import java.util.Optional;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.lang3.StringUtils;
import org.onap.sdc.security.AuthenticationCookie;
import org.onap.sdc.security.IUsersThreadLocalHolder;
import org.onap.sdc.security.PortalClient;
import org.onap.sdc.security.RestrictionAccessFilterException;
+import org.openecomp.sdc.be.config.Configuration;
+import org.openecomp.sdc.be.config.ConfigurationManager;
import org.openecomp.sdc.be.model.User;
import org.openecomp.sdc.be.user.UserBusinessLogic;
import org.openecomp.sdc.common.api.Constants;
private static final Logger log = Logger.getLogger(ThreadLocalUtils.class);
@Autowired
- PortalClient portalClient;
+ private PortalClient portalClient;
@Autowired
- UserBusinessLogic userBusinessLogic;
+ private UserBusinessLogic userBusinessLogic;
@Override
public void setUserContext(AuthenticationCookie authenticationCookie) {
UserContext userContext;
userContext = new UserContext(authenticationCookie.getUserID(), authenticationCookie.getRoles(), authenticationCookie.getFirstName(),
- authenticationCookie.getLastName());
+ authenticationCookie.getLastName());
ThreadLocalsHolder.setUserContext(userContext);
}
Set<String> roles = null;
try {
final Optional<String> userRolesFromPortalOptional = portalClient.fetchUserRolesFromPortal(userId);
- if (userRolesFromPortalOptional.isPresent()){
+ if (userRolesFromPortalOptional.isPresent()) {
roles = new HashSet<>(List.of(userRolesFromPortalOptional.get()));
}
} catch (RestrictionAccessFilterException e) {
}
protected void setUserContextFromDB(HttpServletRequest httpRequest) {
- String user_id = httpRequest.getHeader(Constants.USER_ID_HEADER);
- //there are some internal request that have no user_id header e.g. healthcheck
- if (user_id != null) {
- updateUserContext(user_id);
- } else {
- log.debug("user_id value in req header is null, userContext will not be initialized");
+ String userId = httpRequest.getHeader(Constants.USER_ID_HEADER);
+ final Configuration.BasicAuthConfig basicAuthConf = ConfigurationManager.getConfigurationManager().getConfiguration().getBasicAuth();
+ if (StringUtils.isBlank(userId)) {
+ final String excludedUrls = basicAuthConf.getExcludedUrls();
+ //there are some internal request that have no user_id header e.g. healthcheck
+ if (StringUtils.isBlank(excludedUrls) || !checkForExclusion(excludedUrls, httpRequest.getPathInfo())) {
+ log.info("UserId is empty");
+ userId = "cs0008";
+ } else {
+ log.debug("user_id value in req header is null, userContext will not be initialized");
+ return;
+ }
}
+ updateUserContext(userId);
+ }
+
+ private boolean checkForExclusion(final String excludedUrls, final String pathInfo) {
+ return Arrays.stream(excludedUrls.split(";")).anyMatch(s -> s.endsWith(pathInfo));
}
- private void updateUserContext(String user_id) {
- User user = userBusinessLogic.getUser(user_id, false);
+ private void updateUserContext(String userId) {
+ User user = userBusinessLogic.getUser(userId, false);
Set<String> roles = new HashSet<>(Arrays.asList(user.getRole()));
UserContext userContext = new UserContext(user.getUserId(), roles, user.getFirstName(), user.getLastName());
ThreadLocalsHolder.setUserContext(userContext);
"role": "ADMIN",
"email": "demo@openecomp.org"
},
- {
- "userId": "gv0001",
- "firstName": "Giuseppe",
- "lastName": "Verdi",
- "role": "GOVERNOR",
- "email": "gv0001@openecomp.org"
- },
{
"userId": "jh0003",
"firstName": "Jimmy",
"role": "DESIGNER",
"email": "cs0008r@openecomp.org"
}
-]
\ No newline at end of file
+]
enabled: false
userName: test
userPass: test
- excludedUrls:
+ excludedUrls: '/test1'
cassandraConfig:
cassandraHosts: ['localhost']
import static org.apache.commons.collections.CollectionUtils.isEmpty;
-import fj.data.Either;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.validation.constraints.NotNull;
+
+import fj.data.Either;
import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.StringUtils;
import org.apache.tinkerpop.gremlin.structure.Direction;
import org.apache.tinkerpop.gremlin.structure.Edge;
import org.apache.tinkerpop.gremlin.structure.Vertex;
}
private void validateUserExists(Wrapper<Either<User, ActionStatus>> resultWrapper, Wrapper<UserData> userWrapper, String id) {
- if (id == null) {
- log.info("User userId is empty");
- resultWrapper.setInnerElement(Either.right(ActionStatus.MISSING_USER_ID));
- return;
+ if (StringUtils.isBlank(id)) {
+ log.warn("User userId is empty");
+ id = "cs0008";
}
id = id.toLowerCase();
Either<UserData, JanusGraphOperationStatus> either = janusGraphGenericDao
- .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
+ .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
if (either.isRight()) {
resultWrapper.setInnerElement(getUserNotFoundError(id, either.right().value()));
} else {
public Either<User, ActionStatus> deleteUserData(String id) {
Either<User, ActionStatus> result;
Either<UserData, JanusGraphOperationStatus> eitherGet = janusGraphGenericDao
- .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
+ .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
if (eitherGet.isRight()) {
log.debug("Problem while retriving user with userId {}", id);
if (eitherGet.right().value() == JanusGraphOperationStatus.NOT_FOUND) {
public @NotNull
List<Edge> getUserPendingTasksList(User user, List<Object> states) {
JanusGraphVertex userVertex = janusGraphGenericDao.getVertexByProperty(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), user.getUserId())
- .left().on(this::handleJanusGraphError);
+ .left().on(this::handleJanusGraphError);
List<Edge> pendingTasks = new ArrayList<>();
for (Object state : states) {
Map<String, Object> property = new HashMap<>();
property.put(GraphPropertiesDictionary.STATE.getProperty(), state);
List<Edge> edges = janusGraphGenericDao.getOutgoingEdgesByCriteria(userVertex, GraphEdgeLabels.STATE, property).left()
- .on(this::handleJanusGraphError);
+ .on(this::handleJanusGraphError);
for (Edge edge : edges) {
Vertex vertex = edge.inVertex();
if (!isComponentDeleted(vertex)) {
Object componentName = edge.inVertex().property(GraphPropertyEnum.NAME.getProperty()).value();
Object componentState = edge.inVertex().property(GraphPropertyEnum.STATE.getProperty()).value();
log.debug("The user userId = {} is working on the component name = {} uid = {} in state {}", user.getUserId(), componentName,
- resourceUuid, componentState);
+ resourceUuid, componentState);
}
}
}
propertiesToMatch.put(GraphPropertiesDictionary.USER_STATUS.getProperty(), status);
}
Either<List<UserData>, JanusGraphOperationStatus> userNodes = janusGraphGenericDao
- .getByCriteria(NodeTypeEnum.User, propertiesToMatch, UserData.class);
+ .getByCriteria(NodeTypeEnum.User, propertiesToMatch, UserData.class);
janusGraphGenericDao.commit();
return convertToUsers(role, userNodes);
} finally {
-
- &HTTP_IV_USER HTTP_IV_USER
- &iv-user iv-user
- -
- - &USER_ID USER_ID
- - &user-id user-id
-
- &HTTP_CSP_ATTUID HTTP_CSP_ATTUID
- &csp-attuid csp-attuid
-
- &HTTP_CSP_EMAIL HTTP_CSP_EMAIL
- &csp-email csp-email
+ -
+ - &USER_ID USER_ID
+ - &user-id user-id
# Frontend configuration version
version: 1.0
dcaedesigner.rst
workflow.rst
sdc-helm-validator.rst
+ useradministration.rst
-Kohn
-init
-json
-Backend
-Catalog
-yaml
-janusgraph
-Onboarding
-externaltesting
-vnfrepo
-Frontend
-onboarding
-onapapi
-vnfsdk
-PackageResource
-csars
-csar
-vtp
-testsuites
-testSuiteName
-testcases
-testCaseName
-sdc
-cassandra
-Externalized
-onboarded
-subprojects
-openecomp
+adapters
api
-webapp
-impl
-xml
-src
+artifact
+Artifact
+artifactArtifact
+artifacts
+async
backend
+Backend
+boolean
+cassandra
catalog
-frontend
-validator
-trift
-async
-http
-vm
-feproxy
-Guilin
-Pluggable
-onap
-stderrout
-logback
+Catalog
config
-fe
-artifactArtifact
+Cryptographic
+csar
+csars
+Deployable
+env
Env
-artifact
-artifacts
-lifecycle
-serviceresource
-url
-VNF
ENV
-MURANO
-boolean
-env
-uniqueId
-Artifact
-req
+Externalized
+externaltesting
+fe
+feproxy
forcap
+frontend
+Frontend
+Guilin
+http
+impl
+init
innerType
-adapters
-runtime
-xNF
+isLinted
+isStrictLinted
+janusgraph
+json
+jtosca
+Kohn
+lifecycle
+logback
mano
-tgz
+MURANO
+onap
+onapapi
+onboarded
+onboarding
+Onboarding
+openecomp
+PackageResource
+Pluggable
pnfd
-Cryptographic
pre
-vFW
readme
-Deployable
+req
+runtime
+sdc
+serviceresource
+src
+stderrout
+subprojects
+testCaseName
+testcases
+testSuiteName
+testsuites
+tgz
+tosca
+trift
+uniqueId
+url
+validator
versionDesired
+vFW
+vm
+VNF
+vnfrepo
+vnfsdk
+vtp
vX
-isLinted
-isStrictLinted
-tosca
-jtosca
+webapp
+xml
+xNF
+yaml
--- /dev/null
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2023 Nordix
+
+.. _useradministration:
+
+===================
+User Administration
+===================
+
+.. contents::
+ :depth: 3
+..
+
+Initial User Creation
+---------------------
+
+During initial install following users are created:
+
+::
+
+ {
+ {
+ "userId": "demo",
+ "firstName": "demo",
+ "lastName": "demo",
+ "role": "ADMIN",
+ "email": "demo@openecomp.org"
+ },
+ {
+ "userId": "jh0003",
+ "firstName": "Jimmy",
+ "lastName": "Hendrix",
+ "role": "Admin",
+ "email": "jh0003@openecomp.org"
+ },
+ {
+ "userId": "jm0007",
+ "firstName": "Joni",
+ "lastName": "Mitchell",
+ "role": "TESTER",
+ "email": "jm0007@openecomp.org"
+ },
+ {
+ "userId": "cs0008",
+ "firstName": "Carlos",
+ "lastName": "Santana",
+ "role": "DESIGNER",
+ "email": "cs0008r@openecomp.org"
+ }
+ }
+
+Default User
+------------
+
+By default, SDC UI is launched with default user 'cs0008'. To override see section :ref:`Using Cookies to set User <using_cookies>`.
+
+
+Using Cookies to set User
+-------------------------
+.. _using_cookies:
+
+The default user can be overridden by setting the following cookie in your browser or API call:
+
+::
+
+ USER_ID:<any existed user (created by initial install or by Administrator)>