| Aharoni, Pavel (pa0916) | ca3cb01 | 2018-10-22 15:29:57 +0300 | [diff] [blame] | 1 | /*-
|
| 2 | * ============LICENSE_START=======================================================
|
| 3 | * OSAM
|
| 4 | * ================================================================================
|
| 5 | * Copyright (C) 2018 AT&T
|
| 6 | * ================================================================================
|
| 7 | * Licensed under the Apache License, Version 2.0 (the "License");
|
| 8 | * you may not use this file except in compliance with the License.
|
| 9 | * You may obtain a copy of the License at
|
| 10 | *
|
| 11 | * http://www.apache.org/licenses/LICENSE-2.0
|
| 12 | *
|
| 13 | * Unless required by applicable law or agreed to in writing, software
|
| 14 | * distributed under the License is distributed on an "AS IS" BASIS,
|
| 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
| 16 | * See the License for the specific language governing permissions and
|
| 17 | * limitations under the License.
|
| 18 | * ============LICENSE_END=========================================================
|
| 19 | */
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 | package org.onap.osam.roles;
|
| 24 |
|
| 25 | import com.fasterxml.jackson.core.JsonProcessingException;
|
| 26 | import com.fasterxml.jackson.databind.ObjectMapper;
|
| 27 | import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
|
| 28 | import org.onap.portalsdk.core.web.support.UserUtils;
|
| 29 | import org.onap.osam.aai.AaiResponse;
|
| 30 | import org.onap.osam.aai.exceptions.RoleParsingException;
|
| 31 | import org.onap.osam.model.ModelConstants;
|
| 32 | import org.onap.osam.model.Subscriber;
|
| 33 | import org.onap.osam.model.SubscriberList;
|
| 34 | import org.onap.osam.services.IAaiService;
|
| 35 | import org.springframework.beans.factory.annotation.Autowired;
|
| 36 | import org.springframework.stereotype.Component;
|
| 37 |
|
| 38 | import javax.servlet.http.HttpServletRequest;
|
| 39 | import java.util.*;
|
| 40 |
|
| 41 | //import org.codehaus.jackson.map.ObjectMapper;
|
| 42 |
|
| 43 |
|
| 44 | @Component
|
| 45 | public class RoleProvider {
|
| 46 |
|
| 47 | private static final EELFLoggerDelegate LOG = EELFLoggerDelegate.getLogger(RoleProvider.class);
|
| 48 | final String readPermissionString = "read";
|
| 49 | SubscriberList subscribers;
|
| 50 | ObjectMapper om = new ObjectMapper();
|
| 51 | @Autowired
|
| 52 | private IAaiService aaiService;
|
| 53 |
|
| 54 | public static List<String> extractRoleFromSession(HttpServletRequest request) {
|
| 55 |
|
| 56 | return new ArrayList<String>();
|
| 57 |
|
| 58 | }
|
| 59 |
|
| 60 | public void init() {
|
| 61 | LOG.debug(EELFLoggerDelegate.debugLogger, "Role provider => init method started");
|
| 62 | AaiResponse<SubscriberList> subscribersResponse = aaiService.getFullSubscriberList();
|
| 63 | subscribers = subscribersResponse.getT();
|
| 64 | LOG.debug(EELFLoggerDelegate.debugLogger, "Role provider => init method finished");
|
| 65 | }
|
| 66 |
|
| 67 | public List<Role> getUserRoles(HttpServletRequest request) throws JsonProcessingException {
|
| 68 | String logPrefix = "Role Provider (" + UserUtils.getUserId(request) + ") ==>";
|
| 69 |
|
| 70 | LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "Entering to get user role for user " + UserUtils.getUserId(request));
|
| 71 |
|
| 72 | List<Role> roleList = new ArrayList<>();
|
| 73 | //Disable roles until AAF integration finishes
|
| 74 | /*HashMap roles = UserUtils.getRoles(request);
|
| 75 | for (Object role : roles.keySet()) {
|
| 76 | org.openecomp.portalsdk.core.domain.Role sdkRol = (org.openecomp.portalsdk.core.domain.Role) roles.get(role);
|
| 77 |
|
| 78 | LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "Role " + sdkRol.getName() + " is being proccessed");
|
| 79 | try {
|
| 80 | if (sdkRol.getName().contains(readPermissionString)) {
|
| 81 | LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + " Role " + sdkRol.getName() + " contain " + readPermissionString);
|
| 82 |
|
| 83 | continue;
|
| 84 | }
|
| 85 | String[] roleParts = splitRole((sdkRol.getName()), logPrefix);
|
| 86 | roleList.add(createRoleFromStringArr(roleParts, logPrefix));
|
| 87 | String msg = String.format(logPrefix + " User %s got permissions %s", UserUtils.getUserId(request), Arrays.toString(roleParts));
|
| 88 | LOG.debug(EELFLoggerDelegate.debugLogger, msg);
|
| 89 | } catch (RoleParsingException e) {
|
| 90 | LOG.error(logPrefix + " Failed to parse permission");
|
| 91 |
|
| 92 | }
|
| 93 | }*/
|
| 94 |
|
| 95 | return roleList;
|
| 96 | }
|
| 97 |
|
| 98 | public String[] splitRole(String roleAsString, String logPrefix) {
|
| 99 | LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "Spliting role = " + roleAsString + "With delimeter = " + ModelConstants.ROLE_DELIMITER);
|
| 100 | return roleAsString.split(ModelConstants.ROLE_DELIMITER);
|
| 101 | }
|
| 102 |
|
| 103 | public boolean userPermissionIsReadOnly(List<Role> roles) {
|
| 104 |
|
| 105 | return (!(roles.size() > 0));
|
| 106 | }
|
| 107 |
|
| 108 | public boolean userPermissionIsReadLogs(List<Role> roles){
|
| 109 | for(Role role: roles){
|
| 110 | if(role.getServiceType().equals("LOGS")){
|
| 111 | if(role.getTenant().equals("PERMITTED")){
|
| 112 | return true;
|
| 113 | }
|
| 114 | }
|
| 115 | }
|
| 116 | return false;
|
| 117 | }
|
| 118 |
|
| 119 | private String replaceSubscriberNameToGlobalCustomerID(String subscriberName, String logPrefix) throws JsonProcessingException {
|
| 120 | if (subscribers == null) {
|
| 121 | LOG.debug(EELFLoggerDelegate.debugLogger, "replaceSubscriberNameToGlobalCustomerID calling init method");
|
| 122 | init();
|
| 123 | }
|
| 124 | LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "subscribers list size is " + subscribers.customer.size() + " with the values " + om.writeValueAsString(subscribers.customer));
|
| 125 | LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "subscribers list size is " + subscribers.customer.size() + " with the values " + om.writeValueAsString(subscribers.customer));
|
| 126 |
|
| 127 |
|
| 128 | Optional<Subscriber> s = subscribers.customer.stream().filter(x -> x.subscriberName.equals(subscriberName)).findFirst();
|
| 129 | //Fixing bug of logging "optional get" before isPresent
|
| 130 | String replacement = s.isPresent() ? s.get().globalCustomerId : "";
|
| 131 | LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "Subscribername " + subscriberName + " changed to " + replacement);
|
| 132 | return replacement;
|
| 133 | }
|
| 134 |
|
| 135 | public Role createRoleFromStringArr(String[] roleParts, String rolePrefix) throws JsonProcessingException, RoleParsingException {
|
| 136 | String globalCustomerID = replaceSubscriberNameToGlobalCustomerID(roleParts[0], rolePrefix);
|
| 137 | try {
|
| 138 | if (roleParts.length > 2) {
|
| 139 | return new Role(EcompRole.READ, globalCustomerID, roleParts[1], roleParts[2]);
|
| 140 | } else {
|
| 141 | return new Role(EcompRole.READ, globalCustomerID, roleParts[1], null);
|
| 142 | }
|
| 143 | } catch (ArrayIndexOutOfBoundsException e) {
|
| 144 | if (roleParts.length > 0)
|
| 145 | LOG.debug(EELFLoggerDelegate.debugLogger, "Could not parse role ", roleParts[0]);
|
| 146 | else {
|
| 147 | LOG.debug(EELFLoggerDelegate.debugLogger, "Got empty role, Could not parse it ");
|
| 148 |
|
| 149 | }
|
| 150 | throw new RoleParsingException();
|
| 151 | }
|
| 152 |
|
| 153 | }
|
| 154 |
|
| 155 | }
|
| 156 |
|