</exclusions>
</dependency>
- <!-- CADI -->
- <dependency>
- <groupId>org.onap.aaf.authz</groupId>
- <artifactId>aaf-cadi-aaf</artifactId>
- <version>${cadi.version}</version>
- <exclusions>
- <exclusion>
- <groupId>com.datastax.cassandra</groupId>
- <artifactId>cassandra-driver-core</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
- </exclusion>
- <exclusion>
- <artifactId>log4j</artifactId>
- <groupId>log4j</groupId>
- </exclusion>
- <exclusion>
- <groupId>javax.servlet</groupId>
- <artifactId>javax.servlet-api</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
-
<!-- TEST -->
<dependency>
<groupId>org.assertj</groupId>
#| |
#+----------------------------------+
-default['jetty']['dmaap_truststore_pwd'] = "dmaap_truststore_pwd"
-default['jetty']['keystore_pwd'] = "?(kP!Yur![*!Y5!E^f(ZKc31"
-default['jetty']['keymanager_pwd'] = "?(kP!Yur![*!Y5!E^f(ZKc31"
-default['jetty']['truststore_path'] = "#{ENV['JETTY_BASE']}/etc/truststore"
-# TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION
-# MUST BE ALSO CHANGE IN THE startup.sh FILE
-default['jetty'][:truststore_pwd] = "z+KEj;t+,KN^iimSiS89e#p0"
-
#BasicAuth
default['basic_auth']['enabled'] = false
default['basic_auth'][:user_name] = "testName"
default['cassandra']['socket_read_timeout'] = 20000
default['cassandra']['socket_connect_timeout'] = 20000
default['cassandra']['janusgraph_connection_timeout'] = 10000
-default['cassandra'][:truststore_password] = "Aa123456"
default['cassandra']['janusgraph_config_file'] = "#{ENV['JETTY_BASE']}/config/catalog-be/janusgraph.properties"
default['cassandra'][:db_cache] = true
default['cassandra'][:read_consistency_level] = "ONE"
default['DMAAP']['consumer']['username'] = "user"
default['DMAAP']['partitioncount'] = "3"
default['DMAAP']['replicationcount'] = "3"
-
-
-#+----------------------------------+
-#| |
-#| Access Restriction / CADI |
-#| |
-#+----------------------------------+
-
-# Cadi
-default['access_restriction']['cadi_root_dir'] = "#{ENV['JETTY_BASE']}/etc"
-default['access_restriction']['cadi_keyfile'] = "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12"
-default['access_restriction']['cadi_loglevel'] = "DEBUG"
-default['access_restriction']['cadi_truststore'] = "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks"
-default['access_restriction']['cadi_truststore_password'] = "changeit"
-default['access_restriction']['cadiX509Issuers'] = "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US"
-default['access_restriction']['encrypted_password'] = "enc:AccessRestrictionEncryptedPassword"
-default['access_restriction_key'] = nil
-
-# Access Restriction Key
-default['aafNamespace'] = "com.onap.sdc"
-default['access_restriction']['aaf_env'] = "TEST"
-default['access_restriction']['aaf_id'] = "user"
-default['access_restriction']['aaf_locate_url'] = ""
-default['access_restriction']['aaf_password'] = "enc:AafEncriptedPassword"
-default['access_restriction']['aaf_url'] = ""
-default['access_restriction']['aafAuthNeeded'] = false
-default['access_restriction']['AFT_DME2_CLIENT_IGNORE_SSL_CONFIG'] = true
-default['access_restriction']['AFT_DME2_HTTP_EXCHANGE_TRACE_ON'] = true
-default['access_restriction']['AFT_ENVIRONMENT'] = "AFTUAT"
-default['access_restriction']['csp_domain'] = "PROD"
-default['access_restriction']['excluded_urls'] = "'/.*'"
-default['access_restriction']['excluded_urls_onboarding'] = "'/.*'"
-
+++ /dev/null
-#############################################################
-# This file should be replaced with jetty cadi.properties: #
-# /var/lib/jetty/base/be/etc/cadi.properties #
-#############################################################
+++ /dev/null
-##################################################################
-## This file should be replaced with jetty cadi_truststore.jks: #
-## /var/lib/jetty/base/be/etc/cadi_truststore.jks #
-##################################################################
+++ /dev/null
-#############################################################
-# This file should be replaced with jetty keyfile: #
-# /var/lib/jetty/base/be/etc/keyfile #
-#############################################################
+++ /dev/null
-jetty_base = "#{ENV['JETTY_BASE']}"
-
-
-directory "Jetty_etc_dir_creation" do
- path "#{jetty_base}/etc"
- owner "#{ENV['JETTY_USER']}"
- owner "#{ENV['JETTY_GROUP']}"
- mode '0755'
- action :create
- not_if { ::File.directory?("#{jetty_base}/etc") }
-end
-
-
-cookbook_file "#{jetty_base}/etc/keyfile" do
- source "keyfile"
- owner "#{ENV['JETTY_USER']}"
- owner "#{ENV['JETTY_GROUP']}"
- mode 0755
-end
-
-
-cookbook_file "#{jetty_base}/etc/cadi_truststore.jks" do
- source "cadi_truststore.jks"
- owner "#{ENV['JETTY_USER']}"
- owner "#{ENV['JETTY_GROUP']}"
- mode 0755
-end
-
-
-template "#{jetty_base}/etc/cadi.properties" do
- path "#{jetty_base}/etc/cadi.properties"
- source "cadi.properties.erb"
- owner "#{ENV['JETTY_USER']}"
- owner "#{ENV['JETTY_GROUP']}"
- mode "0755"
-end
-
+++ /dev/null
-
-directory "Jetty_etcdir_creation" do
- path "#{ENV['JETTY_BASE']}/etc"
- owner "#{ENV['JETTY_USER']}"
- owner "#{ENV['JETTY_GROUP']}"
- mode '0755'
- action :create
-end
-
-cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" do
- source "org.onap.sdc.p12"
- owner "#{ENV['JETTY_USER']}"
- owner "#{ENV['JETTY_GROUP']}"
- mode 0755
-end
-
-cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" do
- source "org.onap.sdc.trust.jks"
- owner "#{ENV['JETTY_USER']}"
- owner "#{ENV['JETTY_GROUP']}"
- mode 0755
-end
-
mode "0755"
variables :https_port => "#{node['BE'][:https_port]}"
end
-
-
-template "ssl-ini" do
- path "#{ENV['JETTY_BASE']}/start.d/ssl.ini"
- source "ssl-ini.erb"
- owner "#{ENV['JETTY_USER']}"
- group "#{ENV['JETTY_GROUP']}"
- mode "0755"
- variables ({
- :https_port => "#{node['BE'][:https_port]}" ,
- :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" ,
- :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" ,
- :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}"
- })
-end
tom: passwd
bob: passwd
-# access restriction
-authCookie:
- securityKey: "sdcaccessrestrictionsecureykey"
- maxSessionTimeOut: 86400000
- sessionIdleTimeOut: 3600000
- cookieName: "AuthenticationCookie"
- path: /
- domain: ""
- isHttpOnly: true
- # redirect variable name from portal.properties file
- redirectURL: ""
- excludedUrls: [<%= node['access_restriction']['excluded_urls'] %>]
- onboardingExcludedUrls: [<%= node['access_restriction']['excluded_urls_onboarding'] %>]
-
basicAuth:
enabled: <%= @basic_auth_flag %>
userName: <%= @user_name %>
username: <%= @cassandra_usr %>
password: <%= @cassandra_pwd %>
ssl: <%= @cassandra_ssl_enabled %>
- truststorePath : <%= node['jetty']['truststore_path'] %>
- truststorePassword : <%= @cassandra_truststore_password %>
keySpaces:
- { name: dox, replicationStrategy: NetworkTopologyStrategy, replicationInfo: ['<%= @REP_STRING %>']}
- { name: sdcaudit, replicationStrategy: NetworkTopologyStrategy, replicationInfo: ['<%= @REP_STRING %>']}
disableAudit: false
-consumerBusinessLogic: true
-
vfModuleProperties:
min_vf_module_instances:
forBaseModule: 1
username: user
password:
aftDme2SslEnable: true
- aftDme2ClientKeystore: <%= node['jetty']['truststore_path'] %>
- aftDme2ClientKeystorePassword: ""
aftDme2ClientSslCertAlias: certman
dmaapProducerConfiguration:
username: <%= node['DMAAP']['producer']['username'] %>
password: <%= node['DMAAP']['producer']['password'] %>
aftDme2SslEnable: true
- aftDme2ClientKeystore: <%= node['jetty']['truststore_path'] %>
- aftDme2ClientKeystorePassword: <%= node['jetty']['dmaap_truststore_pwd'] %>
aftDme2ClientSslCertAlias: certman
deleteLockTimeoutInSeconds: 60
maxDeleteComponents: 10
-# Cadi filter (access restriction) Parameters
-aafNamespace: <%= node['aafNamespace'] %>
-aafAuthNeeded: <%= node['access_restriction']['aafAuthNeeded'] %>
-
-cadiFilterParams:
- AFT_LATITUDE: "32.780140"
- AFT_LONGITUDE: "-96.800451"
- hostname: <%= node['BE_VIP'] %>
- aaf_id: <%= node['access_restriction']['aaf_id'] %>
- aaf_env: <%= node['access_restriction']['aaf_env'] %>
- aaf_url: <%= node['access_restriction']['aaf_url'] %>
- csp_domain: <%= node['access_restriction']['csp_domain'] %>
- cadi_keyfile: <%= node['access_restriction']['cadi_keyfile'] %>
- aaf_password: <%= node['access_restriction']['aaf_password'] %>
- cadi_loglevel: <%= node['access_restriction']['cadi_loglevel'] %>
- AFT_ENVIRONMENT: <%= node['access_restriction']['AFT_ENVIRONMENT'] %>
- cadiX509Issuers: <%= node['access_restriction']['cadiX509Issuers'] %>
- cadi_truststore: <%= node['access_restriction']['cadi_truststore'] %>
- cadi_truststore_password: <%= node['access_restriction']['cadi_truststore_password'] %>
-
# This configuration entry lists all node type names prefix that shall be allowed on SDC.
definedResourceNamespace:
- org.openecomp.resource.
+++ /dev/null
-# Configure AAF
-aaf_locate_url=<%= node['access_restriction']['aaf_locate_url'] %>
-
-aaf_url=<%= node['access_restriction']['aaf_url'] %>
-
-#if you are running aaf service from a docker image you have to use aaf service IP and port number
-aaf_id=<%= node['access_restriction']['aaf_id'] %>
-#Encrypt the password using AAF Jar
-aaf_password=<%= node['access_restriction']['aaf_password'] %>
-# Sample CADI Properties, from CADI 1.4.2
-hostname=<%= node['BE_VIP'] %>
-csp_domain=<%= node['access_restriction']['csp_domain'] %>
-
-# Add Absolute path to Keyfile
-cadi_keyfile=<%= node['access_restriction']['cadi_keyfile'] %>
-
-
-# This is required to accept Certificate Authentication from Certman certificates.
-# can be TEST, IST or PROD
-aaf_env=<%= node['access_restriction']['aaf_env'] %>
-
-# DEBUG prints off all the properties. Use to get started.
-cadi_loglevel=<%= node['access_restriction']['cadi_loglevel'] %>
-
-
-# Become CSO Poodle Compliant by only allowing sanctioned TLS versions
-# The following is the default
-# cadi_protocols=TLSv1.1,TLSv1.2
-
-# Default TrustStore - REQUIRED for changing PROTOCOL Defaults for DME2
-# Read https://wiki.web.att.com/pages/viewpage.action?pageId=574623569#URGENT:SolvingSSL2-3/TLSv1removalissues-Up-to-dateTruststore
-# Add Absolute path to truststore2020.jks
-cadi_truststore=<%= node['access_restriction']['cadi_truststore'] %>
-# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs
-cadi_truststore_password=<%= node['access_restriction']['cadi_truststore_password'] %>
-
-# how to turn on SSL Logging
-#javax.net.debug=ssl
-
-##
-# Hint
-# Use "maps.bing.com" to get Lat and Long for an Address
-AFT_LATITUDE=32.780140
-AFT_LONGITUDE=-96.800451
-AFT_ENVIRONMENT=<%= node['access_restriction']['AFT_ENVIRONMENT'] %>
-AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=<%= node['access_restriction']['AFT_DME2_CLIENT_IGNORE_SSL_CONFIG'] %>
-DME2.DEBUG=true
-AFT_DME2_HTTP_EXCHANGE_TRACE_ON=<%= node['access_restriction']['AFT_DME2_HTTP_EXCHANGE_TRACE_ON'] %>
-
-cadi_latitude=32.780140
-cadi_longitude=-96.800451
-
-aaf_root_ns=<%= node['aafNamespace'] %>
-aaf_api_version=2.0
"run_list": [
"recipe[sdc-catalog-be::BE_1_cleanup_jettydir]",
"recipe[sdc-catalog-be::BE_2_setup_configuration]",
- "recipe[sdc-catalog-be::BE_3_locate_keystore]",
"recipe[sdc-catalog-be::BE_4_jetty_Modules]",
"recipe[sdc-catalog-be::BE_6_setup_portal_and_key_properties]",
"recipe[sdc-catalog-be::BE_7_logback]",
"recipe[sdc-catalog-be::BE_8_errors_config]",
- "recipe[sdc-catalog-be::BE_9_prepareProbeFile]",
- "recipe[sdc-catalog-be::BE_10_setup_cadi]"
+ "recipe[sdc-catalog-be::BE_9_prepareProbeFile]"
],
"env_run_lists": {
}
props.setProperty("AFT_DME2_EP_READ_TIMEOUT_MS", Integer.toString(parameters.getAftDme2ReadTimeoutMs()));
props.setProperty("AFT_DME2_SSL_ENABLE", Boolean.toString(parameters.isAftDme2SslEnable()));
props.setProperty("AFT_DME2_CLIENT_IGNORE_SSL_CONFIG", Boolean.toString(parameters.isAftDme2ClientIgnoreSslConfig()));
- props.setProperty("AFT_DME2_CLIENT_KEYSTORE", parameters.getAftDme2ClientKeystore());
- props.setProperty("AFT_DME2_CLIENT_KEYSTORE_PASSWORD", parameters.getAftDme2ClientKeystorePassword());
props.setProperty("AFT_DME2_CLIENT_SSL_CERT_ALIAS", parameters.getAftDme2ClientSslCertAlias());
String dme2PreferredRouterFilePath = parameters.getDme2preferredRouterFilePath();
ensureFileExists(dme2PreferredRouterFilePath);
props.setProperty("AFT_DME2_EP_READ_TIMEOUT_MS", Integer.toString(parameters.getAftDme2ReadTimeoutMs()));
props.setProperty("AFT_DME2_SSL_ENABLE", Boolean.toString(parameters.isAftDme2SslEnable()));
props.setProperty("AFT_DME2_CLIENT_IGNORE_SSL_CONFIG", Boolean.toString(parameters.isAftDme2ClientIgnoreSslConfig()));
- props.setProperty("AFT_DME2_CLIENT_KEYSTORE", parameters.getAftDme2ClientKeystore());
- props.setProperty("AFT_DME2_CLIENT_KEYSTORE_PASSWORD", parameters.getAftDme2ClientKeystorePassword());
props.setProperty("AFT_DME2_CLIENT_SSL_CERT_ALIAS", parameters.getAftDme2ClientSslCertAlias());
String dme2PreferredRouterFilePath = parameters.getDme2preferredRouterFilePath();
ensureFileExists(dme2PreferredRouterFilePath);
import org.openecomp.sdc.be.catalog.impl.DmaapProducerHealth;
import org.openecomp.sdc.be.components.distribution.engine.DistributionEngineClusterHealth;
import org.openecomp.sdc.be.components.distribution.engine.DmaapHealth;
-import org.openecomp.sdc.be.components.impl.CADIHealthCheck;
import org.openecomp.sdc.be.components.impl.CassandraHealthCheck;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.config.Configuration;
healthCheckInfos.add(getHostedComponentsBeHealthCheck(HC_COMPONENT_ON_BOARDING, buildOnBoardingHealthCheckUrl()));
//ECOMP Portal
healthCheckInfos.add(portalHealthCheck.getHealthCheckInfo());
- //CADI
- healthCheckInfos.add(CADIHealthCheck.getCADIHealthCheckInstance().getCADIStatus());
return healthCheckInfos;
}
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.openecomp.sdc.be.components.impl;
-
-import static org.openecomp.sdc.common.api.Constants.HC_COMPONENT_CADI;
-import static org.openecomp.sdc.common.api.HealthCheckInfo.HealthCheckStatus.DOWN;
-
-import org.openecomp.sdc.common.api.HealthCheckInfo;
-import org.openecomp.sdc.common.log.wrappers.Logger;
-import org.springframework.stereotype.Component;
-
-@Component
-public class CADIHealthCheck {
-
- private static final Logger log = Logger.getLogger(CADIHealthCheck.class.getName());
- private static CADIHealthCheck cadiHealthCheckInstance = new CADIHealthCheck();
- private static HealthCheckInfo.HealthCheckStatus isCADIUpOrDown = DOWN;
-
- public static CADIHealthCheck getCADIHealthCheckInstance() {
- return cadiHealthCheckInstance;
- }
-
- public static HealthCheckInfo getCADIStatus() {
- log.debug("getCADIStatus: Checking whether CADI was up or down while its init.");
- String description = "OK";
- if (isCADIUpOrDown == DOWN) {
- description = "CADI filter failed initialization";
- }
- return new HealthCheckInfo(HC_COMPONENT_CADI, isCADIUpOrDown, null, description);
- }
-
- public void setIsCADIUp(HealthCheckInfo.HealthCheckStatus cadiStatus) {
- if (log.isDebugEnabled()) {
- log.debug("Setting cadiHealthCheckInstance status to: {}", cadiStatus.toString());
- }
- isCADIUpOrDown = cadiStatus;
- }
-}
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.openecomp.sdc.be.components.impl.aaf;
-
-import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException;
-import org.openecomp.sdc.be.config.ConfigurationManager;
-import org.openecomp.sdc.be.dao.api.ActionStatus;
-
-public enum AafPermission {
- READ(PermNames.READ_VALUE), WRITE(PermNames.WRITE_VALUE), DELETE(PermNames.DELETE_VALUE), INTERNAL_ALL(PermNames.INTERNAL_ALL_VALUE);
- private String permission;
- private String permissionSuffix;
-
- AafPermission(String permissionSuffix) {
- this.permissionSuffix = permissionSuffix;
- this.permission = String
- .format("%s.%s", ConfigurationManager.getConfigurationManager().getConfiguration().getAafNamespace(), permissionSuffix);
- }
-
- public static AafPermission getEnumByString(String perm) {
- for (AafPermission e : AafPermission.values()) {
- if (perm.equals(e.getPermissionSuffix())) {
- return e;
- }
- }
- throw new ByActionStatusComponentException(ActionStatus.INVALID_PROPERTY, perm);
- }
-
- public String getFullPermission() {
- return permission;
- }
-
- public String getPermissionSuffix() {
- return this.permissionSuffix;
- }
-
- public static class PermNames {
-
- public static final String READ_VALUE = "endpoint.api.access|*|read";
- public static final String WRITE_VALUE = "endpoint.api.access|*|write";
- public static final String DELETE_VALUE = "endpoint.api.access|*|delete";
- public static final String INTERNAL_ALL_VALUE = "endpoint.api.internal.access|*|all";
- }
-}
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.openecomp.sdc.be.components.impl.aaf;
-
-import org.openecomp.sdc.be.config.ConfigurationManager;
-
-public enum AafRoles {
- READ_ONLY("app.readonly"), ALL("app.all");
- private String role;
-
- AafRoles(String roleSuffix) {
- this.role = ConfigurationManager.getConfigurationManager().getConfiguration().getAafNamespace() + "." + roleSuffix;
- }
-
- public String getRole() {
- return role;
- }
-}
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.openecomp.sdc.be.components.impl.aaf;
-
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
-
-@Retention(RetentionPolicy.RUNTIME)
-@Target(ElementType.METHOD)
-public @interface PermissionAllowed {
-
- String[] value();
-}
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.openecomp.sdc.be.components.impl.aaf;
-
-import javax.servlet.http.HttpServletRequest;
-import org.aspectj.lang.JoinPoint;
-import org.aspectj.lang.annotation.Aspect;
-import org.aspectj.lang.annotation.Before;
-import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException;
-import org.openecomp.sdc.be.config.ConfigurationManager;
-import org.openecomp.sdc.be.dao.api.ActionStatus;
-import org.openecomp.sdc.be.servlets.BeGenericServlet;
-import org.openecomp.sdc.common.log.wrappers.Logger;
-import org.openecomp.sdc.common.util.ThreadLocalsHolder;
-
-// aop id defined via application-context.xml. the annotations are only for test purposes
-@Aspect
-public class RoleAuthorizationHandler {
-
- private static final Logger log = Logger.getLogger(RoleAuthorizationHandler.class);
- private final ConfigurationManager configurationManager = ConfigurationManager.getConfigurationManager();
-
- @Before("@annotation(permissions)")
- public void authorizeRole(JoinPoint joinPoint, PermissionAllowed permissions) {
- if (isPermissionAuthenticationNeeded()) {
- String methodName = joinPoint.getSignature().toShortString();
- HttpServletRequest request = ((BeGenericServlet) joinPoint.getThis()).getServletRequest();
- String[] perms = permissions.value();
- logAuth(methodName, perms, true, null);
- for (String perm : perms) {
- if (request.isUserInRole(getFullPermission(perm))) {
- logAuth(methodName, perms, false, true);
- return;
- }
- }
- logAuth(methodName, perms, false, false);
- throw new ByActionStatusComponentException(ActionStatus.AUTH_FAILED);
- }
- }
-
- private void logAuth(String methodName, String[] perms, boolean beforeAuth, Boolean success) {
- if (beforeAuth) {
- log.trace("#{} - authorizing before invoking endpoint {}", methodName);
- } else {
- String status = success ? "SUCCESS" : "FAILED";
- log.trace("#{} - authorizing before invoking endpoint {}, Status: {}", methodName, status);
- }
- }
-
- private String getFullPermission(String role) {
- return AafPermission.getEnumByString(role).getFullPermission();
- }
-
- private boolean isPermissionAuthenticationNeeded() {
- if (configurationManager.getConfiguration().getAafAuthNeeded() && ThreadLocalsHolder.isExternalRequest()) {
- return true;
- } else {
- return false;
- }
- }
-}
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@ApiResponse(responseCode = "404", description = "Specified artifact is not found - SVC4505"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used (PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000")})
- @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
public Response downloadServiceArtifact(
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader,
@ApiResponse(responseCode = "404", description = "Specified artifact is not found - SVC4505"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used (PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000")})
- @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
public Response downloadResourceArtifact(
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader,
@ApiResponse(responseCode = "404", description = "Specified artifact is not found - SVC4505"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used (PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000")})
- @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
public Response downloadResourceInstanceArtifactByName(
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader,
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.distribution.AuditHandler;
/*responseHeaders = {
@ResponseHeader(name = Constants.CONTENT_TYPE_HEADER, description = "Determines the format of the response body", response = String.class),
@ResponseHeader(name = "Content-Length", description = "Length of the response body", response = String.class)})*/
- @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
public Response getUebServerList(
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId,
@ApiResponse(responseCode = "403", description = "ECOMP component is not authorized - POL5003"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used to register for distribution ( PUT,DELETE,GET will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The registration failed due to internal SDC problem or Cambria Service failure ECOMP Component should continue the attempts to register for distribution - POL5000")})
- @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
public Response registerForDistribution(
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId,
@ApiResponse(responseCode = "403", description = "ECOMP component is not authorized - POL5003"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used to register for distribution ( POST,PUT,DELETE will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The registration failed due to internal SDC problem or Cambria Service failure ECOMP Component should continue the attempts to register for distribution - POL5000")})
- @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
public Response getValidArtifactTypes(
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId,
//TODO Edit the responses
@Parameters({
@Parameter(name = "requestJson", required = true, schema = @Schema(implementation = org.openecomp.sdc.be.distribution.api.client.RegistrationRequest.class), description = "json describe the artifact")})
- @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
public Response unRegisterForDistribution(
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId,
import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.ByResponseFormatComponentException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@ApiResponse(responseCode = "404", description = "Error: Requested '%1' (uuid) resource was not found - SVC4063"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000")})
- @PermissionAllowed(AafPermission.PermNames.READ_VALUE)
public Response getServiceAbstractStatus(
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader,
@ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000"),
@ApiResponse(responseCode = "409", description = "Service already exist")})
- @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE)
public Response copyExistService(
@Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId,
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic.ArtifactOperationEnum;
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.artifact.ArtifactOperationInfo;
import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
@ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"),
@ApiResponse(responseCode = "400", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"),
@ApiResponse(responseCode = "400", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")})
- @PermissionAllowed({AafPermission.PermNames.WRITE_VALUE})
public Response uploadArtifact(
@Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType,
@Parameter(description = "The value for this header must be the MD5 checksum over the whole json body", required = true) @HeaderParam(value = Constants.MD5_HEADER) String checksum,
@ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"),
@ApiResponse(responseCode = "400", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"),
@ApiResponse(responseCode = "400", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")})
- @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE)
public Response uploadArtifactToInstance(
@Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType,
@Parameter(description = "The value for this header must be the MD5 checksum over the whole json body", required = true) @HeaderParam(value = Constants.MD5_HEADER) String checksum,
@ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"),
@ApiResponse(responseCode = "403", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"),
@ApiResponse(responseCode = "409", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")})
- @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE)
public Response updateArtifact(
@Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType,
@Parameter(description = "The value for this header must be the MD5 checksum over the whole json body", required = true) @HeaderParam(value = Constants.MD5_HEADER) String checksum,
@ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"),
@ApiResponse(responseCode = "403", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"),
@ApiResponse(responseCode = "409", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")})
- @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE)
public Response updateArtifactOnResourceInstance(
@Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType,
@Parameter(description = "The value for this header must be the MD5 checksum over the whole json body", required = true) @HeaderParam(value = Constants.MD5_HEADER) String checksum,
@ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"),
@ApiResponse(responseCode = "403", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"),
@ApiResponse(responseCode = "409", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")})
- @PermissionAllowed(AafPermission.PermNames.DELETE_VALUE)
public Response deleteArtifact(
@Parameter(description = "The user ID of the DCAE Designer. This user must also have Designer role in SDC", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId,
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"),
@ApiResponse(responseCode = "403", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"),
@ApiResponse(responseCode = "409", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")})
- @PermissionAllowed(AafPermission.PermNames.DELETE_VALUE)
public Response deleteArtifactOnResourceInstance(
@Parameter(description = "The user ID of the DCAE Designer. This user must also have Designer role in SDC", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId,
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used (PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000"),
@ApiResponse(responseCode = "404", description = "Artifact was not found - SVC4505")})
- @PermissionAllowed(AafPermission.PermNames.DELETE_VALUE)
public Response downloadComponentArtifact(
@Parameter(description = "The user ID of the DCAE Designer. This user must also have Designer role in SDC", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId,
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used (PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000"),
@ApiResponse(responseCode = "404", description = "Artifact was not found - SVC4505")})
- @PermissionAllowed(AafPermission.PermNames.READ_VALUE)
public Response downloadResourceInstanceArtifact(
@Parameter(description = "The user ID of the DCAE Designer. This user must also have Designer role in SDC", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId,
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@ApiResponse(responseCode = "403", description = "ECOMP component is not authorized - POL5003"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000")})
- @PermissionAllowed(AafPermission.PermNames.READ_VALUE)
public Response getAssetListExternal(
@Parameter(description = "X-ECOMP-RequestID header") @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader,
@ApiResponse(responseCode = "404", description = "Error: Requested '%1' (uuid) resource was not found - SVC4063"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000")})
- @PermissionAllowed(AafPermission.PermNames.READ_VALUE)
public Response getAssetSpecificMetadataByUuidExternal(
@Parameter(description = "X-ECOMP-RequestID header") @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader,
@ApiResponse(responseCode = "404", description = "Error: Requested '%1' (uuid) resource was not found - SVC4063"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000")})
- @PermissionAllowed(AafPermission.PermNames.READ_VALUE)
public Response getToscaModelExternal(
@Parameter(description = "X-ECOMP-RequestID header") @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader,
import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
import org.openecomp.sdc.be.components.lifecycle.LifecycleBusinessLogic;
import org.openecomp.sdc.be.components.lifecycle.LifecycleChangeInfoBase;
@ApiResponse(responseCode = "400", description = "Create VFCMT request: VFCMT name exceeds character limit - SVC4073"),
@ApiResponse(responseCode = "400", description = "Invalid Content. Missing PROJECT_CODE number - SVC4129"),
@ApiResponse(responseCode = "409", description = "Error: %1 (Service) with name '%2' already exists. - SVC4050")})
- @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE)
public Response createComponentExternal(
@Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType,
@Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId,
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000"),
@ApiResponse(responseCode = "403", description = "Asset is already checked-out by another user - SVC4085"),
@ApiResponse(responseCode = "403", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4080")})
- @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE)
public Response changeResourceStateExternal(
@Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType,
@Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId,
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.openecomp.sdc.be.components.impl.ExternalRefsBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum;
import org.openecomp.sdc.be.dto.ExternalRefDTO;
@GET
@Path("/{assetType}/{uuid}/version/{version}/resourceInstances/{componentInstanceName}/externalReferences/{objectType}")
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
public Response getComponentInstanceExternalRef(@PathParam("assetType") String assetType, @PathParam("uuid") String uuid,
@PathParam("version") String version,
@PathParam("componentInstanceName") String componentInstanceName,
@GET
@Path("/{assetType}/{uuid}/version/{version}/externalReferences/{objectType}")
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
public Map<String, List<String>> getAssetExternalRefByObjectType(@PathParam("assetType") String assetType, @PathParam("uuid") String uuid,
@PathParam("version") String version, @PathParam("objectType") String objectType,
@HeaderParam("USER_ID") String userId,
@Path("/{assetType}/{uuid}/resourceInstances/{componentInstanceName}/externalReferences/{objectType}")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed({AafPermission.PermNames.WRITE_VALUE})
public Response addComponentInstanceExternalRef(@PathParam("assetType") String assetType, @PathParam("uuid") String uuid,
@PathParam("componentInstanceName") String componentInstanceName,
@PathParam("objectType") String objectType, ExternalRefDTO ref,
@DELETE
@Path("/{assetType}/{uuid}/resourceInstances/{componentInstanceName}/externalReferences/{objectType}/{reference}")
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed({AafPermission.PermNames.DELETE_VALUE})
public Response deleteComponentInstanceReference(@PathParam("assetType") String assetType, @PathParam("uuid") String uuid,
@PathParam("componentInstanceName") String componentInstanceName,
@PathParam("objectType") String objectType, @PathParam("reference") String reference,
@Path("/{assetType}/{uuid}/resourceInstances/{componentInstanceName}/externalReferences/{objectType}/{oldRefValue}")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
- @PermissionAllowed({AafPermission.PermNames.WRITE_VALUE})
public Response updateComponentInstanceReference(@PathParam("assetType") String assetType, @PathParam("uuid") String uuid,
@PathParam("componentInstanceName") String componentInstanceName,
@PathParam("objectType") String objectType, @PathParam("oldRefValue") String oldRefValue,
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.externalapi.servlet.representation.ServiceDistributionReqInfo;
@ApiResponse(responseCode = "400", description = "The resource name is missing in the request body - SVC4062"),
@ApiResponse(responseCode = "409", description = "Service state is invalid for this action"),
@ApiResponse(responseCode = "502", description = "The server was acting as a gateway or proxy and received an invalid response from the upstream server")})
- @PermissionAllowed({AafPermission.PermNames.WRITE_VALUE})
public Response activateServiceExternal(
@Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType,
@Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId,
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.openecomp.sdc.be.filters;
-
-import java.io.IOException;
-import java.util.function.Supplier;
-import javax.annotation.Priority;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.filter.CadiFilter;
-import org.openecomp.sdc.be.components.impl.CADIHealthCheck;
-import org.openecomp.sdc.be.config.CadiFilterParams;
-import org.openecomp.sdc.be.config.ConfigurationManager;
-import org.openecomp.sdc.be.impl.WebAppContextWrapper;
-import org.openecomp.sdc.common.api.Constants;
-import org.openecomp.sdc.common.api.HealthCheckInfo;
-import org.openecomp.sdc.common.log.wrappers.Logger;
-import org.openecomp.sdc.common.util.ThreadLocalsHolder;
-import org.springframework.web.context.WebApplicationContext;
-
-@Priority(2)
-public class BeCadiServletFilter extends CadiFilter {
-
- private static final Logger log = Logger.getLogger(BeCadiServletFilter.class);
- private static final String BE_CADI_SERVICE_FILTER = "BeCadiServletFilter: ";
- private ConfigurationManager configurationManager = ConfigurationManager.getConfigurationManager();
-
- public BeCadiServletFilter() {
- super();
- log.debug(BE_CADI_SERVICE_FILTER);
- }
-
- /**
- * This constructor to be used when directly constructing and placing in HTTP Engine
- *
- * @param access
- * @param moreTafLurs
- * @throws ServletException
- */
- public BeCadiServletFilter(Access access, Object... moreTafLurs) throws ServletException {
- super(access, moreTafLurs);
- log.debug(BE_CADI_SERVICE_FILTER);
- }
-
- /**
- * Use this to pass in a PreContructed CADI Filter, but with initializing... let Servlet do it
- *
- * @param init
- * @param access
- * @param moreTafLurs
- * @throws ServletException
- */
- public BeCadiServletFilter(boolean init, PropAccess access, Object... moreTafLurs) throws ServletException {
- super(init, access, moreTafLurs);
- log.debug(BE_CADI_SERVICE_FILTER);
- }
-
- private void checkIfNullProperty(String key, String value) {
- /* When value is null, so not defined in application.properties
- set nothing in System properties */
- if (value != null) {
- /* Ensure that any properties already defined in System.prop by JVM params
- won't be overwritten by Spring application.properties values */
- System.setProperty(key, System.getProperty(key, value));
- }
- }
-
- @Override
- public void init(FilterConfig filterConfig) throws ServletException {
- // set some properties in System so that Cadi filter will find its config
-
- // The JVM values set will always overwrite the Spring ones.
- CadiFilterParams cadiFilterParams = configurationManager.getConfiguration().getCadiFilterParams();
- checkIfNullProperty(Config.HOSTNAME, cadiFilterParams.getHostname());
- log.debug("BeCadiServletFilter: HOSTNAME", cadiFilterParams.getHostname());
- checkIfNullProperty(Config.CADI_KEYFILE, cadiFilterParams.getCadi_keyfile());
- checkIfNullProperty(Config.CADI_LOGLEVEL, cadiFilterParams.getCadi_loglevel());
- checkIfNullProperty(Config.CADI_LATITUDE, cadiFilterParams.getAFT_LATITUDE());
- checkIfNullProperty(Config.CADI_LONGITUDE, cadiFilterParams.getAFT_LONGITUDE());
- checkIfNullProperty(Config.AAF_URL, cadiFilterParams.getAaf_url());
- //checkIfNullProperty(Config.AAF_LOCATE_URL, cadiFilterParams.getAafLocateUrl());
- checkIfNullProperty(Config.AAF_APPID, cadiFilterParams.getAaf_id());
- checkIfNullProperty(Config.AAF_APPPASS, cadiFilterParams.getAaf_password());
- checkIfNullProperty(Config.AAF_ENV, cadiFilterParams.getAFT_ENVIRONMENT());
- checkIfNullProperty(Config.CADI_X509_ISSUERS, cadiFilterParams.getCadiX509Issuers());
- checkIfNullProperty(Config.CADI_TRUSTSTORE, cadiFilterParams.getCadi_truststore());
- checkIfNullProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadiFilterParams.getCadi_truststore_password());
- super.init(filterConfig);
- log.debug("BeCadiServletFilter finishing init(), Current status of CADI would be UP");
- if (!isNeedAuth()) {
- CADIHealthCheck.getCADIHealthCheckInstance().setIsCADIUp(HealthCheckInfo.HealthCheckStatus.DOWN);
- } else {
- CADIHealthCheck.getCADIHealthCheckInstance().setIsCADIUp(HealthCheckInfo.HealthCheckStatus.UP);
- }
- }
-
- @Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- if (ThreadLocalsHolder.isExternalRequest() && isNeedAuth()) {
- log.debug("doFilter: {}", request.getContentType());
- HttpServletRequest hreq = (HttpServletRequest) request;
- log.debug("Need aaf authentication : {}", hreq);
- ThreadLocalUtils threadLocalUtils = getThreadLocalUtils(((HttpServletRequest) request).getSession().getServletContext());
- threadLocalUtils.setUserContext((HttpServletRequest) request);
- super.doFilter(request, response, chain);
- } else {
- log.debug("No need aaf authentication");
- chain.doFilter(request, response);
- }
- }
-
- private boolean isNeedAuth() {
- return configurationManager.getConfiguration().getAafAuthNeeded();
- }
-
- ThreadLocalUtils getThreadLocalUtils(ServletContext context) {
- return getClassFromWebAppContext(context, () -> ThreadLocalUtils.class);
- }
-
- <T> T getClassFromWebAppContext(ServletContext context, Supplier<Class<T>> businessLogicClassGen) {
- WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context
- .getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR);
- WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context);
- return webApplicationContext.getBean(businessLogicClassGen.get());
- }
-}
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.openecomp.sdc.be.filters;
-
-import java.io.IOException;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import org.onap.sdc.security.PortalClient;
-import org.onap.sdc.security.filters.RestrictionAccessFilter;
-import org.openecomp.sdc.common.log.wrappers.Logger;
-import org.openecomp.sdc.common.util.ThreadLocalsHolder;
-import org.springframework.stereotype.Component;
-
-@Component("beRestrictionAccessFilter")
-public class BeRestrictionAccessFilter extends RestrictionAccessFilter {
-
- private static final Logger log = Logger.getLogger(BeRestrictionAccessFilter.class.getName());
-
- public BeRestrictionAccessFilter(FilterConfiguration configuration, ThreadLocalUtils threadLocalUtils, PortalClient portalClient) {
- super(configuration, threadLocalUtils, portalClient);
- }
-
- @Override
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
- throws IOException, ServletException {
- if (ThreadLocalsHolder.isInternalRequest()) {
- super.doFilter(servletRequest, servletResponse, filterChain);
- } else {
- log.debug("Access Restriction cookie validation is not needed");
- filterChain.doFilter(servletRequest, servletResponse);
- }
- }
-}
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-package org.openecomp.sdc.be.filters;
-
-import java.util.List;
-import org.onap.sdc.security.ISessionValidationFilterConfiguration;
-import org.openecomp.sdc.be.config.Configuration;
-
-public class FilterConfiguration implements ISessionValidationFilterConfiguration {
-
- protected Configuration config;
-
- public FilterConfiguration(org.openecomp.sdc.be.config.Configuration configuration) {
- this.config = configuration;
- }
-
- @Override
- public String getSecurityKey() {
- return config.getAuthCookie().getSecurityKey();
- }
-
- @Override
- public long getMaxSessionTimeOut() {
- return config.getAuthCookie().getMaxSessionTimeOut();
- }
-
- @Override
- public long getSessionIdleTimeOut() {
- return config.getAuthCookie().getSessionIdleTimeOut();
- }
-
- @Override
- public String getRedirectURL() {
- return config.getAuthCookie().getRedirectURL();
- }
-
- @Override
- public List<String> getExcludedUrls() {
- return config.getAuthCookie().getExcludedUrls();
- }
-
- @Override
- public String getCookieName() {
- return config.getAuthCookie().getCookieName();
- }
-
- @Override
- public String getCookieDomain() {
- return config.getAuthCookie().getDomain();
- }
-
- @Override
- public String getCookiePath() {
- return config.getAuthCookie().getPath();
- }
-
- @Override
- public boolean isCookieHttpOnly() {
- return config.getAuthCookie().isHttpOnly();
- }
-}
package org.openecomp.sdc.be.filters;
import java.io.IOException;
-import java.util.List;
-import java.util.stream.Stream;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.ws.rs.WebApplicationException;
import org.apache.http.HttpStatus;
import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
-import org.openecomp.sdc.be.config.Configuration;
import org.openecomp.sdc.be.servlets.exception.ComponentExceptionMapper;
import org.openecomp.sdc.common.api.FilterDecisionEnum;
-import org.openecomp.sdc.common.log.wrappers.Logger;
import org.openecomp.sdc.common.util.ThreadLocalsHolder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@Component("gatewayFilter")
public class GatewayFilter implements Filter {
- private static final Logger log = Logger.getLogger(GatewayFilter.class);
- private Configuration.CookieConfig authCookieConf;
- private Configuration config;
@Autowired
private ThreadLocalUtils threadLocalUtils;
@Autowired
private ComponentExceptionMapper componentExceptionMapper;
- public GatewayFilter(org.openecomp.sdc.be.config.Configuration configuration) {
- this.authCookieConf = configuration.getAuthCookie();
+ public GatewayFilter() {
}
@Override
HttpServletRequest httpRequest = (HttpServletRequest) req;
HttpServletResponse httpResponse = (HttpServletResponse) res;
try {
- if (isUrlFromWhiteList(httpRequest) || isConsumerBusinessLogic()) {
- ThreadLocalsHolder.setApiType(FilterDecisionEnum.NA);
- threadLocalUtils.setUserContextFromDB(httpRequest);
- filterChain.doFilter(httpRequest, res);
- }
+ ThreadLocalsHolder.setApiType(FilterDecisionEnum.NA);
+ threadLocalUtils.setUserContextFromDB(httpRequest);
+ filterChain.doFilter(httpRequest, res);
} catch (ComponentException ce) {
componentExceptionMapper.writeToResponse(ce, httpResponse);
} catch (WebApplicationException we) {
httpResponse.setCharacterEncoding("UTF-8");
}
- private boolean isUrlFromWhiteList(HttpServletRequest httpRequest) {
- String pathInfo;
- List<String> excludedUrls = authCookieConf.getExcludedUrls();
- pathInfo = httpRequest.getPathInfo().toLowerCase();
- log.debug("SessionValidationFilter: white list validation -> PathInfo: {} ", pathInfo);
- Stream<String> stream = excludedUrls.stream();
- pathInfo.getClass();
- return stream.anyMatch(pathInfo::matches);
- }
-
- private Boolean isConsumerBusinessLogic() {
- return config.getConsumerBusinessLogic();
- }
-
@Override
public void destroy() {
}
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.openecomp.sdc.be.components.impl.AdditionalInformationBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datatypes.elements.AdditionalInfoParameterInfo;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Additional information key already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createResourceAdditionalInformationLabel(
@Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "Additional information key value to be created", required = true) String data,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Additional information key already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createServiceAdditionalInformationLabel(
@Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId,
@Parameter(description = "Additional information key value to be created", required = true) String data,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Additional information key already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateResourceAdditionalInformationLabel(
@Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Additional information key already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateServiceAdditionalInformationLabel(
@Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId,
@Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Additional information key already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateResourceAdditionalInformationLabel(
@Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId, @Context final HttpServletRequest request,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Additional information key already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteServiceAdditionalInformationLabel(
@Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId,
@Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId, @Context final HttpServletRequest request,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Additional information key already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getResourceAdditionalInformationLabel(
@Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId, @Context final HttpServletRequest request,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Additional information key already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getServiceAdditionalInformationLabel(
@Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId,
@Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId, @Context final HttpServletRequest request,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Additional information key already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getAllResourceAdditionalInformationLabel(
@Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Additional information key already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getAllServiceAdditionalInformationLabel(
@Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.openecomp.sdc.be.components.impl.ArchiveBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum;
import org.openecomp.sdc.be.impl.ComponentsUtils;
import org.openecomp.sdc.be.model.catalog.CatalogComponent;
@ApiResponse(responseCode = "200", description = "Archive successful"), @ApiResponse(responseCode = "400", description = "Bad request"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Resource not found"), @ApiResponse(responseCode = "500", description = "Internal Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response archiveResources(@PathParam("componentId") final String componentId,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
loggerSupportability
@ApiResponse(responseCode = "200", description = "Restore successful"), @ApiResponse(responseCode = "400", description = "Bad request"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Resource not found"), @ApiResponse(responseCode = "500", description = "Internal Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response restoreResource(@PathParam("componentId") final String componentId,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
loggerSupportability.log(LoggerSupportabilityActions.RESTORE_FROM_ARCHIVE, StatusCode.STARTED,
@ApiResponse(responseCode = "200", description = "Archive successful"), @ApiResponse(responseCode = "400", description = "Bad request"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Service not found"), @ApiResponse(responseCode = "500", description = "Internal Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response archiveService(@PathParam("componentId") final String componentId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
loggerSupportability.log(LoggerSupportabilityActions.ARCHIVE, StatusCode.STARTED,
"Archive Service for " + COMPONENT_ID + " " + componentId + " by " + userId);
@ApiResponse(responseCode = "200", description = "Restore successful"), @ApiResponse(responseCode = "400", description = "Bad request"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Service not found"), @ApiResponse(responseCode = "500", description = "Internal Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response restoreService(@PathParam("componentId") final String componentId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
loggerSupportability.log(LoggerSupportabilityActions.RESTORE_FROM_ARCHIVE, StatusCode.STARTED,
"Restore service from archive " + COMPONENT_ID + " " + componentId + " by " + userId);
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = String.class)))),
@ApiResponse(responseCode = "200", description = "Success"), @ApiResponse(responseCode = "400", description = "Bad request"),
@ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "500", description = "Internal Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Map<String, List<CatalogComponent>> getArchivedComponents(@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
return this.archiveBusinessLogic.getArchiveComponents(userId, new LinkedList<>());
}
@ApiResponse(responseCode = "200", description = "Success"), @ApiResponse(responseCode = "400", description = "Bad request"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "500", description = "Internal Error. A list of the failed CSAR IDs may be returned.")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response onVspArchived(@HeaderParam(value = Constants.USER_ID_HEADER) String userId, @RequestBody List<String> csarIds) {
List<String> failedCsarIds = this.archiveBusinessLogic.onVspArchive(userId, csarIds);
if (!failedCsarIds.isEmpty()) {
@ApiResponse(responseCode = "200", description = "Success"), @ApiResponse(responseCode = "400", description = "Bad request"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "500", description = "Internal Error. A list of the failed CSAR IDs may be returned.")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response onVspRestored(@HeaderParam(value = Constants.USER_ID_HEADER) String userId, @RequestBody List<String> csarIds) {
List<String> failedCsarIds = this.archiveBusinessLogic.onVspRestore(userId, csarIds);
if (!failedCsarIds.isEmpty()) {
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic;
import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic.ArtifactOperationEnum;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.artifact.ArtifactOperationInfo;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Artifact already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response loadArtifact(@PathParam("resourceId") final String resourceId,
@Parameter(description = "json describe the artifact", required = true) String data,
@Context final HttpServletRequest request) {
@ApiResponse(responseCode = "201", description = "Resource created"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateArtifact(@PathParam("resourceId") final String resourceId, @PathParam("artifactId") final String artifactId,
@Parameter(description = "json describe the artifact", required = true) String data,
@Context final HttpServletRequest request) {
@ApiResponse(responseCode = "201", description = "Resource created"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteArtifact(@PathParam("resourceId") final String resourceId, @PathParam("artifactId") final String artifactId,
@Context final HttpServletRequest request) {
String url = request.getMethod() + " " + request.getRequestURI();
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Artifact already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response loadInformationArtifact(@PathParam("serviceId") final String serviceId,
@Parameter(description = "json describe the artifact", required = true) String data,
@Context final HttpServletRequest request) {
@ApiResponse(responseCode = "200", description = "Api Artifact Updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateApiArtifact(@PathParam("serviceId") final String serviceId, @PathParam("artifactId") final String artifactId,
@Parameter(description = "json describe the artifact", required = true) String data,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "204", description = "Api Artifact deleted"),
@ApiResponse(responseCode = "403", description = "Restricted operation")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteApiArtifact(@PathParam("serviceId") final String serviceId, @PathParam("artifactId") final String artifactId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@HeaderParam(value = Constants.MD5_HEADER) String origMd5) {
@ApiResponse(responseCode = "201", description = "Service artifact deleted"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteInformationalArtifact(@PathParam("serviceId") final String serviceId, @PathParam("artifactId") final String artifactId,
@Context final HttpServletRequest request) {
String url = request.getMethod() + " " + request.getRequestURI();
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "Service artifact downloaded"),
@ApiResponse(responseCode = "404", description = "Service/Artifact not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response downloadServiceArtifactBase64(@PathParam("serviceId") final String serviceId, @PathParam("artifactId") final String artifactId,
@Context final HttpServletRequest request) {
String url = request.getMethod() + " " + request.getRequestURI();
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "ResourceInstance artifact downloaded"),
@ApiResponse(responseCode = "404", description = "ResourceInstance/Artifact not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response downloadResourceInstanceArtifactBase64(
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME,
ComponentTypeEnum.SERVICE_PARAM_NAME})) @PathParam("containerComponentType") final String containerComponentType,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Artifact already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response loadArtifactToInterface(@PathParam("resourceId") final String resourceId, @PathParam("interfaceType") final String interfaceType,
@PathParam("operation") final String operation,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Artifact already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteArtifactToInterface(@PathParam("resourceId") final String resourceId,
@PathParam("interfaceType") final String interfaceType, @PathParam("operation") final String operation,
@PathParam("artifactId") final String artifactId, @Context final HttpServletRequest request) {
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Artifact already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateArtifactToInterface(@PathParam("resourceId") final String resourceId,
@PathParam("interfaceType") final String interfaceType, @PathParam("operation") final String operation,
@PathParam("artifactId") final String artifactId,
@ApiResponse(responseCode = "200", description = "Artifact updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateRIArtifact(
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME,
ComponentTypeEnum.SERVICE_PARAM_NAME})) @PathParam("containerComponentType") final String containerComponentType,
@ApiResponse(responseCode = "200", description = "Artifact updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateComponentInstanceArtifact(@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@HeaderParam(value = Constants.MD5_HEADER) String origMd5,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "200", description = "Artifact updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response loadComponentInstanceArtifact(@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@HeaderParam(value = Constants.MD5_HEADER) String origMd5,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "200", description = "Artifact updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteComponentInstanceArtifact(@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@HeaderParam(value = Constants.MD5_HEADER) String origMd5,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "Component artifacts"),
@ApiResponse(responseCode = "404", description = "Resource/Artifact not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getComponentArtifacts(
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME,
ComponentTypeEnum.SERVICE_PARAM_NAME})) @PathParam("containerComponentType") final String containerComponentType,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "Component artifacts"),
@ApiResponse(responseCode = "404", description = "Resource/Artifact not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getComponentInstanceArtifacts(
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME,
ComponentTypeEnum.SERVICE_PARAM_NAME})) @PathParam("containerComponentType") final String containerComponentType,
import org.openecomp.sdc.be.components.impl.AttributeBusinessLogic;
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.impl.ComponentsUtils;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Resource attribute already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createAttribute(
@Parameter(description = "resource id to update with new attribute", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "Resource attribute to be created", required = true) String data, @Context final HttpServletRequest request,
@ApiResponse(responseCode = "200", description = "Resource attribute updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateAttribute(
@Parameter(description = "resource id to update with new attribute", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "attribute id to update", required = true) @PathParam("attributeId") final String attributeId,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Resource property not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteAttribute(
@Parameter(description = "resource id of attribute", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "Attribute id to delete", required = true) @PathParam("attributeId") final String attributeId,
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.upgrade.UpgradeBusinessLogic;
import org.openecomp.sdc.be.components.upgrade.UpgradeRequest;
import org.openecomp.sdc.be.components.upgrade.UpgradeStatus;
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response autometedUpgrade(@PathParam("componentType") final String componentType, @Context final HttpServletRequest request,
@PathParam("componentId") final String componentId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description = "json describes upgrade request", required = true) String data) {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getComponentDependencies(@PathParam("componentType") final String componentType, @Context final HttpServletRequest request,
@PathParam("componentId") final String componentId,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
import org.openecomp.sdc.be.components.impl.CapabilitiesBusinessLogic;
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Capability already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createCapabilitiesOnResource(@Parameter(description = "Capability to create", required = true) String data,
@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "201", description = "Update Capabilities"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateCapabilitiesOnResource(@Parameter(description = "Capabilities to update", required = true) String data,
@Parameter(description = "Component Id") @PathParam("resourceId") String resourceId,
@Context final HttpServletRequest request,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = CapabilityDefinition.class)))),
@ApiResponse(responseCode = "201", description = "GET Capability"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getCapabilityOnResource(@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId,
@Parameter(description = "Capability Id") @PathParam("capabilityId") String capabilityId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(responseCode = "201", description = "Delete capability"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteCapabilityOnResource(@Parameter(description = "capability Id") @PathParam("capabilityId") String capabilityId,
@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Capability already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createCapabilitiesOnService(@Parameter(description = "Capability to create", required = true) String data,
@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "201", description = "Update Capabilities"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateCapabilitiesOnService(@Parameter(description = "Capabilities to update", required = true) String data,
@Parameter(description = "Component Id") @PathParam("serviceId") String serviceId,
@Context final HttpServletRequest request,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = CapabilityDefinition.class)))),
@ApiResponse(responseCode = "201", description = "GET Capability"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getCapabilityOnService(@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Parameter(description = "Capability Id") @PathParam("capabilityId") String capabilityId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(responseCode = "201", description = "Delete capability"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteCapabilityOnService(@Parameter(description = "capability Id") @PathParam("capabilityId") String capabilityId,
@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Context final HttpServletRequest request,
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.openecomp.sdc.be.components.impl.AttributeBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.impl.ComponentsUtils;
@ApiResponse(responseCode = "200", description = "attribute"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Service attribute not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getAttributeListInService(
@Parameter(description = "service id of attribute", required = true) @PathParam("serviceId") final String serviceId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) final String userId) {
@ApiResponse(responseCode = "200", description = "attribute"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Resource attribute not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getAttributeListInResource(
@Parameter(description = "resource id of attribute", required = true) @PathParam("resourceId") final String resourceId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) final String userId) {
import javax.ws.rs.core.Response;
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResponseFormatManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Component/Component Instance/Capability not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateInstanceRequirement(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("containerComponentId") final String containerComponentId,
@PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId,
import org.openecomp.sdc.be.components.impl.ComponentNodeFilterBusinessLogic;
import org.openecomp.sdc.be.components.impl.GroupBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.BusinessLogicException;
import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException;
import org.openecomp.sdc.be.components.impl.exceptions.ByResponseFormatComponentException;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Component instance already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createComponentInstance(@Parameter(description = "RI object to be created", required = true) String data,
@PathParam("componentId") final String containerComponentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "200", description = "Resource instance updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateComponentInstanceMetadata(@PathParam("componentId") final String componentId,
@PathParam("componentInstanceId") final String componentInstanceId,
@Parameter(description = "valid values: resources / services / products", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "200", description = "Resource instance updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateMultipleComponentInstance(@PathParam("componentId") final String componentId,
@Parameter(description = "valid values: resources / services / products", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME,
@ApiResponse(responseCode = "201", description = "ResourceInstance deleted"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteResourceInstance(@PathParam("componentId") final String componentId,
@PathParam("resourceInstanceId") final String resourceInstanceId,
@Parameter(description = "valid values: resources / services / products", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "403", description = "Missing information"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Relationship already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response associateRIToRI(
@Parameter(description = "unique id of the container component") @PathParam("componentId") final String componentId,
@Parameter(description = "allowed values are resources /services / products", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "201", description = "Relationship deleted"),
@ApiResponse(responseCode = "403", description = "Missing information"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response dissociateRIFromRI(
@Parameter(description = "allowed values are resources /services / products", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME,
@ApiResponse(responseCode = "201", description = "RI created"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Relationship already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createAndAssociateRIToRI(@PathParam("componentId") final String componentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME,
@ApiResponse(responseCode = "201", description = "Resource instance created"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateResourceInstanceProperties(@Parameter(description = "service id") @PathParam("componentId") final String componentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "201", description = "Resource instance created"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateResourceInstanceInput(@Parameter(description = "service id") @PathParam("componentId") final String componentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "201", description = "Resource instance created"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateResourceInstanceAttribute(@Parameter(description = "service id") @PathParam("componentId") final String componentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "201", description = "Resource instance created"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteResourceInstanceProperty(@Parameter(description = "service id") @PathParam("componentId") final String componentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "201", description = "Resource instance created"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response changeResourceInstanceVersion(@PathParam("componentId") final String componentId,
@PathParam("componentInstanceId") final String componentInstanceId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "201", description = "Resource instance created"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateGroupInstanceProperty(@Parameter(description = "service id") @PathParam("componentId") final String componentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "group found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Group not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getGroupArtifactById(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("componentId") final String componentId,
@PathParam("componentInstanceId") final String componentInstanceId,
@ApiResponse(responseCode = "200", description = "Properties found"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component/Component Instance - not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getInstancePropertiesById(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("containerComponentId") final String containerComponentId,
@PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId,
@ApiResponse(responseCode = "200", description = "Attributes found"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component/Component Instance - not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getInstanceAttributesById(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("containerComponentId") final String containerComponentId,
@PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId,
@ApiResponse(responseCode = "200", description = "Properties found"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component/Component Instance/Capability - not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getInstanceCapabilityPropertiesById(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("containerComponentId") final String containerComponentId,
@PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Component/Component Instance/Capability - not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateInstanceCapabilityProperty(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("containerComponentId") final String containerComponentId,
@PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Component/Component Instance/Requirement - not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateInstanceRequirement(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("containerComponentId") final String containerComponentId,
@PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Service proxy already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createServiceProxy(@Parameter(description = "RI object to be created", required = true) String data,
@PathParam("containerComponentId") final String containerComponentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "201", description = "Service proxy deleted"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteServiceProxy(@PathParam("containerComponentId") final String containerComponentId,
@PathParam("serviceProxyId") final String serviceProxyId,
@Parameter(description = "valid values: resources / services / products", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "201", description = "Service proxy created"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response changeServiceProxyVersion(@PathParam("containerComponentId") final String containerComponentId,
@PathParam("serviceProxyId") final String serviceProxyId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "relation found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Relation not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getRelationById(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("componentId") final String componentId, @PathParam("relationId") final String relationId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"),
@ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000"),
@ApiResponse(responseCode = "409", description = "Service already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response replaceVNF(@Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader,
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ComponentInterfaceOperationBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@ApiResponse(responseCode = "201", description = "Update Interface Operation"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateComponentInstanceInterfaceOperation(
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME,
ComponentTypeEnum.SERVICE_PARAM_NAME})) @PathParam("componentType") String componentType,
@ApiResponse(responseCode = "201", description = "Update Interface Operation"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateResourceInterfaceOperation(
@Parameter(description = "Component Id") @PathParam("componentId") String componentId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
@ApiResponse(responseCode = "201", description = "Create Interface Operation"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createInterfaceOperationInResource(
@Parameter(description = "valid values: resources", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME}))
@PathParam("componentType") final String componentType,
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ComponentNodeFilterBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.BusinessLogicException;
import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
@ApiResponse(responseCode = "201", description = "Create Component Filter"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response addComponentFilterConstraint(@Parameter(description = "UIConstraint data", required = true) String constraintData,
@Parameter(description = "Component Id") @PathParam("componentId") String componentId,
@Parameter(description = "Component Instance Id") @PathParam("componentInstanceId") String componentInstanceId,
@ApiResponse(responseCode = "201", description = "Create Component Filter"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateComponentFilterConstraint(@Parameter(description = "UIConstraint data", required = true) String constraintData,
@Parameter(description = "Component Id") @PathParam("componentId") String componentId,
@Parameter(description = "Component Instance Id") @PathParam("componentInstanceId") String componentInstanceId,
@ApiResponse(responseCode = "201", description = "Delete Component Filter Constraint"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteComponentFilterConstraint(@Parameter(description = "Component Id") @PathParam("componentId") String componentId,
@Parameter(description = "Component Instance Id") @PathParam("componentInstanceId") String componentInstanceId,
@Parameter(description = "Constraint Index") @PathParam("constraintIndex") int index,
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.openecomp.sdc.be.components.impl.PropertyBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datamodel.utils.PropertyValueConstraintValidationUtil;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Service property already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createPropertyInService(
@Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId,
@Parameter(description = "Service property to be created", required = true) String data, @Context final HttpServletRequest request,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Resource property already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createPropertyInResource(
@Parameter(description = "Resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "Resource property to be created", required = true) String data, @Context final HttpServletRequest request,
@ApiResponse(responseCode = "200", description = "property"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Service property not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getPropertyInService(
@Parameter(description = "service id of property", required = true) @PathParam("serviceId") final String serviceId,
@Parameter(description = "property id to get", required = true) @PathParam("propertyId") final String propertyId,
@ApiResponse(responseCode = "200", description = "property"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Resource property not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getPropertyInResource(
@Parameter(description = "resource id of property", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "property id to get", required = true) @PathParam("propertyId") final String propertyId,
@ApiResponse(responseCode = "200", description = "property"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Service property not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getPropertyListInService(
@Parameter(description = "service id of property", required = true) @PathParam("serviceId") final String serviceId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(responseCode = "200", description = "property"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Resource property not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getPropertyListInResource(
@Parameter(description = "resource id of property", required = true) @PathParam("resourceId") final String resourceId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Service property not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deletePropertyInService(
@Parameter(description = "service id of property", required = true) @PathParam("serviceId") final String serviceId,
@Parameter(description = "Property id to delete", required = true) @PathParam("propertyId") final String propertyId,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Resource property not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deletePropertyInResource(
@Parameter(description = "resource id of property", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "Property id to delete", required = true) @PathParam("propertyId") final String propertyId,
@ApiResponse(responseCode = "200", description = "Service property updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updatePropertyInService(
@Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId,
@Parameter(description = "Service property to update", required = true) String data, @Context final HttpServletRequest request,
@ApiResponse(responseCode = "200", description = "Resource property updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updatePropertyInResource(
@Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId,
@Parameter(description = "Resource property to update", required = true) String data, @Context final HttpServletRequest request,
import org.apache.commons.collections.CollectionUtils;
import org.openecomp.sdc.be.components.impl.ComponentBusinessLogic;
import org.openecomp.sdc.be.components.impl.ComponentBusinessLogicProvider;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datamodel.api.HighestFilterEnum;
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response conformanceLevelValidation(@PathParam("componentType") final String componentType,
@PathParam("componentUuid") final String componentUuid, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getRequirementAndCapabilities(@PathParam("componentType") final String componentType,
@PathParam("componentId") final String componentId, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getLatestVersionNotAbstractCheckoutComponents(@PathParam("componentType") final String componentType,
@Context final HttpServletRequest request,
@QueryParam("internalComponentType") String internalComponentType,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getLatestVersionNotAbstractCheckoutComponentsByBody(@PathParam("componentType") final String componentType,
@Context final HttpServletRequest request,
@QueryParam("internalComponentType") String internalComponentType,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getLatestVersionNotAbstractCheckoutComponentsIdesOnly(@PathParam("componentType") final String componentType,
@Context final HttpServletRequest request,
@QueryParam("internalComponentType") String internalComponentType,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getComponentInstancesFilteredByPropertiesAndInputs(@PathParam("componentType") final String componentType,
@PathParam("componentId") final String componentId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "200", description = "Resource found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Resource not found")})
@ResponseView(mixin = {GroupCompositionMixin.class, PolicyCompositionMixin.class})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getComponentDataFilteredByParams(@PathParam("componentType") final String componentType,
@PathParam("componentId") final String componentId,
@QueryParam("include") final List<String> dataParamsToReturn,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Map.class)))),
@ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getFilteredComponentInstanceProperties(@PathParam("componentType") final String componentType,
@PathParam("componentId") final String componentId,
@PathParam("propertyNameFragment") final String propertyNameFragment,
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ComponentSubstitutionFilterBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.BusinessLogicException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@ApiResponse(responseCode = "201", description = "Add Substitution Filter Constraint"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response addSubstitutionFilter(@Parameter(description = "UIConstraint data", required = true) String constraintData,
@Parameter(description = "Component Id") @PathParam("componentId") String componentId,
@Parameter(description = "valid value: resources / services", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "201", description = "Update Substitution Filter Constraint"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateSubstitutionFilters(@Parameter(description = "UIConstraint data", required = true) String constraintData,
@Parameter(description = "Component Id") @PathParam("componentId") String componentId,
@Parameter(description = "valid value: resources / services", schema = @Schema(allowableValues = {
@ApiResponse(responseCode = "201", description = "Update Substitution Filter Constraint"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateSubstitutionFilter(@Parameter(description = "Filter constraint information", required = true) UIConstraint uiConstraint,
@Parameter(description = "Constraint Index") @PathParam("constraintIndex") int index,
@Parameter(description = "Component Id") @PathParam("componentId") String componentId,
@ApiResponse(responseCode = "201", description = "Delete Substitution Filter Constraint"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteSubstitutionFilterConstraint(@Parameter(description = "Component Id") @PathParam("componentId") String componentId,
@Parameter(description = "Constraint Index") @PathParam("constraintIndex") int index,
@Parameter(description = "valid value: resources / services", schema = @Schema(allowableValues = {
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.Configuration;
import org.openecomp.sdc.be.config.ConfigurationManager;
import org.openecomp.sdc.common.api.Constants;
@GET
@Path("/get")
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public String getConfig(@Context final HttpServletRequest request, @QueryParam("type") String type) {
String result = null;
ServletContext context = request.getSession().getServletContext();
@Path("/set1")
@Produces(MediaType.TEXT_PLAIN)
@Consumes(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public String setConfig1(@Context final HttpServletRequest request, Configuration configuration) {
log.debug("{}", configuration);
return "ok";
@Path("/set2")
@Produces(MediaType.TEXT_PLAIN)
@Consumes(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public void setConfig2(@Context final HttpServletRequest request, Configuration configuration) {
log.debug("{}", configuration);
}
@Path("/setput1")
@Produces(MediaType.TEXT_PLAIN)
@Consumes(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public String setConfig3(@Context final HttpServletRequest request, Configuration configuration) {
log.debug("{}", configuration);
return "ok";
@Path("/setput2")
@Produces(MediaType.TEXT_PLAIN)
@Consumes(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public void setConfig4(@Context final HttpServletRequest request, Configuration configuration) {
log.debug("{}", configuration);
}
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.Configuration;
import org.openecomp.sdc.common.api.ConfigurationSource;
import org.openecomp.sdc.common.api.Constants;
@GET
@Path("/get")
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
@Operation(description = "Retrieve configuration", method = "GET", responses = {
@ApiResponse(responseCode = "200", description = "OK", content = @Content(schema = @Schema(implementation = String.class)))})
public String getConfig(@Context final HttpServletRequest request) {
import javax.ws.rs.core.Response.Status;
import org.apache.commons.lang3.StringUtils;
import org.openecomp.sdc.be.components.impl.DataTypeBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datatypes.elements.DataTypeDataDefinition;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Data types not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response fetchDataType(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@PathParam("dataTypeUid") String dataTypeUid) {
@ApiResponse(responseCode = "200", description = "Data type found, properties may be empty"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Data type not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response fetchProperties(@Parameter(in = ParameterIn.PATH, required = true, description = "The data type id")
@PathParam("id") final String id) {
final List<PropertyDefinition> allProperties = dataTypeOperation.findAllProperties(id);
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Data type not found")
})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createProperty(@Parameter(in = ParameterIn.PATH, required = true, description = "The data type id")
@PathParam("id") final String id,
@RequestBody(description = "Property to add", required = true) final PropertyDefinitionDto propertyDefinitionDto) {
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Data type not found")
})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateProperty(@Parameter(in = ParameterIn.PATH, required = true, description = "The data type id")
@PathParam("id") final String id,
@RequestBody(description = "Property to update", required = true)
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Data type not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getDataTypeModels(@PathParam("dataTypeName") String dataTypeName) {
return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK),
gson.toJson(dataTypeOperation.getAllDataTypeModels(dataTypeName)));
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.collections.CollectionUtils;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.config.Configuration;
import org.openecomp.sdc.be.config.ConfigurationManager;
@ApiResponse(responseCode = "200", description = "Returns default custom tosca functions values from configuration file Ok"),
@ApiResponse(responseCode = "404", description = "Default custom tosca functions not found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getDefaultCustomToscaFunctionValues(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@PathParam("type") Type type) {
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.collections.CollectionUtils;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.config.ConfigurationManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@ApiResponse(responseCode = "200", description = "Returns Directive values from configuration file Ok"),
@ApiResponse(responseCode = "404", description = "Directive not found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getConfCategoriesAndVersion(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
final String url = request.getMethod() + " " + request.getRequestURI();
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.openecomp.sdc.be.components.impl.DistributionMonitoringBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.impl.ComponentsUtils;
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = DistributionStatusListResponse.class)))),
@ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Service not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getServiceById(@PathParam("serviceUUID") final String serviceUUID, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = DistributionStatusListResponse.class)))),
@ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Status not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getListOfDistributionStatuses(@PathParam("did") final String did, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic;
import org.openecomp.sdc.be.components.impl.ElementBusinessLogic;
import org.openecomp.sdc.be.components.impl.ModelBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.scheduledtasks.ComponentsCleanBusinessLogic;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.config.Configuration;
@ApiResponse(responseCode = "400", description = "Invalid component type"),
@ApiResponse(responseCode = "409", description = "Restricted operation"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getComponentCategories(
@Parameter(description = "allowed values are resources / services/ products", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME,
@ApiResponse(responseCode = "403", description = "USER_ID header is missing"),
@ApiResponse(responseCode = "409", description = "Category already exists / User not permitted to perform the action"),
@ApiResponse(responseCode = "500", description = "General Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createComponentCategory(
@Parameter(description = "allowed values are resources /services / products", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME,
responses = {@ApiResponse(responseCode = "200", description = "Returns base types Ok"),
@ApiResponse(responseCode = "404", description = "No base types were found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getCategoryBaseTypes(@PathParam(value = "categoryName") final String categoryName,
@PathParam(value = "componentType") final String componentType,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "403", description = "USER_ID header is missing"),
@ApiResponse(responseCode = "409", description = "User not permitted to perform the action"),
@ApiResponse(responseCode = "404", description = "Category not found"), @ApiResponse(responseCode = "500", description = "General Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteComponentCategory(@PathParam(value = "categoryUniqueId") final String categoryUniqueId,
@PathParam(value = "componentType") final String componentType, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(responseCode = "404", description = "Parent category wasn't found"),
@ApiResponse(responseCode = "409", description = "Subcategory already exists / User not permitted to perform the action"),
@ApiResponse(responseCode = "500", description = "General Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createComponentSubCategory(
@Parameter(description = "allowed values are resources / products", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME,
ComponentTypeEnum.PRODUCT_PARAM_NAME}), required = true) @PathParam(value = "componentType") final String componentType,
@ApiResponse(responseCode = "403", description = "USER_ID header is missing"),
@ApiResponse(responseCode = "409", description = "User not permitted to perform the action"),
@ApiResponse(responseCode = "404", description = "Category not found"), @ApiResponse(responseCode = "500", description = "General Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteComponentSubCategory(@PathParam(value = "categoryUniqueId") final String categoryUniqueId,
@PathParam(value = "subCategoryUniqueId") final String subCategoryUniqueId,
@PathParam(value = "componentType") final String componentType,
@ApiResponse(responseCode = "404", description = "Parent category or subcategory were not found"),
@ApiResponse(responseCode = "409", description = "Grouping already exists / User not permitted to perform the action"),
@ApiResponse(responseCode = "500", description = "General Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createComponentGrouping(@Parameter(description = "allowed values are products", schema = @Schema(allowableValues = {
ComponentTypeEnum.PRODUCT_PARAM_NAME}), required = true) @PathParam(value = "componentType") final String componentType,
@Parameter(description = "Parent category unique ID", required = true) @PathParam(value = "categoryId") final String grandParentCategoryId,
@ApiResponse(responseCode = "403", description = "USER_ID header is missing"),
@ApiResponse(responseCode = "409", description = "User not permitted to perform the action"),
@ApiResponse(responseCode = "404", description = "Category not found"), @ApiResponse(responseCode = "500", description = "General Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteComponentGrouping(@PathParam(value = "categoryUniqueId") final String grandParentCategoryUniqueId,
@PathParam(value = "subCategoryUniqueId") final String parentSubCategoryUniqueId,
@PathParam(value = "groupingUniqueId") final String groupingUniqueId,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = User.class)))),
@ApiResponse(responseCode = "200", description = "Returns tags Ok"), @ApiResponse(responseCode = "404", description = "No tags were found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getTags(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
log.debug("(getTags) Start handle request of {}", url);
@ApiResponse(responseCode = "200", description = "Returns propertyScopes Ok"),
@ApiResponse(responseCode = "404", description = "No propertyScopes were found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getPropertyScopes(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
log.debug("(getPropertyScopes) Start handle request of {}", url);
@ApiResponse(responseCode = "200", description = "Returns artifactTypes Ok"),
@ApiResponse(responseCode = "404", description = "No artifactTypes were found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getArtifactTypes(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
log.debug("(GET - getArtifactTypes) Start handle request of {}", url);
@ApiResponse(responseCode = "404", description = "No followed were found"),
@ApiResponse(responseCode = "404", description = "User not found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getFollowedResourcesServices(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
try {
@ApiResponse(responseCode = "404", description = "No resources and services were found"),
@ApiResponse(responseCode = "404", description = "User not found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getCatalogComponents(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@QueryParam("excludeTypes") List<OriginTypeEnum> excludeTypes) throws IOException {
try {
@DELETE
@Path("/inactiveComponents/{componentType}")
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteMarkedResources(@PathParam("componentType") final String componentType, @Context final HttpServletRequest request) {
String url = request.getMethod() + " " + request.getRequestURI();
log.debug(START_HANDLE_REQUEST_OF, url);
@Operation(description = "Retrieve ecomp portal menu - MOC", method = "GET", summary = "Retrieve ecomp portal menu", responses = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = User.class)))),
@ApiResponse(responseCode = "200", description = "Retrieve ecomp portal menu")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getListOfCsars(@Context final HttpServletRequest request) {
return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK),
"[{\"menuId\":1,\"column\":2,\"text\":\"Design\",\"parentMenuId\":null,\"url\":\"\",\"appid\":null,\"roles\":null,\"children\":[{\"menuId\":11,\"column\":1,\"text\":\"ProductDesign\",\"parentMenuId\":1,\"url\":\"\",\"appid\":null,\"roles\":null},{\"menuId\":12,\"column\":2,\"text\":\"Service\",\"parentMenuId\":1,\"url\":\"\",\"appid\":null,\"roles\":null,\"children\":[{\"menuId\":21,\"column\":1,\"text\":\"ViewPolicies\",\"parentMenuId\":12,\"url\":\"\",\"appid\":null,\"roles\":null,\"children\":[{\"menuId\":90,\"column\":1,\"text\":\"4thLevelApp1aR16\",\"parentMenuId\":21,\"url\":\"http://google.com\",\"appid\":null,\"roles\":null}]},{\"menuId\":22,\"column\":2,\"text\":\"UpdatePolicies\",\"parentMenuId\":12,\"url\":\"\",\"appid\":null,\"roles\":null,\"children\":[{\"menuId\":91,\"column\":1,\"text\":\"4thLevelApp1bR16\",\"parentMenuId\":22,\"url\":\"http://jsonlint.com/\",\"appid\":null,\"roles\":null}]},{\"menuId\":23,\"column\":3,\"text\":\"UpdateRules\",\"parentMenuId\":12,\"url\":\"\",\"appid\":null,\"roles\":null},{\"menuId\":24,\"column\":4,\"text\":\"CreateSignatures?\",\"parentMenuId\":12,\"url\":\"\",\"appid\":null,\"roles\":null},{\"menuId\":25,\"column\":5,\"text\":\"Definedata\",\"parentMenuId\":12,\"url\":\"\",\"appid\":null,\"roles\":null}]}]}]");
@Operation(description = "Retrieve previus and current catalog update time", method = "GET", summary = "Retrieve previus and current catalog update time", responses = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "Retrieve previus and current catalog update time")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getCatalogUpdateTime(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
log.debug("(post) Start handle request of {}", url);
@ApiResponse(responseCode = "200", description = "Returns artifactTypes, ui configuration and sdc version Ok"),
@ApiResponse(responseCode = "404", description = "No artifactTypes were found/no ui configuration were found/no sdc version were found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getConfCategoriesAndVersion(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import org.openecomp.sdc.be.components.impl.GroupBusinessLogicNew;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.datatypes.elements.PropertyDataDefinition;
import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum;
import org.openecomp.sdc.be.impl.ComponentsUtils;
@ApiResponse(responseCode = "400", description = "field name invalid type/length, characters; mandatory field is absent, already exists (name)"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found"), @ApiResponse(responseCode = "500", description = "Internal Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public List<String> updateGroupMembers(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("componentId") final String componentId, @PathParam("groupUniqueId") final String groupUniqueId,
@Parameter(description = "List of members unique ids", required = true) List<String> members,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = GroupProperty.class)))),
@ApiResponse(responseCode = "200", description = "Group Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public List<PropertyDataDefinition> getGroupProperties(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("componentId") final String componentId,
@PathParam("groupUniqueId") final String groupUniqueId,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = GroupProperty.class)))),
@ApiResponse(responseCode = "200", description = "Group Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public List<GroupProperty> updateGroupProperties(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("componentId") final String componentId,
@PathParam("groupUniqueId") final String groupUniqueId,
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.GroupBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum;
@ApiResponse(responseCode = "400", description = "field name invalid type/length, characters; mandatory field is absent, already exists (name)"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found"), @ApiResponse(responseCode = "500", description = "Internal Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createGroup(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("componentId") final String componentId, @PathParam("groupType") final String type,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "group found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Group not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getGroupById(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("componentId") final String componentId, @PathParam("groupId") final String groupId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(responseCode = "400", description = "field name invalid type/length, characters; mandatory field is absent, already exists (name)"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found"), @ApiResponse(responseCode = "500", description = "Internal Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteGroup(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("componentId") final String componentId, @PathParam("groupUniqueId") final String groupId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@ApiResponse(responseCode = "200", description = "Group updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "component / group Not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateGroup(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("componentId") final String componentId, @PathParam("groupId") final String groupId,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = GroupDefinition.class)))),
@ApiResponse(responseCode = "200", description = "Group Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateGroupMetadata(@PathParam("containerComponentType") final String containerComponentType,
@PathParam("componentId") final String componentId, @PathParam("groupUniqueId") final String groupUniqueId,
@Parameter(description = "Service object to be Updated", required = true) String data,
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import org.openecomp.sdc.be.components.impl.GroupTypeBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.impl.ComponentsUtils;
import org.openecomp.sdc.be.mixin.GroupTypeMixin;
import org.openecomp.sdc.be.model.GroupTypeDefinition;
@ApiResponse(responseCode = "400", description = "field name invalid type/length, characters; mandatory field is absent, already exists (name)"),
@ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "500", description = "Internal Error")})
@ResponseView(mixin = {GroupTypeMixin.class})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public List<GroupTypeDefinition> getGroupTypes(@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description =
"An optional parameter to indicate the type of the container from where this call is executed")
import org.openecomp.sdc.be.components.impl.DataTypeBusinessLogic;
import org.openecomp.sdc.be.components.impl.InputsBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = DataTypeDefinition.class)))),
@ApiResponse(responseCode = "200", description = "Data type found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Data type not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getDataType(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId,
@PathParam("dataTypeName") final String dataTypeName, @Context final HttpServletRequest request) {
String url = request.getMethod() + " " + request.getRequestURI();
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Data type found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getDataTypes(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId,
@Context final HttpServletRequest request) {
ComponentsUtils componentsUtils = getComponentsUtils();
@ApiResponse(responseCode = "200", description = "Data type deleted"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Data type not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteDataType(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId,
@PathParam("dataTypeName") final String dataTypeName, @Context final HttpServletRequest request) {
ComponentsUtils componentsUtils = getComponentsUtils();
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.InterfaceOperationBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Resource not found"),
@ApiResponse(responseCode = "409", description = "Interface Operation already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createInterfaceOperationsOnResource(@Parameter(description = "Interface Operations to create", required = true) String data,
@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Resource not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateInterfaceOperationsOnResource(@Parameter(description = "Interface Operations to update", required = true) String data,
@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Resource not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteInterfaceOperationsFromResource(@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId,
@Parameter(description = "Interface Id") @PathParam("interfaceId") String interfaceId,
@Parameter(description = "Operation Id") @PathParam("operationId") String operationId,
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Resource not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getInterfaceOperationsFromResource(@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId,
@Parameter(description = "Interface Id") @PathParam("interfaceId") String interfaceId,
@Parameter(description = "Operation Id") @PathParam("operationId") String operationId,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Service not found"),
@ApiResponse(responseCode = "409", description = "Interface Operation already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createInterfaceOperationsOnService(@Parameter(description = "Interface Operations to create", required = true) String data,
@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Service not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateInterfaceOperationsOnService(@Parameter(description = "Interface Operations to update", required = true) String data,
@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Service not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteInterfaceOperationsFromService(@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Parameter(description = "Interface Id") @PathParam("interfaceId") String interfaceId,
@Parameter(description = "Operation Id") @PathParam("operationId") String operationId,
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Service not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getInterfaceOperationsFromService(@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Parameter(description = "Interface Id") @PathParam("interfaceId") String interfaceId,
@Parameter(description = "Operation Id") @PathParam("operationId") String operationId,
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.lifecycle.LifecycleBusinessLogic;
import org.openecomp.sdc.be.components.lifecycle.LifecycleChangeInfoBase;
import org.openecomp.sdc.be.components.lifecycle.LifecycleChangeInfoWithAction;
@ApiResponse(responseCode = "200", description = "Resource state changed"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "409", description = "Resource already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response changeResourceState(
@Parameter(description = "LifecycleChangeInfo - relevant for checkin, failCertification, cancelCertification") String jsonChangeInfo,
@Parameter(description = "validValues: resources / services / products", schema = @Schema(allowableValues = {
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.validation.UserValidations;
import org.openecomp.sdc.be.impl.ComponentsUtils;
import org.openecomp.sdc.be.model.operations.api.IGraphLockOperation;
@Path("/lock")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
@Operation(description = "Toggle disable locking", method = "POST", responses = {
@ApiResponse(content = @Content(schema = @Schema(implementation = Response.class))),
@ApiResponse(responseCode = "200", description = "Disable locking successfully updated"),
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ModelBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.validation.UserValidations;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@Path("/model")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
@Operation(description = "Create a TOSCA model, along with its imports files", method = "POST", summary = "Create a TOSCA model", responses = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "201", description = "Model created"),
@GET
@Path("/model")
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
@Operation(method = "GET", summary = "List TOSCA models", description = "List all the existing TOSCA models",
responses = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Model.class)))),
@Path("/model/imports")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
@Operation(description = "Update a model TOSCA imports", method = "PUT", summary = "Update a model TOSCA imports", responses = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "204", description = "Model imports updated"),
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.PolicyBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Policy already exist"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createPolicy(@PathParam("componentId") final String containerComponentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "200", description = "Policy updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "component / policy Not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updatePolicy(@PathParam("componentId") final String containerComponentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "component / policy Not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getPolicy(@PathParam("componentId") final String containerComponentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "component / policy Not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deletePolicy(@PathParam("componentId") final String containerComponentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "component / policy Not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response undeclarePolicy(@PathParam("componentId") final String containerComponentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Componentorpolicy not found"),
@ApiResponse(responseCode = "500", description = "The GET request failed due to internal SDC problem.")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getPolicyProperties(
@Parameter(description = "the id of the component which is the container of the policy") @PathParam("componentId") final String containerComponentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "component / policy Not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updatePolicyProperties(@PathParam("componentId") final String containerComponentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(responseCode = "201", description = "Policy target updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updatePolicyTargets(@PathParam("componentId") final String containerComponentId,
@Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {
ComponentTypeEnum.RESOURCE_PARAM_NAME,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Component not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response declareProperties(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description = "ComponentIns policies Object to be created", required = true) String componentInstPoliciesMapObj) {
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import org.openecomp.sdc.be.components.impl.PolicyTypeBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.impl.ComponentsUtils;
import org.openecomp.sdc.be.mixin.PolicyTypeMixin;
import org.openecomp.sdc.be.model.PolicyTypeDefinition;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "500", description = "The GET request failed due to internal SDC problem.")})
@ResponseView(mixin = {PolicyTypeMixin.class})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public List<PolicyTypeDefinition> getPolicyTypes(
@Parameter(description = "An optional parameter to indicate the type of the container from where this call is executed")
@QueryParam("internalComponentType") String internalComponentType,
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.RequirementBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "requirement already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createRequirementsOnResource(@Parameter(description = "Requirement to create", required = true) String data,
@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "201", description = "Update Requirements"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateRequirementsOnResource(@Parameter(description = "Requirements to update", required = true) String data,
@Parameter(description = "Component Id") @PathParam("resourceId") String resourceId,
@Context final HttpServletRequest request,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = RequirementDefinition.class)))),
@ApiResponse(responseCode = "201", description = "GET requirement"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getRequirementsFromResource(@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId,
@Parameter(description = "Requirement Id") @PathParam("requirementId") String requirementId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "201", description = "Delete requirement"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteRequirementsFromResource(@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId,
@Parameter(description = "requirement Id") @PathParam("requirementId") String requirementId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Requirement already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createRequirementsOnService(@Parameter(description = "Requirements to create", required = true) String data,
@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "201", description = "Update requirements"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateRequirementsOnService(@Parameter(description = "Requirements to update", required = true) String data,
@Parameter(description = "Component Id") @PathParam("serviceId") String serviceId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "201", description = "GET Requirements"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getRequirementsOnService(@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Parameter(description = "Requirement Id") @PathParam("requirementId") String requirementId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "201", description = "Delete Requirements"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteRequirementsOnService(@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Parameter(description = "Requirement Id") @PathParam("requirementId") String requirementId,
@Context final HttpServletRequest request,
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ModelBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.exception.BusinessException;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Resource already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadMultipart(
@Parameter(description = "validValues: normative-resource / user-resource", schema = @Schema(allowableValues = {NORMATIVE_TYPE_RESOURCE,
USER_TYPE_RESOURCE, USER_TYPE_RESOURCE_UI_IMPORT})) @PathParam(value = "resourceAuthority") final String resourceAuthority,
@Path("/resource/import")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
@Operation(description = "Import node types from a TOSCA yaml, along with the types metadata", method = "POST",
summary = "Creates node types from a TOSCA yaml file", responses = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
import org.openecomp.sdc.be.components.impl.ImportUtils;
import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datamodel.api.HighestFilterEnum;
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Resource already exist"),
@ApiResponse(responseCode = "401", description = "Unauthorized Tenant")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createResource(@Parameter(description = "Resource object to be created", required = true) String data,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId)
throws IOException, ZipException {
@DELETE
@Path("/resources/{resourceId}")
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteResource(@PathParam("resourceId") final String resourceId,
@Parameter(description = "Optional parameter to determine the delete action: " +
"DELETE, which will permanently delete the Resource from the system or " +
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Resource not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteResourceByNameAndVersion(@PathParam("resourceName") final String resourceName, @PathParam("version") final String version,
@Context final HttpServletRequest request) {
ServletContext context = request.getSession().getServletContext();
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Resource found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Resource not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getResourceById(@PathParam("resourceId") final String resourceId, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
ServletContext context = request.getSession().getServletContext();
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Resource found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Resource not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getResourceByNameAndVersion(@PathParam("resourceName") final String resourceName,
@PathParam("resourceVersion") final String resourceVersion, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
@Operation(description = "validate resource name", method = "GET", summary = "checks if the chosen resource name is available ", responses = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
@ApiResponse(responseCode = "200", description = "Resource found"), @ApiResponse(responseCode = "403", description = "Restricted operation")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response validateResourceName(@PathParam("resourceName") final String resourceName, @QueryParam("subtype") String resourceType,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
@Path("/resources/certified/abstract")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getCertifiedAbstractResources(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
String url = request.getMethod() + " " + request.getRequestURI();
@Path("/resources/certified/notabstract")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getCertifiedNotAbstractResources(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
String url = request.getMethod() + " " + request.getRequestURI();
@ApiResponse(responseCode = "200", description = "Resource metadata updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateResourceMetadata(@PathParam("resourceId") final String resourceId,
@Parameter(description = "Resource metadata to be updated", required = true) String data,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId)
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Resource already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateResource(@Parameter(description = "Resource object to be updated", required = true) String data,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@PathParam(value = "resourceId") String resourceId) throws IOException, ZipException {
@ApiResponse(responseCode = "201", description = "Resource retrieced"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getResourceFromCsar(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@PathParam(value = "csaruuid") String csarUUID) throws IOException {
init();
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Resource already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response importReplaceResource(
@Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
import org.json.simple.parser.ParseException;
import org.openecomp.sdc.be.components.impl.InterfaceOperationBusinessLogic;
import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datatypes.elements.OperationInputDefinition;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Service property already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response addInputToServiceOperation(@PathParam("serviceId") final String serviceId,
@PathParam("serviceInstanceId") final String serviceInstanceId,
@Parameter(description = "Service Consumption Data", required = true) String data,
@Path("/services/{serviceId}/consumption/{serviceInstanceId}/interfaces/{interfaceId}/operations/{operationId}/inputs")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getInputsListOfOperation(@PathParam("serviceId") final String serviceId,
@PathParam("serviceInstanceId") final String serviceInstanceId,
@PathParam("interfaceId") final String interfaceId, @PathParam("operationId") final String operationId,
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
import org.openecomp.sdc.be.datatypes.elements.ForwardingPathDataDefinition;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Forwarding Path already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createForwardingPath(@Parameter(description = "Forwarding Path to create", required = true) String data,
@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId)
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Forwarding Path already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateForwardingPath(@Parameter(description = "Update Path to create", required = true) String data,
@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId)
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Forwarding Path already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getForwardingPath(@Parameter(description = "Forwarding Path to create", required = true) String datax,
@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Parameter(description = "Forwarding Path Id") @PathParam("forwardingPathId") String forwardingPathId,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Forwarding Path already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteForwardingPath(@Parameter(description = "Forwarding Path Id") @PathParam("forwardingPathId") String forwardingPathId,
@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId)
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ServiceImportBusinessLogic;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.ByResponseFormatComponentException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
import org.openecomp.sdc.be.dao.api.ActionStatus;
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Service already exist"),
@ApiResponse(responseCode = "401", description = "Unauthorized Tenant")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createService(@Parameter(description = "Service object to be created", required = true) String data,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
@Operation(description = "validate service name", method = "GET", summary = "checks if the chosen service name is available ", responses = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response validateServiceName(@PathParam("serviceName") final String serviceName, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
@Operation(description = "get component audit records", method = "GET", summary = "get audit records for a service or a resource", responses = {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))),
@ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getComponentAuditRecords(@PathParam("componentType") final String componentType,
@PathParam("componentUniqueId") final String componentUniqueId,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "204", description = "Service deleted"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Service not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteService(@PathParam("serviceId") final String serviceId,
@Parameter(description = "Optional parameter to determine the delete action: " +
"DELETE, which will permanently delete theService from the system or " +
@ApiResponse(responseCode = "204", description = "Service deleted"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Service not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response deleteServiceByNameAndVersion(@PathParam("serviceName") final String serviceName, @PathParam("version") final String version,
@Context final HttpServletRequest request) {
User modifier = getUser(request);
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Service.class)))),
@ApiResponse(responseCode = "200", description = "Service Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateServiceMetadata(@PathParam("serviceId") final String serviceId,
@Parameter(description = "Service object to be Updated", required = true) String data,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId)
@ApiResponse(responseCode = "200", description = "Group Instance Property Values Updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response updateGroupInstancePropertyValues(@PathParam("serviceId") final String serviceId,
@PathParam("componentInstanceId") final String componentInstanceId,
@PathParam("groupInstanceId") final String groupInstanceId,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Service.class)))),
@ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Service not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getServiceById(@PathParam("serviceId") final String serviceId, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
String url = request.getMethod() + " " + request.getRequestURI();
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Service.class)))),
@ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Service not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getServiceByNameAndVersion(@PathParam("serviceName") final String serviceName,
@PathParam("serviceVersion") final String serviceVersion, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
@ApiResponse(responseCode = "409", description = "Service cannot be distributed due to missing deployment artifacts"),
@ApiResponse(responseCode = "404", description = "Requested service was not found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error. Please try again later.")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response activateDistribution(@PathParam("serviceId") final String serviceId, @PathParam("env") final String env,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId)
throws IOException {
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Requested service was not found"),
@ApiResponse(responseCode = "500", description = "Internal Server Error. Please try again later.")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response markDistributionAsDeployed(@PathParam("serviceId") final String serviceId, @PathParam("did") final String did,
@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
@Produces(MediaType.APPLICATION_JSON)
@Operation(responses = {@ApiResponse(responseCode = "200", description = "OK"),
@ApiResponse(responseCode = "500", description = "Internal Server Error. Please try again later.")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response tempUrlToBeDeleted(@PathParam("serviceId") final String serviceId, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
String url = request.getMethod() + " " + request.getRequestURI();
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = ServiceRelations.class)))),
@ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Service not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getServiceComponentRelationMap(@PathParam("serviceId") final String serviceId, @Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException {
String url = request.getMethod() + " " + request.getRequestURI();
@ApiResponse(responseCode = "201", description = "Service created"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Service already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response importReplaceService(
@Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
@ApiResponse(responseCode = "200", description = "Service Updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response importToscaTemplate(@PathParam("serviceId") final String serviceId,
@Parameter(description = "Service object to be Updated", required = true) final String data,
@Context final HttpServletRequest request,
@ApiResponse(responseCode = "200", description = "Service Updated"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response importToscaModel(@PathParam("serviceId") final String serviceId,
@NotNull @FormDataParam("upload") final InputStream fileToUpload,
@Context final HttpServletRequest request,
import org.openecomp.sdc.be.components.impl.RelationshipTypeBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException;
import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
@ApiResponse(responseCode = "200", description = "datatypes"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Data types not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getAllDataTypesServlet(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description = "model") @QueryParam("model") String modelName) {
Wrapper<Response> responseWrapper = new Wrapper<>();
@ApiResponse(responseCode = "200", description = "allDataTypes"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Data types not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getAllDataTypesFromAllModels(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@QueryParam("excludePrimitives") @DefaultValue("false") String excludePrimitives) {
@ApiResponse(responseCode = "200", description = "allDataTypes"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Data types not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response downloadDataType(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description = "dataTypeId") @QueryParam("dataTypeId") String dataTypeId) {
Wrapper<Response> responseWrapper = new Wrapper<>();
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Interface lifecycle types not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getInterfaceLifecycleTypes(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description = "model") @QueryParam("model") String modelName) {
@ApiResponse(responseCode = "200", description = "capabilityTypes"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Capability types not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getAllCapabilityTypesServlet(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description = "model") @QueryParam("model") String modelName) {
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Relationship types not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getAllRelationshipTypesServlet(@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@Parameter(description = "model") @QueryParam("model") String modelName) {
@ApiResponse(responseCode = "200", description = "nodeTypes"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "404", description = "Node types not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getAllNodeTypesServlet(
@Context final HttpServletRequest request,
@HeaderParam(value = Constants.USER_ID_HEADER) String userId,
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "404", description = "Tosca Artifact Types not found")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response getAllToscaArtifactTypes(@Parameter(description = "Model name") @QueryParam("model") String model,
@Context final HttpServletRequest request, @HeaderParam(Constants.USER_ID_HEADER) String creator) {
try {
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.glassfish.jersey.media.multipart.FormDataParam;
import org.openecomp.sdc.be.components.impl.CommonImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.validation.AccessValidations;
import org.openecomp.sdc.be.datatypes.tosca.ToscaDataDefinition;
import org.openecomp.sdc.be.impl.ComponentsUtils;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "annotation types already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadAnnotationTypes(@Parameter(description = "FileInputStream") @FormDataParam("annotationTypesZip") File file,
@HeaderParam("USER_ID") String userId) {
accessValidations.validateUserExists(userId, "Annotation Types Creation");
import org.openecomp.sdc.be.components.impl.PolicyTypeImportManager;
import org.openecomp.sdc.be.components.impl.RelationshipTypeImportManager;
import org.openecomp.sdc.be.components.impl.ResourceImportManager;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException;
import org.openecomp.sdc.be.components.impl.model.ToscaTypeImportData;
import org.openecomp.sdc.be.config.BeEcompErrorManager;
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Capability Type already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadCapabilityType(@Parameter(description = "FileInputStream") @FormDataParam("capabilityTypeZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator,
@Parameter(description = "model name") @FormDataParam("model") String modelName,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Relationship Type already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadRelationshipType(@Parameter(description = "FileInputStream") @FormDataParam("relationshipTypeZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator,
@Parameter(description = "model name") @FormDataParam("model") String modelName,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Interface Lifecycle Type already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadInterfaceLifecycleType(@Parameter(description = "FileInputStream") @FormDataParam("interfaceLifecycleTypeZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator,
@Parameter(description = "model name") @FormDataParam("model") String modelName,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Tosca Artifact Type already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadArtifactTypes(@Parameter(description = "Zip file containing a yaml with the TOSCA artifact types definition")
@FormDataParam("artifactsZip") File file,
@Parameter(description = "model name") @FormDataParam("model") String modelName,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Category already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadCategories(@Parameter(description = "FileInputStream") @FormDataParam("categoriesZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator) {
ConsumerTwoParam<Wrapper<Response>, String> createElementsMethod = (responseWrapper, ymlPayload) ->
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Data types already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadDataTypes(@Parameter(description = "FileInputStream") @FormDataParam("dataTypesZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator,
@Parameter(description = "model name") @FormDataParam("model") String modelName,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "Data types already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadDataTypesYaml(@Parameter(description = "FileInputStream") @FormDataParam("dataTypesYaml") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator,
@Parameter(description = "model name") @FormDataParam("model") String modelName,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "group types already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadGroupTypes(@Parameter(description = "toscaTypeMetadata") @FormDataParam("toscaTypeMetadata") String toscaTypesMetaData,
@Parameter(description = "model name") @FormDataParam("model") String modelName,
@Parameter(description = "FileInputStream") @FormDataParam("groupTypesZip") File file,
@ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
@ApiResponse(responseCode = "409", description = "policy types already exist")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response uploadPolicyTypes(@Parameter(description = "toscaTypeMetadata") @FormDataParam("toscaTypeMetadata") String toscaTypesMetaData,
@Parameter(description = "model name") @FormDataParam("model") String modelName,
@Parameter(description = "FileInputStream") @FormDataParam("policyTypesZip") File file,
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.eclipse.jetty.http.HttpStatus;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.impl.ComponentsUtils;
import org.openecomp.sdc.be.model.User;
import org.openecomp.sdc.be.user.Role;
@ApiResponse(responseCode = "200", description = "Returns user Ok"), @ApiResponse(responseCode = "404", description = "User not found"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public User get(@Parameter(description = "userId of user to get", required = true) @PathParam("userId") final String userId,
@Context final HttpServletRequest request) {
return userBusinessLogic.getUser(userId, false);
@ApiResponse(responseCode = "200", description = "Returns user role Ok"), @ApiResponse(responseCode = "404", description = "User not found"),
@ApiResponse(responseCode = "405", description = "Method Not Allowed"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public String getRole(@Parameter(description = "userId of user to get", required = true) @PathParam("userId") final String userId,
@Context final HttpServletRequest request) {
User user = userBusinessLogic.getUser(userId, false);
@ApiResponse(responseCode = "404", description = "User not found"), @ApiResponse(responseCode = "405", description = "Method Not Allowed"),
@ApiResponse(responseCode = "409", description = "User already exists"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public User updateUserRole(@Parameter(description = "userId of user to get", required = true) @PathParam("userId") final String userIdUpdateUser,
@Context final HttpServletRequest request,
@Parameter(description = "json describe the update role", required = true) UserRole newRole,
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = User.class)))),
@ApiResponse(responseCode = "200", description = "Returns user Ok"), @ApiResponse(responseCode = "403", description = "Restricted Access"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public User authorize(@HeaderParam(value = Constants.USER_ID_HEADER) String userId, @HeaderParam("HTTP_CSP_FIRSTNAME") String firstName,
@HeaderParam("HTTP_CSP_LASTNAME") String lastName, @HeaderParam("HTTP_CSP_EMAIL") String email) {
User authUser = new User();
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = User.class)))),
@ApiResponse(responseCode = "200", description = "Returns user Ok"), @ApiResponse(responseCode = "405", description = "Method Not Allowed"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public List<User> getAdminsUser(@Context final HttpServletRequest request) {
return userBusinessLogic.getAllAdminUsers();
}
@ApiResponse(responseCode = "405", description = "Method Not Allowed"),
@ApiResponse(responseCode = "409", description = "Restricted operation"),
@ApiResponse(responseCode = "500", description = "Internal Server Error")})
- @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public User deActivateUser(@Parameter(description = "userId of user to get", required = true) @PathParam("userId") final String userId,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String modifierId) {
return userBusinessLogicExt.deActivateUser(modifierId, userId);
import org.onap.sdc.security.PortalClient;
import org.openecomp.sdc.be.auditing.impl.ConfigurationProvider;
import org.openecomp.sdc.be.components.impl.ComponentLocker;
-import org.openecomp.sdc.be.components.impl.aaf.RoleAuthorizationHandler;
import org.openecomp.sdc.be.components.impl.lock.ComponentLockAspect;
import org.openecomp.sdc.be.components.lifecycle.LifecycleBusinessLogic;
import org.openecomp.sdc.be.config.ConfigurationManager;
import org.openecomp.sdc.be.ecomp.converters.AssetMetadataConverter;
-import org.openecomp.sdc.be.filters.FilterConfiguration;
import org.openecomp.sdc.be.filters.PortalConfiguration;
import org.openecomp.sdc.be.filters.ThreadLocalUtils;
import org.openecomp.sdc.be.tosca.CommonCsarGenerator;
return new ComponentLockAspect(componentLocker);
}
- @Bean
- public RoleAuthorizationHandler roleAuthorizationHandler() {
- return new RoleAuthorizationHandler();
- }
-
@Bean
public CloseableHttpClient httpClientConnectionManager() {
HttpClientFactory httpClientFactory = new HttpClientFactory();
return new PortalConfiguration();
}
- @Bean
- public FilterConfiguration filterConfiguration() {
- return new FilterConfiguration(configuration());
- }
-
@Bean
public ThreadLocalUtils threadLocalUtils() {
return new ThreadLocalUtils();
<aop:pointcut id="lockingTransaction" expression="@annotation(org.openecomp.sdc.be.components.impl.lock.LockingTransactional) and args(componentId, componentType,..)"/>
<aop:around method="lock" arg-names="proceedingJoinPoint,componentId,componentType" pointcut-ref="lockingTransaction"/>
</aop:aspect>
- <aop:aspect id="roleAuthorizationAspect" ref="roleAuthorizationHandler">
- <aop:pointcut id="roleAuthorize" expression="@annotation(permissions)"/>
- <aop:before method="authorizeRole" arg-names="joinPoint, permissions" pointcut-ref="roleAuthorize"/>
- </aop:aspect>
</aop:config>
</beans>
+++ /dev/null
-# Configure AAF
-aaf_locate_url=https://aaf.onap.org:8095
-aaf_url=https://aaf.onap.org:8095/locate/
-
-#aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=TEST/routeOffer=BAU_SE
-
-#if you are running aaf service from a docker image you have to use aaf service IP and port number
-aaf_id=sdc@onap
-#Encrypt the password using AAF Jar
-aaf_password= enc:uI_J4jBL4YUcIZZa5uZKj3QMUC63hbS8TmDn5PSp5nO
-# Sample CADI Properties, from CADI 1.4.2
-hostname=onapportal
-csp_domain=PROD
-
-# Add Absolute path to Keyfile
-cadi_keyfile=/var/lib/jetty/opt/be/etc/keyfile
-
-
-# This is required to accept Certificate Authentication from Certman certificates.
-# can be TEST, IST or PROD
-aaf_env=IST
-
-# DEBUG prints off all the properties. Use to get started.
-cadi_loglevel=DEBUG
-
-
-# Become CSO Poodle Compliant by only allowing sanctioned TLS versions
-# The following is the default
-# cadi_protocols=TLSv1.1,TLSv1.2
-
-# Default TrustStore - REQUIRED for changing PROTOCOL Defaults for DME2
-# Read https://wiki.web.att.com/pages/viewpage.action?pageId=574623569#URGENT:SolvingSSL2-3/TLSv1removalissues-Up-to-dateTruststore
-# Add Absolute path to truststore2018.jks
-cadi_truststore=/var/lib/jetty/base/be/etc/cadi_truststore.jks
-# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs
-cadi_truststore_password=changeit
-
-# how to turn on SSL Logging
-#javax.net.debug=ssl
-
-##
-# Hint
-# Use "maps.bing.com" to get Lat and Long for an Address
-AFT_LATITUDE=32.780140
-AFT_LONGITUDE=-96.800451
-AFT_ENVIRONMENT=AFTUAT
-AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=true
-DME2.DEBUG=true
-AFT_DME2_HTTP_EXCHANGE_TRACE_ON=true
-
-cadi_latitude=32.780140
-cadi_longitude=-96.800451
-
-aaf_root_ns=com.att.aaf
-aaf_api_version=2.0
username: asdc_user
password: Aa1234%^!
ssl: true
- truststorePath : /var/lib/jetty/opt/base/be/config/.truststore
- truststorePassword : Aa123456
maxWaitSeconds: 120
keySpaces:
- { name: dox, replicationStrategy: NetworkTopologyStrategy, replicationInfo: ['DC-sdc-iltlv650', '1']}
password: XyCUPhFx9u70aklYGo6OiA==
aftDme2SslEnable: true
aftDme2ClientIgnoreSslConfig: false
- aftDme2ClientKeystore: /var/lib/jetty/opt/base/be/config/.truststore
- aftDme2ClientKeystorePassword: XyCUPhFx9u70aklYGo6OiA==
aftDme2ClientSslCertAlias: certman
#Performence microservice dmaap producer
password: XyCUPhFx9u70aklYGo6OiA==
aftDme2SslEnable: true
aftDme2ClientIgnoreSslConfig: false
- aftDme2ClientKeystore: /var/lib/jetty/opt/jetty/base/be/config/.truststore
- aftDme2ClientKeystorePassword: XyCUPhFx9u70aklYGo6OiA==
aftDme2ClientSslCertAlias: certman
- DMAAP_PRODUCER
- ECOMP_PORTAL
-aafNamespace: com.att.sdc
-
-aafAuthNeeded: false
-
-cadiFilterParams:
- hostname: 192.168.33.10
- csp_domain: PROD
- cadi_keyfile: /var/lib/jetty/opt/base/be/config/catalog-be/keyfile
- cadi_loglevel: DEBUG
- cadi_truststore: /var/lib/jetty/opt/base/be/config/.truststore
- cadi_truststore_password: enc:XyCUPhFx9u70aklYGo6OiA==
- #aaf_url: https://aaf.onap.org/service=?
- aaf_id: aaf@sdc.onap.org
- aaf_password: enc:XyCUPhFx9u70aklYGo6OiA==
- aaf_env: DEV
- aafLocateUrl: https://aaf.api.simpledemo.onap.org:8095
- aaf_url: https://AAF_LOCATE_URL/AAF_NS.service:2.0
- AFT_LATITUDE: "32.780140"
- AFT_LONGITUDE: "-96.800451"
- AFT_ENVIRONMENT: AFTUAT
- cadiX509Issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US"
-
# This configuration entry lists all node type names prefix that shall be allowed on SDC.
definedResourceNamespace:
- org.openecomp.resource.
configuration.setJanusGraphInMemoryGraph(true);
HeatDeploymentArtifactTimeout heatDeploymentArtifactTimeout = new HeatDeploymentArtifactTimeout();
heatDeploymentArtifactTimeout.setDefaultMinutes(30);
- configuration.setAafAuthNeeded(false);
configuration.setHeatArtifactDeploymentTimeout(heatDeploymentArtifactTimeout);
configurationManager.setConfiguration(configuration);
ExternalConfiguration.setAppName("catalog-be");
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.openecomp.sdc.be.filters;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mockito.InjectMocks;
-import org.mockito.Mock;
-import org.mockito.Mockito;
-import org.mockito.MockitoAnnotations;
-import org.mockito.Spy;
-import org.mockito.junit.MockitoJUnitRunner;
-import org.openecomp.sdc.be.components.impl.ResponseFormatManager;
-import org.openecomp.sdc.be.config.Configuration;
-import org.openecomp.sdc.be.config.ConfigurationManager;
-import org.openecomp.sdc.be.servlets.exception.ComponentExceptionMapper;
-import org.openecomp.sdc.common.api.ConfigurationSource;
-import org.openecomp.sdc.common.api.FilterDecisionEnum;
-import org.openecomp.sdc.common.impl.ExternalConfiguration;
-import org.openecomp.sdc.common.impl.FSConfigurationSource;
-import org.openecomp.sdc.common.util.ThreadLocalsHolder;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.ws.rs.core.HttpHeaders;
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Enumeration;
-import java.util.List;
-
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertTrue;
-import static org.mockito.Mockito.any;
-import static org.mockito.Mockito.doNothing;
-import static org.mockito.Mockito.doThrow;
-import static org.mockito.Mockito.eq;
-import static org.mockito.Mockito.times;
-import static org.mockito.Mockito.when;
-
-
-@RunWith(MockitoJUnitRunner.class)
-public class GatewayFilterTest {
-
- private static final List<String> excludedUrls = Arrays.asList("test1", "test2");
- private static final String cookieName = "myCookie";
-
- static ResponseFormatManager responseFormatManager = new ResponseFormatManager();
- static ConfigurationSource configurationSource = new FSConfigurationSource(ExternalConfiguration.getChangeListener(), "src/test/resources/config/catalog-be");
- static ConfigurationManager configurationManager = new ConfigurationManager(configurationSource);
-
- @InjectMocks
- private GatewayFilter filter;
- @Spy
- private ThreadLocalUtils threadLocalUtils;
- @Mock
- private Configuration.CookieConfig authCookieConf;
- @Mock
- private Configuration configuration;
- @Mock
- private HttpServletRequest request;
- @Mock
- private FilterChain filterChain;
- @Mock
- private HttpServletResponse response;
- @Mock
- private ComponentExceptionMapper componentExceptionMapper;
-
-
-
- @Before
- public void initMocks(){
- MockitoAnnotations.openMocks(this);
- }
-
- @Before
- public void setUp() throws ServletException {
- doNothing().when(threadLocalUtils).setUserContextFromDB(request);
- when(configuration.getAuthCookie()).thenReturn(authCookieConf);
- this.filter = new GatewayFilter(configuration);
- ThreadLocalsHolder.setApiType(null);
- assertNotNull(filter);
- }
-
- @Test
- public void validateRequestFromWhiteList() throws ServletException, IOException {
- when(authCookieConf.getExcludedUrls()).thenReturn(excludedUrls);
- when(request.getPathInfo()).thenReturn("test1");
- filter.doFilter(request, response, filterChain);
- assertTrue(ThreadLocalsHolder.getApiType().equals(FilterDecisionEnum.NA));
- Mockito.verify(filterChain, times(1)).doFilter(request, response);
- }
-
- private Enumeration getHeaderEnumerationObj(List<String> arrlist){
-
- // creating object of type Enumeration<String>
- Enumeration<String> enumer = Collections.enumeration(arrlist);
- return enumer;
- }
-
-
-
-
-
-
- private Cookie[] getCookiesFromReq(boolean isFromRequest) {
- Cookie[] cookies = new Cookie [1];
- if (isFromRequest) {
- cookies[0] = new Cookie(cookieName, "cookieData");
- }
- else {
- cookies[0] = new Cookie("dummy", "cookieData");
- }
- return cookies;
- }
-
- private String getCookieNameFromConf(boolean isFromConfiguration) {
- Cookie[] cookies = new Cookie [1];
- if (isFromConfiguration) {
- cookies[0] = new Cookie(cookieName, "cookieData");
- }
- else {
- cookies[0] = new Cookie("dummy", "cookieData");
- }
- return cookies[0].getName();
- }
-}
\ No newline at end of file
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.openecomp.sdc.be.impl.aaf;
-
-import org.junit.Assert;
-import org.junit.Test;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.AafRoles;
-import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
-import org.openecomp.sdc.be.config.ConfigurationManager;
-import org.openecomp.sdc.be.dao.api.ActionStatus;
-import org.openecomp.sdc.common.api.ConfigurationSource;
-import org.openecomp.sdc.common.impl.ExternalConfiguration;
-import org.openecomp.sdc.common.impl.FSConfigurationSource;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.catchThrowable;
-
-public class RoleAndPermissionEnumTest {
- private static ConfigurationSource configurationSource = new FSConfigurationSource(
- ExternalConfiguration.getChangeListener(), "src/test/resources/config/catalog-be");
- private static ConfigurationManager configurationManager = new ConfigurationManager(configurationSource);
- private final String prefix = ".app.";
-
- @Test
- public void getRoleReadOnly() {
- Assert.assertEquals(configurationManager.getConfiguration().getAafNamespace() + prefix + "readonly", AafRoles.READ_ONLY.getRole());
- }
-
- @Test
- public void getRoleAll() {
- Assert.assertEquals(configurationManager.getConfiguration().getAafNamespace() + prefix + "all", AafRoles.ALL.getRole());
- }
-
- @Test
- public void testGetEnumByStringWithExistingValue() {
- Assert.assertEquals(AafPermission.getEnumByString(AafPermission.PermNames.READ_VALUE),
- AafPermission.READ);
- Assert.assertEquals(AafPermission.getEnumByString(AafPermission.PermNames.WRITE_VALUE),
- AafPermission.WRITE);
- Assert.assertEquals(AafPermission.getEnumByString(AafPermission.PermNames.DELETE_VALUE),
- AafPermission.DELETE);
- }
-
- @Test
- public void testGetEnumByStringNonExistingValue() {
- ComponentException thrown = (ComponentException) catchThrowable(()-> AafPermission.getEnumByString("stam"));
- assertThat(thrown.getActionStatus()).isEqualTo(ActionStatus.INVALID_PROPERTY);
- assertThat(thrown.getParams()[0]).isEqualTo("stam");
- }
-
-}
+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * SDC
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.openecomp.sdc.be.impl.aaf;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.catchThrowable;
-import static org.mockito.Mockito.when;
-
-import java.util.Collections;
-import javax.servlet.http.HttpServletRequest;
-import org.aspectj.lang.JoinPoint;
-import org.aspectj.lang.Signature;
-import org.hibernate.validator.internal.util.annotation.AnnotationDescriptor;
-import org.hibernate.validator.internal.util.annotation.AnnotationDescriptor.Builder;
-import org.hibernate.validator.internal.util.annotation.AnnotationFactory;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.mockito.Mock;
-import org.mockito.MockitoAnnotations;
-import org.mockito.junit.jupiter.MockitoExtension;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
-import org.openecomp.sdc.be.components.impl.aaf.AafPermission.PermNames;
-import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
-import org.openecomp.sdc.be.components.impl.aaf.RoleAuthorizationHandler;
-import org.openecomp.sdc.be.components.impl.exceptions.ComponentException;
-import org.openecomp.sdc.be.config.ConfigurationManager;
-import org.openecomp.sdc.be.dao.api.ActionStatus;
-import org.openecomp.sdc.be.servlets.BeGenericServlet;
-import org.openecomp.sdc.common.api.FilterDecisionEnum;
-import org.openecomp.sdc.common.impl.ExternalConfiguration;
-import org.openecomp.sdc.common.impl.FSConfigurationSource;
-import org.openecomp.sdc.common.util.ThreadLocalsHolder;
-
-@ExtendWith(MockitoExtension.class)
-class RoleAuthorizationHandlerTest {
-
- private RoleAuthorizationHandler roleAuthorizationHandler;
- @Mock
- private JoinPoint joinPoint;
- @Mock
- private Signature signature;
- @Mock
- private BeGenericServlet beGenericServlet;
- @Mock
- private HttpServletRequest httpServletRequest;
-
- @BeforeEach
- public void setUp() {
- MockitoAnnotations.openMocks(this);
- when(joinPoint.getSignature()).thenReturn(signature);
- when(signature.toShortString()).thenReturn("methodName");
- when(joinPoint.getThis()).thenReturn(beGenericServlet);
- when(beGenericServlet.getServletRequest()).thenReturn(httpServletRequest);
- ThreadLocalsHolder.setApiType(FilterDecisionEnum.EXTERNAL);
- new ConfigurationManager(new FSConfigurationSource(ExternalConfiguration.getChangeListener(), "src/test/resources/config/catalog-be/auth"));
- roleAuthorizationHandler = new RoleAuthorizationHandler();
- }
-
- @Test
- void testAuthorizeRoleOnePermittedRole() {
- final String[] permsAllowed = {PermNames.WRITE_VALUE};
- final AnnotationDescriptor<PermissionAllowed> permissionDescriptor = createTestSubject(permsAllowed);
- final PermissionAllowed rolesAllowed = AnnotationFactory.create(permissionDescriptor);
- when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission())).thenReturn(true);
- roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed);
- }
-
- @Test
- void testAuthorizeRoleTwoPermittedRole() {
- final String[] permsAllowed = {PermNames.WRITE_VALUE, PermNames.READ_VALUE};
- final AnnotationDescriptor<PermissionAllowed> permissionDescriptor = createTestSubject(permsAllowed);
- final PermissionAllowed rolesAllowed = AnnotationFactory.create(permissionDescriptor);
- when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission())).thenReturn(true);
- roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed);
- }
-
- @Test
- void testAuthorizeRoleNonPermittedRole() {
- final String[] permsAllowed = {PermNames.WRITE_VALUE, PermNames.READ_VALUE};
- final AnnotationDescriptor<PermissionAllowed> permissionDescriptor = createTestSubject(permsAllowed);
- final PermissionAllowed rolesAllowed = AnnotationFactory.create(permissionDescriptor);
- when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission())).thenReturn(false);
-
- final ComponentException thrown = (ComponentException) catchThrowable(() -> roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed));
- assertThat(thrown.getActionStatus()).isEqualTo(ActionStatus.AUTH_FAILED);
- }
-
- @Test
- void testAuthorizeRoleEmptyRole() {
- final String[] permsAllowed = {};
- final AnnotationDescriptor<PermissionAllowed> permissionDescriptor = createTestSubject(permsAllowed);
- final PermissionAllowed rolesAllowed = AnnotationFactory.create(permissionDescriptor);
-
- final ComponentException thrown = (ComponentException) catchThrowable(() -> roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed));
- assertThat(thrown.getActionStatus()).isEqualTo(ActionStatus.AUTH_FAILED);
- }
-
- private AnnotationDescriptor<PermissionAllowed> createTestSubject(final String[] permsAllowed) {
- return new Builder<>(PermissionAllowed.class, Collections.singletonMap("value", permsAllowed)).build();
- }
-
-}
import org.openecomp.sdc.be.components.impl.BaseBusinessLogic;
import org.openecomp.sdc.be.components.impl.PolicyBusinessLogic;
import org.openecomp.sdc.be.components.impl.ResponseFormatManager;
-import org.openecomp.sdc.be.components.impl.aaf.RoleAuthorizationHandler;
import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException;
import org.openecomp.sdc.be.components.impl.exceptions.ByResponseFormatComponentException;
import org.openecomp.sdc.be.components.property.PropertyDeclarationOrchestrator;
private static ServletUtils servletUtils;
private static PropertyDeclarationOrchestrator propertyDeclarationOrchestrator;
private static ToscaOperationFacade toscaOperationFacade;
- private static RoleAuthorizationHandler roleAuthorizationHandler;
private static ResponseFormat responseFormat;
@Captor
private static ArgumentCaptor<PolicyDefinition> policyCaptor;
componentsUtils = Mockito.mock(ComponentsUtils.class);
servletUtils = Mockito.mock(ServletUtils.class);
responseFormat = Mockito.mock(ResponseFormat.class);
- roleAuthorizationHandler = Mockito.mock(RoleAuthorizationHandler.class);
}
private static class BaseBusinessLogicTest extends BaseBusinessLogic {
+++ /dev/null
-aafAuthNeeded: true
\ No newline at end of file
username: koko
password: bobo
ssl: false
- truststorePath : /path/path
- truststorePassword : 123123
keySpaces:
- { name: sdcaudit, replicationStrategy: SimpleStrategy, replicationInfo: ['1']}
- { name: sdcartifact, replicationStrategy: SimpleStrategy, replicationInfo: ['1']}
password: XyCUPhFx9u70aklYGo6OiA==
aftDme2SslEnable: true
aftDme2ClientIgnoreSslConfig: false
- aftDme2ClientKeystore: /opt/app/jetty/base/be/config/.truststore
- aftDme2ClientKeystorePassword: XyCUPhFx9u70aklYGo6OiA==
aftDme2ClientSslCertAlias: certman
dmaapProducerConfiguration:
- ES
- DMAAP
-aafNamespace: com.att.sdc
-
-aafAuthNeeded: false
-
-cadiFilterParams:
- AFT_LATITUDE: "32.780140"
- AFT_LONGITUDE: "-96.800451"
- hostname: 192.168.33.10
- aaf_id: aaf@sdc.onap.org
- aaf_env: TEST
- aaf_url: https://aaftest.onap.org/locate/
- csp_domain: PROD
- cadi_keyfile: /opt/app/jetty/base/be/etc/keyfile
- aaf_password: enc:uI_J4jBL4YUcIZZa5uZKj3QMUC63hbS8TmDn5PSp5nO
- cadi_loglevel: DEBUG
- AFT_ENVIRONMENT: AFTUAT
- cadiX509Issuers: CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
- cadi_truststore: /opt/app/jetty/base/be/etc/cadi_truststore.jks
- cadi_truststore_password: changeit
-
# This configuration entry lists all node type names prefix that shall be allowed on SDC.
definedResourceNamespace:
- org.openecomp.resource.
+++ /dev/null
-package org.openecomp.sdc.be.config;
-
-import lombok.Getter;
-import lombok.Setter;
-
-@Getter
-@Setter
-public class CadiFilterParams {
-
- private String hostname;
- private String csp_domain;
- private String cadi_keyfile;
- private String cadi_loglevel;
- private String cadi_truststore;
- private String cadi_truststore_password;
- private String aaf_id;
- private String aaf_password;
- private String aaf_env;
- private String aafLocateUrl;
- private String aaf_url;
- private String AFT_LATITUDE;
- private String AFT_LONGITUDE;
- private String AFT_ENVIRONMENT;
- private String cadiX509Issuers;
-}
private ApplicationL2CacheConfig applicationL2Cache;
private ToscaValidatorsConfig toscaValidators;
private boolean disableAudit;
- private Boolean consumerBusinessLogic;
private Map<String, VfModuleProperty> vfModuleProperties;
private Map<String, String> genericAssetNodeTypes;
private Map<String, CategoryBaseTypeConfig> serviceBaseNodeTypes;
private Map<String, Map<String, String>> resourceNodeTypes;
private String appVersion;
private String artifactGeneratorConfig;
- private CadiFilterParams cadiFilterParams;
- private Boolean aafAuthNeeded = false;
private String autoHealingOwner;
private boolean enableAutoHealing;
private Map<String, List<String>> resourcesForUpgrade;
private boolean supportAllottedResourcesAndProxy;
private Integer deleteLockTimeoutInSeconds;
private Integer maxDeleteComponents;
- private CookieConfig authCookie;
- private String aafNamespace;
private String workloadContext;
private EnvironmentContext environmentContext;
private List<GabConfig> gabConfig;
return globalCsarImports;
}
- @Getter
- @Setter
- @NoArgsConstructor
- public static class CookieConfig {
-
- private String securityKey = "";
- private long maxSessionTimeOut = 600 * 1000L;
- private long sessionIdleTimeOut = 30 * 1000L;
- private String cookieName = "AuthenticationCookie";
- private String redirectURL = "https://www.e-access.att.com/ecomp_portal_ist/ecompportal/process_csp";
- private List<String> excludedUrls;
- private List<String> onboardingExcludedUrls;
- private String domain = "";
- private String path = "";
- private boolean isHttpOnly = true;
-
- public boolean isHttpOnly() {
- return isHttpOnly;
- }
-
- public void setIsHttpOnly(final boolean isHttpOnly) {
- this.isHttpOnly = isHttpOnly;
- }
- }
-
@Getter
@Setter
@NoArgsConstructor