| Aharoni, Pavel (pa0916) | ca3cb01 | 2018-10-22 15:29:57 +0300 | [diff] [blame] | 1 | /*-
|
| 2 | * ============LICENSE_START=======================================================
|
| 3 | * OSAM
|
| 4 | * ================================================================================
|
| 5 | * Copyright (C) 2018 AT&T
|
| 6 | * ================================================================================
|
| 7 | * Licensed under the Apache License, Version 2.0 (the "License");
|
| 8 | * you may not use this file except in compliance with the License.
|
| 9 | * You may obtain a copy of the License at
|
| 10 | *
|
| 11 | * http://www.apache.org/licenses/LICENSE-2.0
|
| 12 | *
|
| 13 | * Unless required by applicable law or agreed to in writing, software
|
| 14 | * distributed under the License is distributed on an "AS IS" BASIS,
|
| 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
| 16 | * See the License for the specific language governing permissions and
|
| 17 | * limitations under the License.
|
| 18 | * ============LICENSE_END=========================================================
|
| 19 | */
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 | package org.onap.osam.roles;
|
| 24 |
|
| 25 | import org.onap.osam.mso.rest.RequestDetails;
|
| 26 |
|
| 27 | import java.util.List;
|
| 28 | import java.util.Map;
|
| 29 |
|
| 30 | public class RoleValidator {
|
| 31 |
|
| 32 | private boolean disableRoles = true;
|
| 33 | private List<Role> userRoles;
|
| 34 |
|
| 35 | public RoleValidator(List<Role> roles) {
|
| 36 | this.userRoles = roles;
|
| 37 | }
|
| 38 |
|
| 39 | public boolean isSubscriberPermitted(String subscriberName) {
|
| 40 | if(this.disableRoles) return true;
|
| 41 |
|
| 42 | for (Role role : userRoles) {
|
| 43 | if (role.getSubscribeName().equals(subscriberName))
|
| 44 | return true;
|
| 45 | }
|
| 46 | return false;
|
| 47 | }
|
| 48 |
|
| 49 | public boolean isServicePermitted(String subscriberName, String serviceType) {
|
| 50 | if(this.disableRoles) return true;
|
| 51 |
|
| 52 | for (Role role : userRoles) {
|
| 53 | if (role.getSubscribeName().equals(subscriberName) && role.getServiceType().equals(serviceType))
|
| 54 | return true;
|
| 55 | }
|
| 56 | return false;
|
| 57 | }
|
| 58 |
|
| 59 | public boolean isMsoRequestValid(RequestDetails mso_request) {
|
| 60 | if(this.disableRoles) return true;
|
| 61 |
|
| 62 | try {
|
| 63 | String globalSubscriberIdRequested = (String) ((Map) ((Map) mso_request.getAdditionalProperties().get("requestDetails")).get("subscriberInfo")).get("globalSubscriberId");
|
| 64 | String serviceType = (String) ((Map) ((Map) mso_request.getAdditionalProperties().get("requestDetails")).get("requestParameters")).get("subscriptionServiceType");
|
| 65 | return isServicePermitted(globalSubscriberIdRequested, serviceType);
|
| 66 | } catch (Exception e) {
|
| 67 | //Until we'll get the exact information regarding the tenants and the global customer id, we'll return true on unknown requests to mso
|
| 68 | return true;
|
| 69 | }
|
| 70 | // return false;
|
| 71 | }
|
| 72 |
|
| 73 | public boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName) {
|
| 74 | if(this.disableRoles) return true;
|
| 75 |
|
| 76 | for (Role role : userRoles) {
|
| 77 | if (role.getSubscribeName().equals(globalCustomerId)
|
| 78 | && role.getServiceType().equals(serviceType)
|
| 79 | && (role.getTenant() == null || role.getTenant().equalsIgnoreCase(tenantName))) {
|
| 80 | return true;
|
| 81 | }
|
| 82 | }
|
| 83 | return false;
|
| 84 | }
|
| 85 | }
|