCookie authenticationCookie) {
         UserContext userContext;
         userContext = new UserContext(authenticationCookie.getUserID(), authenticationCookie.getRoles(), authenticationCookie.getFirstName(),
-            authenticationCookie.getLastName());
+                authenticationCookie.getLastName());
         ThreadLocalsHolder.setUserContext(userContext);
     }
 
@@ -59,7 +63,7 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
             Set<String> roles = null;
             try {
                 final Optional<String> userRolesFromPortalOptional = portalClient.fetchUserRolesFromPortal(userId);
-                if (userRolesFromPortalOptional.isPresent()){
+                if (userRolesFromPortalOptional.isPresent()) {
                     roles = new HashSet<>(List.of(userRolesFromPortalOptional.get()));
                 }
             } catch (RestrictionAccessFilterException e) {
@@ -74,17 +78,28 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
     }
 
     protected void setUserContextFromDB(HttpServletRequest httpRequest) {
-        String user_id = httpRequest.getHeader(Constants.USER_ID_HEADER);
-        //there are some internal request that have no user_id header e.g. healthcheck
-        if (user_id != null) {
-            updateUserContext(user_id);
-        } else {
-            log.debug("user_id value in req header is null, userContext will not be initialized");
+        String userId = httpRequest.getHeader(Constants.USER_ID_HEADER);
+        final Configuration.BasicAuthConfig basicAuthConf = ConfigurationManager.getConfigurationManager().getConfiguration().getBasicAuth();
+        if (StringUtils.isBlank(userId)) {
+            final String excludedUrls = basicAuthConf.getExcludedUrls();
+            //there are some internal request that have no user_id header e.g. healthcheck
+            if (StringUtils.isBlank(excludedUrls) || !checkForExclusion(excludedUrls, httpRequest.getPathInfo())) {
+                log.info("UserId is empty");
+                userId = "cs0008";
+            } else {
+                log.debug("user_id value in req header is null, userContext will not be initialized");
+                return;
+            }
         }
+        updateUserContext(userId);
+    }
+
+    private boolean checkForExclusion(final String excludedUrls, final String pathInfo) {
+        return Arrays.stream(excludedUrls.split(";")).anyMatch(s -> s.endsWith(pathInfo));
     }
 
-    private void updateUserContext(String user_id) {
-        User user = userBusinessLogic.getUser(user_id, false);
+    private void updateUserContext(String userId) {
+        User user = userBusinessLogic.getUser(userId, false);
         Set<String> roles = new HashSet<>(Arrays.asList(user.getRole()));
         UserContext userContext = new UserContext(user.getUserId(), roles, user.getFirstName(), user.getLastName());
         ThreadLocalsHolder.setUserContext(userContext);
diff --git a/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json b/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json
index ed3adaf..0c9b556 100755 (executable)
--- a/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json
+++ b/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json
@@ -6,13 +6,6 @@
     "role": "ADMIN",
     "email": "demo@openecomp.org"
   },
-  {
-    "userId": "gv0001",
-    "firstName": "Giuseppe",
-    "lastName": "Verdi",
-    "role": "GOVERNOR",
-    "email": "gv0001@openecomp.org"
-  },
   {
     "userId": "jh0003",
     "firstName": "Jimmy",
@@ -34,4 +27,4 @@
     "role": "DESIGNER",
     "email": "cs0008r@openecomp.org"
   }
-]
\ No newline at end of file
+]
diff --git a/catalog-be/src/test/resources/config/catalog-be/configuration.yaml b/catalog-be/src/test/resources/config/catalog-be/configuration.yaml
index 94e5dd5..282c4d3 100644 (file)
--- a/catalog-be/src/test/resources/config/catalog-be/configuration.yaml
+++ b/catalog-be/src/test/resources/config/catalog-be/configuration.yaml
@@ -86,7 +86,7 @@ basicAuth:
   enabled: false
   userName: test
   userPass: test
-  excludedUrls:
+  excludedUrls: '/test1'
 
 cassandraConfig:
     cassandraHosts: ['localhost']
diff --git a/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java b/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java
index 64bc923..1552aa3 100644 (file)
--- a/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java
+++ b/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java
@@ -21,14 +21,16 @@ package org.openecomp.sdc.be.model.operations.impl;
 
 import static org.apache.commons.collections.CollectionUtils.isEmpty;
 
-import fj.data.Either;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import javax.validation.constraints.NotNull;
+
+import fj.data.Either;
 import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.tinkerpop.gremlin.structure.Direction;
 import org.apache.tinkerpop.gremlin.structure.Edge;
 import org.apache.tinkerpop.gremlin.structure.Vertex;
@@ -119,14 +121,13 @@ public class UserAdminOperation {
     }
 
     private void validateUserExists(Wrapper<Either<User, ActionStatus>> resultWrapper, Wrapper<UserData> userWrapper, String id) {
-        if (id == null) {
-            log.info("User userId  is empty");
-            resultWrapper.setInnerElement(Either.right(ActionStatus.MISSING_USER_ID));
-            return;
+        if (StringUtils.isBlank(id)) {
+            log.warn("User userId is empty");
+            id = "cs0008";
         }
         id = id.toLowerCase();
         Either<UserData, JanusGraphOperationStatus> either = janusGraphGenericDao
-            .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
+                .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
         if (either.isRight()) {
             resultWrapper.setInnerElement(getUserNotFoundError(id, either.right().value()));
         } else {
@@ -187,7 +188,7 @@ public class UserAdminOperation {
     public Either<User, ActionStatus> deleteUserData(String id) {
         Either<User, ActionStatus> result;
         Either<UserData, JanusGraphOperationStatus> eitherGet = janusGraphGenericDao
-            .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
+                .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
         if (eitherGet.isRight()) {
             log.debug("Problem while retriving user with userId {}", id);
             if (eitherGet.right().value() == JanusGraphOperationStatus.NOT_FOUND) {
@@ -247,13 +248,13 @@ public class UserAdminOperation {
     public @NotNull
     List<Edge> getUserPendingTasksList(User user, List<Object> states) {
         JanusGraphVertex userVertex = janusGraphGenericDao.getVertexByProperty(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), user.getUserId())
-            .left().on(this::handleJanusGraphError);
+                .left().on(this::handleJanusGraphError);
         List<Edge> pendingTasks = new ArrayList<>();
         for (Object state : states) {
             Map<String, Object> property = new HashMap<>();
             property.put(GraphPropertiesDictionary.STATE.getProperty(), state);
             List<Edge> edges = janusGraphGenericDao.getOutgoingEdgesByCriteria(userVertex, GraphEdgeLabels.STATE, property).left()
-                .on(this::handleJanusGraphError);
+                    .on(this::handleJanusGraphError);
             for (Edge edge : edges) {
                 Vertex vertex = edge.inVertex();
                 if (!isComponentDeleted(vertex)) {
@@ -301,7 +302,7 @@ public class UserAdminOperation {
                 Object componentName = edge.inVertex().property(GraphPropertyEnum.NAME.getProperty()).value();
                 Object componentState = edge.inVertex().property(GraphPropertyEnum.STATE.getProperty()).value();
                 log.debug("The user userId = {} is working on the component name = {} uid = {} in state {}", user.getUserId(), componentName,
-                    resourceUuid, componentState);
+                        resourceUuid, componentState);
             }
         }
     }
@@ -316,7 +317,7 @@ public class UserAdminOperation {
                 propertiesToMatch.put(GraphPropertiesDictionary.USER_STATUS.getProperty(), status);
             }
             Either<List<UserData>, JanusGraphOperationStatus> userNodes = janusGraphGenericDao
-                .getByCriteria(NodeTypeEnum.User, propertiesToMatch, UserData.class);
+                    .getByCriteria(NodeTypeEnum.User, propertiesToMatch, UserData.class);
             janusGraphGenericDao.commit();
             return convertToUsers(role, userNodes);
         } finally {
diff --git a/docs/configuration.rst b/docs/configuration.rst
index 5de8ede..480aead 100644 (file)
--- a/docs/configuration.rst
+++ b/docs/configuration.rst
@@ -1291,9 +1291,6 @@ FE-configuration.yaml
         -
             - &HTTP_IV_USER HTTP_IV_USER
             - &iv-user iv-user
-        -
-            - &USER_ID USER_ID
-            - &user-id user-id
         -
             - &HTTP_CSP_ATTUID HTTP_CSP_ATTUID
             - &csp-attuid csp-attuid
@@ -1315,6 +1312,9 @@ FE-configuration.yaml
         -
             - &HTTP_CSP_EMAIL HTTP_CSP_EMAIL
             - &csp-email csp-email
+        -
+            - &USER_ID USER_ID
+            - &user-id user-id
 
     # Frontend configuration version
     version: 1.0
diff --git a/docs/index.rst b/docs/index.rst
index 14a2150..d129a82 100644 (file)
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -25,3 +25,4 @@ SDC Documentation
    dcaedesigner.rst
    workflow.rst
    sdc-helm-validator.rst
+   useradministration.rst
diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
index 14ef458..475573d 100644 (file)
--- a/docs/spelling_wordlist.txt
+++ b/docs/spelling_wordlist.txt
@@ -1,83 +1,83 @@
-Kohn
-init
-json
-Backend
-Catalog
-yaml
-janusgraph
-Onboarding
-externaltesting
-vnfrepo
-Frontend
-onboarding
-onapapi
-vnfsdk
-PackageResource
-csars
-csar
-vtp
-testsuites
-testSuiteName
-testcases
-testCaseName
-sdc
-cassandra
-Externalized
-onboarded
-subprojects
-openecomp
+adapters
 api
-webapp
-impl
-xml
-src
+artifact
+Artifact
+artifactArtifact
+artifacts
+async
 backend
+Backend
+boolean
+cassandra
 catalog
-frontend
-validator
-trift
-async
-http
-vm
-feproxy
-Guilin
-Pluggable
-onap
-stderrout
-logback
+Catalog
 config
-fe
-artifactArtifact
+Cryptographic
+csar
+csars
+Deployable
+env
 Env
-artifact
-artifacts
-lifecycle
-serviceresource
-url
-VNF
 ENV
-MURANO
-boolean
-env
-uniqueId
-Artifact
-req
+Externalized
+externaltesting
+fe
+feproxy
 forcap
+frontend
+Frontend
+Guilin
+http
+impl
+init
 innerType
-adapters
-runtime
-xNF
+isLinted
+isStrictLinted
+janusgraph
+json
+jtosca
+Kohn
+lifecycle
+logback
 mano
-tgz
+MURANO
+onap
+onapapi
+onboarded
+onboarding
+Onboarding
+openecomp
+PackageResource
+Pluggable
 pnfd
-Cryptographic
 pre
-vFW
 readme
-Deployable
+req
+runtime
+sdc
+serviceresource
+src
+stderrout
+subprojects
+testCaseName
+testcases
+testSuiteName
+testsuites
+tgz
+tosca
+trift
+uniqueId
+url
+validator
 versionDesired
+vFW
+vm
+VNF
+vnfrepo
+vnfsdk
+vtp
 vX
-isLinted
-isStrictLinted
-tosca
-jtosca
+webapp
+xml
+xNF
+yaml
diff --git a/docs/useradministration.rst b/docs/useradministration.rst
new file mode 100644 (file)
index 0000000..f32f9dd
--- /dev/null
+++ b/docs/useradministration.rst
@@ -0,0 +1,67 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2023 Nordix
+
+.. _useradministration:
+
+===================
+User Administration
+===================
+
+.. contents::
+   :depth: 3
+..
+
+Initial User Creation
+---------------------
+
+During initial install following users are created:
+
+::
+
+    {
+      {
+        "userId": "demo",
+        "firstName": "demo",
+        "lastName": "demo",
+        "role": "ADMIN",
+        "email": "demo@openecomp.org"
+      },
+      {
+        "userId": "jh0003",
+        "firstName": "Jimmy",
+        "lastName": "Hendrix",
+        "role": "Admin",
+        "email": "jh0003@openecomp.org"
+      },
+      {
+        "userId": "jm0007",
+        "firstName": "Joni",
+        "lastName": "Mitchell",
+        "role": "TESTER",
+        "email": "jm0007@openecomp.org"
+      },
+      {
+        "userId": "cs0008",
+        "firstName": "Carlos",
+        "lastName": "Santana",
+        "role": "DESIGNER",
+        "email": "cs0008r@openecomp.org"
+      }
+    }
+
+Default User
+------------
+
+By default, SDC UI is launched with default user 'cs0008'. To override see section :ref:`Using Cookies to set User <using_cookies>`.
+
+
+Using Cookies to set User
+-------------------------
+.. _using_cookies:
+
+The default user can be overridden by setting the following cookie in your browser or API call:
+
+::
+
+    USER_ID:<any existed user (created by initial install or by Administrator)>
SDC Parent Project Catalog FE and BE