From: MichaelMorris Date: Wed, 13 Sep 2023 11:12:46 +0000 (+0100) Subject: Remove legacy certificate handling X-Git-Tag: 1.13.5~15 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=sdc.git;a=commitdiff_plain;h=5f3e9912406897ee18c424b940881ce08d59bb44 Remove legacy certificate handling Signed-off-by: MichaelMorris Issue-ID: SDC-4621 Change-Id: I834f2a0a4f73693dbb656dfa9186506bf88c62c1 --- diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml index dd7944341c..e5392cce60 100644 --- a/catalog-be/pom.xml +++ b/catalog-be/pom.xml @@ -832,31 +832,6 @@ - - - org.onap.aaf.authz - aaf-cadi-aaf - ${cadi.version} - - - com.datastax.cassandra - cassandra-driver-core - - - org.slf4j - slf4j-log4j12 - - - log4j - log4j - - - javax.servlet - javax.servlet-api - - - - org.assertj diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb index a3e519826c..3f7a041a4c 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb @@ -12,14 +12,6 @@ default['disableHttp'] = true #| | #+----------------------------------+ -default['jetty']['dmaap_truststore_pwd'] = "dmaap_truststore_pwd" -default['jetty']['keystore_pwd'] = "?(kP!Yur![*!Y5!E^f(ZKc31" -default['jetty']['keymanager_pwd'] = "?(kP!Yur![*!Y5!E^f(ZKc31" -default['jetty']['truststore_path'] = "#{ENV['JETTY_BASE']}/etc/truststore" -# TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION -# MUST BE ALSO CHANGE IN THE startup.sh FILE -default['jetty'][:truststore_pwd] = "z+KEj;t+,KN^iimSiS89e#p0" - #BasicAuth default['basic_auth']['enabled'] = false default['basic_auth'][:user_name] = "testName" @@ -33,7 +25,6 @@ default['cassandra']['cluster_name'] = "SDC-CS-" default['cassandra']['socket_read_timeout'] = 20000 default['cassandra']['socket_connect_timeout'] = 20000 default['cassandra']['janusgraph_connection_timeout'] = 10000 -default['cassandra'][:truststore_password] = "Aa123456" default['cassandra']['janusgraph_config_file'] = "#{ENV['JETTY_BASE']}/config/catalog-be/janusgraph.properties" default['cassandra'][:db_cache] = true default['cassandra'][:read_consistency_level] = "ONE" @@ -82,36 +73,3 @@ default['DMAAP']['consumer']['topic'] = "com.onap.ccd.CCD-CatalogManagement-v1" default['DMAAP']['consumer']['username'] = "user" default['DMAAP']['partitioncount'] = "3" default['DMAAP']['replicationcount'] = "3" - - -#+----------------------------------+ -#| | -#| Access Restriction / CADI | -#| | -#+----------------------------------+ - -# Cadi -default['access_restriction']['cadi_root_dir'] = "#{ENV['JETTY_BASE']}/etc" -default['access_restriction']['cadi_keyfile'] = "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" -default['access_restriction']['cadi_loglevel'] = "DEBUG" -default['access_restriction']['cadi_truststore'] = "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" -default['access_restriction']['cadi_truststore_password'] = "changeit" -default['access_restriction']['cadiX509Issuers'] = "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US" -default['access_restriction']['encrypted_password'] = "enc:AccessRestrictionEncryptedPassword" -default['access_restriction_key'] = nil - -# Access Restriction Key -default['aafNamespace'] = "com.onap.sdc" -default['access_restriction']['aaf_env'] = "TEST" -default['access_restriction']['aaf_id'] = "user" -default['access_restriction']['aaf_locate_url'] = "" -default['access_restriction']['aaf_password'] = "enc:AafEncriptedPassword" -default['access_restriction']['aaf_url'] = "" -default['access_restriction']['aafAuthNeeded'] = false -default['access_restriction']['AFT_DME2_CLIENT_IGNORE_SSL_CONFIG'] = true -default['access_restriction']['AFT_DME2_HTTP_EXCHANGE_TRACE_ON'] = true -default['access_restriction']['AFT_ENVIRONMENT'] = "AFTUAT" -default['access_restriction']['csp_domain'] = "PROD" -default['access_restriction']['excluded_urls'] = "'/.*'" -default['access_restriction']['excluded_urls_onboarding'] = "'/.*'" - diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/cadi.properties b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/cadi.properties deleted file mode 100644 index 1011ba344d..0000000000 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/cadi.properties +++ /dev/null @@ -1,4 +0,0 @@ -############################################################# -# This file should be replaced with jetty cadi.properties: # -# /var/lib/jetty/base/be/etc/cadi.properties # -############################################################# diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/cadi_truststore.jks b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/cadi_truststore.jks deleted file mode 100644 index 0835ef4542..0000000000 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/cadi_truststore.jks +++ /dev/null @@ -1,4 +0,0 @@ -################################################################## -## This file should be replaced with jetty cadi_truststore.jks: # -## /var/lib/jetty/base/be/etc/cadi_truststore.jks # -################################################################## diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/keyfile b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/keyfile deleted file mode 100644 index 43d20d4c05..0000000000 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/keyfile +++ /dev/null @@ -1,4 +0,0 @@ -############################################################# -# This file should be replaced with jetty keyfile: # -# /var/lib/jetty/base/be/etc/keyfile # -############################################################# diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12 b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12 deleted file mode 100644 index 446856071b..0000000000 Binary files a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12 and /dev/null differ diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks deleted file mode 100644 index e6686cc08c..0000000000 Binary files a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks and /dev/null differ diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb deleted file mode 100644 index e7d11c9f2d..0000000000 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb +++ /dev/null @@ -1,37 +0,0 @@ -jetty_base = "#{ENV['JETTY_BASE']}" - - -directory "Jetty_etc_dir_creation" do - path "#{jetty_base}/etc" - owner "#{ENV['JETTY_USER']}" - owner "#{ENV['JETTY_GROUP']}" - mode '0755' - action :create - not_if { ::File.directory?("#{jetty_base}/etc") } -end - - -cookbook_file "#{jetty_base}/etc/keyfile" do - source "keyfile" - owner "#{ENV['JETTY_USER']}" - owner "#{ENV['JETTY_GROUP']}" - mode 0755 -end - - -cookbook_file "#{jetty_base}/etc/cadi_truststore.jks" do - source "cadi_truststore.jks" - owner "#{ENV['JETTY_USER']}" - owner "#{ENV['JETTY_GROUP']}" - mode 0755 -end - - -template "#{jetty_base}/etc/cadi.properties" do - path "#{jetty_base}/etc/cadi.properties" - source "cadi.properties.erb" - owner "#{ENV['JETTY_USER']}" - owner "#{ENV['JETTY_GROUP']}" - mode "0755" -end - diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb deleted file mode 100644 index 176edcf71c..0000000000 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb +++ /dev/null @@ -1,23 +0,0 @@ - -directory "Jetty_etcdir_creation" do - path "#{ENV['JETTY_BASE']}/etc" - owner "#{ENV['JETTY_USER']}" - owner "#{ENV['JETTY_GROUP']}" - mode '0755' - action :create -end - -cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" do - source "org.onap.sdc.p12" - owner "#{ENV['JETTY_USER']}" - owner "#{ENV['JETTY_GROUP']}" - mode 0755 -end - -cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" do - source "org.onap.sdc.trust.jks" - owner "#{ENV['JETTY_USER']}" - owner "#{ENV['JETTY_GROUP']}" - mode 0755 -end - diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb index 5655d0fd6f..f029fb07fe 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb @@ -41,18 +41,3 @@ template "https-ini" do mode "0755" variables :https_port => "#{node['BE'][:https_port]}" end - - -template "ssl-ini" do - path "#{ENV['JETTY_BASE']}/start.d/ssl.ini" - source "ssl-ini.erb" - owner "#{ENV['JETTY_USER']}" - group "#{ENV['JETTY_GROUP']}" - mode "0755" - variables ({ - :https_port => "#{node['BE'][:https_port]}" , - :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" , - :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" , - :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}" - }) -end diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb index 9a2437c2c1..d6d034fcb6 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb @@ -81,20 +81,6 @@ users: tom: passwd bob: passwd -# access restriction -authCookie: - securityKey: "sdcaccessrestrictionsecureykey" - maxSessionTimeOut: 86400000 - sessionIdleTimeOut: 3600000 - cookieName: "AuthenticationCookie" - path: / - domain: "" - isHttpOnly: true - # redirect variable name from portal.properties file - redirectURL: "" - excludedUrls: [<%= node['access_restriction']['excluded_urls'] %>] - onboardingExcludedUrls: [<%= node['access_restriction']['excluded_urls_onboarding'] %>] - basicAuth: enabled: <%= @basic_auth_flag %> userName: <%= @user_name %> @@ -112,8 +98,6 @@ cassandraConfig: username: <%= @cassandra_usr %> password: <%= @cassandra_pwd %> ssl: <%= @cassandra_ssl_enabled %> - truststorePath : <%= node['jetty']['truststore_path'] %> - truststorePassword : <%= @cassandra_truststore_password %> keySpaces: - { name: dox, replicationStrategy: NetworkTopologyStrategy, replicationInfo: ['<%= @REP_STRING %>']} - { name: sdcaudit, replicationStrategy: NetworkTopologyStrategy, replicationInfo: ['<%= @REP_STRING %>']} @@ -1004,8 +988,6 @@ toscaValidators: disableAudit: false -consumerBusinessLogic: true - vfModuleProperties: min_vf_module_instances: forBaseModule: 1 @@ -1145,8 +1127,6 @@ dmaapConsumerConfiguration: username: user password: aftDme2SslEnable: true - aftDme2ClientKeystore: <%= node['jetty']['truststore_path'] %> - aftDme2ClientKeystorePassword: "" aftDme2ClientSslCertAlias: certman dmaapProducerConfiguration: @@ -1178,8 +1158,6 @@ dmaapProducerConfiguration: username: <%= node['DMAAP']['producer']['username'] %> password: <%= node['DMAAP']['producer']['password'] %> aftDme2SslEnable: true - aftDme2ClientKeystore: <%= node['jetty']['truststore_path'] %> - aftDme2ClientKeystorePassword: <%= node['jetty']['dmaap_truststore_pwd'] %> aftDme2ClientSslCertAlias: certman @@ -1245,26 +1223,6 @@ supportAllottedResourcesAndProxy: true deleteLockTimeoutInSeconds: 60 maxDeleteComponents: 10 -# Cadi filter (access restriction) Parameters -aafNamespace: <%= node['aafNamespace'] %> -aafAuthNeeded: <%= node['access_restriction']['aafAuthNeeded'] %> - -cadiFilterParams: - AFT_LATITUDE: "32.780140" - AFT_LONGITUDE: "-96.800451" - hostname: <%= node['BE_VIP'] %> - aaf_id: <%= node['access_restriction']['aaf_id'] %> - aaf_env: <%= node['access_restriction']['aaf_env'] %> - aaf_url: <%= node['access_restriction']['aaf_url'] %> - csp_domain: <%= node['access_restriction']['csp_domain'] %> - cadi_keyfile: <%= node['access_restriction']['cadi_keyfile'] %> - aaf_password: <%= node['access_restriction']['aaf_password'] %> - cadi_loglevel: <%= node['access_restriction']['cadi_loglevel'] %> - AFT_ENVIRONMENT: <%= node['access_restriction']['AFT_ENVIRONMENT'] %> - cadiX509Issuers: <%= node['access_restriction']['cadiX509Issuers'] %> - cadi_truststore: <%= node['access_restriction']['cadi_truststore'] %> - cadi_truststore_password: <%= node['access_restriction']['cadi_truststore_password'] %> - # This configuration entry lists all node type names prefix that shall be allowed on SDC. definedResourceNamespace: - org.openecomp.resource. diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/cadi.properties.erb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/cadi.properties.erb deleted file mode 100644 index 66654310e0..0000000000 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/cadi.properties.erb +++ /dev/null @@ -1,54 +0,0 @@ -# Configure AAF -aaf_locate_url=<%= node['access_restriction']['aaf_locate_url'] %> - -aaf_url=<%= node['access_restriction']['aaf_url'] %> - -#if you are running aaf service from a docker image you have to use aaf service IP and port number -aaf_id=<%= node['access_restriction']['aaf_id'] %> -#Encrypt the password using AAF Jar -aaf_password=<%= node['access_restriction']['aaf_password'] %> -# Sample CADI Properties, from CADI 1.4.2 -hostname=<%= node['BE_VIP'] %> -csp_domain=<%= node['access_restriction']['csp_domain'] %> - -# Add Absolute path to Keyfile -cadi_keyfile=<%= node['access_restriction']['cadi_keyfile'] %> - - -# This is required to accept Certificate Authentication from Certman certificates. -# can be TEST, IST or PROD -aaf_env=<%= node['access_restriction']['aaf_env'] %> - -# DEBUG prints off all the properties. Use to get started. -cadi_loglevel=<%= node['access_restriction']['cadi_loglevel'] %> - - -# Become CSO Poodle Compliant by only allowing sanctioned TLS versions -# The following is the default -# cadi_protocols=TLSv1.1,TLSv1.2 - -# Default TrustStore - REQUIRED for changing PROTOCOL Defaults for DME2 -# Read https://wiki.web.att.com/pages/viewpage.action?pageId=574623569#URGENT:SolvingSSL2-3/TLSv1removalissues-Up-to-dateTruststore -# Add Absolute path to truststore2020.jks -cadi_truststore=<%= node['access_restriction']['cadi_truststore'] %> -# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs -cadi_truststore_password=<%= node['access_restriction']['cadi_truststore_password'] %> - -# how to turn on SSL Logging -#javax.net.debug=ssl - -## -# Hint -# Use "maps.bing.com" to get Lat and Long for an Address -AFT_LATITUDE=32.780140 -AFT_LONGITUDE=-96.800451 -AFT_ENVIRONMENT=<%= node['access_restriction']['AFT_ENVIRONMENT'] %> -AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=<%= node['access_restriction']['AFT_DME2_CLIENT_IGNORE_SSL_CONFIG'] %> -DME2.DEBUG=true -AFT_DME2_HTTP_EXCHANGE_TRACE_ON=<%= node['access_restriction']['AFT_DME2_HTTP_EXCHANGE_TRACE_ON'] %> - -cadi_latitude=32.780140 -cadi_longitude=-96.800451 - -aaf_root_ns=<%= node['aafNamespace'] %> -aaf_api_version=2.0 diff --git a/catalog-be/src/main/docker/backend/chef-solo/roles/catalog-be.json b/catalog-be/src/main/docker/backend/chef-solo/roles/catalog-be.json index 01ce87f239..80728ee013 100644 --- a/catalog-be/src/main/docker/backend/chef-solo/roles/catalog-be.json +++ b/catalog-be/src/main/docker/backend/chef-solo/roles/catalog-be.json @@ -12,13 +12,11 @@ "run_list": [ "recipe[sdc-catalog-be::BE_1_cleanup_jettydir]", "recipe[sdc-catalog-be::BE_2_setup_configuration]", - "recipe[sdc-catalog-be::BE_3_locate_keystore]", "recipe[sdc-catalog-be::BE_4_jetty_Modules]", "recipe[sdc-catalog-be::BE_6_setup_portal_and_key_properties]", "recipe[sdc-catalog-be::BE_7_logback]", "recipe[sdc-catalog-be::BE_8_errors_config]", - "recipe[sdc-catalog-be::BE_9_prepareProbeFile]", - "recipe[sdc-catalog-be::BE_10_setup_cadi]" + "recipe[sdc-catalog-be::BE_9_prepareProbeFile]" ], "env_run_lists": { } diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/components/distribution/engine/DmaapClientFactory.java b/catalog-be/src/main/java/org/openecomp/sdc/be/components/distribution/engine/DmaapClientFactory.java index 6549b54d4e..593bf5194d 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/components/distribution/engine/DmaapClientFactory.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/components/distribution/engine/DmaapClientFactory.java @@ -98,8 +98,6 @@ public class DmaapClientFactory { props.setProperty("AFT_DME2_EP_READ_TIMEOUT_MS", Integer.toString(parameters.getAftDme2ReadTimeoutMs())); props.setProperty("AFT_DME2_SSL_ENABLE", Boolean.toString(parameters.isAftDme2SslEnable())); props.setProperty("AFT_DME2_CLIENT_IGNORE_SSL_CONFIG", Boolean.toString(parameters.isAftDme2ClientIgnoreSslConfig())); - props.setProperty("AFT_DME2_CLIENT_KEYSTORE", parameters.getAftDme2ClientKeystore()); - props.setProperty("AFT_DME2_CLIENT_KEYSTORE_PASSWORD", parameters.getAftDme2ClientKeystorePassword()); props.setProperty("AFT_DME2_CLIENT_SSL_CERT_ALIAS", parameters.getAftDme2ClientSslCertAlias()); String dme2PreferredRouterFilePath = parameters.getDme2preferredRouterFilePath(); ensureFileExists(dme2PreferredRouterFilePath); @@ -145,8 +143,6 @@ public class DmaapClientFactory { props.setProperty("AFT_DME2_EP_READ_TIMEOUT_MS", Integer.toString(parameters.getAftDme2ReadTimeoutMs())); props.setProperty("AFT_DME2_SSL_ENABLE", Boolean.toString(parameters.isAftDme2SslEnable())); props.setProperty("AFT_DME2_CLIENT_IGNORE_SSL_CONFIG", Boolean.toString(parameters.isAftDme2ClientIgnoreSslConfig())); - props.setProperty("AFT_DME2_CLIENT_KEYSTORE", parameters.getAftDme2ClientKeystore()); - props.setProperty("AFT_DME2_CLIENT_KEYSTORE_PASSWORD", parameters.getAftDme2ClientKeystorePassword()); props.setProperty("AFT_DME2_CLIENT_SSL_CERT_ALIAS", parameters.getAftDme2ClientSslCertAlias()); String dme2PreferredRouterFilePath = parameters.getDme2preferredRouterFilePath(); ensureFileExists(dme2PreferredRouterFilePath); diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/components/health/HealthCheckBusinessLogic.java b/catalog-be/src/main/java/org/openecomp/sdc/be/components/health/HealthCheckBusinessLogic.java index 22013c1c04..4ba36a6a40 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/components/health/HealthCheckBusinessLogic.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/components/health/HealthCheckBusinessLogic.java @@ -52,7 +52,6 @@ import org.apache.commons.lang3.tuple.Pair; import org.openecomp.sdc.be.catalog.impl.DmaapProducerHealth; import org.openecomp.sdc.be.components.distribution.engine.DistributionEngineClusterHealth; import org.openecomp.sdc.be.components.distribution.engine.DmaapHealth; -import org.openecomp.sdc.be.components.impl.CADIHealthCheck; import org.openecomp.sdc.be.components.impl.CassandraHealthCheck; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.config.Configuration; @@ -144,8 +143,6 @@ public class HealthCheckBusinessLogic { healthCheckInfos.add(getHostedComponentsBeHealthCheck(HC_COMPONENT_ON_BOARDING, buildOnBoardingHealthCheckUrl())); //ECOMP Portal healthCheckInfos.add(portalHealthCheck.getHealthCheckInfo()); - //CADI - healthCheckInfos.add(CADIHealthCheck.getCADIHealthCheckInstance().getCADIStatus()); return healthCheckInfos; } diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/CADIHealthCheck.java b/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/CADIHealthCheck.java deleted file mode 100644 index bb12b317c6..0000000000 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/CADIHealthCheck.java +++ /dev/null @@ -1,55 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.openecomp.sdc.be.components.impl; - -import static org.openecomp.sdc.common.api.Constants.HC_COMPONENT_CADI; -import static org.openecomp.sdc.common.api.HealthCheckInfo.HealthCheckStatus.DOWN; - -import org.openecomp.sdc.common.api.HealthCheckInfo; -import org.openecomp.sdc.common.log.wrappers.Logger; -import org.springframework.stereotype.Component; - -@Component -public class CADIHealthCheck { - - private static final Logger log = Logger.getLogger(CADIHealthCheck.class.getName()); - private static CADIHealthCheck cadiHealthCheckInstance = new CADIHealthCheck(); - private static HealthCheckInfo.HealthCheckStatus isCADIUpOrDown = DOWN; - - public static CADIHealthCheck getCADIHealthCheckInstance() { - return cadiHealthCheckInstance; - } - - public static HealthCheckInfo getCADIStatus() { - log.debug("getCADIStatus: Checking whether CADI was up or down while its init."); - String description = "OK"; - if (isCADIUpOrDown == DOWN) { - description = "CADI filter failed initialization"; - } - return new HealthCheckInfo(HC_COMPONENT_CADI, isCADIUpOrDown, null, description); - } - - public void setIsCADIUp(HealthCheckInfo.HealthCheckStatus cadiStatus) { - if (log.isDebugEnabled()) { - log.debug("Setting cadiHealthCheckInstance status to: {}", cadiStatus.toString()); - } - isCADIUpOrDown = cadiStatus; - } -} diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/AafPermission.java b/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/AafPermission.java deleted file mode 100644 index 4dc8c98e49..0000000000 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/AafPermission.java +++ /dev/null @@ -1,61 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.openecomp.sdc.be.components.impl.aaf; - -import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException; -import org.openecomp.sdc.be.config.ConfigurationManager; -import org.openecomp.sdc.be.dao.api.ActionStatus; - -public enum AafPermission { - READ(PermNames.READ_VALUE), WRITE(PermNames.WRITE_VALUE), DELETE(PermNames.DELETE_VALUE), INTERNAL_ALL(PermNames.INTERNAL_ALL_VALUE); - private String permission; - private String permissionSuffix; - - AafPermission(String permissionSuffix) { - this.permissionSuffix = permissionSuffix; - this.permission = String - .format("%s.%s", ConfigurationManager.getConfigurationManager().getConfiguration().getAafNamespace(), permissionSuffix); - } - - public static AafPermission getEnumByString(String perm) { - for (AafPermission e : AafPermission.values()) { - if (perm.equals(e.getPermissionSuffix())) { - return e; - } - } - throw new ByActionStatusComponentException(ActionStatus.INVALID_PROPERTY, perm); - } - - public String getFullPermission() { - return permission; - } - - public String getPermissionSuffix() { - return this.permissionSuffix; - } - - public static class PermNames { - - public static final String READ_VALUE = "endpoint.api.access|*|read"; - public static final String WRITE_VALUE = "endpoint.api.access|*|write"; - public static final String DELETE_VALUE = "endpoint.api.access|*|delete"; - public static final String INTERNAL_ALL_VALUE = "endpoint.api.internal.access|*|all"; - } -} diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/AafRoles.java b/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/AafRoles.java deleted file mode 100644 index 95cebcacdc..0000000000 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/AafRoles.java +++ /dev/null @@ -1,35 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.openecomp.sdc.be.components.impl.aaf; - -import org.openecomp.sdc.be.config.ConfigurationManager; - -public enum AafRoles { - READ_ONLY("app.readonly"), ALL("app.all"); - private String role; - - AafRoles(String roleSuffix) { - this.role = ConfigurationManager.getConfigurationManager().getConfiguration().getAafNamespace() + "." + roleSuffix; - } - - public String getRole() { - return role; - } -} diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/PermissionAllowed.java b/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/PermissionAllowed.java deleted file mode 100644 index 782e2ea8c2..0000000000 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/PermissionAllowed.java +++ /dev/null @@ -1,32 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.openecomp.sdc.be.components.impl.aaf; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -@Retention(RetentionPolicy.RUNTIME) -@Target(ElementType.METHOD) -public @interface PermissionAllowed { - - String[] value(); -} diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/RoleAuthorizationHandler.java b/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/RoleAuthorizationHandler.java deleted file mode 100644 index bc66a8c67e..0000000000 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/components/impl/aaf/RoleAuthorizationHandler.java +++ /dev/null @@ -1,78 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.openecomp.sdc.be.components.impl.aaf; - -import javax.servlet.http.HttpServletRequest; -import org.aspectj.lang.JoinPoint; -import org.aspectj.lang.annotation.Aspect; -import org.aspectj.lang.annotation.Before; -import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException; -import org.openecomp.sdc.be.config.ConfigurationManager; -import org.openecomp.sdc.be.dao.api.ActionStatus; -import org.openecomp.sdc.be.servlets.BeGenericServlet; -import org.openecomp.sdc.common.log.wrappers.Logger; -import org.openecomp.sdc.common.util.ThreadLocalsHolder; - -// aop id defined via application-context.xml. the annotations are only for test purposes -@Aspect -public class RoleAuthorizationHandler { - - private static final Logger log = Logger.getLogger(RoleAuthorizationHandler.class); - private final ConfigurationManager configurationManager = ConfigurationManager.getConfigurationManager(); - - @Before("@annotation(permissions)") - public void authorizeRole(JoinPoint joinPoint, PermissionAllowed permissions) { - if (isPermissionAuthenticationNeeded()) { - String methodName = joinPoint.getSignature().toShortString(); - HttpServletRequest request = ((BeGenericServlet) joinPoint.getThis()).getServletRequest(); - String[] perms = permissions.value(); - logAuth(methodName, perms, true, null); - for (String perm : perms) { - if (request.isUserInRole(getFullPermission(perm))) { - logAuth(methodName, perms, false, true); - return; - } - } - logAuth(methodName, perms, false, false); - throw new ByActionStatusComponentException(ActionStatus.AUTH_FAILED); - } - } - - private void logAuth(String methodName, String[] perms, boolean beforeAuth, Boolean success) { - if (beforeAuth) { - log.trace("#{} - authorizing before invoking endpoint {}", methodName); - } else { - String status = success ? "SUCCESS" : "FAILED"; - log.trace("#{} - authorizing before invoking endpoint {}, Status: {}", methodName, status); - } - } - - private String getFullPermission(String role) { - return AafPermission.getEnumByString(role).getFullPermission(); - } - - private boolean isPermissionAuthenticationNeeded() { - if (configurationManager.getConfiguration().getAafAuthNeeded() && ThreadLocalsHolder.isExternalRequest()) { - return true; - } else { - return false; - } - } -} diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/distribution/servlet/DistributionCatalogServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/distribution/servlet/DistributionCatalogServlet.java index ffe9bb698b..6b216a0905 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/distribution/servlet/DistributionCatalogServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/distribution/servlet/DistributionCatalogServlet.java @@ -49,8 +49,6 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -116,7 +114,6 @@ public class DistributionCatalogServlet extends BeGenericServlet { @ApiResponse(responseCode = "404", description = "Specified artifact is not found - SVC4505"), @ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used (PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000")}) - @PermissionAllowed({AafPermission.PermNames.READ_VALUE}) public Response downloadServiceArtifact( @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader, @@ -184,7 +181,6 @@ public class DistributionCatalogServlet extends BeGenericServlet { @ApiResponse(responseCode = "404", description = "Specified artifact is not found - SVC4505"), @ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used (PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000")}) - @PermissionAllowed({AafPermission.PermNames.READ_VALUE}) public Response downloadResourceArtifact( @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader, @@ -245,7 +241,6 @@ public class DistributionCatalogServlet extends BeGenericServlet { @ApiResponse(responseCode = "404", description = "Specified artifact is not found - SVC4505"), @ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used (PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000")}) - @PermissionAllowed({AafPermission.PermNames.READ_VALUE}) public Response downloadResourceInstanceArtifactByName( @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/distribution/servlet/DistributionServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/distribution/servlet/DistributionServlet.java index 1517527efa..beaf70da8c 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/distribution/servlet/DistributionServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/distribution/servlet/DistributionServlet.java @@ -43,8 +43,6 @@ import javax.ws.rs.Produces; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.distribution.AuditHandler; @@ -113,7 +111,6 @@ public class DistributionServlet extends BeGenericServlet { /*responseHeaders = { @ResponseHeader(name = Constants.CONTENT_TYPE_HEADER, description = "Determines the format of the response body", response = String.class), @ResponseHeader(name = "Content-Length", description = "Length of the response body", response = String.class)})*/ - @PermissionAllowed({AafPermission.PermNames.READ_VALUE}) public Response getUebServerList( @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId, @@ -227,7 +224,6 @@ public class DistributionServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "ECOMP component is not authorized - POL5003"), @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used to register for distribution ( PUT,DELETE,GET will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The registration failed due to internal SDC problem or Cambria Service failure ECOMP Component should continue the attempts to register for distribution - POL5000")}) - @PermissionAllowed({AafPermission.PermNames.READ_VALUE}) public Response registerForDistribution( @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId, @@ -272,7 +268,6 @@ public class DistributionServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "ECOMP component is not authorized - POL5003"), @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used to register for distribution ( POST,PUT,DELETE will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The registration failed due to internal SDC problem or Cambria Service failure ECOMP Component should continue the attempts to register for distribution - POL5000")}) - @PermissionAllowed({AafPermission.PermNames.READ_VALUE}) public Response getValidArtifactTypes( @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId, @@ -320,7 +315,6 @@ public class DistributionServlet extends BeGenericServlet { //TODO Edit the responses @Parameters({ @Parameter(name = "requestJson", required = true, schema = @Schema(implementation = org.openecomp.sdc.be.distribution.api.client.RegistrationRequest.class), description = "json describe the artifact")}) - @PermissionAllowed({AafPermission.PermNames.READ_VALUE}) public Response unRegisterForDistribution( @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/AbstractTemplateServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/AbstractTemplateServlet.java index 411e0dcfd9..c52453645e 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/AbstractTemplateServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/AbstractTemplateServlet.java @@ -47,8 +47,6 @@ import org.openecomp.sdc.be.components.impl.ElementBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.ByResponseFormatComponentException; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -125,7 +123,6 @@ public class AbstractTemplateServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "404", description = "Error: Requested '%1' (uuid) resource was not found - SVC4063"), @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000")}) - @PermissionAllowed(AafPermission.PermNames.READ_VALUE) public Response getServiceAbstractStatus( @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader, @@ -198,7 +195,6 @@ public class AbstractTemplateServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000"), @ApiResponse(responseCode = "409", description = "Service already exist")}) - @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE) public Response copyExistService( @Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId, @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ArtifactExternalServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ArtifactExternalServlet.java index 9f37586ce4..b7bc2cea81 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ArtifactExternalServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ArtifactExternalServlet.java @@ -51,8 +51,6 @@ import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic; import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic.ArtifactOperationEnum; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.artifact.ArtifactOperationInfo; import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; import org.openecomp.sdc.be.config.BeEcompErrorManager; @@ -206,7 +204,6 @@ public class ArtifactExternalServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"), @ApiResponse(responseCode = "400", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"), @ApiResponse(responseCode = "400", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")}) - @PermissionAllowed({AafPermission.PermNames.WRITE_VALUE}) public Response uploadArtifact( @Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType, @Parameter(description = "The value for this header must be the MD5 checksum over the whole json body", required = true) @HeaderParam(value = Constants.MD5_HEADER) String checksum, @@ -290,7 +287,6 @@ public class ArtifactExternalServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"), @ApiResponse(responseCode = "400", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"), @ApiResponse(responseCode = "400", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")}) - @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE) public Response uploadArtifactToInstance( @Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType, @Parameter(description = "The value for this header must be the MD5 checksum over the whole json body", required = true) @HeaderParam(value = Constants.MD5_HEADER) String checksum, @@ -374,7 +370,6 @@ public class ArtifactExternalServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"), @ApiResponse(responseCode = "403", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"), @ApiResponse(responseCode = "409", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")}) - @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE) public Response updateArtifact( @Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType, @Parameter(description = "The value for this header must be the MD5 checksum over the whole json body", required = true) @HeaderParam(value = Constants.MD5_HEADER) String checksum, @@ -461,7 +456,6 @@ public class ArtifactExternalServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"), @ApiResponse(responseCode = "403", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"), @ApiResponse(responseCode = "409", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")}) - @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE) public Response updateArtifactOnResourceInstance( @Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType, @Parameter(description = "The value for this header must be the MD5 checksum over the whole json body", required = true) @HeaderParam(value = Constants.MD5_HEADER) String checksum, @@ -549,7 +543,6 @@ public class ArtifactExternalServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"), @ApiResponse(responseCode = "403", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"), @ApiResponse(responseCode = "409", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")}) - @PermissionAllowed(AafPermission.PermNames.DELETE_VALUE) public Response deleteArtifact( @Parameter(description = "The user ID of the DCAE Designer. This user must also have Designer role in SDC", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId, @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @@ -633,7 +626,6 @@ public class ArtifactExternalServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Artifact name is missing in input - SVC4128"), @ApiResponse(responseCode = "403", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4086"), @ApiResponse(responseCode = "409", description = "Restricted Operation – the user provided does not have role of Designer or the asset is being used by another designer - SVC4301")}) - @PermissionAllowed(AafPermission.PermNames.DELETE_VALUE) public Response deleteArtifactOnResourceInstance( @Parameter(description = "The user ID of the DCAE Designer. This user must also have Designer role in SDC", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId, @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @@ -711,7 +703,6 @@ public class ArtifactExternalServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used (PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000"), @ApiResponse(responseCode = "404", description = "Artifact was not found - SVC4505")}) - @PermissionAllowed(AafPermission.PermNames.DELETE_VALUE) public Response downloadComponentArtifact( @Parameter(description = "The user ID of the DCAE Designer. This user must also have Designer role in SDC", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId, @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @@ -781,7 +772,6 @@ public class ArtifactExternalServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used (PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000"), @ApiResponse(responseCode = "404", description = "Artifact was not found - SVC4505")}) - @PermissionAllowed(AafPermission.PermNames.READ_VALUE) public Response downloadResourceInstanceArtifact( @Parameter(description = "The user ID of the DCAE Designer. This user must also have Designer role in SDC", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId, @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/AssetsDataServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/AssetsDataServlet.java index 52bc5c4f2c..13239a9788 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/AssetsDataServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/AssetsDataServlet.java @@ -59,8 +59,6 @@ import org.openecomp.sdc.be.components.impl.ElementBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -126,7 +124,6 @@ public class AssetsDataServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "ECOMP component is not authorized - POL5003"), @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000")}) - @PermissionAllowed(AafPermission.PermNames.READ_VALUE) public Response getAssetListExternal( @Parameter(description = "X-ECOMP-RequestID header") @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader, @@ -256,7 +253,6 @@ public class AssetsDataServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "404", description = "Error: Requested '%1' (uuid) resource was not found - SVC4063"), @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000")}) - @PermissionAllowed(AafPermission.PermNames.READ_VALUE) public Response getAssetSpecificMetadataByUuidExternal( @Parameter(description = "X-ECOMP-RequestID header") @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader, @@ -339,7 +335,6 @@ public class AssetsDataServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "404", description = "Error: Requested '%1' (uuid) resource was not found - SVC4063"), @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000")}) - @PermissionAllowed(AafPermission.PermNames.READ_VALUE) public Response getToscaModelExternal( @Parameter(description = "X-ECOMP-RequestID header") @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/CrudExternalServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/CrudExternalServlet.java index 6d94ff6471..a97f6565a6 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/CrudExternalServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/CrudExternalServlet.java @@ -57,8 +57,6 @@ import org.openecomp.sdc.be.components.impl.ElementBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; import org.openecomp.sdc.be.components.lifecycle.LifecycleBusinessLogic; import org.openecomp.sdc.be.components.lifecycle.LifecycleChangeInfoBase; @@ -163,7 +161,6 @@ public class CrudExternalServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Create VFCMT request: VFCMT name exceeds character limit - SVC4073"), @ApiResponse(responseCode = "400", description = "Invalid Content. Missing PROJECT_CODE number - SVC4129"), @ApiResponse(responseCode = "409", description = "Error: %1 (Service) with name '%2' already exists. - SVC4050")}) - @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE) public Response createComponentExternal( @Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType, @Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId, @@ -327,7 +324,6 @@ public class CrudExternalServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000"), @ApiResponse(responseCode = "403", description = "Asset is already checked-out by another user - SVC4085"), @ApiResponse(responseCode = "403", description = "Asset is being edited by different user. Only one user can checkout and edit an asset on given time. The asset will be available for checkout after the other user will checkin the asset - SVC4080")}) - @PermissionAllowed(AafPermission.PermNames.WRITE_VALUE) public Response changeResourceStateExternal( @Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType, @Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ExternalRefsServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ExternalRefsServlet.java index 8b2483a71f..0bfcbecce3 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ExternalRefsServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ExternalRefsServlet.java @@ -38,8 +38,6 @@ import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.ExternalRefsBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum; import org.openecomp.sdc.be.dto.ExternalRefDTO; @@ -68,7 +66,6 @@ public class ExternalRefsServlet extends BeGenericServlet { @GET @Path("/{assetType}/{uuid}/version/{version}/resourceInstances/{componentInstanceName}/externalReferences/{objectType}") @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed({AafPermission.PermNames.READ_VALUE}) public Response getComponentInstanceExternalRef(@PathParam("assetType") String assetType, @PathParam("uuid") String uuid, @PathParam("version") String version, @PathParam("componentInstanceName") String componentInstanceName, @@ -90,7 +87,6 @@ public class ExternalRefsServlet extends BeGenericServlet { @GET @Path("/{assetType}/{uuid}/version/{version}/externalReferences/{objectType}") @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed({AafPermission.PermNames.READ_VALUE}) public Map> getAssetExternalRefByObjectType(@PathParam("assetType") String assetType, @PathParam("uuid") String uuid, @PathParam("version") String version, @PathParam("objectType") String objectType, @HeaderParam("USER_ID") String userId, @@ -112,7 +108,6 @@ public class ExternalRefsServlet extends BeGenericServlet { @Path("/{assetType}/{uuid}/resourceInstances/{componentInstanceName}/externalReferences/{objectType}") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed({AafPermission.PermNames.WRITE_VALUE}) public Response addComponentInstanceExternalRef(@PathParam("assetType") String assetType, @PathParam("uuid") String uuid, @PathParam("componentInstanceName") String componentInstanceName, @PathParam("objectType") String objectType, ExternalRefDTO ref, @@ -137,7 +132,6 @@ public class ExternalRefsServlet extends BeGenericServlet { @DELETE @Path("/{assetType}/{uuid}/resourceInstances/{componentInstanceName}/externalReferences/{objectType}/{reference}") @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed({AafPermission.PermNames.DELETE_VALUE}) public Response deleteComponentInstanceReference(@PathParam("assetType") String assetType, @PathParam("uuid") String uuid, @PathParam("componentInstanceName") String componentInstanceName, @PathParam("objectType") String objectType, @PathParam("reference") String reference, @@ -163,7 +157,6 @@ public class ExternalRefsServlet extends BeGenericServlet { @Path("/{assetType}/{uuid}/resourceInstances/{componentInstanceName}/externalReferences/{objectType}/{oldRefValue}") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) - @PermissionAllowed({AafPermission.PermNames.WRITE_VALUE}) public Response updateComponentInstanceReference(@PathParam("assetType") String assetType, @PathParam("uuid") String uuid, @PathParam("componentInstanceName") String componentInstanceName, @PathParam("objectType") String objectType, @PathParam("oldRefValue") String oldRefValue, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ServiceActivationServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ServiceActivationServlet.java index 8231bd530c..e68627be08 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ServiceActivationServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/externalapi/servlet/ServiceActivationServlet.java @@ -43,8 +43,6 @@ import org.apache.commons.lang3.StringUtils; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.externalapi.servlet.representation.ServiceDistributionReqInfo; @@ -105,7 +103,6 @@ public class ServiceActivationServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "The resource name is missing in the request body - SVC4062"), @ApiResponse(responseCode = "409", description = "Service state is invalid for this action"), @ApiResponse(responseCode = "502", description = "The server was acting as a gateway or proxy and received an invalid response from the upstream server")}) - @PermissionAllowed({AafPermission.PermNames.WRITE_VALUE}) public Response activateServiceExternal( @Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType, @Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) final String userId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeCadiServletFilter.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeCadiServletFilter.java deleted file mode 100644 index 7edd1621b1..0000000000 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeCadiServletFilter.java +++ /dev/null @@ -1,151 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.openecomp.sdc.be.filters; - -import java.io.IOException; -import java.util.function.Supplier; -import javax.annotation.Priority; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import org.onap.aaf.cadi.Access; -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.config.Config; -import org.onap.aaf.cadi.filter.CadiFilter; -import org.openecomp.sdc.be.components.impl.CADIHealthCheck; -import org.openecomp.sdc.be.config.CadiFilterParams; -import org.openecomp.sdc.be.config.ConfigurationManager; -import org.openecomp.sdc.be.impl.WebAppContextWrapper; -import org.openecomp.sdc.common.api.Constants; -import org.openecomp.sdc.common.api.HealthCheckInfo; -import org.openecomp.sdc.common.log.wrappers.Logger; -import org.openecomp.sdc.common.util.ThreadLocalsHolder; -import org.springframework.web.context.WebApplicationContext; - -@Priority(2) -public class BeCadiServletFilter extends CadiFilter { - - private static final Logger log = Logger.getLogger(BeCadiServletFilter.class); - private static final String BE_CADI_SERVICE_FILTER = "BeCadiServletFilter: "; - private ConfigurationManager configurationManager = ConfigurationManager.getConfigurationManager(); - - public BeCadiServletFilter() { - super(); - log.debug(BE_CADI_SERVICE_FILTER); - } - - /** - * This constructor to be used when directly constructing and placing in HTTP Engine - * - * @param access - * @param moreTafLurs - * @throws ServletException - */ - public BeCadiServletFilter(Access access, Object... moreTafLurs) throws ServletException { - super(access, moreTafLurs); - log.debug(BE_CADI_SERVICE_FILTER); - } - - /** - * Use this to pass in a PreContructed CADI Filter, but with initializing... let Servlet do it - * - * @param init - * @param access - * @param moreTafLurs - * @throws ServletException - */ - public BeCadiServletFilter(boolean init, PropAccess access, Object... moreTafLurs) throws ServletException { - super(init, access, moreTafLurs); - log.debug(BE_CADI_SERVICE_FILTER); - } - - private void checkIfNullProperty(String key, String value) { - /* When value is null, so not defined in application.properties - set nothing in System properties */ - if (value != null) { - /* Ensure that any properties already defined in System.prop by JVM params - won't be overwritten by Spring application.properties values */ - System.setProperty(key, System.getProperty(key, value)); - } - } - - @Override - public void init(FilterConfig filterConfig) throws ServletException { - // set some properties in System so that Cadi filter will find its config - - // The JVM values set will always overwrite the Spring ones. - CadiFilterParams cadiFilterParams = configurationManager.getConfiguration().getCadiFilterParams(); - checkIfNullProperty(Config.HOSTNAME, cadiFilterParams.getHostname()); - log.debug("BeCadiServletFilter: HOSTNAME", cadiFilterParams.getHostname()); - checkIfNullProperty(Config.CADI_KEYFILE, cadiFilterParams.getCadi_keyfile()); - checkIfNullProperty(Config.CADI_LOGLEVEL, cadiFilterParams.getCadi_loglevel()); - checkIfNullProperty(Config.CADI_LATITUDE, cadiFilterParams.getAFT_LATITUDE()); - checkIfNullProperty(Config.CADI_LONGITUDE, cadiFilterParams.getAFT_LONGITUDE()); - checkIfNullProperty(Config.AAF_URL, cadiFilterParams.getAaf_url()); - //checkIfNullProperty(Config.AAF_LOCATE_URL, cadiFilterParams.getAafLocateUrl()); - checkIfNullProperty(Config.AAF_APPID, cadiFilterParams.getAaf_id()); - checkIfNullProperty(Config.AAF_APPPASS, cadiFilterParams.getAaf_password()); - checkIfNullProperty(Config.AAF_ENV, cadiFilterParams.getAFT_ENVIRONMENT()); - checkIfNullProperty(Config.CADI_X509_ISSUERS, cadiFilterParams.getCadiX509Issuers()); - checkIfNullProperty(Config.CADI_TRUSTSTORE, cadiFilterParams.getCadi_truststore()); - checkIfNullProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadiFilterParams.getCadi_truststore_password()); - super.init(filterConfig); - log.debug("BeCadiServletFilter finishing init(), Current status of CADI would be UP"); - if (!isNeedAuth()) { - CADIHealthCheck.getCADIHealthCheckInstance().setIsCADIUp(HealthCheckInfo.HealthCheckStatus.DOWN); - } else { - CADIHealthCheck.getCADIHealthCheckInstance().setIsCADIUp(HealthCheckInfo.HealthCheckStatus.UP); - } - } - - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { - if (ThreadLocalsHolder.isExternalRequest() && isNeedAuth()) { - log.debug("doFilter: {}", request.getContentType()); - HttpServletRequest hreq = (HttpServletRequest) request; - log.debug("Need aaf authentication : {}", hreq); - ThreadLocalUtils threadLocalUtils = getThreadLocalUtils(((HttpServletRequest) request).getSession().getServletContext()); - threadLocalUtils.setUserContext((HttpServletRequest) request); - super.doFilter(request, response, chain); - } else { - log.debug("No need aaf authentication"); - chain.doFilter(request, response); - } - } - - private boolean isNeedAuth() { - return configurationManager.getConfiguration().getAafAuthNeeded(); - } - - ThreadLocalUtils getThreadLocalUtils(ServletContext context) { - return getClassFromWebAppContext(context, () -> ThreadLocalUtils.class); - } - - T getClassFromWebAppContext(ServletContext context, Supplier> businessLogicClassGen) { - WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context - .getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); - WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); - return webApplicationContext.getBean(businessLogicClassGen.get()); - } -} diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeRestrictionAccessFilter.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeRestrictionAccessFilter.java deleted file mode 100644 index 0e8f9452be..0000000000 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeRestrictionAccessFilter.java +++ /dev/null @@ -1,52 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.openecomp.sdc.be.filters; - -import java.io.IOException; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import org.onap.sdc.security.PortalClient; -import org.onap.sdc.security.filters.RestrictionAccessFilter; -import org.openecomp.sdc.common.log.wrappers.Logger; -import org.openecomp.sdc.common.util.ThreadLocalsHolder; -import org.springframework.stereotype.Component; - -@Component("beRestrictionAccessFilter") -public class BeRestrictionAccessFilter extends RestrictionAccessFilter { - - private static final Logger log = Logger.getLogger(BeRestrictionAccessFilter.class.getName()); - - public BeRestrictionAccessFilter(FilterConfiguration configuration, ThreadLocalUtils threadLocalUtils, PortalClient portalClient) { - super(configuration, threadLocalUtils, portalClient); - } - - @Override - public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) - throws IOException, ServletException { - if (ThreadLocalsHolder.isInternalRequest()) { - super.doFilter(servletRequest, servletResponse, filterChain); - } else { - log.debug("Access Restriction cookie validation is not needed"); - filterChain.doFilter(servletRequest, servletResponse); - } - } -} diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/FilterConfiguration.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/FilterConfiguration.java deleted file mode 100644 index 70a67758df..0000000000 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/FilterConfiguration.java +++ /dev/null @@ -1,78 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.openecomp.sdc.be.filters; - -import java.util.List; -import org.onap.sdc.security.ISessionValidationFilterConfiguration; -import org.openecomp.sdc.be.config.Configuration; - -public class FilterConfiguration implements ISessionValidationFilterConfiguration { - - protected Configuration config; - - public FilterConfiguration(org.openecomp.sdc.be.config.Configuration configuration) { - this.config = configuration; - } - - @Override - public String getSecurityKey() { - return config.getAuthCookie().getSecurityKey(); - } - - @Override - public long getMaxSessionTimeOut() { - return config.getAuthCookie().getMaxSessionTimeOut(); - } - - @Override - public long getSessionIdleTimeOut() { - return config.getAuthCookie().getSessionIdleTimeOut(); - } - - @Override - public String getRedirectURL() { - return config.getAuthCookie().getRedirectURL(); - } - - @Override - public List getExcludedUrls() { - return config.getAuthCookie().getExcludedUrls(); - } - - @Override - public String getCookieName() { - return config.getAuthCookie().getCookieName(); - } - - @Override - public String getCookieDomain() { - return config.getAuthCookie().getDomain(); - } - - @Override - public String getCookiePath() { - return config.getAuthCookie().getPath(); - } - - @Override - public boolean isCookieHttpOnly() { - return config.getAuthCookie().isHttpOnly(); - } -} diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/GatewayFilter.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/GatewayFilter.java index b675ec9a6e..fe9d96b9cd 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/GatewayFilter.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/GatewayFilter.java @@ -20,8 +20,6 @@ package org.openecomp.sdc.be.filters; import java.io.IOException; -import java.util.List; -import java.util.stream.Stream; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; @@ -33,10 +31,8 @@ import javax.servlet.http.HttpServletResponse; import javax.ws.rs.WebApplicationException; import org.apache.http.HttpStatus; import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; -import org.openecomp.sdc.be.config.Configuration; import org.openecomp.sdc.be.servlets.exception.ComponentExceptionMapper; import org.openecomp.sdc.common.api.FilterDecisionEnum; -import org.openecomp.sdc.common.log.wrappers.Logger; import org.openecomp.sdc.common.util.ThreadLocalsHolder; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; @@ -44,16 +40,12 @@ import org.springframework.stereotype.Component; @Component("gatewayFilter") public class GatewayFilter implements Filter { - private static final Logger log = Logger.getLogger(GatewayFilter.class); - private Configuration.CookieConfig authCookieConf; - private Configuration config; @Autowired private ThreadLocalUtils threadLocalUtils; @Autowired private ComponentExceptionMapper componentExceptionMapper; - public GatewayFilter(org.openecomp.sdc.be.config.Configuration configuration) { - this.authCookieConf = configuration.getAuthCookie(); + public GatewayFilter() { } @Override @@ -65,11 +57,9 @@ public class GatewayFilter implements Filter { HttpServletRequest httpRequest = (HttpServletRequest) req; HttpServletResponse httpResponse = (HttpServletResponse) res; try { - if (isUrlFromWhiteList(httpRequest) || isConsumerBusinessLogic()) { - ThreadLocalsHolder.setApiType(FilterDecisionEnum.NA); - threadLocalUtils.setUserContextFromDB(httpRequest); - filterChain.doFilter(httpRequest, res); - } + ThreadLocalsHolder.setApiType(FilterDecisionEnum.NA); + threadLocalUtils.setUserContextFromDB(httpRequest); + filterChain.doFilter(httpRequest, res); } catch (ComponentException ce) { componentExceptionMapper.writeToResponse(ce, httpResponse); } catch (WebApplicationException we) { @@ -88,20 +78,6 @@ public class GatewayFilter implements Filter { httpResponse.setCharacterEncoding("UTF-8"); } - private boolean isUrlFromWhiteList(HttpServletRequest httpRequest) { - String pathInfo; - List excludedUrls = authCookieConf.getExcludedUrls(); - pathInfo = httpRequest.getPathInfo().toLowerCase(); - log.debug("SessionValidationFilter: white list validation -> PathInfo: {} ", pathInfo); - Stream stream = excludedUrls.stream(); - pathInfo.getClass(); - return stream.anyMatch(pathInfo::matches); - } - - private Boolean isConsumerBusinessLogic() { - return config.getConsumerBusinessLogic(); - } - @Override public void destroy() { } diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AdditionalInformationServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AdditionalInformationServlet.java index 80129f41b7..25a86b9ccb 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AdditionalInformationServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AdditionalInformationServlet.java @@ -47,8 +47,6 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.AdditionalInformationBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datatypes.elements.AdditionalInfoParameterInfo; @@ -97,7 +95,6 @@ public class AdditionalInformationServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Additional information key already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createResourceAdditionalInformationLabel( @Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "Additional information key value to be created", required = true) String data, @@ -122,7 +119,6 @@ public class AdditionalInformationServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Additional information key already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createServiceAdditionalInformationLabel( @Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId, @Parameter(description = "Additional information key value to be created", required = true) String data, @@ -148,7 +144,6 @@ public class AdditionalInformationServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Additional information key already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateResourceAdditionalInformationLabel( @Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId, @@ -175,7 +170,6 @@ public class AdditionalInformationServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Additional information key already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateServiceAdditionalInformationLabel( @Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId, @Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId, @@ -201,7 +195,6 @@ public class AdditionalInformationServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Additional information key already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateResourceAdditionalInformationLabel( @Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId, @Context final HttpServletRequest request, @@ -226,7 +219,6 @@ public class AdditionalInformationServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Additional information key already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteServiceAdditionalInformationLabel( @Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId, @Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId, @Context final HttpServletRequest request, @@ -251,7 +243,6 @@ public class AdditionalInformationServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Additional information key already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getResourceAdditionalInformationLabel( @Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId, @Context final HttpServletRequest request, @@ -276,7 +267,6 @@ public class AdditionalInformationServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Additional information key already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getServiceAdditionalInformationLabel( @Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId, @Parameter(description = "label id", required = true) @PathParam("labelId") final String labelId, @Context final HttpServletRequest request, @@ -300,7 +290,6 @@ public class AdditionalInformationServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Additional information key already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getAllResourceAdditionalInformationLabel( @Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -323,7 +312,6 @@ public class AdditionalInformationServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Additional information key already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getAllServiceAdditionalInformationLabel( @Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ArchiveEndpoint.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ArchiveEndpoint.java index 85db080aaf..dd361d31aa 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ArchiveEndpoint.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ArchiveEndpoint.java @@ -42,8 +42,6 @@ import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.ArchiveBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum; import org.openecomp.sdc.be.impl.ComponentsUtils; import org.openecomp.sdc.be.model.catalog.CatalogComponent; @@ -80,7 +78,6 @@ public class ArchiveEndpoint extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Archive successful"), @ApiResponse(responseCode = "400", description = "Bad request"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Resource not found"), @ApiResponse(responseCode = "500", description = "Internal Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response archiveResources(@PathParam("componentId") final String componentId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { loggerSupportability @@ -98,7 +95,6 @@ public class ArchiveEndpoint extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Restore successful"), @ApiResponse(responseCode = "400", description = "Bad request"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Resource not found"), @ApiResponse(responseCode = "500", description = "Internal Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response restoreResource(@PathParam("componentId") final String componentId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { loggerSupportability.log(LoggerSupportabilityActions.RESTORE_FROM_ARCHIVE, StatusCode.STARTED, @@ -116,7 +112,6 @@ public class ArchiveEndpoint extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Archive successful"), @ApiResponse(responseCode = "400", description = "Bad request"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Service not found"), @ApiResponse(responseCode = "500", description = "Internal Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response archiveService(@PathParam("componentId") final String componentId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { loggerSupportability.log(LoggerSupportabilityActions.ARCHIVE, StatusCode.STARTED, "Archive Service for " + COMPONENT_ID + " " + componentId + " by " + userId); @@ -133,7 +128,6 @@ public class ArchiveEndpoint extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Restore successful"), @ApiResponse(responseCode = "400", description = "Bad request"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Service not found"), @ApiResponse(responseCode = "500", description = "Internal Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response restoreService(@PathParam("componentId") final String componentId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { loggerSupportability.log(LoggerSupportabilityActions.RESTORE_FROM_ARCHIVE, StatusCode.STARTED, "Restore service from archive " + COMPONENT_ID + " " + componentId + " by " + userId); @@ -149,7 +143,6 @@ public class ArchiveEndpoint extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = String.class)))), @ApiResponse(responseCode = "200", description = "Success"), @ApiResponse(responseCode = "400", description = "Bad request"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "500", description = "Internal Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Map> getArchivedComponents(@HeaderParam(value = Constants.USER_ID_HEADER) String userId) { return this.archiveBusinessLogic.getArchiveComponents(userId, new LinkedList<>()); } @@ -160,7 +153,6 @@ public class ArchiveEndpoint extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Success"), @ApiResponse(responseCode = "400", description = "Bad request"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "500", description = "Internal Error. A list of the failed CSAR IDs may be returned.")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response onVspArchived(@HeaderParam(value = Constants.USER_ID_HEADER) String userId, @RequestBody List csarIds) { List failedCsarIds = this.archiveBusinessLogic.onVspArchive(userId, csarIds); if (!failedCsarIds.isEmpty()) { @@ -178,7 +170,6 @@ public class ArchiveEndpoint extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Success"), @ApiResponse(responseCode = "400", description = "Bad request"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "500", description = "Internal Error. A list of the failed CSAR IDs may be returned.")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response onVspRestored(@HeaderParam(value = Constants.USER_ID_HEADER) String userId, @RequestBody List csarIds) { List failedCsarIds = this.archiveBusinessLogic.onVspRestore(userId, csarIds); if (!failedCsarIds.isEmpty()) { diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ArtifactServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ArtifactServlet.java index f751ea09e7..ae277bddc0 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ArtifactServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ArtifactServlet.java @@ -49,8 +49,6 @@ import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang3.tuple.ImmutablePair; import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic; import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic.ArtifactOperationEnum; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.artifact.ArtifactOperationInfo; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -101,7 +99,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Artifact already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response loadArtifact(@PathParam("resourceId") final String resourceId, @Parameter(description = "json describe the artifact", required = true) String data, @Context final HttpServletRequest request) { @@ -119,7 +116,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "201", description = "Resource created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateArtifact(@PathParam("resourceId") final String resourceId, @PathParam("artifactId") final String artifactId, @Parameter(description = "json describe the artifact", required = true) String data, @Context final HttpServletRequest request) { @@ -143,7 +139,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "201", description = "Resource created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteArtifact(@PathParam("resourceId") final String resourceId, @PathParam("artifactId") final String artifactId, @Context final HttpServletRequest request) { String url = request.getMethod() + " " + request.getRequestURI(); @@ -167,7 +162,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Artifact already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response loadInformationArtifact(@PathParam("serviceId") final String serviceId, @Parameter(description = "json describe the artifact", required = true) String data, @Context final HttpServletRequest request) { @@ -215,7 +209,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Api Artifact Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateApiArtifact(@PathParam("serviceId") final String serviceId, @PathParam("artifactId") final String artifactId, @Parameter(description = "json describe the artifact", required = true) String data, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @@ -239,7 +232,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "204", description = "Api Artifact deleted"), @ApiResponse(responseCode = "403", description = "Restricted operation")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteApiArtifact(@PathParam("serviceId") final String serviceId, @PathParam("artifactId") final String artifactId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @HeaderParam(value = Constants.MD5_HEADER) String origMd5) { @@ -263,7 +255,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "201", description = "Service artifact deleted"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteInformationalArtifact(@PathParam("serviceId") final String serviceId, @PathParam("artifactId") final String artifactId, @Context final HttpServletRequest request) { String url = request.getMethod() + " " + request.getRequestURI(); @@ -288,7 +279,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "Service artifact downloaded"), @ApiResponse(responseCode = "404", description = "Service/Artifact not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response downloadServiceArtifactBase64(@PathParam("serviceId") final String serviceId, @PathParam("artifactId") final String artifactId, @Context final HttpServletRequest request) { String url = request.getMethod() + " " + request.getRequestURI(); @@ -340,7 +330,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "ResourceInstance artifact downloaded"), @ApiResponse(responseCode = "404", description = "ResourceInstance/Artifact not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response downloadResourceInstanceArtifactBase64( @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME})) @PathParam("containerComponentType") final String containerComponentType, @@ -376,7 +365,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Artifact already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response loadArtifactToInterface(@PathParam("resourceId") final String resourceId, @PathParam("interfaceType") final String interfaceType, @PathParam("operation") final String operation, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @@ -405,7 +393,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Artifact already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteArtifactToInterface(@PathParam("resourceId") final String resourceId, @PathParam("interfaceType") final String interfaceType, @PathParam("operation") final String operation, @PathParam("artifactId") final String artifactId, @Context final HttpServletRequest request) { @@ -430,7 +417,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Artifact already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateArtifactToInterface(@PathParam("resourceId") final String resourceId, @PathParam("interfaceType") final String interfaceType, @PathParam("operation") final String operation, @PathParam("artifactId") final String artifactId, @@ -458,7 +444,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Artifact updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateRIArtifact( @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME})) @PathParam("containerComponentType") final String containerComponentType, @@ -491,7 +476,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Artifact updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateComponentInstanceArtifact(@HeaderParam(value = Constants.USER_ID_HEADER) String userId, @HeaderParam(value = Constants.MD5_HEADER) String origMd5, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { @@ -522,7 +506,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Artifact updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response loadComponentInstanceArtifact(@HeaderParam(value = Constants.USER_ID_HEADER) String userId, @HeaderParam(value = Constants.MD5_HEADER) String origMd5, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { @@ -552,7 +535,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Artifact updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteComponentInstanceArtifact(@HeaderParam(value = Constants.USER_ID_HEADER) String userId, @HeaderParam(value = Constants.MD5_HEADER) String origMd5, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { @@ -588,7 +570,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "Component artifacts"), @ApiResponse(responseCode = "404", description = "Resource/Artifact not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getComponentArtifacts( @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME})) @PathParam("containerComponentType") final String containerComponentType, @@ -613,7 +594,6 @@ public class ArtifactServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "Component artifacts"), @ApiResponse(responseCode = "404", description = "Resource/Artifact not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getComponentInstanceArtifacts( @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME})) @PathParam("containerComponentType") final String containerComponentType, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AttributeServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AttributeServlet.java index 4056d607ad..b3e835ec54 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AttributeServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AttributeServlet.java @@ -49,8 +49,6 @@ import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.AttributeBusinessLogic; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.impl.ComponentsUtils; @@ -104,7 +102,6 @@ public class AttributeServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Resource attribute already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createAttribute( @Parameter(description = "resource id to update with new attribute", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "Resource attribute to be created", required = true) String data, @Context final HttpServletRequest request, @@ -163,7 +160,6 @@ public class AttributeServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Resource attribute updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateAttribute( @Parameter(description = "resource id to update with new attribute", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "attribute id to update", required = true) @PathParam("attributeId") final String attributeId, @@ -227,7 +223,6 @@ public class AttributeServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Resource property not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteAttribute( @Parameter(description = "resource id of attribute", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "Attribute id to delete", required = true) @PathParam("attributeId") final String attributeId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AutomatedUpgradeEndpoint.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AutomatedUpgradeEndpoint.java index 7257ea82df..fc933470a0 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AutomatedUpgradeEndpoint.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/AutomatedUpgradeEndpoint.java @@ -43,8 +43,6 @@ import javax.ws.rs.Produces; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.upgrade.UpgradeBusinessLogic; import org.openecomp.sdc.be.components.upgrade.UpgradeRequest; import org.openecomp.sdc.be.components.upgrade.UpgradeStatus; @@ -81,7 +79,6 @@ public class AutomatedUpgradeEndpoint extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response autometedUpgrade(@PathParam("componentType") final String componentType, @Context final HttpServletRequest request, @PathParam("componentId") final String componentId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "json describes upgrade request", required = true) String data) { @@ -108,7 +105,6 @@ public class AutomatedUpgradeEndpoint extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getComponentDependencies(@PathParam("componentType") final String componentType, @Context final HttpServletRequest request, @PathParam("componentId") final String componentId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/CapabilityServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/CapabilityServlet.java index 6a1d77165e..372d59b0aa 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/CapabilityServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/CapabilityServlet.java @@ -47,8 +47,6 @@ import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.CapabilitiesBusinessLogic; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum; @@ -93,7 +91,6 @@ public class CapabilityServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Capability already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createCapabilitiesOnResource(@Parameter(description = "Capability to create", required = true) String data, @Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId, @Context final HttpServletRequest request, @@ -110,7 +107,6 @@ public class CapabilityServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Update Capabilities"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateCapabilitiesOnResource(@Parameter(description = "Capabilities to update", required = true) String data, @Parameter(description = "Component Id") @PathParam("resourceId") String resourceId, @Context final HttpServletRequest request, @@ -126,7 +122,6 @@ public class CapabilityServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = CapabilityDefinition.class)))), @ApiResponse(responseCode = "201", description = "GET Capability"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getCapabilityOnResource(@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId, @Parameter(description = "Capability Id") @PathParam("capabilityId") String capabilityId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -142,7 +137,6 @@ public class CapabilityServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Delete capability"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteCapabilityOnResource(@Parameter(description = "capability Id") @PathParam("capabilityId") String capabilityId, @Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId, @Context final HttpServletRequest request, @@ -160,7 +154,6 @@ public class CapabilityServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Capability already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createCapabilitiesOnService(@Parameter(description = "Capability to create", required = true) String data, @Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Context final HttpServletRequest request, @@ -177,7 +170,6 @@ public class CapabilityServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Update Capabilities"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateCapabilitiesOnService(@Parameter(description = "Capabilities to update", required = true) String data, @Parameter(description = "Component Id") @PathParam("serviceId") String serviceId, @Context final HttpServletRequest request, @@ -193,7 +185,6 @@ public class CapabilityServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = CapabilityDefinition.class)))), @ApiResponse(responseCode = "201", description = "GET Capability"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getCapabilityOnService(@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Parameter(description = "Capability Id") @PathParam("capabilityId") String capabilityId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -209,7 +200,6 @@ public class CapabilityServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Delete capability"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteCapabilityOnService(@Parameter(description = "capability Id") @PathParam("capabilityId") String capabilityId, @Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Context final HttpServletRequest request, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentAttributeServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentAttributeServlet.java index d6efda4b90..9f48c0b473 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentAttributeServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentAttributeServlet.java @@ -44,8 +44,6 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.AttributeBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.impl.ComponentsUtils; @@ -83,7 +81,6 @@ public class ComponentAttributeServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "attribute"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Service attribute not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getAttributeListInService( @Parameter(description = "service id of attribute", required = true) @PathParam("serviceId") final String serviceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) final String userId) { @@ -99,7 +96,6 @@ public class ComponentAttributeServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "attribute"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Resource attribute not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getAttributeListInResource( @Parameter(description = "resource id of attribute", required = true) @PathParam("resourceId") final String resourceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) final String userId) { diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInstanceCapabilityServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInstanceCapabilityServlet.java index f83f83df2b..5bdc8aa68a 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInstanceCapabilityServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInstanceCapabilityServlet.java @@ -43,8 +43,6 @@ import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResponseFormatManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum; @@ -99,7 +97,6 @@ public class ComponentInstanceCapabilityServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Component/Component Instance/Capability not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateInstanceRequirement(@PathParam("containerComponentType") final String containerComponentType, @PathParam("containerComponentId") final String containerComponentId, @PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInstanceServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInstanceServlet.java index b6cb8122ce..675d3343cb 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInstanceServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInstanceServlet.java @@ -69,8 +69,6 @@ import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ComponentNodeFilterBusinessLogic; import org.openecomp.sdc.be.components.impl.GroupBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.BusinessLogicException; import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException; import org.openecomp.sdc.be.components.impl.exceptions.ByResponseFormatComponentException; @@ -169,7 +167,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Component instance already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createComponentInstance(@Parameter(description = "RI object to be created", required = true) String data, @PathParam("componentId") final String containerComponentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { @@ -210,7 +207,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Resource instance updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateComponentInstanceMetadata(@PathParam("componentId") final String componentId, @PathParam("componentInstanceId") final String componentInstanceId, @Parameter(description = "valid values: resources / services / products", schema = @Schema(allowableValues = { @@ -289,7 +285,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Resource instance updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateMultipleComponentInstance(@PathParam("componentId") final String componentId, @Parameter(description = "valid values: resources / services / products", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME, @@ -336,7 +331,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "ResourceInstance deleted"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteResourceInstance(@PathParam("componentId") final String componentId, @PathParam("resourceInstanceId") final String resourceInstanceId, @Parameter(description = "valid values: resources / services / products", schema = @Schema(allowableValues = { @@ -379,7 +373,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Missing information"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Relationship already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response associateRIToRI( @Parameter(description = "unique id of the container component") @PathParam("componentId") final String componentId, @Parameter(description = "allowed values are resources /services / products", schema = @Schema(allowableValues = { @@ -426,7 +419,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Relationship deleted"), @ApiResponse(responseCode = "403", description = "Missing information"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response dissociateRIFromRI( @Parameter(description = "allowed values are resources /services / products", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME, @@ -469,7 +461,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "RI created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Relationship already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createAndAssociateRIToRI(@PathParam("componentId") final String componentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME, @@ -524,7 +515,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Resource instance created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateResourceInstanceProperties(@Parameter(description = "service id") @PathParam("componentId") final String componentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -623,7 +613,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Resource instance created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateResourceInstanceInput(@Parameter(description = "service id") @PathParam("componentId") final String componentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -696,7 +685,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Resource instance created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateResourceInstanceAttribute(@Parameter(description = "service id") @PathParam("componentId") final String componentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -759,7 +747,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Resource instance created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteResourceInstanceProperty(@Parameter(description = "service id") @PathParam("componentId") final String componentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -803,7 +790,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Resource instance created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response changeResourceInstanceVersion(@PathParam("componentId") final String componentId, @PathParam("componentInstanceId") final String componentInstanceId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { @@ -850,7 +836,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Resource instance created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateGroupInstanceProperty(@Parameter(description = "service id") @PathParam("componentId") final String componentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -908,7 +893,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "group found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Group not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getGroupArtifactById(@PathParam("containerComponentType") final String containerComponentType, @PathParam("componentId") final String componentId, @PathParam("componentInstanceId") final String componentInstanceId, @@ -942,7 +926,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Properties found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component/Component Instance - not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getInstancePropertiesById(@PathParam("containerComponentType") final String containerComponentType, @PathParam("containerComponentId") final String containerComponentId, @PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId, @@ -964,7 +947,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Attributes found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component/Component Instance - not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getInstanceAttributesById(@PathParam("containerComponentType") final String containerComponentType, @PathParam("containerComponentId") final String containerComponentId, @PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId, @@ -987,7 +969,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Properties found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component/Component Instance/Capability - not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getInstanceCapabilityPropertiesById(@PathParam("containerComponentType") final String containerComponentType, @PathParam("containerComponentId") final String containerComponentId, @PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId, @@ -1020,7 +1001,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Component/Component Instance/Capability - not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateInstanceCapabilityProperty(@PathParam("containerComponentType") final String containerComponentType, @PathParam("containerComponentId") final String containerComponentId, @PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId, @@ -1077,7 +1057,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Component/Component Instance/Requirement - not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateInstanceRequirement(@PathParam("containerComponentType") final String containerComponentType, @PathParam("containerComponentId") final String containerComponentId, @PathParam("componentInstanceUniqueId") final String componentInstanceUniqueId, @@ -1135,7 +1114,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Service proxy already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createServiceProxy(@Parameter(description = "RI object to be created", required = true) String data, @PathParam("containerComponentId") final String containerComponentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { @@ -1176,7 +1154,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Service proxy deleted"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteServiceProxy(@PathParam("containerComponentId") final String containerComponentId, @PathParam("serviceProxyId") final String serviceProxyId, @Parameter(description = "valid values: resources / services / products", schema = @Schema(allowableValues = { @@ -1212,7 +1189,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Service proxy created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response changeServiceProxyVersion(@PathParam("containerComponentId") final String containerComponentId, @PathParam("serviceProxyId") final String serviceProxyId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { @@ -1256,7 +1232,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "relation found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Relation not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getRelationById(@PathParam("containerComponentType") final String containerComponentType, @PathParam("componentId") final String componentId, @PathParam("relationId") final String relationId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -1558,7 +1533,6 @@ public class ComponentInstanceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"), @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem. ECOMP Component should continue the attempts to get the needed information - POL5000"), @ApiResponse(responseCode = "409", description = "Service already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response replaceVNF(@Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) final String instanceIdHeader, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInterfaceOperationServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInterfaceOperationServlet.java index 1e68b0f431..e00b1a0f42 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInterfaceOperationServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentInterfaceOperationServlet.java @@ -49,8 +49,6 @@ import org.apache.commons.io.IOUtils; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ComponentInterfaceOperationBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -110,7 +108,6 @@ public class ComponentInterfaceOperationServlet extends AbstractValidationsServl @ApiResponse(responseCode = "201", description = "Update Interface Operation"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateComponentInstanceInterfaceOperation( @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME})) @PathParam("componentType") String componentType, @@ -166,7 +163,6 @@ public class ComponentInterfaceOperationServlet extends AbstractValidationsServl @ApiResponse(responseCode = "201", description = "Update Interface Operation"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateResourceInterfaceOperation( @Parameter(description = "Component Id") @PathParam("componentId") String componentId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { @@ -272,7 +268,6 @@ public class ComponentInterfaceOperationServlet extends AbstractValidationsServl @ApiResponse(responseCode = "201", description = "Create Interface Operation"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createInterfaceOperationInResource( @Parameter(description = "valid values: resources", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME})) @PathParam("componentType") final String componentType, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentNodeFilterServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentNodeFilterServlet.java index 75c53228c3..997c3e567e 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentNodeFilterServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentNodeFilterServlet.java @@ -45,8 +45,6 @@ import org.apache.commons.collections4.CollectionUtils; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ComponentNodeFilterBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.BusinessLogicException; import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; import org.openecomp.sdc.be.config.BeEcompErrorManager; @@ -108,7 +106,6 @@ public class ComponentNodeFilterServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Create Component Filter"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response addComponentFilterConstraint(@Parameter(description = "UIConstraint data", required = true) String constraintData, @Parameter(description = "Component Id") @PathParam("componentId") String componentId, @Parameter(description = "Component Instance Id") @PathParam("componentInstanceId") String componentInstanceId, @@ -168,7 +165,6 @@ public class ComponentNodeFilterServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Create Component Filter"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateComponentFilterConstraint(@Parameter(description = "UIConstraint data", required = true) String constraintData, @Parameter(description = "Component Id") @PathParam("componentId") String componentId, @Parameter(description = "Component Instance Id") @PathParam("componentInstanceId") String componentInstanceId, @@ -225,7 +221,6 @@ public class ComponentNodeFilterServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Delete Component Filter Constraint"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteComponentFilterConstraint(@Parameter(description = "Component Id") @PathParam("componentId") String componentId, @Parameter(description = "Component Instance Id") @PathParam("componentInstanceId") String componentInstanceId, @Parameter(description = "Constraint Index") @PathParam("constraintIndex") int index, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentPropertyServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentPropertyServlet.java index c291522ca7..87ee9229fd 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentPropertyServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentPropertyServlet.java @@ -43,8 +43,6 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.PropertyBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datamodel.utils.PropertyValueConstraintValidationUtil; @@ -92,7 +90,6 @@ public class ComponentPropertyServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Service property already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createPropertyInService( @Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId, @Parameter(description = "Service property to be created", required = true) String data, @Context final HttpServletRequest request, @@ -110,7 +107,6 @@ public class ComponentPropertyServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Resource property already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createPropertyInResource( @Parameter(description = "Resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "Resource property to be created", required = true) String data, @Context final HttpServletRequest request, @@ -127,7 +123,6 @@ public class ComponentPropertyServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "property"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Service property not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getPropertyInService( @Parameter(description = "service id of property", required = true) @PathParam("serviceId") final String serviceId, @Parameter(description = "property id to get", required = true) @PathParam("propertyId") final String propertyId, @@ -144,7 +139,6 @@ public class ComponentPropertyServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "property"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Resource property not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getPropertyInResource( @Parameter(description = "resource id of property", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "property id to get", required = true) @PathParam("propertyId") final String propertyId, @@ -161,7 +155,6 @@ public class ComponentPropertyServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "property"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Service property not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getPropertyListInService( @Parameter(description = "service id of property", required = true) @PathParam("serviceId") final String serviceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -177,7 +170,6 @@ public class ComponentPropertyServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "property"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Resource property not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getPropertyListInResource( @Parameter(description = "resource id of property", required = true) @PathParam("resourceId") final String resourceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -194,7 +186,6 @@ public class ComponentPropertyServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Service property not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deletePropertyInService( @Parameter(description = "service id of property", required = true) @PathParam("serviceId") final String serviceId, @Parameter(description = "Property id to delete", required = true) @PathParam("propertyId") final String propertyId, @@ -212,7 +203,6 @@ public class ComponentPropertyServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Resource property not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deletePropertyInResource( @Parameter(description = "resource id of property", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "Property id to delete", required = true) @PathParam("propertyId") final String propertyId, @@ -229,7 +219,6 @@ public class ComponentPropertyServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Service property updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updatePropertyInService( @Parameter(description = "service id to update with new property", required = true) @PathParam("serviceId") final String serviceId, @Parameter(description = "Service property to update", required = true) String data, @Context final HttpServletRequest request, @@ -246,7 +235,6 @@ public class ComponentPropertyServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Resource property updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updatePropertyInResource( @Parameter(description = "resource id to update with new property", required = true) @PathParam("resourceId") final String resourceId, @Parameter(description = "Resource property to update", required = true) String data, @Context final HttpServletRequest request, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentServlet.java index 92d42e0d85..cc1fe2a125 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentServlet.java @@ -54,8 +54,6 @@ import javax.ws.rs.core.Response; import org.apache.commons.collections.CollectionUtils; import org.openecomp.sdc.be.components.impl.ComponentBusinessLogic; import org.openecomp.sdc.be.components.impl.ComponentBusinessLogicProvider; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datamodel.api.HighestFilterEnum; @@ -107,7 +105,6 @@ public class ComponentServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response conformanceLevelValidation(@PathParam("componentType") final String componentType, @PathParam("componentUuid") final String componentUuid, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -138,7 +135,6 @@ public class ComponentServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getRequirementAndCapabilities(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { @@ -170,7 +166,6 @@ public class ComponentServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getLatestVersionNotAbstractCheckoutComponents(@PathParam("componentType") final String componentType, @Context final HttpServletRequest request, @QueryParam("internalComponentType") String internalComponentType, @@ -205,7 +200,6 @@ public class ComponentServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getLatestVersionNotAbstractCheckoutComponentsByBody(@PathParam("componentType") final String componentType, @Context final HttpServletRequest request, @QueryParam("internalComponentType") String internalComponentType, @@ -244,7 +238,6 @@ public class ComponentServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getLatestVersionNotAbstractCheckoutComponentsIdesOnly(@PathParam("componentType") final String componentType, @Context final HttpServletRequest request, @QueryParam("internalComponentType") String internalComponentType, @@ -288,7 +281,6 @@ public class ComponentServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getComponentInstancesFilteredByPropertiesAndInputs(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId, @Context final HttpServletRequest request, @@ -336,7 +328,6 @@ public class ComponentServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Resource found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Resource not found")}) @ResponseView(mixin = {GroupCompositionMixin.class, PolicyCompositionMixin.class}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getComponentDataFilteredByParams(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId, @QueryParam("include") final List dataParamsToReturn, @@ -376,7 +367,6 @@ public class ComponentServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Map.class)))), @ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getFilteredComponentInstanceProperties(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId, @PathParam("propertyNameFragment") final String propertyNameFragment, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentSubstitutionFilterServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentSubstitutionFilterServlet.java index 55ff6f4a7b..8fa79037f7 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentSubstitutionFilterServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ComponentSubstitutionFilterServlet.java @@ -46,8 +46,6 @@ import org.apache.commons.collections.CollectionUtils; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ComponentSubstitutionFilterBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.BusinessLogicException; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -110,7 +108,6 @@ public class ComponentSubstitutionFilterServlet extends AbstractValidationsServl @ApiResponse(responseCode = "201", description = "Add Substitution Filter Constraint"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response addSubstitutionFilter(@Parameter(description = "UIConstraint data", required = true) String constraintData, @Parameter(description = "Component Id") @PathParam("componentId") String componentId, @Parameter(description = "valid value: resources / services", schema = @Schema(allowableValues = { @@ -161,7 +158,6 @@ public class ComponentSubstitutionFilterServlet extends AbstractValidationsServl @ApiResponse(responseCode = "201", description = "Update Substitution Filter Constraint"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateSubstitutionFilters(@Parameter(description = "UIConstraint data", required = true) String constraintData, @Parameter(description = "Component Id") @PathParam("componentId") String componentId, @Parameter(description = "valid value: resources / services", schema = @Schema(allowableValues = { @@ -216,7 +212,6 @@ public class ComponentSubstitutionFilterServlet extends AbstractValidationsServl @ApiResponse(responseCode = "201", description = "Update Substitution Filter Constraint"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateSubstitutionFilter(@Parameter(description = "Filter constraint information", required = true) UIConstraint uiConstraint, @Parameter(description = "Constraint Index") @PathParam("constraintIndex") int index, @Parameter(description = "Component Id") @PathParam("componentId") String componentId, @@ -272,7 +267,6 @@ public class ComponentSubstitutionFilterServlet extends AbstractValidationsServl @ApiResponse(responseCode = "201", description = "Delete Substitution Filter Constraint"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteSubstitutionFilterConstraint(@Parameter(description = "Component Id") @PathParam("componentId") String componentId, @Parameter(description = "Constraint Index") @PathParam("constraintIndex") int index, @Parameter(description = "valid value: resources / services", schema = @Schema(allowableValues = { diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ConfigMgrServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ConfigMgrServlet.java index 7e659948fe..90c04b75fc 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ConfigMgrServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ConfigMgrServlet.java @@ -35,8 +35,6 @@ import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.Configuration; import org.openecomp.sdc.be.config.ConfigurationManager; import org.openecomp.sdc.common.api.Constants; @@ -57,7 +55,6 @@ public class ConfigMgrServlet extends BasicServlet { @GET @Path("/get") @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public String getConfig(@Context final HttpServletRequest request, @QueryParam("type") String type) { String result = null; ServletContext context = request.getSession().getServletContext(); @@ -78,7 +75,6 @@ public class ConfigMgrServlet extends BasicServlet { @Path("/set1") @Produces(MediaType.TEXT_PLAIN) @Consumes(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public String setConfig1(@Context final HttpServletRequest request, Configuration configuration) { log.debug("{}", configuration); return "ok"; @@ -88,7 +84,6 @@ public class ConfigMgrServlet extends BasicServlet { @Path("/set2") @Produces(MediaType.TEXT_PLAIN) @Consumes(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public void setConfig2(@Context final HttpServletRequest request, Configuration configuration) { log.debug("{}", configuration); } @@ -97,7 +92,6 @@ public class ConfigMgrServlet extends BasicServlet { @Path("/setput1") @Produces(MediaType.TEXT_PLAIN) @Consumes(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public String setConfig3(@Context final HttpServletRequest request, Configuration configuration) { log.debug("{}", configuration); return "ok"; @@ -107,7 +101,6 @@ public class ConfigMgrServlet extends BasicServlet { @Path("/setput2") @Produces(MediaType.TEXT_PLAIN) @Consumes(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public void setConfig4(@Context final HttpServletRequest request, Configuration configuration) { log.debug("{}", configuration); } diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ConfigServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ConfigServlet.java index 8c94253292..98de7b759b 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ConfigServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ConfigServlet.java @@ -35,8 +35,6 @@ import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.Configuration; import org.openecomp.sdc.common.api.ConfigurationSource; import org.openecomp.sdc.common.api.Constants; @@ -57,7 +55,6 @@ public class ConfigServlet extends BasicServlet { @GET @Path("/get") @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) @Operation(description = "Retrieve configuration", method = "GET", responses = { @ApiResponse(responseCode = "200", description = "OK", content = @Content(schema = @Schema(implementation = String.class)))}) public String getConfig(@Context final HttpServletRequest request) { diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DataTypeServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DataTypeServlet.java index 404c045dec..9ca725587c 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DataTypeServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DataTypeServlet.java @@ -49,8 +49,6 @@ import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; import org.apache.commons.lang3.StringUtils; import org.openecomp.sdc.be.components.impl.DataTypeBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datatypes.elements.DataTypeDataDefinition; @@ -94,7 +92,6 @@ public class DataTypeServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Data types not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response fetchDataType(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @PathParam("dataTypeUid") String dataTypeUid) { @@ -124,7 +121,6 @@ public class DataTypeServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Data type found, properties may be empty"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Data type not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response fetchProperties(@Parameter(in = ParameterIn.PATH, required = true, description = "The data type id") @PathParam("id") final String id) { final List allProperties = dataTypeOperation.findAllProperties(id); @@ -144,7 +140,6 @@ public class DataTypeServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Data type not found") }) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createProperty(@Parameter(in = ParameterIn.PATH, required = true, description = "The data type id") @PathParam("id") final String id, @RequestBody(description = "Property to add", required = true) final PropertyDefinitionDto propertyDefinitionDto) { @@ -183,7 +178,6 @@ public class DataTypeServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Data type not found") }) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateProperty(@Parameter(in = ParameterIn.PATH, required = true, description = "The data type id") @PathParam("id") final String id, @RequestBody(description = "Property to update", required = true) @@ -221,7 +215,6 @@ public class DataTypeServlet extends BeGenericServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Data type not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getDataTypeModels(@PathParam("dataTypeName") String dataTypeName) { return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), gson.toJson(dataTypeOperation.getAllDataTypeModels(dataTypeName))); diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DefaultCustomToscaFunctionServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DefaultCustomToscaFunctionServlet.java index f43e24791b..e8ef7cafee 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DefaultCustomToscaFunctionServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DefaultCustomToscaFunctionServlet.java @@ -43,8 +43,6 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.apache.commons.collections.CollectionUtils; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.config.Configuration; import org.openecomp.sdc.be.config.ConfigurationManager; @@ -77,7 +75,6 @@ public class DefaultCustomToscaFunctionServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Returns default custom tosca functions values from configuration file Ok"), @ApiResponse(responseCode = "404", description = "Default custom tosca functions not found"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getDefaultCustomToscaFunctionValues(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @PathParam("type") Type type) { diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DirectiveServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DirectiveServlet.java index 002d878d36..1fb6ede7f1 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DirectiveServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DirectiveServlet.java @@ -39,8 +39,6 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.apache.commons.collections.CollectionUtils; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.config.ConfigurationManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -70,7 +68,6 @@ public class DirectiveServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Returns Directive values from configuration file Ok"), @ApiResponse(responseCode = "404", description = "Directive not found"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getConfCategoriesAndVersion(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { final String url = request.getMethod() + " " + request.getRequestURI(); diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DistributionServiceServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DistributionServiceServlet.java index 96169f4dd0..f46ff31463 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DistributionServiceServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/DistributionServiceServlet.java @@ -42,8 +42,6 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.DistributionMonitoringBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.impl.ComponentsUtils; @@ -82,7 +80,6 @@ public class DistributionServiceServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = DistributionStatusListResponse.class)))), @ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Service not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getServiceById(@PathParam("serviceUUID") final String serviceUUID, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); @@ -110,7 +107,6 @@ public class DistributionServiceServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = DistributionStatusListResponse.class)))), @ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Status not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getListOfDistributionStatuses(@PathParam("did") final String did, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ElementServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ElementServlet.java index 7f1124f1b3..b20a57281d 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ElementServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ElementServlet.java @@ -53,8 +53,6 @@ import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.ArtifactsBusinessLogic; import org.openecomp.sdc.be.components.impl.ElementBusinessLogic; import org.openecomp.sdc.be.components.impl.ModelBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.scheduledtasks.ComponentsCleanBusinessLogic; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.config.Configuration; @@ -140,7 +138,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "400", description = "Invalid component type"), @ApiResponse(responseCode = "409", description = "Restricted operation"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getComponentCategories( @Parameter(description = "allowed values are resources / services/ products", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME, @@ -172,7 +169,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "USER_ID header is missing"), @ApiResponse(responseCode = "409", description = "Category already exists / User not permitted to perform the action"), @ApiResponse(responseCode = "500", description = "General Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createComponentCategory( @Parameter(description = "allowed values are resources /services / products", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.SERVICE_PARAM_NAME, @@ -203,7 +199,6 @@ public class ElementServlet extends BeGenericServlet { responses = {@ApiResponse(responseCode = "200", description = "Returns base types Ok"), @ApiResponse(responseCode = "404", description = "No base types were found"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getCategoryBaseTypes(@PathParam(value = "categoryName") final String categoryName, @PathParam(value = "componentType") final String componentType, @Context final HttpServletRequest request, @@ -242,7 +237,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "USER_ID header is missing"), @ApiResponse(responseCode = "409", description = "User not permitted to perform the action"), @ApiResponse(responseCode = "404", description = "Category not found"), @ApiResponse(responseCode = "500", description = "General Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteComponentCategory(@PathParam(value = "categoryUniqueId") final String categoryUniqueId, @PathParam(value = "componentType") final String componentType, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -278,7 +272,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "404", description = "Parent category wasn't found"), @ApiResponse(responseCode = "409", description = "Subcategory already exists / User not permitted to perform the action"), @ApiResponse(responseCode = "500", description = "General Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createComponentSubCategory( @Parameter(description = "allowed values are resources / products", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME, ComponentTypeEnum.PRODUCT_PARAM_NAME}), required = true) @PathParam(value = "componentType") final String componentType, @@ -312,7 +305,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "USER_ID header is missing"), @ApiResponse(responseCode = "409", description = "User not permitted to perform the action"), @ApiResponse(responseCode = "404", description = "Category not found"), @ApiResponse(responseCode = "500", description = "General Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteComponentSubCategory(@PathParam(value = "categoryUniqueId") final String categoryUniqueId, @PathParam(value = "subCategoryUniqueId") final String subCategoryUniqueId, @PathParam(value = "componentType") final String componentType, @@ -348,7 +340,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "404", description = "Parent category or subcategory were not found"), @ApiResponse(responseCode = "409", description = "Grouping already exists / User not permitted to perform the action"), @ApiResponse(responseCode = "500", description = "General Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createComponentGrouping(@Parameter(description = "allowed values are products", schema = @Schema(allowableValues = { ComponentTypeEnum.PRODUCT_PARAM_NAME}), required = true) @PathParam(value = "componentType") final String componentType, @Parameter(description = "Parent category unique ID", required = true) @PathParam(value = "categoryId") final String grandParentCategoryId, @@ -382,7 +373,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "USER_ID header is missing"), @ApiResponse(responseCode = "409", description = "User not permitted to perform the action"), @ApiResponse(responseCode = "404", description = "Category not found"), @ApiResponse(responseCode = "500", description = "General Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteComponentGrouping(@PathParam(value = "categoryUniqueId") final String grandParentCategoryUniqueId, @PathParam(value = "subCategoryUniqueId") final String parentSubCategoryUniqueId, @PathParam(value = "groupingUniqueId") final String groupingUniqueId, @@ -413,7 +403,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = User.class)))), @ApiResponse(responseCode = "200", description = "Returns tags Ok"), @ApiResponse(responseCode = "404", description = "No tags were found"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getTags(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); log.debug("(getTags) Start handle request of {}", url); @@ -444,7 +433,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Returns propertyScopes Ok"), @ApiResponse(responseCode = "404", description = "No propertyScopes were found"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getPropertyScopes(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); log.debug("(getPropertyScopes) Start handle request of {}", url); @@ -475,7 +463,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Returns artifactTypes Ok"), @ApiResponse(responseCode = "404", description = "No artifactTypes were found"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getArtifactTypes(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); log.debug("(GET - getArtifactTypes) Start handle request of {}", url); @@ -512,7 +499,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "404", description = "No followed were found"), @ApiResponse(responseCode = "404", description = "User not found"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getFollowedResourcesServices(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { try { @@ -562,7 +548,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "404", description = "No resources and services were found"), @ApiResponse(responseCode = "404", description = "User not found"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getCatalogComponents(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @QueryParam("excludeTypes") List excludeTypes) throws IOException { try { @@ -585,7 +570,6 @@ public class ElementServlet extends BeGenericServlet { @DELETE @Path("/inactiveComponents/{componentType}") - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteMarkedResources(@PathParam("componentType") final String componentType, @Context final HttpServletRequest request) { String url = request.getMethod() + " " + request.getRequestURI(); log.debug(START_HANDLE_REQUEST_OF, url); @@ -624,7 +608,6 @@ public class ElementServlet extends BeGenericServlet { @Operation(description = "Retrieve ecomp portal menu - MOC", method = "GET", summary = "Retrieve ecomp portal menu", responses = { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = User.class)))), @ApiResponse(responseCode = "200", description = "Retrieve ecomp portal menu")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getListOfCsars(@Context final HttpServletRequest request) { return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), "[{\"menuId\":1,\"column\":2,\"text\":\"Design\",\"parentMenuId\":null,\"url\":\"\",\"appid\":null,\"roles\":null,\"children\":[{\"menuId\":11,\"column\":1,\"text\":\"ProductDesign\",\"parentMenuId\":1,\"url\":\"\",\"appid\":null,\"roles\":null},{\"menuId\":12,\"column\":2,\"text\":\"Service\",\"parentMenuId\":1,\"url\":\"\",\"appid\":null,\"roles\":null,\"children\":[{\"menuId\":21,\"column\":1,\"text\":\"ViewPolicies\",\"parentMenuId\":12,\"url\":\"\",\"appid\":null,\"roles\":null,\"children\":[{\"menuId\":90,\"column\":1,\"text\":\"4thLevelApp1aR16\",\"parentMenuId\":21,\"url\":\"http://google.com\",\"appid\":null,\"roles\":null}]},{\"menuId\":22,\"column\":2,\"text\":\"UpdatePolicies\",\"parentMenuId\":12,\"url\":\"\",\"appid\":null,\"roles\":null,\"children\":[{\"menuId\":91,\"column\":1,\"text\":\"4thLevelApp1bR16\",\"parentMenuId\":22,\"url\":\"http://jsonlint.com/\",\"appid\":null,\"roles\":null}]},{\"menuId\":23,\"column\":3,\"text\":\"UpdateRules\",\"parentMenuId\":12,\"url\":\"\",\"appid\":null,\"roles\":null},{\"menuId\":24,\"column\":4,\"text\":\"CreateSignatures?\",\"parentMenuId\":12,\"url\":\"\",\"appid\":null,\"roles\":null},{\"menuId\":25,\"column\":5,\"text\":\"Definedata\",\"parentMenuId\":12,\"url\":\"\",\"appid\":null,\"roles\":null}]}]}]"); @@ -637,7 +620,6 @@ public class ElementServlet extends BeGenericServlet { @Operation(description = "Retrieve previus and current catalog update time", method = "GET", summary = "Retrieve previus and current catalog update time", responses = { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "Retrieve previus and current catalog update time")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getCatalogUpdateTime(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); log.debug("(post) Start handle request of {}", url); @@ -655,7 +637,6 @@ public class ElementServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Returns artifactTypes, ui configuration and sdc version Ok"), @ApiResponse(responseCode = "404", description = "No artifactTypes were found/no ui configuration were found/no sdc version were found"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getConfCategoriesAndVersion(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupEndpoint.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupEndpoint.java index 610935cba1..23d905a05c 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupEndpoint.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupEndpoint.java @@ -42,8 +42,6 @@ import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; import org.openecomp.sdc.be.components.impl.GroupBusinessLogicNew; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.datatypes.elements.PropertyDataDefinition; import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum; import org.openecomp.sdc.be.impl.ComponentsUtils; @@ -83,7 +81,6 @@ public class GroupEndpoint extends BeGenericServlet { @ApiResponse(responseCode = "400", description = "field name invalid type/length, characters; mandatory field is absent, already exists (name)"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found"), @ApiResponse(responseCode = "500", description = "Internal Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public List updateGroupMembers(@PathParam("containerComponentType") final String containerComponentType, @PathParam("componentId") final String componentId, @PathParam("groupUniqueId") final String groupUniqueId, @Parameter(description = "List of members unique ids", required = true) List members, @@ -103,7 +100,6 @@ public class GroupEndpoint extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = GroupProperty.class)))), @ApiResponse(responseCode = "200", description = "Group Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public List getGroupProperties(@PathParam("containerComponentType") final String containerComponentType, @PathParam("componentId") final String componentId, @PathParam("groupUniqueId") final String groupUniqueId, @@ -117,7 +113,6 @@ public class GroupEndpoint extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = GroupProperty.class)))), @ApiResponse(responseCode = "200", description = "Group Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public List updateGroupProperties(@PathParam("containerComponentType") final String containerComponentType, @PathParam("componentId") final String componentId, @PathParam("groupUniqueId") final String groupUniqueId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupServlet.java index ca932e7bde..1e2dd77f87 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupServlet.java @@ -49,8 +49,6 @@ import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.GroupBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum; @@ -96,7 +94,6 @@ public class GroupServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "field name invalid type/length, characters; mandatory field is absent, already exists (name)"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found"), @ApiResponse(responseCode = "500", description = "Internal Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createGroup(@PathParam("containerComponentType") final String containerComponentType, @PathParam("componentId") final String componentId, @PathParam("groupType") final String type, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -113,7 +110,6 @@ public class GroupServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "group found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Group not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getGroupById(@PathParam("containerComponentType") final String containerComponentType, @PathParam("componentId") final String componentId, @PathParam("groupId") final String groupId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -143,7 +139,6 @@ public class GroupServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "field name invalid type/length, characters; mandatory field is absent, already exists (name)"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found"), @ApiResponse(responseCode = "500", description = "Internal Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteGroup(@PathParam("containerComponentType") final String containerComponentType, @PathParam("componentId") final String componentId, @PathParam("groupUniqueId") final String groupId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { @@ -161,7 +156,6 @@ public class GroupServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Group updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "component / group Not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateGroup(@PathParam("containerComponentType") final String containerComponentType, @PathParam("componentId") final String componentId, @PathParam("groupId") final String groupId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @@ -180,7 +174,6 @@ public class GroupServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = GroupDefinition.class)))), @ApiResponse(responseCode = "200", description = "Group Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateGroupMetadata(@PathParam("containerComponentType") final String containerComponentType, @PathParam("componentId") final String componentId, @PathParam("groupUniqueId") final String groupUniqueId, @Parameter(description = "Service object to be Updated", required = true) String data, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupTypesEndpoint.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupTypesEndpoint.java index d3b2ae4e62..6f77540236 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupTypesEndpoint.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/GroupTypesEndpoint.java @@ -39,8 +39,6 @@ import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; import javax.ws.rs.core.MediaType; import org.openecomp.sdc.be.components.impl.GroupTypeBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.impl.ComponentsUtils; import org.openecomp.sdc.be.mixin.GroupTypeMixin; import org.openecomp.sdc.be.model.GroupTypeDefinition; @@ -73,7 +71,6 @@ public class GroupTypesEndpoint extends BeGenericServlet { @ApiResponse(responseCode = "400", description = "field name invalid type/length, characters; mandatory field is absent, already exists (name)"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "500", description = "Internal Error")}) @ResponseView(mixin = {GroupTypeMixin.class}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public List getGroupTypes(@HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "An optional parameter to indicate the type of the container from where this call is executed") diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/InputsServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/InputsServlet.java index 9643c0ae02..29141733ad 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/InputsServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/InputsServlet.java @@ -54,8 +54,6 @@ import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.DataTypeBusinessLogic; import org.openecomp.sdc.be.components.impl.InputsBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -395,7 +393,6 @@ public class InputsServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = DataTypeDefinition.class)))), @ApiResponse(responseCode = "200", description = "Data type found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Data type not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getDataType(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId, @PathParam("dataTypeName") final String dataTypeName, @Context final HttpServletRequest request) { String url = request.getMethod() + " " + request.getRequestURI(); @@ -432,7 +429,6 @@ public class InputsServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Data type found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getDataTypes(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId, @Context final HttpServletRequest request) { ComponentsUtils componentsUtils = getComponentsUtils(); @@ -471,7 +467,6 @@ public class InputsServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Data type deleted"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Data type not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteDataType(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId, @PathParam("dataTypeName") final String dataTypeName, @Context final HttpServletRequest request) { ComponentsUtils componentsUtils = getComponentsUtils(); diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/InterfaceOperationServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/InterfaceOperationServlet.java index 60ffada724..e3fc28f71e 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/InterfaceOperationServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/InterfaceOperationServlet.java @@ -50,8 +50,6 @@ import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.InterfaceOperationBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum; @@ -99,7 +97,6 @@ public class InterfaceOperationServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Resource not found"), @ApiResponse(responseCode = "409", description = "Interface Operation already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createInterfaceOperationsOnResource(@Parameter(description = "Interface Operations to create", required = true) String data, @Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @@ -157,7 +154,6 @@ public class InterfaceOperationServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Resource not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateInterfaceOperationsOnResource(@Parameter(description = "Interface Operations to update", required = true) String data, @Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @@ -175,7 +171,6 @@ public class InterfaceOperationServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Resource not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteInterfaceOperationsFromResource(@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId, @Parameter(description = "Interface Id") @PathParam("interfaceId") String interfaceId, @Parameter(description = "Operation Id") @PathParam("operationId") String operationId, @@ -215,7 +210,6 @@ public class InterfaceOperationServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Resource not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getInterfaceOperationsFromResource(@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId, @Parameter(description = "Interface Id") @PathParam("interfaceId") String interfaceId, @Parameter(description = "Operation Id") @PathParam("operationId") String operationId, @@ -256,7 +250,6 @@ public class InterfaceOperationServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Service not found"), @ApiResponse(responseCode = "409", description = "Interface Operation already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createInterfaceOperationsOnService(@Parameter(description = "Interface Operations to create", required = true) String data, @Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @@ -274,7 +267,6 @@ public class InterfaceOperationServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Service not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateInterfaceOperationsOnService(@Parameter(description = "Interface Operations to update", required = true) String data, @Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @@ -292,7 +284,6 @@ public class InterfaceOperationServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Service not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteInterfaceOperationsFromService(@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Parameter(description = "Interface Id") @PathParam("interfaceId") String interfaceId, @Parameter(description = "Operation Id") @PathParam("operationId") String operationId, @@ -311,7 +302,6 @@ public class InterfaceOperationServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Service not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getInterfaceOperationsFromService(@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Parameter(description = "Interface Id") @PathParam("interfaceId") String interfaceId, @Parameter(description = "Operation Id") @PathParam("operationId") String operationId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java index c294492763..6d72f37a12 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java @@ -44,8 +44,6 @@ import javax.ws.rs.Produces; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.lifecycle.LifecycleBusinessLogic; import org.openecomp.sdc.be.components.lifecycle.LifecycleChangeInfoBase; import org.openecomp.sdc.be.components.lifecycle.LifecycleChangeInfoWithAction; @@ -94,7 +92,6 @@ public class LifecycleServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Resource state changed"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "409", description = "Resource already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response changeResourceState( @Parameter(description = "LifecycleChangeInfo - relevant for checkin, failCertification, cancelCertification") String jsonChangeInfo, @Parameter(description = "validValues: resources / services / products", schema = @Schema(allowableValues = { diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LockServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LockServlet.java index b6a098c0d3..a5c8955cb1 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LockServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LockServlet.java @@ -37,8 +37,6 @@ import javax.ws.rs.Produces; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.validation.UserValidations; import org.openecomp.sdc.be.impl.ComponentsUtils; import org.openecomp.sdc.be.model.operations.api.IGraphLockOperation; @@ -71,7 +69,6 @@ public class LockServlet extends BeGenericServlet { @Path("/lock") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) @Operation(description = "Toggle disable locking", method = "POST", responses = { @ApiResponse(content = @Content(schema = @Schema(implementation = Response.class))), @ApiResponse(responseCode = "200", description = "Disable locking successfully updated"), diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ModelServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ModelServlet.java index ad546d5283..12de554d9c 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ModelServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ModelServlet.java @@ -50,8 +50,6 @@ import org.glassfish.jersey.media.multipart.FormDataParam; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ModelBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.validation.UserValidations; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -96,7 +94,6 @@ public class ModelServlet extends AbstractValidationsServlet { @Path("/model") @Consumes(MediaType.MULTIPART_FORM_DATA) @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) @Operation(description = "Create a TOSCA model, along with its imports files", method = "POST", summary = "Create a TOSCA model", responses = { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "201", description = "Model created"), @@ -129,7 +126,6 @@ public class ModelServlet extends AbstractValidationsServlet { @GET @Path("/model") @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) @Operation(method = "GET", summary = "List TOSCA models", description = "List all the existing TOSCA models", responses = { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Model.class)))), @@ -165,7 +161,6 @@ public class ModelServlet extends AbstractValidationsServlet { @Path("/model/imports") @Consumes(MediaType.MULTIPART_FORM_DATA) @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) @Operation(description = "Update a model TOSCA imports", method = "PUT", summary = "Update a model TOSCA imports", responses = { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "204", description = "Model imports updated"), diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/PolicyServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/PolicyServlet.java index 1645e76af6..f9449e2fc8 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/PolicyServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/PolicyServlet.java @@ -51,8 +51,6 @@ import org.apache.commons.lang3.StringUtils; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.PolicyBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -107,7 +105,6 @@ public class PolicyServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Policy already exist"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createPolicy(@PathParam("componentId") final String containerComponentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -134,7 +131,6 @@ public class PolicyServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Policy updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "component / policy Not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updatePolicy(@PathParam("componentId") final String containerComponentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -165,7 +161,6 @@ public class PolicyServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "component / policy Not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getPolicy(@PathParam("componentId") final String containerComponentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -187,7 +182,6 @@ public class PolicyServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "component / policy Not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deletePolicy(@PathParam("componentId") final String containerComponentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -209,7 +203,6 @@ public class PolicyServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "component / policy Not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response undeclarePolicy(@PathParam("componentId") final String containerComponentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -244,7 +237,6 @@ public class PolicyServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Componentorpolicy not found"), @ApiResponse(responseCode = "500", description = "The GET request failed due to internal SDC problem.")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getPolicyProperties( @Parameter(description = "the id of the component which is the container of the policy") @PathParam("componentId") final String containerComponentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -266,7 +258,6 @@ public class PolicyServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "component / policy Not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updatePolicyProperties(@PathParam("componentId") final String containerComponentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -304,7 +295,6 @@ public class PolicyServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Policy target updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updatePolicyTargets(@PathParam("componentId") final String containerComponentId, @Parameter(description = "valid values: resources / services", schema = @Schema(allowableValues = { ComponentTypeEnum.RESOURCE_PARAM_NAME, @@ -324,7 +314,6 @@ public class PolicyServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Component found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Component not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response declareProperties(@PathParam("componentType") final String componentType, @PathParam("componentId") final String componentId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "ComponentIns policies Object to be created", required = true) String componentInstPoliciesMapObj) { diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/PolicyTypesEndpoint.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/PolicyTypesEndpoint.java index a978a53582..6abaff6b31 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/PolicyTypesEndpoint.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/PolicyTypesEndpoint.java @@ -39,8 +39,6 @@ import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; import javax.ws.rs.core.MediaType; import org.openecomp.sdc.be.components.impl.PolicyTypeBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.impl.ComponentsUtils; import org.openecomp.sdc.be.mixin.PolicyTypeMixin; import org.openecomp.sdc.be.model.PolicyTypeDefinition; @@ -76,7 +74,6 @@ public class PolicyTypesEndpoint extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "500", description = "The GET request failed due to internal SDC problem.")}) @ResponseView(mixin = {PolicyTypeMixin.class}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public List getPolicyTypes( @Parameter(description = "An optional parameter to indicate the type of the container from where this call is executed") @QueryParam("internalComponentType") String internalComponentType, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/RequirementServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/RequirementServlet.java index 1a12670c23..e84a463d7c 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/RequirementServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/RequirementServlet.java @@ -46,8 +46,6 @@ import javax.ws.rs.core.Response; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.RequirementBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datatypes.enums.ComponentTypeEnum; @@ -92,7 +90,6 @@ public class RequirementServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "requirement already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createRequirementsOnResource(@Parameter(description = "Requirement to create", required = true) String data, @Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId, @Context final HttpServletRequest request, @@ -109,7 +106,6 @@ public class RequirementServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Update Requirements"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateRequirementsOnResource(@Parameter(description = "Requirements to update", required = true) String data, @Parameter(description = "Component Id") @PathParam("resourceId") String resourceId, @Context final HttpServletRequest request, @@ -125,7 +121,6 @@ public class RequirementServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = RequirementDefinition.class)))), @ApiResponse(responseCode = "201", description = "GET requirement"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getRequirementsFromResource(@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId, @Parameter(description = "Requirement Id") @PathParam("requirementId") String requirementId, @Context final HttpServletRequest request, @@ -142,7 +137,6 @@ public class RequirementServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Delete requirement"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteRequirementsFromResource(@Parameter(description = "Resource Id") @PathParam("resourceId") String resourceId, @Parameter(description = "requirement Id") @PathParam("requirementId") String requirementId, @Context final HttpServletRequest request, @@ -160,7 +154,6 @@ public class RequirementServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Requirement already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createRequirementsOnService(@Parameter(description = "Requirements to create", required = true) String data, @Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Context final HttpServletRequest request, @@ -177,7 +170,6 @@ public class RequirementServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Update requirements"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateRequirementsOnService(@Parameter(description = "Requirements to update", required = true) String data, @Parameter(description = "Component Id") @PathParam("serviceId") String serviceId, @Context final HttpServletRequest request, @@ -194,7 +186,6 @@ public class RequirementServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "GET Requirements"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getRequirementsOnService(@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Parameter(description = "Requirement Id") @PathParam("requirementId") String requirementId, @Context final HttpServletRequest request, @@ -211,7 +202,6 @@ public class RequirementServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Delete Requirements"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteRequirementsOnService(@Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Parameter(description = "Requirement Id") @PathParam("requirementId") String requirementId, @Context final HttpServletRequest request, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourceUploadServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourceUploadServlet.java index 00500888cb..6733267f4e 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourceUploadServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourceUploadServlet.java @@ -52,8 +52,6 @@ import org.glassfish.jersey.media.multipart.FormDataParam; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ModelBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.exception.BusinessException; @@ -107,7 +105,6 @@ public class ResourceUploadServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Resource already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadMultipart( @Parameter(description = "validValues: normative-resource / user-resource", schema = @Schema(allowableValues = {NORMATIVE_TYPE_RESOURCE, USER_TYPE_RESOURCE, USER_TYPE_RESOURCE_UI_IMPORT})) @PathParam(value = "resourceAuthority") final String resourceAuthority, @@ -161,7 +158,6 @@ public class ResourceUploadServlet extends AbstractValidationsServlet { @Path("/resource/import") @Consumes(MediaType.MULTIPART_FORM_DATA) @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) @Operation(description = "Import node types from a TOSCA yaml, along with the types metadata", method = "POST", summary = "Creates node types from a TOSCA yaml file", responses = { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourcesServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourcesServlet.java index 08f26fff4a..6c01060811 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourcesServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourcesServlet.java @@ -63,8 +63,6 @@ import org.openecomp.sdc.be.components.impl.CsarValidationUtils; import org.openecomp.sdc.be.components.impl.ImportUtils; import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datamodel.api.HighestFilterEnum; @@ -124,7 +122,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Resource already exist"), @ApiResponse(responseCode = "401", description = "Unauthorized Tenant")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createResource(@Parameter(description = "Resource object to be created", required = true) String data, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException, ZipException { @@ -240,7 +237,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @DELETE @Path("/resources/{resourceId}") - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteResource(@PathParam("resourceId") final String resourceId, @Parameter(description = "Optional parameter to determine the delete action: " + "DELETE, which will permanently delete the Resource from the system or " + @@ -286,7 +282,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Resource not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteResourceByNameAndVersion(@PathParam("resourceName") final String resourceName, @PathParam("version") final String version, @Context final HttpServletRequest request) { ServletContext context = request.getSession().getServletContext(); @@ -317,7 +312,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Resource found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Resource not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getResourceById(@PathParam("resourceId") final String resourceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { ServletContext context = request.getSession().getServletContext(); @@ -354,7 +348,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Resource found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Resource not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getResourceByNameAndVersion(@PathParam("resourceName") final String resourceName, @PathParam("resourceVersion") final String resourceVersion, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { @@ -386,7 +379,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @Operation(description = "validate resource name", method = "GET", summary = "checks if the chosen resource name is available ", responses = { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))), @ApiResponse(responseCode = "200", description = "Resource found"), @ApiResponse(responseCode = "403", description = "Restricted operation")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response validateResourceName(@PathParam("resourceName") final String resourceName, @QueryParam("subtype") String resourceType, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); @@ -419,7 +411,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @Path("/resources/certified/abstract") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getCertifiedAbstractResources(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { String url = request.getMethod() + " " + request.getRequestURI(); @@ -438,7 +429,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @Path("/resources/certified/notabstract") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getCertifiedNotAbstractResources(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { String url = request.getMethod() + " " + request.getRequestURI(); @@ -462,7 +452,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Resource metadata updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateResourceMetadata(@PathParam("resourceId") final String resourceId, @Parameter(description = "Resource metadata to be updated", required = true) String data, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) @@ -505,7 +494,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Resource already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateResource(@Parameter(description = "Resource object to be updated", required = true) String data, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @PathParam(value = "resourceId") String resourceId) throws IOException, ZipException { @@ -557,7 +545,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Resource retrieced"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getResourceFromCsar(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @PathParam(value = "csaruuid") String csarUUID) throws IOException { init(); @@ -595,7 +582,6 @@ public class ResourcesServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Resource already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response importReplaceResource( @Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceConsumptionServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceConsumptionServlet.java index 6f4eb2ec54..9299eb0d2e 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceConsumptionServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceConsumptionServlet.java @@ -56,8 +56,6 @@ import org.json.simple.parser.JSONParser; import org.json.simple.parser.ParseException; import org.openecomp.sdc.be.components.impl.InterfaceOperationBusinessLogic; import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datatypes.elements.OperationInputDefinition; @@ -104,7 +102,6 @@ public class ServiceConsumptionServlet extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Service property already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response addInputToServiceOperation(@PathParam("serviceId") final String serviceId, @PathParam("serviceInstanceId") final String serviceInstanceId, @Parameter(description = "Service Consumption Data", required = true) String data, @@ -141,7 +138,6 @@ public class ServiceConsumptionServlet extends BeGenericServlet { @Path("/services/{serviceId}/consumption/{serviceInstanceId}/interfaces/{interfaceId}/operations/{operationId}/inputs") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getInputsListOfOperation(@PathParam("serviceId") final String serviceId, @PathParam("serviceInstanceId") final String serviceInstanceId, @PathParam("interfaceId") final String interfaceId, @PathParam("operationId") final String operationId, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceForwardingPathServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceForwardingPathServlet.java index ed27fa0d3e..eacf408414 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceForwardingPathServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceForwardingPathServlet.java @@ -53,8 +53,6 @@ import org.apache.commons.collections.MapUtils; import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.datatypes.elements.ForwardingPathDataDefinition; @@ -104,7 +102,6 @@ public class ServiceForwardingPathServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Forwarding Path already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createForwardingPath(@Parameter(description = "Forwarding Path to create", required = true) String data, @Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) @@ -122,7 +119,6 @@ public class ServiceForwardingPathServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Forwarding Path already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateForwardingPath(@Parameter(description = "Update Path to create", required = true) String data, @Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) @@ -172,7 +168,6 @@ public class ServiceForwardingPathServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Forwarding Path already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getForwardingPath(@Parameter(description = "Forwarding Path to create", required = true) String datax, @Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Parameter(description = "Forwarding Path Id") @PathParam("forwardingPathId") String forwardingPathId, @@ -213,7 +208,6 @@ public class ServiceForwardingPathServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Forwarding Path already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteForwardingPath(@Parameter(description = "Forwarding Path Id") @PathParam("forwardingPathId") String forwardingPathId, @Parameter(description = "Service Id") @PathParam("serviceId") String serviceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceServlet.java index daf4bcbcd0..2ff1288dc3 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceServlet.java @@ -70,8 +70,6 @@ import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; import org.openecomp.sdc.be.components.impl.ServiceBusinessLogic; import org.openecomp.sdc.be.components.impl.ServiceImportBusinessLogic; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.ByResponseFormatComponentException; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.dao.api.ActionStatus; @@ -138,7 +136,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Service already exist"), @ApiResponse(responseCode = "401", description = "Unauthorized Tenant")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response createService(@Parameter(description = "Service object to be created", required = true) String data, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); @@ -195,7 +192,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @Operation(description = "validate service name", method = "GET", summary = "checks if the chosen service name is available ", responses = { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response validateServiceName(@PathParam("serviceName") final String serviceName, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); @@ -223,7 +219,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @Operation(description = "get component audit records", method = "GET", summary = "get audit records for a service or a resource", responses = { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Response.class)))), @ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getComponentAuditRecords(@PathParam("componentType") final String componentType, @PathParam("componentUniqueId") final String componentUniqueId, @Context final HttpServletRequest request, @@ -292,7 +287,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "204", description = "Service deleted"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Service not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteService(@PathParam("serviceId") final String serviceId, @Parameter(description = "Optional parameter to determine the delete action: " + "DELETE, which will permanently delete theService from the system or " + @@ -341,7 +335,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "204", description = "Service deleted"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Service not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response deleteServiceByNameAndVersion(@PathParam("serviceName") final String serviceName, @PathParam("version") final String version, @Context final HttpServletRequest request) { User modifier = getUser(request); @@ -377,7 +370,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Service.class)))), @ApiResponse(responseCode = "200", description = "Service Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateServiceMetadata(@PathParam("serviceId") final String serviceId, @Parameter(description = "Service object to be Updated", required = true) String data, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) @@ -431,7 +423,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Group Instance Property Values Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response updateGroupInstancePropertyValues(@PathParam("serviceId") final String serviceId, @PathParam("componentInstanceId") final String componentInstanceId, @PathParam("groupInstanceId") final String groupInstanceId, @@ -482,7 +473,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Service.class)))), @ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Service not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getServiceById(@PathParam("serviceId") final String serviceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { String url = request.getMethod() + " " + request.getRequestURI(); @@ -517,7 +507,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Service.class)))), @ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Service not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getServiceByNameAndVersion(@PathParam("serviceName") final String serviceName, @PathParam("serviceVersion") final String serviceVersion, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { @@ -548,7 +537,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "409", description = "Service cannot be distributed due to missing deployment artifacts"), @ApiResponse(responseCode = "404", description = "Requested service was not found"), @ApiResponse(responseCode = "500", description = "Internal Server Error. Please try again later.")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response activateDistribution(@PathParam("serviceId") final String serviceId, @PathParam("env") final String env, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { @@ -585,7 +573,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Requested service was not found"), @ApiResponse(responseCode = "500", description = "Internal Server Error. Please try again later.")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response markDistributionAsDeployed(@PathParam("serviceId") final String serviceId, @PathParam("did") final String did, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { @@ -616,7 +603,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @Produces(MediaType.APPLICATION_JSON) @Operation(responses = {@ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "500", description = "Internal Server Error. Please try again later.")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response tempUrlToBeDeleted(@PathParam("serviceId") final String serviceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) { String url = request.getMethod() + " " + request.getRequestURI(); @@ -647,7 +633,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = ServiceRelations.class)))), @ApiResponse(responseCode = "200", description = "Service found"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Service not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getServiceComponentRelationMap(@PathParam("serviceId") final String serviceId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) throws IOException { String url = request.getMethod() + " " + request.getRequestURI(); @@ -738,7 +723,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "201", description = "Service created"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Service already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response importReplaceService( @Parameter(description = "The user id", required = true) @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId, @@ -824,7 +808,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Service Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response importToscaTemplate(@PathParam("serviceId") final String serviceId, @Parameter(description = "Service object to be Updated", required = true) final String data, @Context final HttpServletRequest request, @@ -853,7 +836,6 @@ public class ServiceServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "Service Updated"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response importToscaModel(@PathParam("serviceId") final String serviceId, @NotNull @FormDataParam("upload") final InputStream fileToUpload, @Context final HttpServletRequest request, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesFetchServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesFetchServlet.java index efdae4de96..36f086743b 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesFetchServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesFetchServlet.java @@ -57,8 +57,6 @@ import org.openecomp.sdc.be.components.impl.InterfaceOperationBusinessLogic; import org.openecomp.sdc.be.components.impl.RelationshipTypeBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceBusinessLogic; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException; import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; import org.openecomp.sdc.be.config.BeEcompErrorManager; @@ -149,7 +147,6 @@ public class TypesFetchServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "datatypes"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Data types not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getAllDataTypesServlet(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "model") @QueryParam("model") String modelName) { Wrapper responseWrapper = new Wrapper<>(); @@ -178,7 +175,6 @@ public class TypesFetchServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "allDataTypes"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Data types not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getAllDataTypesFromAllModels(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @QueryParam("excludePrimitives") @DefaultValue("false") String excludePrimitives) { @@ -220,7 +216,6 @@ public class TypesFetchServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "allDataTypes"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Data types not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response downloadDataType(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "dataTypeId") @QueryParam("dataTypeId") String dataTypeId) { Wrapper responseWrapper = new Wrapper<>(); @@ -250,7 +245,6 @@ public class TypesFetchServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Interface lifecycle types not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getInterfaceLifecycleTypes(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "model") @QueryParam("model") String modelName) { @@ -290,7 +284,6 @@ public class TypesFetchServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "capabilityTypes"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Capability types not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getAllCapabilityTypesServlet(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "model") @QueryParam("model") String modelName) { @@ -335,7 +328,6 @@ public class TypesFetchServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Relationship types not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getAllRelationshipTypesServlet(@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @Parameter(description = "model") @QueryParam("model") String modelName) { @@ -379,7 +371,6 @@ public class TypesFetchServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "200", description = "nodeTypes"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "404", description = "Node types not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getAllNodeTypesServlet( @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId, @@ -427,7 +418,6 @@ public class TypesFetchServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "404", description = "Tosca Artifact Types not found")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response getAllToscaArtifactTypes(@Parameter(description = "Model name") @QueryParam("model") String model, @Context final HttpServletRequest request, @HeaderParam(Constants.USER_ID_HEADER) String creator) { try { diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadEndpoint.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadEndpoint.java index e25783204e..7e11b5bc92 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadEndpoint.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadEndpoint.java @@ -44,8 +44,6 @@ import javax.ws.rs.core.Response; import org.apache.commons.lang3.tuple.ImmutablePair; import org.glassfish.jersey.media.multipart.FormDataParam; import org.openecomp.sdc.be.components.impl.CommonImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.validation.AccessValidations; import org.openecomp.sdc.be.datatypes.tosca.ToscaDataDefinition; import org.openecomp.sdc.be.impl.ComponentsUtils; @@ -128,7 +126,6 @@ public class TypesUploadEndpoint extends BeGenericServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "annotation types already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadAnnotationTypes(@Parameter(description = "FileInputStream") @FormDataParam("annotationTypesZip") File file, @HeaderParam("USER_ID") String userId) { accessValidations.validateUserExists(userId, "Annotation Types Creation"); diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java index 309bff28c3..690ae8d920 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java @@ -48,8 +48,6 @@ import org.openecomp.sdc.be.components.impl.InterfaceLifecycleTypeImportManager; import org.openecomp.sdc.be.components.impl.PolicyTypeImportManager; import org.openecomp.sdc.be.components.impl.RelationshipTypeImportManager; import org.openecomp.sdc.be.components.impl.ResourceImportManager; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException; import org.openecomp.sdc.be.components.impl.model.ToscaTypeImportData; import org.openecomp.sdc.be.config.BeEcompErrorManager; @@ -143,7 +141,6 @@ public class TypesUploadServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Capability Type already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadCapabilityType(@Parameter(description = "FileInputStream") @FormDataParam("capabilityTypeZip") File file, @Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator, @Parameter(description = "model name") @FormDataParam("model") String modelName, @@ -163,7 +160,6 @@ public class TypesUploadServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Relationship Type already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadRelationshipType(@Parameter(description = "FileInputStream") @FormDataParam("relationshipTypeZip") File file, @Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator, @Parameter(description = "model name") @FormDataParam("model") String modelName, @@ -180,7 +176,6 @@ public class TypesUploadServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Interface Lifecycle Type already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadInterfaceLifecycleType(@Parameter(description = "FileInputStream") @FormDataParam("interfaceLifecycleTypeZip") File file, @Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator, @Parameter(description = "model name") @FormDataParam("model") String modelName, @@ -199,7 +194,6 @@ public class TypesUploadServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Tosca Artifact Type already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadArtifactTypes(@Parameter(description = "Zip file containing a yaml with the TOSCA artifact types definition") @FormDataParam("artifactsZip") File file, @Parameter(description = "model name") @FormDataParam("model") String modelName, @@ -220,7 +214,6 @@ public class TypesUploadServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Category already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadCategories(@Parameter(description = "FileInputStream") @FormDataParam("categoriesZip") File file, @Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator) { ConsumerTwoParam, String> createElementsMethod = (responseWrapper, ymlPayload) -> @@ -236,7 +229,6 @@ public class TypesUploadServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Data types already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadDataTypes(@Parameter(description = "FileInputStream") @FormDataParam("dataTypesZip") File file, @Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator, @Parameter(description = "model name") @FormDataParam("model") String modelName, @@ -253,7 +245,6 @@ public class TypesUploadServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "Data types already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadDataTypesYaml(@Parameter(description = "FileInputStream") @FormDataParam("dataTypesYaml") File file, @Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator, @Parameter(description = "model name") @FormDataParam("model") String modelName, @@ -270,7 +261,6 @@ public class TypesUploadServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "group types already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadGroupTypes(@Parameter(description = "toscaTypeMetadata") @FormDataParam("toscaTypeMetadata") String toscaTypesMetaData, @Parameter(description = "model name") @FormDataParam("model") String modelName, @Parameter(description = "FileInputStream") @FormDataParam("groupTypesZip") File file, @@ -289,7 +279,6 @@ public class TypesUploadServlet extends AbstractValidationsServlet { @ApiResponse(responseCode = "403", description = "Restricted operation"), @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"), @ApiResponse(responseCode = "409", description = "policy types already exist")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public Response uploadPolicyTypes(@Parameter(description = "toscaTypeMetadata") @FormDataParam("toscaTypeMetadata") String toscaTypesMetaData, @Parameter(description = "model name") @FormDataParam("model") String modelName, @Parameter(description = "FileInputStream") @FormDataParam("policyTypesZip") File file, diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/UserAdminServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/UserAdminServlet.java index 63fca17288..eb44047a33 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/UserAdminServlet.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/UserAdminServlet.java @@ -46,8 +46,6 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.eclipse.jetty.http.HttpStatus; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; import org.openecomp.sdc.be.impl.ComponentsUtils; import org.openecomp.sdc.be.model.User; import org.openecomp.sdc.be.user.Role; @@ -85,7 +83,6 @@ public class UserAdminServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Returns user Ok"), @ApiResponse(responseCode = "404", description = "User not found"), @ApiResponse(responseCode = "405", description = "Method Not Allowed"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public User get(@Parameter(description = "userId of user to get", required = true) @PathParam("userId") final String userId, @Context final HttpServletRequest request) { return userBusinessLogic.getUser(userId, false); @@ -101,7 +98,6 @@ public class UserAdminServlet extends BeGenericServlet { @ApiResponse(responseCode = "200", description = "Returns user role Ok"), @ApiResponse(responseCode = "404", description = "User not found"), @ApiResponse(responseCode = "405", description = "Method Not Allowed"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public String getRole(@Parameter(description = "userId of user to get", required = true) @PathParam("userId") final String userId, @Context final HttpServletRequest request) { User user = userBusinessLogic.getUser(userId, false); @@ -120,7 +116,6 @@ public class UserAdminServlet extends BeGenericServlet { @ApiResponse(responseCode = "404", description = "User not found"), @ApiResponse(responseCode = "405", description = "Method Not Allowed"), @ApiResponse(responseCode = "409", description = "User already exists"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public User updateUserRole(@Parameter(description = "userId of user to get", required = true) @PathParam("userId") final String userIdUpdateUser, @Context final HttpServletRequest request, @Parameter(description = "json describe the update role", required = true) UserRole newRole, @@ -155,7 +150,6 @@ public class UserAdminServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = User.class)))), @ApiResponse(responseCode = "200", description = "Returns user Ok"), @ApiResponse(responseCode = "403", description = "Restricted Access"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public User authorize(@HeaderParam(value = Constants.USER_ID_HEADER) String userId, @HeaderParam("HTTP_CSP_FIRSTNAME") String firstName, @HeaderParam("HTTP_CSP_LASTNAME") String lastName, @HeaderParam("HTTP_CSP_EMAIL") String email) { User authUser = new User(); @@ -174,7 +168,6 @@ public class UserAdminServlet extends BeGenericServlet { @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = User.class)))), @ApiResponse(responseCode = "200", description = "Returns user Ok"), @ApiResponse(responseCode = "405", description = "Method Not Allowed"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public List getAdminsUser(@Context final HttpServletRequest request) { return userBusinessLogic.getAllAdminUsers(); } @@ -215,7 +208,6 @@ public class UserAdminServlet extends BeGenericServlet { @ApiResponse(responseCode = "405", description = "Method Not Allowed"), @ApiResponse(responseCode = "409", description = "Restricted operation"), @ApiResponse(responseCode = "500", description = "Internal Server Error")}) - @PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE) public User deActivateUser(@Parameter(description = "userId of user to get", required = true) @PathParam("userId") final String userId, @Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String modifierId) { return userBusinessLogicExt.deActivateUser(modifierId, userId); diff --git a/catalog-be/src/main/java/org/openecomp/sdc/config/CatalogBESpringConfig.java b/catalog-be/src/main/java/org/openecomp/sdc/config/CatalogBESpringConfig.java index 17f7a0434d..0998867d71 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/config/CatalogBESpringConfig.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/config/CatalogBESpringConfig.java @@ -26,12 +26,10 @@ import org.onap.portalsdk.core.onboarding.exception.CipherUtilException; import org.onap.sdc.security.PortalClient; import org.openecomp.sdc.be.auditing.impl.ConfigurationProvider; import org.openecomp.sdc.be.components.impl.ComponentLocker; -import org.openecomp.sdc.be.components.impl.aaf.RoleAuthorizationHandler; import org.openecomp.sdc.be.components.impl.lock.ComponentLockAspect; import org.openecomp.sdc.be.components.lifecycle.LifecycleBusinessLogic; import org.openecomp.sdc.be.config.ConfigurationManager; import org.openecomp.sdc.be.ecomp.converters.AssetMetadataConverter; -import org.openecomp.sdc.be.filters.FilterConfiguration; import org.openecomp.sdc.be.filters.PortalConfiguration; import org.openecomp.sdc.be.filters.ThreadLocalUtils; import org.openecomp.sdc.be.tosca.CommonCsarGenerator; @@ -103,11 +101,6 @@ public class CatalogBESpringConfig { return new ComponentLockAspect(componentLocker); } - @Bean - public RoleAuthorizationHandler roleAuthorizationHandler() { - return new RoleAuthorizationHandler(); - } - @Bean public CloseableHttpClient httpClientConnectionManager() { HttpClientFactory httpClientFactory = new HttpClientFactory(); @@ -119,11 +112,6 @@ public class CatalogBESpringConfig { return new PortalConfiguration(); } - @Bean - public FilterConfiguration filterConfiguration() { - return new FilterConfiguration(configuration()); - } - @Bean public ThreadLocalUtils threadLocalUtils() { return new ThreadLocalUtils(); diff --git a/catalog-be/src/main/resources/application-context.xml b/catalog-be/src/main/resources/application-context.xml index 2b1d5ef3bd..242af542fe 100644 --- a/catalog-be/src/main/resources/application-context.xml +++ b/catalog-be/src/main/resources/application-context.xml @@ -31,10 +31,6 @@ - - - - diff --git a/catalog-be/src/main/resources/cadi.properties b/catalog-be/src/main/resources/cadi.properties deleted file mode 100644 index bbce36124d..0000000000 --- a/catalog-be/src/main/resources/cadi.properties +++ /dev/null @@ -1,55 +0,0 @@ -# Configure AAF -aaf_locate_url=https://aaf.onap.org:8095 -aaf_url=https://aaf.onap.org:8095/locate/ - -#aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=TEST/routeOffer=BAU_SE - -#if you are running aaf service from a docker image you have to use aaf service IP and port number -aaf_id=sdc@onap -#Encrypt the password using AAF Jar -aaf_password= enc:uI_J4jBL4YUcIZZa5uZKj3QMUC63hbS8TmDn5PSp5nO -# Sample CADI Properties, from CADI 1.4.2 -hostname=onapportal -csp_domain=PROD - -# Add Absolute path to Keyfile -cadi_keyfile=/var/lib/jetty/opt/be/etc/keyfile - - -# This is required to accept Certificate Authentication from Certman certificates. -# can be TEST, IST or PROD -aaf_env=IST - -# DEBUG prints off all the properties. Use to get started. -cadi_loglevel=DEBUG - - -# Become CSO Poodle Compliant by only allowing sanctioned TLS versions -# The following is the default -# cadi_protocols=TLSv1.1,TLSv1.2 - -# Default TrustStore - REQUIRED for changing PROTOCOL Defaults for DME2 -# Read https://wiki.web.att.com/pages/viewpage.action?pageId=574623569#URGENT:SolvingSSL2-3/TLSv1removalissues-Up-to-dateTruststore -# Add Absolute path to truststore2018.jks -cadi_truststore=/var/lib/jetty/base/be/etc/cadi_truststore.jks -# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs -cadi_truststore_password=changeit - -# how to turn on SSL Logging -#javax.net.debug=ssl - -## -# Hint -# Use "maps.bing.com" to get Lat and Long for an Address -AFT_LATITUDE=32.780140 -AFT_LONGITUDE=-96.800451 -AFT_ENVIRONMENT=AFTUAT -AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=true -DME2.DEBUG=true -AFT_DME2_HTTP_EXCHANGE_TRACE_ON=true - -cadi_latitude=32.780140 -cadi_longitude=-96.800451 - -aaf_root_ns=com.att.aaf -aaf_api_version=2.0 diff --git a/catalog-be/src/main/resources/config/configuration.yaml b/catalog-be/src/main/resources/config/configuration.yaml index 820034eca2..8c8ca1cb37 100644 --- a/catalog-be/src/main/resources/config/configuration.yaml +++ b/catalog-be/src/main/resources/config/configuration.yaml @@ -129,8 +129,6 @@ cassandraConfig: username: asdc_user password: Aa1234%^! ssl: true - truststorePath : /var/lib/jetty/opt/base/be/config/.truststore - truststorePassword : Aa123456 maxWaitSeconds: 120 keySpaces: - { name: dox, replicationStrategy: NetworkTopologyStrategy, replicationInfo: ['DC-sdc-iltlv650', '1']} @@ -817,8 +815,6 @@ dmaapConsumerConfiguration: password: XyCUPhFx9u70aklYGo6OiA== aftDme2SslEnable: true aftDme2ClientIgnoreSslConfig: false - aftDme2ClientKeystore: /var/lib/jetty/opt/base/be/config/.truststore - aftDme2ClientKeystorePassword: XyCUPhFx9u70aklYGo6OiA== aftDme2ClientSslCertAlias: certman #Performence microservice dmaap producer @@ -851,8 +847,6 @@ dmaapProducerConfiguration: password: XyCUPhFx9u70aklYGo6OiA== aftDme2SslEnable: true aftDme2ClientIgnoreSslConfig: false - aftDme2ClientKeystore: /var/lib/jetty/opt/jetty/base/be/config/.truststore - aftDme2ClientKeystorePassword: XyCUPhFx9u70aklYGo6OiA== aftDme2ClientSslCertAlias: certman @@ -895,28 +889,6 @@ healthStatusExclude: - DMAAP_PRODUCER - ECOMP_PORTAL -aafNamespace: com.att.sdc - -aafAuthNeeded: false - -cadiFilterParams: - hostname: 192.168.33.10 - csp_domain: PROD - cadi_keyfile: /var/lib/jetty/opt/base/be/config/catalog-be/keyfile - cadi_loglevel: DEBUG - cadi_truststore: /var/lib/jetty/opt/base/be/config/.truststore - cadi_truststore_password: enc:XyCUPhFx9u70aklYGo6OiA== - #aaf_url: https://aaf.onap.org/service=? - aaf_id: aaf@sdc.onap.org - aaf_password: enc:XyCUPhFx9u70aklYGo6OiA== - aaf_env: DEV - aafLocateUrl: https://aaf.api.simpledemo.onap.org:8095 - aaf_url: https://AAF_LOCATE_URL/AAF_NS.service:2.0 - AFT_LATITUDE: "32.780140" - AFT_LONGITUDE: "-96.800451" - AFT_ENVIRONMENT: AFTUAT - cadiX509Issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US" - # This configuration entry lists all node type names prefix that shall be allowed on SDC. definedResourceNamespace: - org.openecomp.resource. diff --git a/catalog-be/src/test/java/org/openecomp/sdc/be/externalapi/servlet/ExternalRefsServletTest.java b/catalog-be/src/test/java/org/openecomp/sdc/be/externalapi/servlet/ExternalRefsServletTest.java index b912891157..a4bf30a668 100644 --- a/catalog-be/src/test/java/org/openecomp/sdc/be/externalapi/servlet/ExternalRefsServletTest.java +++ b/catalog-be/src/test/java/org/openecomp/sdc/be/externalapi/servlet/ExternalRefsServletTest.java @@ -191,7 +191,6 @@ class ExternalRefsServletTest extends JerseyTest { configuration.setJanusGraphInMemoryGraph(true); HeatDeploymentArtifactTimeout heatDeploymentArtifactTimeout = new HeatDeploymentArtifactTimeout(); heatDeploymentArtifactTimeout.setDefaultMinutes(30); - configuration.setAafAuthNeeded(false); configuration.setHeatArtifactDeploymentTimeout(heatDeploymentArtifactTimeout); configurationManager.setConfiguration(configuration); ExternalConfiguration.setAppName("catalog-be"); diff --git a/catalog-be/src/test/java/org/openecomp/sdc/be/filters/GatewayFilterTest.java b/catalog-be/src/test/java/org/openecomp/sdc/be/filters/GatewayFilterTest.java deleted file mode 100644 index 56b2d46746..0000000000 --- a/catalog-be/src/test/java/org/openecomp/sdc/be/filters/GatewayFilterTest.java +++ /dev/null @@ -1,150 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.openecomp.sdc.be.filters; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.mockito.MockitoAnnotations; -import org.mockito.Spy; -import org.mockito.junit.MockitoJUnitRunner; -import org.openecomp.sdc.be.components.impl.ResponseFormatManager; -import org.openecomp.sdc.be.config.Configuration; -import org.openecomp.sdc.be.config.ConfigurationManager; -import org.openecomp.sdc.be.servlets.exception.ComponentExceptionMapper; -import org.openecomp.sdc.common.api.ConfigurationSource; -import org.openecomp.sdc.common.api.FilterDecisionEnum; -import org.openecomp.sdc.common.impl.ExternalConfiguration; -import org.openecomp.sdc.common.impl.FSConfigurationSource; -import org.openecomp.sdc.common.util.ThreadLocalsHolder; - -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.ws.rs.core.HttpHeaders; -import java.io.IOException; -import java.util.Arrays; -import java.util.Collections; -import java.util.Enumeration; -import java.util.List; - -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertTrue; -import static org.mockito.Mockito.any; -import static org.mockito.Mockito.doNothing; -import static org.mockito.Mockito.doThrow; -import static org.mockito.Mockito.eq; -import static org.mockito.Mockito.times; -import static org.mockito.Mockito.when; - - -@RunWith(MockitoJUnitRunner.class) -public class GatewayFilterTest { - - private static final List excludedUrls = Arrays.asList("test1", "test2"); - private static final String cookieName = "myCookie"; - - static ResponseFormatManager responseFormatManager = new ResponseFormatManager(); - static ConfigurationSource configurationSource = new FSConfigurationSource(ExternalConfiguration.getChangeListener(), "src/test/resources/config/catalog-be"); - static ConfigurationManager configurationManager = new ConfigurationManager(configurationSource); - - @InjectMocks - private GatewayFilter filter; - @Spy - private ThreadLocalUtils threadLocalUtils; - @Mock - private Configuration.CookieConfig authCookieConf; - @Mock - private Configuration configuration; - @Mock - private HttpServletRequest request; - @Mock - private FilterChain filterChain; - @Mock - private HttpServletResponse response; - @Mock - private ComponentExceptionMapper componentExceptionMapper; - - - - @Before - public void initMocks(){ - MockitoAnnotations.openMocks(this); - } - - @Before - public void setUp() throws ServletException { - doNothing().when(threadLocalUtils).setUserContextFromDB(request); - when(configuration.getAuthCookie()).thenReturn(authCookieConf); - this.filter = new GatewayFilter(configuration); - ThreadLocalsHolder.setApiType(null); - assertNotNull(filter); - } - - @Test - public void validateRequestFromWhiteList() throws ServletException, IOException { - when(authCookieConf.getExcludedUrls()).thenReturn(excludedUrls); - when(request.getPathInfo()).thenReturn("test1"); - filter.doFilter(request, response, filterChain); - assertTrue(ThreadLocalsHolder.getApiType().equals(FilterDecisionEnum.NA)); - Mockito.verify(filterChain, times(1)).doFilter(request, response); - } - - private Enumeration getHeaderEnumerationObj(List arrlist){ - - // creating object of type Enumeration - Enumeration enumer = Collections.enumeration(arrlist); - return enumer; - } - - - - - - - private Cookie[] getCookiesFromReq(boolean isFromRequest) { - Cookie[] cookies = new Cookie [1]; - if (isFromRequest) { - cookies[0] = new Cookie(cookieName, "cookieData"); - } - else { - cookies[0] = new Cookie("dummy", "cookieData"); - } - return cookies; - } - - private String getCookieNameFromConf(boolean isFromConfiguration) { - Cookie[] cookies = new Cookie [1]; - if (isFromConfiguration) { - cookies[0] = new Cookie(cookieName, "cookieData"); - } - else { - cookies[0] = new Cookie("dummy", "cookieData"); - } - return cookies[0].getName(); - } -} \ No newline at end of file diff --git a/catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAndPermissionEnumTest.java b/catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAndPermissionEnumTest.java deleted file mode 100644 index 2831a811a8..0000000000 --- a/catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAndPermissionEnumTest.java +++ /dev/null @@ -1,70 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.openecomp.sdc.be.impl.aaf; - -import org.junit.Assert; -import org.junit.Test; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.AafRoles; -import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; -import org.openecomp.sdc.be.config.ConfigurationManager; -import org.openecomp.sdc.be.dao.api.ActionStatus; -import org.openecomp.sdc.common.api.ConfigurationSource; -import org.openecomp.sdc.common.impl.ExternalConfiguration; -import org.openecomp.sdc.common.impl.FSConfigurationSource; - -import static org.assertj.core.api.Assertions.assertThat; -import static org.assertj.core.api.Assertions.catchThrowable; - -public class RoleAndPermissionEnumTest { - private static ConfigurationSource configurationSource = new FSConfigurationSource( - ExternalConfiguration.getChangeListener(), "src/test/resources/config/catalog-be"); - private static ConfigurationManager configurationManager = new ConfigurationManager(configurationSource); - private final String prefix = ".app."; - - @Test - public void getRoleReadOnly() { - Assert.assertEquals(configurationManager.getConfiguration().getAafNamespace() + prefix + "readonly", AafRoles.READ_ONLY.getRole()); - } - - @Test - public void getRoleAll() { - Assert.assertEquals(configurationManager.getConfiguration().getAafNamespace() + prefix + "all", AafRoles.ALL.getRole()); - } - - @Test - public void testGetEnumByStringWithExistingValue() { - Assert.assertEquals(AafPermission.getEnumByString(AafPermission.PermNames.READ_VALUE), - AafPermission.READ); - Assert.assertEquals(AafPermission.getEnumByString(AafPermission.PermNames.WRITE_VALUE), - AafPermission.WRITE); - Assert.assertEquals(AafPermission.getEnumByString(AafPermission.PermNames.DELETE_VALUE), - AafPermission.DELETE); - } - - @Test - public void testGetEnumByStringNonExistingValue() { - ComponentException thrown = (ComponentException) catchThrowable(()-> AafPermission.getEnumByString("stam")); - assertThat(thrown.getActionStatus()).isEqualTo(ActionStatus.INVALID_PROPERTY); - assertThat(thrown.getParams()[0]).isEqualTo("stam"); - } - -} diff --git a/catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAuthorizationHandlerTest.java b/catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAuthorizationHandlerTest.java deleted file mode 100644 index d9f249a42a..0000000000 --- a/catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAuthorizationHandlerTest.java +++ /dev/null @@ -1,121 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * SDC - * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.openecomp.sdc.be.impl.aaf; - -import static org.assertj.core.api.Assertions.assertThat; -import static org.assertj.core.api.Assertions.catchThrowable; -import static org.mockito.Mockito.when; - -import java.util.Collections; -import javax.servlet.http.HttpServletRequest; -import org.aspectj.lang.JoinPoint; -import org.aspectj.lang.Signature; -import org.hibernate.validator.internal.util.annotation.AnnotationDescriptor; -import org.hibernate.validator.internal.util.annotation.AnnotationDescriptor.Builder; -import org.hibernate.validator.internal.util.annotation.AnnotationFactory; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.extension.ExtendWith; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; -import org.mockito.junit.jupiter.MockitoExtension; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission; -import org.openecomp.sdc.be.components.impl.aaf.AafPermission.PermNames; -import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed; -import org.openecomp.sdc.be.components.impl.aaf.RoleAuthorizationHandler; -import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; -import org.openecomp.sdc.be.config.ConfigurationManager; -import org.openecomp.sdc.be.dao.api.ActionStatus; -import org.openecomp.sdc.be.servlets.BeGenericServlet; -import org.openecomp.sdc.common.api.FilterDecisionEnum; -import org.openecomp.sdc.common.impl.ExternalConfiguration; -import org.openecomp.sdc.common.impl.FSConfigurationSource; -import org.openecomp.sdc.common.util.ThreadLocalsHolder; - -@ExtendWith(MockitoExtension.class) -class RoleAuthorizationHandlerTest { - - private RoleAuthorizationHandler roleAuthorizationHandler; - @Mock - private JoinPoint joinPoint; - @Mock - private Signature signature; - @Mock - private BeGenericServlet beGenericServlet; - @Mock - private HttpServletRequest httpServletRequest; - - @BeforeEach - public void setUp() { - MockitoAnnotations.openMocks(this); - when(joinPoint.getSignature()).thenReturn(signature); - when(signature.toShortString()).thenReturn("methodName"); - when(joinPoint.getThis()).thenReturn(beGenericServlet); - when(beGenericServlet.getServletRequest()).thenReturn(httpServletRequest); - ThreadLocalsHolder.setApiType(FilterDecisionEnum.EXTERNAL); - new ConfigurationManager(new FSConfigurationSource(ExternalConfiguration.getChangeListener(), "src/test/resources/config/catalog-be/auth")); - roleAuthorizationHandler = new RoleAuthorizationHandler(); - } - - @Test - void testAuthorizeRoleOnePermittedRole() { - final String[] permsAllowed = {PermNames.WRITE_VALUE}; - final AnnotationDescriptor permissionDescriptor = createTestSubject(permsAllowed); - final PermissionAllowed rolesAllowed = AnnotationFactory.create(permissionDescriptor); - when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission())).thenReturn(true); - roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed); - } - - @Test - void testAuthorizeRoleTwoPermittedRole() { - final String[] permsAllowed = {PermNames.WRITE_VALUE, PermNames.READ_VALUE}; - final AnnotationDescriptor permissionDescriptor = createTestSubject(permsAllowed); - final PermissionAllowed rolesAllowed = AnnotationFactory.create(permissionDescriptor); - when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission())).thenReturn(true); - roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed); - } - - @Test - void testAuthorizeRoleNonPermittedRole() { - final String[] permsAllowed = {PermNames.WRITE_VALUE, PermNames.READ_VALUE}; - final AnnotationDescriptor permissionDescriptor = createTestSubject(permsAllowed); - final PermissionAllowed rolesAllowed = AnnotationFactory.create(permissionDescriptor); - when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission())).thenReturn(false); - - final ComponentException thrown = (ComponentException) catchThrowable(() -> roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed)); - assertThat(thrown.getActionStatus()).isEqualTo(ActionStatus.AUTH_FAILED); - } - - @Test - void testAuthorizeRoleEmptyRole() { - final String[] permsAllowed = {}; - final AnnotationDescriptor permissionDescriptor = createTestSubject(permsAllowed); - final PermissionAllowed rolesAllowed = AnnotationFactory.create(permissionDescriptor); - - final ComponentException thrown = (ComponentException) catchThrowable(() -> roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed)); - assertThat(thrown.getActionStatus()).isEqualTo(ActionStatus.AUTH_FAILED); - } - - private AnnotationDescriptor createTestSubject(final String[] permsAllowed) { - return new Builder<>(PermissionAllowed.class, Collections.singletonMap("value", permsAllowed)).build(); - } - -} diff --git a/catalog-be/src/test/java/org/openecomp/sdc/be/servlets/PolicyServletTest.java b/catalog-be/src/test/java/org/openecomp/sdc/be/servlets/PolicyServletTest.java index 2b790a4137..87d33b955e 100644 --- a/catalog-be/src/test/java/org/openecomp/sdc/be/servlets/PolicyServletTest.java +++ b/catalog-be/src/test/java/org/openecomp/sdc/be/servlets/PolicyServletTest.java @@ -61,7 +61,6 @@ import org.mockito.Spy; import org.openecomp.sdc.be.components.impl.BaseBusinessLogic; import org.openecomp.sdc.be.components.impl.PolicyBusinessLogic; import org.openecomp.sdc.be.components.impl.ResponseFormatManager; -import org.openecomp.sdc.be.components.impl.aaf.RoleAuthorizationHandler; import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException; import org.openecomp.sdc.be.components.impl.exceptions.ByResponseFormatComponentException; import org.openecomp.sdc.be.components.property.PropertyDeclarationOrchestrator; @@ -106,7 +105,6 @@ class PolicyServletTest extends JerseySpringBaseTest { private static ServletUtils servletUtils; private static PropertyDeclarationOrchestrator propertyDeclarationOrchestrator; private static ToscaOperationFacade toscaOperationFacade; - private static RoleAuthorizationHandler roleAuthorizationHandler; private static ResponseFormat responseFormat; @Captor private static ArgumentCaptor policyCaptor; @@ -538,7 +536,6 @@ class PolicyServletTest extends JerseySpringBaseTest { componentsUtils = Mockito.mock(ComponentsUtils.class); servletUtils = Mockito.mock(ServletUtils.class); responseFormat = Mockito.mock(ResponseFormat.class); - roleAuthorizationHandler = Mockito.mock(RoleAuthorizationHandler.class); } private static class BaseBusinessLogicTest extends BaseBusinessLogic { diff --git a/catalog-be/src/test/resources/config/catalog-be/auth/configuration.yaml b/catalog-be/src/test/resources/config/catalog-be/auth/configuration.yaml deleted file mode 100644 index f13e74bdcc..0000000000 --- a/catalog-be/src/test/resources/config/catalog-be/auth/configuration.yaml +++ /dev/null @@ -1 +0,0 @@ -aafAuthNeeded: true \ No newline at end of file diff --git a/catalog-be/src/test/resources/config/catalog-be/configuration.yaml b/catalog-be/src/test/resources/config/catalog-be/configuration.yaml index 282c4d32f0..3ec3793d43 100644 --- a/catalog-be/src/test/resources/config/catalog-be/configuration.yaml +++ b/catalog-be/src/test/resources/config/catalog-be/configuration.yaml @@ -97,8 +97,6 @@ cassandraConfig: username: koko password: bobo ssl: false - truststorePath : /path/path - truststorePassword : 123123 keySpaces: - { name: sdcaudit, replicationStrategy: SimpleStrategy, replicationInfo: ['1']} - { name: sdcartifact, replicationStrategy: SimpleStrategy, replicationInfo: ['1']} @@ -476,8 +474,6 @@ dmaapConsumerConfiguration: password: XyCUPhFx9u70aklYGo6OiA== aftDme2SslEnable: true aftDme2ClientIgnoreSslConfig: false - aftDme2ClientKeystore: /opt/app/jetty/base/be/config/.truststore - aftDme2ClientKeystorePassword: XyCUPhFx9u70aklYGo6OiA== aftDme2ClientSslCertAlias: certman dmaapProducerConfiguration: @@ -538,26 +534,6 @@ healthStatusExclude: - ES - DMAAP -aafNamespace: com.att.sdc - -aafAuthNeeded: false - -cadiFilterParams: - AFT_LATITUDE: "32.780140" - AFT_LONGITUDE: "-96.800451" - hostname: 192.168.33.10 - aaf_id: aaf@sdc.onap.org - aaf_env: TEST - aaf_url: https://aaftest.onap.org/locate/ - csp_domain: PROD - cadi_keyfile: /opt/app/jetty/base/be/etc/keyfile - aaf_password: enc:uI_J4jBL4YUcIZZa5uZKj3QMUC63hbS8TmDn5PSp5nO - cadi_loglevel: DEBUG - AFT_ENVIRONMENT: AFTUAT - cadiX509Issuers: CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US - cadi_truststore: /opt/app/jetty/base/be/etc/cadi_truststore.jks - cadi_truststore_password: changeit - # This configuration entry lists all node type names prefix that shall be allowed on SDC. definedResourceNamespace: - org.openecomp.resource. diff --git a/common-app-api/src/main/java/org/openecomp/sdc/be/config/CadiFilterParams.java b/common-app-api/src/main/java/org/openecomp/sdc/be/config/CadiFilterParams.java deleted file mode 100644 index 63d1c81cb7..0000000000 --- a/common-app-api/src/main/java/org/openecomp/sdc/be/config/CadiFilterParams.java +++ /dev/null @@ -1,25 +0,0 @@ -package org.openecomp.sdc.be.config; - -import lombok.Getter; -import lombok.Setter; - -@Getter -@Setter -public class CadiFilterParams { - - private String hostname; - private String csp_domain; - private String cadi_keyfile; - private String cadi_loglevel; - private String cadi_truststore; - private String cadi_truststore_password; - private String aaf_id; - private String aaf_password; - private String aaf_env; - private String aafLocateUrl; - private String aaf_url; - private String AFT_LATITUDE; - private String AFT_LONGITUDE; - private String AFT_ENVIRONMENT; - private String cadiX509Issuers; -} diff --git a/common-app-api/src/main/java/org/openecomp/sdc/be/config/Configuration.java b/common-app-api/src/main/java/org/openecomp/sdc/be/config/Configuration.java index b73396352c..f945402106 100644 --- a/common-app-api/src/main/java/org/openecomp/sdc/be/config/Configuration.java +++ b/common-app-api/src/main/java/org/openecomp/sdc/be/config/Configuration.java @@ -118,15 +118,12 @@ public class Configuration extends BasicConfiguration { private ApplicationL2CacheConfig applicationL2Cache; private ToscaValidatorsConfig toscaValidators; private boolean disableAudit; - private Boolean consumerBusinessLogic; private Map vfModuleProperties; private Map genericAssetNodeTypes; private Map serviceBaseNodeTypes; private Map> resourceNodeTypes; private String appVersion; private String artifactGeneratorConfig; - private CadiFilterParams cadiFilterParams; - private Boolean aafAuthNeeded = false; private String autoHealingOwner; private boolean enableAutoHealing; private Map> resourcesForUpgrade; @@ -138,8 +135,6 @@ public class Configuration extends BasicConfiguration { private boolean supportAllottedResourcesAndProxy; private Integer deleteLockTimeoutInSeconds; private Integer maxDeleteComponents; - private CookieConfig authCookie; - private String aafNamespace; private String workloadContext; private EnvironmentContext environmentContext; private List gabConfig; @@ -206,31 +201,6 @@ public class Configuration extends BasicConfiguration { return globalCsarImports; } - @Getter - @Setter - @NoArgsConstructor - public static class CookieConfig { - - private String securityKey = ""; - private long maxSessionTimeOut = 600 * 1000L; - private long sessionIdleTimeOut = 30 * 1000L; - private String cookieName = "AuthenticationCookie"; - private String redirectURL = "https://www.e-access.att.com/ecomp_portal_ist/ecompportal/process_csp"; - private List excludedUrls; - private List onboardingExcludedUrls; - private String domain = ""; - private String path = ""; - private boolean isHttpOnly = true; - - public boolean isHttpOnly() { - return isHttpOnly; - } - - public void setIsHttpOnly(final boolean isHttpOnly) { - this.isHttpOnly = isHttpOnly; - } - } - @Getter @Setter @NoArgsConstructor