Update project structure to org.onap.aaf
Update project structure of authz module in aaf from
com.att to org.onap.aaf and add distribution management
and repositories.
Issue-id: AAF-21
Change-Id: Ia2486954e99f2bd60f18122ed60d32d5590781e9
Signed-off-by: sg481n <sg481n@att.com>
diff --git a/authz-cmd/src/main/assemble/authz-cmd.xml b/authz-cmd/src/main/assemble/authz-cmd.xml
new file mode 100644
index 0000000..c1f2ad6
--- /dev/null
+++ b/authz-cmd/src/main/assemble/authz-cmd.xml
@@ -0,0 +1,47 @@
+<!--
+ ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ *
+-->
+<assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
+
+ <id>jar-with-dependencies</id>
+ <formats>
+ <format>jar</format>
+ </formats>
+
+ <includeBaseDirectory>false</includeBaseDirectory>
+ <dependencySets>
+ <dependencySet>
+ <unpack>true</unpack>
+ <scope>compile</scope>
+ </dependencySet>
+
+ </dependencySets>
+ <fileSets>
+ <fileSet>
+ <directory>src/main/xsd</directory>
+ </fileSet>
+ <fileSet>
+ <directory>etc</directory>
+ </fileSet>
+ </fileSets>
+</assembly>
diff --git a/authz-cmd/src/main/assemble/swm.xml b/authz-cmd/src/main/assemble/swm.xml
new file mode 100644
index 0000000..f2e8683
--- /dev/null
+++ b/authz-cmd/src/main/assemble/swm.xml
@@ -0,0 +1,34 @@
+<!--
+ ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ *
+-->
+<assembly>
+ <id>swm</id>
+ <formats>
+ <format>zip</format>
+ </formats>
+ <baseDirectory>${artifactId}</baseDirectory>
+ <fileSets>
+ <fileSet>
+ <directory>target/swm</directory>
+ </fileSet>
+ </fileSets>
+</assembly>
diff --git a/authz-cmd/src/main/config/log4j.properties b/authz-cmd/src/main/config/log4j.properties
new file mode 100644
index 0000000..fcd9da8
--- /dev/null
+++ b/authz-cmd/src/main/config/log4j.properties
@@ -0,0 +1,54 @@
+#-------------------------------------------------------------------------------
+# ============LICENSE_START====================================================
+# * org.onap.aaf
+# * ===========================================================================
+# * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# * ===========================================================================
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+# * ============LICENSE_END====================================================
+# *
+# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+# *
+#-------------------------------------------------------------------------------
+###############################################################################
+# Copyright (c) 2016 AT&T Intellectual Property. All rights reserved.
+###############################################################################
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+log4j.appender.SVR=org.apache.log4j.RollingFileAppender
+log4j.appender.SVR.File=${user.home}/.aaf/authz-cmd.log
+log4j.appender.SVR.MaxFileSize=10000KB
+log4j.appender.SVR.MaxBackupIndex=1
+log4j.appender.SVR.layout=org.apache.log4j.PatternLayout
+log4j.appender.SVR.layout.ConversionPattern=%d %p [%c] %m %n
+
+# General Apache libraries
+log4j.rootLogger=WARN,SVR
+
diff --git a/authz-cmd/src/main/config/logging.props b/authz-cmd/src/main/config/logging.props
new file mode 100644
index 0000000..4d0f0f1
--- /dev/null
+++ b/authz-cmd/src/main/config/logging.props
@@ -0,0 +1,38 @@
+| ############################################################
+# Default Logging Configuration File
+#
+# You can use a different file by specifying a filename
+# with the java.util.logging.config.file system property.
+# For example java -Djava.util.logging.config.file=myfile
+############################################################
+
+############################################################
+# Global properties
+############################################################
+
+# "handlers" specifies a comma separated list of log Handler
+# classes. These handlers will be installed during VM startup.
+# Note that these classes must be on the system classpath.
+# By default we only configure a ConsoleHandler, which will only
+# show messages at the INFO and above levels.
+handlers=java.util.logging.FileHandler
+
+# Default global logging level.
+# This specifies which kinds of events are logged across
+# all loggers. For any given facility this global level
+# can be overriden by a facility specific level
+# Note that the ConsoleHandler also has a separate level
+# setting to limit messages printed to the console.
+.level=INFO
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+java.util.logging.FileHandler.properties=autoFlush,fileName,dataPattern,name
+java.util.logging.FileHandler.fileName=%h/.aaf/dme2.log
+java.util.logging.FileHandlerFileHandler.autoFlush=true
+java.util.logging.FileHandlerFileHandler.name=DailyRollingFileHandler
+java.util.logging.FileHandlerFileHandler.datePattern='.'yyyy-MM-dd
+com.att.aft.dme2.events.server.summary=WARN
+
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/AAFcli.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/AAFcli.java
new file mode 100644
index 0000000..5e0c802
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/AAFcli.java
@@ -0,0 +1,722 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd;
+
+import java.io.BufferedReader;
+import java.io.Console;
+import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStreamWriter;
+import java.io.PrintWriter;
+import java.io.Reader;
+import java.io.Writer;
+import java.net.HttpURLConnection;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+import org.apache.log4j.PropertyConfigurator;
+import org.onap.aaf.authz.env.AuthzEnv;
+import org.onap.aaf.cmd.mgmt.Mgmt;
+import org.onap.aaf.cmd.ns.NS;
+import org.onap.aaf.cmd.perm.Perm;
+import org.onap.aaf.cmd.role.Role;
+import org.onap.aaf.cmd.user.User;
+
+import com.att.aft.dme2.api.DME2Manager;
+import org.onap.aaf.cadi.Access.Level;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.Locator;
+import org.onap.aaf.cadi.SecuritySetter;
+import org.onap.aaf.cadi.client.PropertyLocator;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.cadi.config.SecurityInfo;
+import org.onap.aaf.cadi.config.SecurityInfoC;
+import org.onap.aaf.cadi.dme2.DME2Locator;
+import org.onap.aaf.cadi.filter.AccessGetter;
+import org.onap.aaf.cadi.http.HBasicAuthSS;
+import org.onap.aaf.cadi.http.HMangr;
+import org.onap.aaf.inno.env.APIException;
+import org.onap.aaf.inno.env.Env;
+import org.onap.aaf.inno.env.impl.Log4JLogTarget;
+import org.onap.aaf.inno.env.util.Split;
+
+import jline.console.ConsoleReader;
+
+public class AAFcli {
+
+ public static final String AAF_DEFAULT_REALM = "aaf_default_realm";
+ protected static PrintWriter pw;
+ protected HMangr hman;
+ // Storage for last reused client. We can do this
+ // because we're technically "single" threaded calls.
+ public Retryable<?> prevCall;
+
+ protected SecuritySetter<HttpURLConnection> ss;
+ protected AuthzEnv env;
+ private boolean close;
+ private List<Cmd> cmds;
+
+ // Lex State
+ private ArrayList<Integer> expect = new ArrayList<Integer>();
+ private boolean verbose = true;
+ private int delay;
+ private SecurityInfo si;
+ private boolean request = false;
+ private String force = null;
+ private boolean gui = false;
+
+ private static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
+ private static boolean isConsole = false;
+ private static boolean isTest = false;
+ private static boolean showDetails = false;
+ private static boolean ignoreDelay = false;
+ private static int globalDelay=0;
+
+ public static int timeout() {
+ return TIMEOUT;
+ }
+
+ public AAFcli(AuthzEnv env, Writer wtr, HMangr hman, SecurityInfo si, SecuritySetter<HttpURLConnection> ss) throws APIException {
+ this.env = env;
+ this.ss = ss;
+ this.hman = hman;
+ this.si = si;
+ if (wtr instanceof PrintWriter) {
+ pw = (PrintWriter) wtr;
+ close = false;
+ } else {
+ pw = new PrintWriter(wtr);
+ close = true;
+ }
+
+
+ // client = new DRcli(new URI(aafurl), new
+ // BasicAuth(user,toPass(pass,true)))
+ // .apiVersion("2.0")
+ // .timeout(TIMEOUT);
+
+ /*
+ * Create Cmd Tree
+ */
+ cmds = new ArrayList<Cmd>();
+
+ Role role = new Role(this);
+ cmds.add(new Help(this, cmds));
+ cmds.add(new Version(this));
+ cmds.add(new Perm(role));
+ cmds.add(role);
+ cmds.add(new User(this));
+ cmds.add(new NS(this));
+ cmds.add(new Mgmt(this));
+ }
+
+ public void verbose(boolean v) {
+ verbose = v;
+ }
+
+ public void close() {
+ if (hman != null) {
+ hman.close();
+ hman = null;
+ }
+ if (close) {
+ pw.close();
+ }
+ }
+
+ public boolean eval(String line) throws Exception {
+ if (line.length() == 0) {
+ return true;
+ } else if (line.startsWith("#")) {
+ pw.println(line);
+ return true;
+ }
+
+ String[] largs = argEval(line);
+ int idx = 0;
+
+ // Variable replacement
+ StringBuilder sb = null;
+ while (idx < largs.length) {
+ int e = 0;
+ for (int v = largs[idx].indexOf("@["); v >= 0; v = largs[idx].indexOf("@[", v + 1)) {
+ if (sb == null) {
+ sb = new StringBuilder();
+ }
+ sb.append(largs[idx], e, v);
+ if ((e = largs[idx].indexOf(']', v)) >= 0) {
+ String p = env.getProperty(largs[idx].substring(v + 2, e++));
+ if (p != null) {
+ sb.append(p);
+ }
+ }
+ }
+ if (sb != null && sb.length() > 0) {
+ sb.append(largs[idx], e, largs[idx].length());
+ largs[idx] = sb.toString();
+ sb.setLength(0);
+ }
+ ++idx;
+ }
+
+ idx = 0;
+ boolean rv = true;
+ while (rv && idx < largs.length) {
+ // Allow Script to change Credential
+ if (!gui) {
+ if("as".equalsIgnoreCase(largs[idx])) {
+ if (largs.length > ++idx) {
+ // get Password from Props with ID as Key
+ String user = largs[idx++];
+ int colon = user.indexOf(':');
+ String pass;
+ if (colon > 0) {
+ pass = user.substring(colon + 1);
+ user = user.substring(0, colon);
+ } else {
+ pass = env.getProperty(user);
+ }
+
+ if (pass != null) {
+ pass = env.decrypt(pass, false);
+ env.setProperty(user, pass);
+ ss = new HBasicAuthSS(user, pass,(SecurityInfoC<HttpURLConnection>) si);
+ pw.println("as " + user);
+ } else { // get Pass from System Properties, under name of
+ // Tag
+ pw.println("ERROR: No password set for " + user);
+ rv = false;
+ }
+ continue;
+ }
+ } else if ("expect".equalsIgnoreCase(largs[idx])) {
+ expect.clear();
+ if (largs.length > idx++) {
+ if (!"nothing".equals(largs[idx])) {
+ for (String str : largs[idx].split(",")) {
+ try {
+ if ("Exception".equalsIgnoreCase(str)) {
+ expect.add(-1);
+ } else {
+ expect.add(Integer.parseInt(str));
+ }
+ } catch (NumberFormatException e) {
+ throw new CadiException("\"expect\" should be followed by Number");
+ }
+ }
+ ++idx;
+ }
+ }
+ continue;
+ // Sleep, typically for reports, to allow DB to update
+ // Milliseconds
+
+ } else if ("sleep".equalsIgnoreCase(largs[idx])) {
+ Integer t = Integer.parseInt(largs[++idx]);
+ pw.println("sleep " + t);
+ Thread.sleep(t);
+ ++idx;
+ continue;
+ } else if ("delay".equalsIgnoreCase(largs[idx])) {
+ delay = Integer.parseInt(largs[++idx]);
+ pw.println("delay " + delay);
+ ++idx;
+ continue;
+ } else if ("pause".equalsIgnoreCase(largs[idx])) {
+ pw.println("Press <Return> to continue...");
+ ++idx;
+ new BufferedReader(new InputStreamReader(System.in)).readLine();
+ continue;
+ } else if ("exit".equalsIgnoreCase(largs[idx])) {
+ pw.println("Exiting...");
+ return false;
+ }
+
+ }
+
+ if("REQUEST".equalsIgnoreCase(largs[idx])) {
+ request=true;
+ ++idx;
+ } else if("FORCE".equalsIgnoreCase(largs[idx])) {
+ force="true";
+ ++idx;
+ } else if ("set".equalsIgnoreCase(largs[idx])) {
+ while (largs.length > ++idx) {
+ int equals = largs[idx].indexOf('=');
+ if (equals < 0) {
+ break;
+ }
+ String tag = largs[idx].substring(0, equals);
+ String value = largs[idx].substring(++equals);
+ pw.println("set " + tag + ' ' + value);
+ boolean isTrue = "TRUE".equalsIgnoreCase(value);
+ if("FORCE".equalsIgnoreCase(tag)) {
+ force = value;
+ } else if("REQUEST".equalsIgnoreCase(tag)) {
+ request = isTrue;
+ } else if("DETAILS".equalsIgnoreCase(tag)) {
+ showDetails = isTrue;
+ } else {
+ env.setProperty(tag, value);
+ }
+ }
+ continue;
+ // Allow Script to indicate if Failure is what is expected
+ }
+
+ int ret = 0;
+ for (Cmd c : cmds) {
+ if (largs[idx].equalsIgnoreCase(c.getName())) {
+ if (verbose) {
+ pw.println(line);
+ if (expect.size() > 0) {
+ pw.print("** Expect ");
+ boolean first = true;
+ for (Integer i : expect) {
+ if (first) {
+ first = false;
+ } else {
+ pw.print(',');
+ }
+ pw.print(i);
+ }
+ pw.println(" **");
+ }
+ }
+ try {
+ ret = c.exec(++idx, largs);
+ if (delay+globalDelay > 0) {
+ Thread.sleep(delay+globalDelay);
+ }
+ } catch (Exception e) {
+ if (expect.contains(-1)) {
+ pw.println(e.getMessage());
+ ret = -1;
+ } else {
+ throw e;
+ }
+ } finally {
+ clearSingleLineProperties();
+ }
+ rv = expect.isEmpty() ? true : expect.contains(ret);
+ if (verbose) {
+ if (rv) {
+ pw.println();
+ } else {
+ pw.print("!!! Unexpected Return Code: ");
+ pw.print(ret);
+ pw.println(", VALIDATE OUTPUT!!!");
+ }
+ }
+ return rv;
+ }
+ }
+ pw.write("Unknown Instruction \"");
+ pw.write(largs[idx]);
+ pw.write("\"\n");
+ idx = largs.length;// always end after one command
+ }
+ return rv;
+ }
+
+ private String[] argEval(String line) {
+ StringBuilder sb = new StringBuilder();
+ ArrayList<String> arr = new ArrayList<String>();
+ boolean start = true;
+ char quote = 0;
+ for (int i = 0; i < line.length(); ++i) {
+ char ch;
+ if (Character.isWhitespace(ch = line.charAt(i))) {
+ if (start) {
+ continue; // trim
+ } else if (quote != 0) {
+ sb.append(ch);
+ } else {
+ arr.add(sb.toString());
+ sb.setLength(0);
+ start = true;
+ }
+ } else if (ch == '\'' || ch == '"') { // toggle
+ if (quote == ch) {
+ quote = 0;
+ } else {
+ quote = ch;
+ }
+ } else {
+ start = false;
+ sb.append(ch);
+ }
+ }
+ if (sb.length() > 0) {
+ arr.add(sb.toString());
+ }
+
+ String[] rv = new String[arr.size()];
+ arr.toArray(rv);
+ return rv;
+ }
+
+ public static void keyboardHelp() {
+ System.out.println("'C-' means hold the ctrl key down while pressing the next key.");
+ System.out.println("'M-' means hold the alt key down while pressing the next key.");
+ System.out.println("For instance, C-b means hold ctrl key and press b, M-b means hold alt and press b\n");
+
+ System.out.println("Basic Keybindings:");
+ System.out.println("\tC-l - clear screen");
+ System.out.println("\tC-a - beginning of line");
+ System.out.println("\tC-e - end of line");
+ System.out.println("\tC-b - backward character (left arrow also works)");
+ System.out.println("\tM-b - backward word");
+ System.out.println("\tC-f - forward character (right arrow also works)");
+ System.out.println("\tM-f - forward word");
+ System.out.println("\tC-d - delete character under cursor");
+ System.out.println("\tM-d - delete word forward");
+ System.out.println("\tM-backspace - delete word backward");
+ System.out.println("\tC-k - delete from cursor to end of line");
+ System.out.println("\tC-u - delete entire line, regardless of cursor position\n");
+
+ System.out.println("Command History:");
+ System.out.println("\tC-r - search backward in history (repeating C-r continues the search)");
+ System.out.println("\tC-p - move backwards through history (up arrow also works)");
+ System.out.println("\tC-n - move forwards through history (down arrow also works)\n");
+
+ }
+
+ /**
+ * @param args
+ */
+ public static void main(String[] args) {
+ int rv = 0;
+ // Cover for bash's need to escape *... (\\*)
+ for (int i = 0; i < args.length; ++i) {
+ if ("\\*".equals(args[i])) {
+ args[i] = "*";
+ }
+ }
+
+ System.setProperty("java.util.logging.config.file", "etc/logging.props");
+ final AuthzEnv env = new AuthzEnv(System.getProperties());
+
+ // Stop the (exceedingly annoying) DME2/other logs from printing console
+ InputStream is;
+
+ // Load Log4j too... sigh
+ is = ClassLoader.getSystemResourceAsStream("log4j.properties");
+ if(is==null) {
+ env.log(Level.WARN, "Cannot find 'log4j.properties' in Classpath. Best option: add 'etc' directory to classpath");
+ } else {
+ try {
+ Properties props = new Properties();
+ props.load(is);
+ PropertyConfigurator.configure(props);
+ } catch (Exception e) {
+ e.printStackTrace();
+ } finally {
+ try {
+ is.close();
+ } catch (IOException e) {
+ env.debug().log(e); // only logging to avoid Sonar False positives.
+ }
+ }
+ }
+
+ env.loadFromSystemPropsStartsWith("AFT", "DME2", "aaf", "keyfile");
+ try {
+ Log4JLogTarget.setLog4JEnv("aaf", env);
+ GetProp gp = new GetProp(env);
+ String user = gp.get(false,Config.AAF_MECHID,"fully qualified id");
+ String pass = gp.get(true, Config.AAF_MECHPASS, "password is hidden");
+ if(env.getProperty(Config.AAF_URL)==null) {
+ String p = env.getProperty("DMEServiceName");
+ if(p!=null) {
+ boolean https = "true".equalsIgnoreCase(env.getProperty("AFT_DME2_SSL_ENABLE"));
+ env.setProperty(Config.AAF_URL, "http"+(https?"s":"")+"://DME2RESOLVE/"+p);
+ }
+ }
+ String aafUrl = gp.get(false, Config.AAF_URL, "https://DME2RESOLVE or Direct URL:port");
+
+ if(aafUrl!=null && aafUrl.contains("//DME2")) {
+ //gp.set(Config.AFT_LATITUDE,"Lookup from a Map App or table");
+ //gp.set(Config.AFT_LONGITUDE,"Lookup from a Map App or table");
+ //gp.set(Config.AFT_ENVIRONMENT,"Check DME2 Installations");
+ }
+
+ if (gp.err() != null) {
+ gp.err().append("to continue...");
+ System.err.println(gp.err());
+ System.exit(1);
+ }
+
+
+ Reader rdr = null;
+ boolean exitOnFailure = true;
+ /*
+ * Check for "-" options anywhere in command line
+ */
+ StringBuilder sb = new StringBuilder();
+ for (int i = 0; i < args.length; ++i) {
+ if ("-i".equalsIgnoreCase(args[i])) {
+ rdr = new InputStreamReader(System.in);
+ // } else if("-o".equalsIgnoreCase(args[i])) {
+ // // shall we do something different? Output stream is
+ // already done...
+ } else if ("-f".equalsIgnoreCase(args[i])) {
+ if (args.length > i + 1) {
+ rdr = new FileReader(args[++i]);
+ }
+ } else if ("-a".equalsIgnoreCase(args[i])) {
+ exitOnFailure = false;
+ } else if ("-c".equalsIgnoreCase(args[i])) {
+ isConsole = true;
+ } else if ("-s".equalsIgnoreCase(args[i]) && args.length > i + 1) {
+ env.setProperty(Cmd.STARTDATE, args[++i]);
+ } else if ("-e".equalsIgnoreCase(args[i]) && args.length > i + 1) {
+ env.setProperty(Cmd.ENDDATE, args[++i]);
+ } else if ("-t".equalsIgnoreCase(args[i])) {
+ isTest = true;
+ } else if ("-d".equalsIgnoreCase(args[i])) {
+ showDetails = true;
+ } else if ("-n".equalsIgnoreCase(args[i])) {
+ ignoreDelay = true;
+ } else {
+ if (sb.length() > 0) {
+ sb.append(' ');
+ }
+ sb.append(args[i]);
+ }
+ }
+
+ SecurityInfo si = new SecurityInfo(env);
+ env.loadToSystemPropsStartsWith("AAF", "DME2");
+ Locator loc;
+ if(aafUrl.contains("//DME2RESOLVE")) {
+ DME2Manager dm = new DME2Manager("AAFcli DME2Manager", System.getProperties());
+ loc = new DME2Locator(env, dm, aafUrl);
+ } else {
+ loc = new PropertyLocator(aafUrl);
+ }
+
+ //Config.configPropFiles(new AccessGetter(env), env);
+
+ TIMEOUT = Integer.parseInt(env.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
+ HMangr hman = new HMangr(env, loc).readTimeout(TIMEOUT).apiVersion("2.0");
+
+ //TODO: Consider requiring a default in properties
+ env.setProperty(Config.AAF_DEFAULT_REALM, System.getProperty(Config.AAF_DEFAULT_REALM,Config.getDefaultRealm()));
+
+ AAFcli aafcli = new AAFcli(env, new OutputStreamWriter(System.out), hman, si,
+ new HBasicAuthSS(user, env.decrypt(pass,false), (SecurityInfoC<HttpURLConnection>) si));
+ if(!ignoreDelay) {
+ File delay = new File("aafcli.delay");
+ if(delay.exists()) {
+ BufferedReader br = new BufferedReader(new FileReader(delay));
+ try {
+ globalDelay = Integer.parseInt(br.readLine());
+ } catch(Exception e) {
+ env.debug().log(e);
+ } finally {
+ br.close();
+ }
+ }
+ }
+ try {
+ if (isConsole) {
+ System.out.println("Type 'help' for short help or 'help -d' for detailed help with aafcli commands");
+ System.out.println("Type '?' for help with command line editing");
+ System.out.println("Type 'q', 'quit', or 'exit' to quit aafcli\n");
+
+ ConsoleReader reader = new ConsoleReader();
+ try {
+ reader.setPrompt("aafcli > ");
+
+ String line;
+ while ((line = reader.readLine()) != null) {
+ showDetails = (line.contains("-d"))?true:false;
+
+ if (line.equalsIgnoreCase("quit") || line.equalsIgnoreCase("q") || line.equalsIgnoreCase("exit")) {
+ break;
+ } else if (line.equalsIgnoreCase("--help -d") || line.equalsIgnoreCase("help -d")
+ || line.equalsIgnoreCase("help")) {
+ line = "--help";
+ } else if (line.equalsIgnoreCase("cls")) {
+ reader.clearScreen();
+ continue;
+ } else if (line.equalsIgnoreCase("?")) {
+ keyboardHelp();
+ continue;
+ }
+ try {
+ aafcli.eval(line);
+ pw.flush();
+ } catch (Exception e) {
+ pw.println(e.getMessage());
+ pw.flush();
+ }
+ }
+ } finally {
+ reader.close();
+ }
+ } else if (rdr != null) {
+ BufferedReader br = new BufferedReader(rdr);
+ String line;
+ while ((line = br.readLine()) != null) {
+ if (!aafcli.eval(line) && exitOnFailure) {
+ rv = 1;
+ break;
+ }
+ }
+ } else { // just run the command line
+ aafcli.verbose(false);
+ if (sb.length() == 0) {
+ sb.append("--help");
+ }
+ rv = aafcli.eval(sb.toString()) ? 0 : 1;
+ }
+ } finally {
+ aafcli.close();
+
+ // Don't close if No Reader, or it's a Reader of Standard In
+ if (rdr != null && !(rdr instanceof InputStreamReader)) {
+ rdr.close();
+ }
+ }
+ } catch (MessageException e) {
+ System.out.println("MessageException caught");
+
+ System.err.println(e.getMessage());
+ } catch (Exception e) {
+ e.printStackTrace(System.err);
+ }
+ System.exit(rv);
+
+ }
+
+ private static class GetProp {
+ private Console cons = System.console();
+ private StringBuilder err = null;
+ private AuthzEnv env;
+
+ public GetProp(AuthzEnv env) {
+ this.env = env;
+ }
+
+ public String get(final boolean pass, final String tag, final String other) {
+ String data = env.getProperty(tag,null);
+ if (data == null) {
+ if(cons!=null) {
+ if(pass) {
+ char[] cp = System.console().readPassword("%s: ",tag);
+ if(cp!=null) {
+ data=String.valueOf(cp);
+ }
+ } else {
+ cons.writer().format("%s: ", tag);
+ cons.flush();
+ data = cons.readLine();
+ }
+ }
+ if(data==null) {
+ if(err == null) {
+ err = new StringBuilder("Add -D");
+ } else {
+ err.append(", -D");
+ }
+ err.append(tag);
+ if(other!=null) {
+ err.append("=<");
+ err.append(other);
+ err.append('>');
+ }
+ }
+ }
+ return data;
+ }
+
+ public void set(final String tag, final String other) {
+ String data = env.getProperty(tag,null);
+ if (data == null) {
+ if(cons!=null) {
+ cons.writer().format("%s: ", tag);
+ cons.flush();
+ data = cons.readLine();
+ }
+ if(data==null) {
+ if(err == null) {
+ err = new StringBuilder("Add -D");
+ } else {
+ err.append(", -D");
+ }
+ err.append(tag);
+ if(other!=null) {
+ err.append("=<");
+ err.append(other);
+ err.append('>');
+ }
+ }
+ }
+ if(data!=null) {
+ System.setProperty(tag, data);
+ }
+ }
+
+ public StringBuilder err() {
+ return err;
+ }
+ }
+
+ public boolean isTest() {
+ return AAFcli.isTest;
+ }
+
+ public boolean isDetailed() {
+ return AAFcli.showDetails;
+ }
+
+ public String typeString(Class<?> cls, boolean json) {
+ return "application/" + cls.getSimpleName() + "+" + (json ? "json" : "xml") + ";version=" + hman.apiVersion();
+ }
+
+ public String forceString() {
+ return force;
+ }
+
+ public boolean addRequest() {
+ return request;
+ }
+
+ public void clearSingleLineProperties() {
+ force = null;
+ request = false;
+ showDetails = false;
+ }
+
+ public void gui(boolean b) {
+ gui = b;
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/BaseCmd.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/BaseCmd.java
new file mode 100644
index 0000000..ff01b01
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/BaseCmd.java
@@ -0,0 +1,69 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.inno.env.APIException;
+
+
+public class BaseCmd<CMD extends Cmd> extends Cmd {
+ protected List<Cmd> cmds;
+
+ public BaseCmd(AAFcli aafcli, String name, Param ... params) {
+ super(aafcli, null, name, params);
+ cmds = new ArrayList<Cmd>();
+ }
+
+ public BaseCmd(CMD parent, String name, Param ... params) {
+ super(parent.aafcli, parent, name, params);
+ cmds = new ArrayList<Cmd>();
+ }
+
+
+ @Override
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ if(args.length-idx<1) {
+ pw().println(build(new StringBuilder(),null).toString());
+ } else {
+ String s = args[idx];
+ String name;
+ Cmd empty = null;
+ for(Cmd c: cmds) {
+ name = c.getName();
+ if(name==null && empty==null) { // Mark with Command is null, and take the first one.
+ empty = c;
+ } else if(s.equalsIgnoreCase(c.getName()))
+ return c.exec(idx+1, args);
+ }
+ if(empty!=null) {
+ return empty.exec(idx, args); // If name is null, don't account for it on command line. jg 4-29
+ }
+ pw().println("Instructions not understood.");
+ }
+ return 0;
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/BasicAuth.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/BasicAuth.java
new file mode 100644
index 0000000..3e1f1fb
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/BasicAuth.java
@@ -0,0 +1,56 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd;
+
+import java.io.IOException;
+
+import com.att.aft.dme2.api.DME2Client;
+import org.onap.aaf.cadi.SecuritySetter;
+import org.onap.aaf.cadi.Symm;
+
+public class BasicAuth implements SecuritySetter<DME2Client> {
+ private String cred;
+ private String user;
+
+ public BasicAuth(String user, String pass) throws IOException {
+ this.user = user;
+ cred = "Basic " + Symm.base64.encode(user+':'+pass);
+ }
+
+ @Override
+ public void setSecurity(DME2Client client) {
+ client.addHeader("Authorization" , cred);
+ }
+
+ @Override
+ public String getID() {
+ return user;
+ }
+
+ //@Override
+ public int setLastResponse(int respCode) {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/Cmd.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/Cmd.java
new file mode 100644
index 0000000..3c7f4ac
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/Cmd.java
@@ -0,0 +1,499 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd;
+
+import java.io.PrintWriter;
+import java.io.StringReader;
+import java.sql.Date;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Comparator;
+import java.util.GregorianCalendar;
+import java.util.List;
+import java.util.Stack;
+import java.util.concurrent.ConcurrentHashMap;
+
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.cadi.http.HMangr;
+import org.onap.aaf.inno.env.APIException;
+import org.onap.aaf.inno.env.Data.TYPE;
+import org.onap.aaf.inno.env.Env;
+import org.onap.aaf.inno.env.util.Chrono;
+import org.onap.aaf.rosetta.env.RosettaDF;
+import org.onap.aaf.rosetta.env.RosettaEnv;
+
+import aaf.v2_0.Error;
+import aaf.v2_0.History;
+import aaf.v2_0.History.Item;
+import aaf.v2_0.Request;
+
+
+public abstract class Cmd {
+ private static final String AAF_DEFAULT_REALM = "aaf_default_realm";
+
+ private static final DateFormat dateFmt = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss:SSS");
+ protected static final String BLANK = "";
+ protected static final String COMMA = ","; // for use in splits
+
+ protected static final int lineLength = 80;
+
+ private final static String hformat = "%-23s %-5s %-20s %-35s\n";
+
+ public static final String STARTDATE = "startdate";
+ public static final String ENDDATE = "enddate";
+
+ private String name;
+ private final Param[] params;
+ private int required;
+ protected final Cmd parent;
+ protected final List<Cmd> children;
+ private final ConcurrentHashMap<Class<?>,RosettaDF<?>> dfs = new ConcurrentHashMap<Class<?>,RosettaDF<?>>();
+ public final AAFcli aafcli;
+ protected Env env;
+
+ public Cmd(AAFcli aafcli, String name, Param ... params) {
+ this(aafcli,null, name,params);
+ }
+
+ public Cmd(Cmd parent, String name, Param ... params) {
+ this(parent.aafcli,parent, name,params);
+ }
+
+ Cmd(AAFcli aafcli, Cmd parent, String name, Param ... params) {
+ this.parent = parent;
+ this.aafcli = aafcli;
+ this.env = aafcli.env;
+ if(parent!=null) {
+ parent.children.add(this);
+ }
+ children = new ArrayList<Cmd>();
+ this.params = params;
+ this.name = name;
+ required=0;
+ for(Param p : params) {
+ if(p.required) {
+ ++required;
+ }
+ }
+ }
+
+ public final int exec(int idx, String ... args) throws CadiException, APIException, LocatorException {
+ if(args.length-idx<required) {
+ throw new CadiException(build(new StringBuilder("Too few args: "),null).toString());
+ }
+ return _exec(idx,args);
+ }
+
+ protected abstract int _exec(int idx, final String ... args) throws CadiException, APIException, LocatorException;
+
+ public void detailedHelp(int indent,StringBuilder sb) {
+ }
+
+ protected void detailLine(StringBuilder sb, int length, String s) {
+ multiChar(sb,length,' ',0);
+ sb.append(s);
+ }
+
+ public void apis(int indent,StringBuilder sb) {
+ }
+
+ protected void api(StringBuilder sb, int _indent, HttpMethods hmeth, String pathInfo, Class<?> cls,boolean head) {
+ int indent = _indent;
+ final String meth = hmeth.name();
+ if(head) {
+ sb.append('\n');
+ detailLine(sb,indent,"APIs:");
+ }
+ indent+=2;
+ multiChar(sb,indent,' ',0);
+ sb.append(meth);
+ sb.append(' ');
+ sb.append(pathInfo);
+ String cliString = aafcli.typeString(cls,true);
+ if(indent+meth.length()+pathInfo.length()+cliString.length()+2>80) {
+ sb.append(" ...");
+ multiChar(sb,indent+3+meth.length(),' ',0);
+ } else { // same line
+ sb.append(' ');
+ }
+ sb.append(cliString);
+ }
+
+ protected void multiChar(StringBuilder sb, int length, char c, int indent) {
+ sb.append('\n');
+ for(int i=0;i<indent;++i)sb.append(' ');
+ for(int i=indent;i<length;++i)sb.append(c);
+ }
+
+ public StringBuilder build(StringBuilder sb, StringBuilder detail) {
+ if(name!=null) {
+ sb.append(name);
+ sb.append(' ');
+ }
+ int line = sb.lastIndexOf("\n")+1;
+ if(line<0) {
+ line=0;
+ }
+ int indent = sb.length()-line;
+ for(Param p : params) {
+ sb.append(p.required?'<':'[');
+ sb.append(p.tag);
+ sb.append(p.required?"> ": "] ");
+ }
+
+ boolean first = true;
+ for(Cmd child : children) {
+ if(first) {
+ first = false;
+ } else if(detail==null) {
+ multiChar(sb,indent,' ',0);
+ } else {
+ // Write parents for Detailed Report
+ Stack<String> stack = new Stack<String>();
+ for(Cmd c = child.parent;c!=null;c=c.parent) {
+ if(c.name!=null) {
+ stack.push(c.name);
+ }
+ }
+ if(!stack.isEmpty()) {
+ sb.append(" ");
+ while(!stack.isEmpty()) {
+ sb.append(stack.pop());
+ sb.append(' ');
+ }
+ }
+ }
+ child.build(sb,detail);
+ if(detail!=null) {
+ child.detailedHelp(4, detail);
+ // If Child wrote something, then add, bracketing by lines
+ if(detail.length()>0) {
+ multiChar(sb,80,'-',2);
+ sb.append(detail);
+ sb.append('\n');
+ multiChar(sb,80,'-',2);
+ sb.append('\n');
+ detail.setLength(0); // reuse
+ } else {
+ sb.append('\n');
+ }
+ }
+ }
+ return sb;
+ }
+
+ protected void error(Future<?> future) {
+ StringBuilder sb = new StringBuilder("Failed");
+ String desc = future.body();
+ int code = future.code();
+ if(desc==null || desc.length()==0) {
+ withCode(sb,code);
+ } else if(desc.startsWith("{")) {
+ StringReader sr = new StringReader(desc);
+ try {
+ // Note: 11-18-2013. This rather convoluted Message Structure required by TSS Restful Specs, reflecting "Northbound" practices.
+ Error err = getDF(Error.class).newData().in(TYPE.JSON).load(sr).asObject();
+ sb.append(" [");
+ sb.append(err.getMessageId());
+ sb.append("]: ");
+ String messageBody = err.getText();
+ List<String> vars = err.getVariables();
+ int pipe;
+ for (int varCounter=0;varCounter<vars.size();) {
+ String var = vars.get(varCounter);
+ ++varCounter;
+ if (messageBody.indexOf("%" + varCounter) >= 0) {
+ if((pipe = var.indexOf('|'))>=0) { // In AAF, we use a PIPE for Choice
+ if (aafcli.isTest()) {
+ String expiresStr = var.substring(pipe);
+ var = var.replace(expiresStr, "[Placeholder]");
+ } else {
+ StringBuilder varsb = new StringBuilder(var);
+ varsb.deleteCharAt(pipe);
+ var = varsb.toString();
+ }
+ messageBody = messageBody.replace("%" + varCounter, varCounter-1 + ") " + var);
+ } else {
+ messageBody = messageBody.replace("%" + varCounter, var);
+ }
+ }
+ }
+ sb.append(messageBody);
+ } catch (Exception e) {
+ withCode(sb,code);
+ sb.append(" (Note: Details cannot be obtained from Error Structure)");
+ }
+ } else if(desc.startsWith("<html>")){ // Core Jetty, etc sends HTML for Browsers
+ withCode(sb,code);
+ } else {
+ sb.append(" with code ");
+ sb.append(code);
+ sb.append(", ");
+ sb.append(desc);
+ }
+ pw().println(sb);
+ }
+
+
+ private void withCode(StringBuilder sb, Integer code) {
+ sb.append(" with code ");
+ sb.append(code);
+ switch(code) {
+ case 401:
+ sb.append(" (HTTP Not Authenticated)");
+ break;
+ case 403:
+ sb.append(" (HTTP Forbidden)");
+ break;
+ case 404:
+ sb.append(" (HTTP Not Found)");
+ break;
+ default:
+ }
+ }
+
+ /**
+ * Consistently set start and end dates from Requests (all derived from Request)
+ * @param req
+ */
+ protected void setStartEnd(Request req) {
+ // Set Start/End Dates, if exist
+ String str;
+ if((str = env.getProperty(Cmd.STARTDATE,null))!=null) {
+ req.setStart(Chrono.timeStamp(Date.valueOf(str)));
+ }
+
+ if((str = env.getProperty(Cmd.ENDDATE,null))!=null) {
+ req.setEnd(Chrono.timeStamp(Date.valueOf(str)));
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ protected<T> RosettaDF<T> getDF(Class<T> cls) throws APIException {
+ RosettaDF<T> rdf = (RosettaDF<T>)dfs.get(cls);
+ if(rdf == null) {
+ rdf = env().newDataFactory(cls);
+ dfs.put(cls, rdf);
+ }
+ return rdf;
+ }
+
+ public void activity(History history, String header) {
+ if (history.getItem().isEmpty()) {
+ int start = header.indexOf('[');
+ if (start >= 0) {
+ pw().println("No Activity Found for " + header.substring(start));
+ }
+ } else {
+ pw().println(header);
+ for(int i=0;i<lineLength;++i)pw().print('-');
+ pw().println();
+
+ pw().format(hformat,"Date","Table","User","Memo");
+ for(int i=0;i<lineLength;++i)pw().print('-');
+ pw().println();
+
+ // Save Server time by Sorting locally
+ List<Item> items = history.getItem();
+ java.util.Collections.sort(items, new Comparator<Item>() {
+ @Override
+ public int compare(Item o1, Item o2) {
+ return o2.getTimestamp().compare(o1.getTimestamp());
+ }
+ });
+
+ for(History.Item item : items) {
+ GregorianCalendar gc = item.getTimestamp().toGregorianCalendar();
+ pw().format(hformat,
+ dateFmt.format(gc.getTime()),
+ item.getTarget(),
+ item.getUser(),
+ item.getMemo());
+ }
+ }
+ }
+
+ /**
+ * Turn String Array into a | delimited String
+ * @param options
+ * @return
+ */
+ public static String optionsToString(String[] options) {
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ for(String s : options) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append('|');
+ }
+ sb.append(s);
+ }
+ return sb.toString();
+ }
+
+ /**
+ * return which index number the Option matches.
+ *
+ * throws an Exception if not part of this Option Set
+ *
+ * @param options
+ * @param test
+ * @return
+ * @throws Exception
+ */
+ public int whichOption(String[] options, String test) throws CadiException {
+ for(int i=0;i<options.length;++i) {
+ if(options[i].equals(test)) {
+ return i;
+ }
+ }
+ throw new CadiException(build(new StringBuilder("Invalid Option: "),null).toString());
+ }
+
+ protected RosettaEnv env() {
+ return aafcli.env;
+ }
+
+ protected HMangr hman() {
+ return aafcli.hman;
+ }
+
+ public<RET> RET same(Retryable<RET> retryable) throws APIException, CadiException, LocatorException {
+ // We're storing in AAFCli, because we know it's always the same, and single threaded
+ if(aafcli.prevCall!=null) {
+ retryable.item(aafcli.prevCall.item());
+ retryable.lastClient=aafcli.prevCall.lastClient;
+ }
+
+ RET ret = aafcli.hman.same(aafcli.ss,retryable);
+
+ // Store last call in AAFcli, because Cmds are all different instances.
+ aafcli.prevCall = retryable;
+ return ret;
+ }
+
+ public<RET> RET all(Retryable<RET> retryable) throws APIException, CadiException, LocatorException {
+ this.setQueryParamsOn(retryable.lastClient);
+ return aafcli.hman.all(aafcli.ss,retryable);
+ }
+
+ public<RET> RET oneOf(Retryable<RET> retryable,String host) throws APIException, CadiException, LocatorException {
+ this.setQueryParamsOn(retryable.lastClient);
+ return aafcli.hman.oneOf(aafcli.ss,retryable,true,host);
+ }
+
+ protected PrintWriter pw() {
+ return AAFcli.pw;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void reportHead(String ... str) {
+ pw().println();
+ boolean first = true;
+ int i=0;
+ for(String s : str) {
+ if(first) {
+ if(++i>1) {
+ first = false;
+ pw().print("[");
+ }
+ } else {
+ pw().print("] [");
+ }
+ pw().print(s);
+ }
+ if(!first) {
+ pw().print(']');
+ }
+ pw().println();
+ reportLine();
+ }
+
+ public String reportColHead(String format, String ... args) {
+ pw().format(format,(Object[])args);
+ reportLine();
+ return format;
+ }
+
+ public void reportLine() {
+ for(int i=0;i<lineLength;++i)pw().print('-');
+ pw().println();
+ }
+
+ protected void setQueryParamsOn(Rcli<?> rcli) {
+ StringBuilder sb=null;
+ String force;
+ if((force=aafcli.forceString())!=null) {
+ sb = new StringBuilder("force=");
+ sb.append(force);
+ }
+ if(aafcli.addRequest()) {
+ if(sb==null) {
+ sb = new StringBuilder("request=true");
+ } else {
+ sb.append("&request=true");
+ }
+ }
+ if(sb!=null && rcli!=null) {
+ rcli.setQueryParams(sb.toString());
+ }
+ }
+//
+// /**
+// * If Force is set, will return True once only, then revert to "FALSE".
+// *
+// * @return
+// */
+// protected String checkForce() {
+// if(TRUE.equalsIgnoreCase(env.getProperty(FORCE, FALSE))) {
+// env.setProperty(FORCE, FALSE);
+// return "true";
+// }
+// return FALSE;
+// }
+
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ if(parent==null) { // ultimate parent
+ build(sb,null);
+ return sb.toString();
+ } else {
+ return parent.toString();
+ }
+ }
+
+ public String getOrgRealm() {
+ return env.getProperty(AAF_DEFAULT_REALM);
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/Help.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/Help.java
new file mode 100644
index 0000000..af6e071
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/Help.java
@@ -0,0 +1,112 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd;
+
+import java.util.List;
+
+import com.att.aft.dme2.internal.jetty.http.HttpStatus;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.inno.env.APIException;
+
+public class Help extends Cmd {
+ private List<Cmd> cmds;
+
+ public Help(AAFcli aafcli, List<Cmd> cmds) {
+ super(aafcli, "--help",
+ new Param("-d (more details)", false),
+ new Param("command",false));
+ this.cmds = cmds;
+ }
+
+ @Override
+ public int _exec( int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ boolean first = true;
+ StringBuilder sb = new StringBuilder("AAF Command Line Tool");
+ StringBuilder details;
+ if(aafcli.isDetailed() ){
+ multiChar(sb, 21, '-',0);
+ details=new StringBuilder();// use for temporary writing of details
+ } else {
+ multiChar(sb, 21, '-',0);
+ details = null;
+ }
+ String comp = args.length>idx?args[idx++]:null;
+ if("help".equalsIgnoreCase(comp)) {
+ build(sb,null);
+ detailedHelp(4, sb);
+ sb.append('\n');
+ } else {
+ for(Cmd c : cmds) {
+ if(comp!=null) {
+ if(comp.equals(c.getName())) {
+ multiChar(sb,2,' ',0);
+ c.build(sb,details);
+ }
+ } else {
+ if(first) {
+ first=false;
+ } else {
+ multiChar(sb,80,'-',2);
+ }
+ multiChar(sb,2,' ',0);
+ c.build(sb,details);
+ if(details!=null) {
+ c.detailedHelp(4, sb);
+// multiChar(sb,80,'-',2);
+ }
+ }
+ }
+ }
+ pw().println(sb.toString());
+ return HttpStatus.OK_200;
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"To print main help, enter \"aafcli\" or \"aafcli --help \"");
+ detailLine(sb,indent,"To print narrow the help content, enter sub-entries after aafcli,");
+ detailLine(sb,indent+2,"i.e. \"aafcli perm\"");
+ detailLine(sb,indent,"To see version of AAF CLI, enter \"aafcli --version \"");
+ sb.append('\n');
+ detailLine(sb,indent,"State Commands: change variables or credentials between calls.");
+ indent+=4;
+ detailLine(sb,indent,"set <tag>=<value> - Set any System Property to a new value");
+ detailLine(sb,indent,"as <id:password> - Change Credentials. Password may be encrypted");
+ detailLine(sb,indent,"expect <int> [int]* - In test mode, check for proper HTTP Status Codes");
+ detailLine(sb,indent,"sleep <int> - Wait for <int> seconds");
+ sb.append('\n');
+ detailLine(sb,indent-4,"CmdLine Arguments: change behavior of the aafcli program");
+ detailLine(sb,indent,"-i - Read commands from Shell Standard Input");
+ detailLine(sb,indent,"-f - Read commands from a file");
+ detailLine(sb,indent,"-a - In test mode, do not stop execution on unexpected error");
+ detailLine(sb,indent,"-t - Test Mode will not print variable fields that could break tc runs");
+ detailLine(sb,indent+6,"such as expiration dates of a credential");
+ detailLine(sb,indent,"-s - Request specific Start Date (not immediately)");
+ detailLine(sb,indent+6,"Format YYYY-MM-DD. Can also be set with \"set " + Cmd.STARTDATE + "=<value>\"");
+ detailLine(sb,indent,"-e - Set Expiration/End Date, where commands support");
+ detailLine(sb,indent+6,"Format YYYY-MM-DD. Can also be set with \"set " + Cmd.ENDDATE + "=<value>\"");
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/MessageException.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/MessageException.java
new file mode 100644
index 0000000..f669ca6
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/MessageException.java
@@ -0,0 +1,46 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+/**
+ *
+ */
+package org.onap.aaf.cmd;
+
+/**
+ * An Exception designed simply to give End User message, no stack trace
+ *
+ *
+ */
+public class MessageException extends Exception {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 8143933588878259048L;
+
+ /**
+ * @param Message
+ */
+ public MessageException(String msg) {
+ super(msg);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/Param.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/Param.java
new file mode 100644
index 0000000..9e9486a
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/Param.java
@@ -0,0 +1,38 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd;
+
+public class Param {
+ public final String tag;
+ public final boolean required;
+
+ /**
+ *
+ * @param t
+ * @param b
+ */
+ public Param(String t, boolean required) {
+ tag = t;
+ this.required=required;
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/Version.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/Version.java
new file mode 100644
index 0000000..8cdb27d
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/Version.java
@@ -0,0 +1,45 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd;
+
+import com.att.aft.dme2.internal.jetty.http.HttpStatus;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.inno.env.APIException;
+
+public class Version extends Cmd {
+
+
+ public Version(AAFcli aafcli) {
+ super(aafcli, "--version");
+ }
+
+ @Override
+ protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
+ pw().println("AAF Command Line Tool");
+ String version = this.env().getProperty(Config.AAF_DEPLOYED_VERSION, "N/A");
+ pw().println("Version: " + version);
+ return HttpStatus.OK_200;
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Cache.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Cache.java
new file mode 100644
index 0000000..7176d0c
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Cache.java
@@ -0,0 +1,34 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.mgmt;
+
+import org.onap.aaf.cmd.BaseCmd;
+
+import org.onap.aaf.inno.env.APIException;
+
+public class Cache extends BaseCmd<Mgmt> {
+ public Cache(Mgmt mgmt) throws APIException {
+ super(mgmt, "cache");
+ cmds.add(new Clear(this));
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Clear.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Clear.java
new file mode 100644
index 0000000..296b76d
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Clear.java
@@ -0,0 +1,86 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.mgmt;
+
+import org.onap.aaf.authz.common.Define;
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+/**
+ * p
+ *
+ */
+public class Clear extends Cmd {
+ public Clear(Cache parent) {
+ super(parent,"clear",
+ new Param("name[,name]*",true));
+ }
+
+ @Override
+ public int _exec(int _idx, String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ int rv=409;
+ for(final String name : args[idx++].split(COMMA)) {
+ rv = all(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws APIException, CadiException {
+ int rv = 409;
+ Future<Void> fp = client.delete(
+ "/mgmt/cache/"+name,
+ Void.class
+ );
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Cleared Cache for " + name + " on " + client);
+ rv=200;
+ } else {
+ if(rv==409)rv = fp.code();
+ error(fp);
+ }
+ return rv;
+ }
+ });
+ }
+ return rv;
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Clear the cache for certain tables");
+ indent+=2;
+ detailLine(sb,indent,"name - name of table or 'all'");
+ detailLine(sb,indent+14,"Must have admin rights to '" + Define.ROOT_NS + '\'');
+ indent-=2;
+ api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Deny.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Deny.java
new file mode 100644
index 0000000..44b3f8f
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Deny.java
@@ -0,0 +1,102 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.mgmt;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+public class Deny extends BaseCmd<Mgmt> {
+ private final static String[] options = {"add","del"};
+
+ public Deny(Mgmt mgmt) throws APIException {
+ super(mgmt, "deny");
+ cmds.add(new DenySomething(this,"ip","ipv4or6[,ipv4or6]*"));
+ cmds.add(new DenySomething(this,"id","identity[,identity]*"));
+ }
+
+ public class DenySomething extends Cmd {
+
+ private boolean isID;
+
+ public DenySomething(Deny deny, String type, String repeatable) {
+ super(deny, type,
+ new Param(optionsToString(options),true),
+ new Param(repeatable,true));
+ isID = "id".equals(type);
+ }
+
+ @Override
+ protected int _exec(int _idx, String... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ String action = args[idx++];
+ final int option = whichOption(options, action);
+ int rv=409;
+ for(final String name : args[idx++].split(COMMA)) {
+ final String append;
+ if(isID && name.indexOf("@")<0) {
+ append='@'+ env.getProperty(AAFcli.AAF_DEFAULT_REALM);
+ } else {
+ append = "";
+ }
+ final String path = "/mgmt/deny/"+getName() + '/'+ name + append;
+ rv = all(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws APIException, CadiException {
+ int rv = 409;
+ Future<Void> fp;
+ String resp;
+ switch(option) {
+ case 0:
+ fp = client.create(path, Void.class);
+ resp = " added";
+ break;
+ default:
+ fp = client.delete(path, Void.class);
+ resp = " deleted";
+ }
+ if(fp.get(AAFcli.timeout())) {
+ pw().println(name + append + resp + " on " + client);
+ rv=fp.code();
+ } else {
+ if(rv==409)rv = fp.code();
+ error(fp);
+ }
+ return rv;
+ }
+ });
+ }
+ return rv;
+ }
+
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Log.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Log.java
new file mode 100644
index 0000000..5726d31
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Log.java
@@ -0,0 +1,111 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.mgmt;
+
+import org.onap.aaf.authz.common.Define;
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+public class Log extends BaseCmd<Mgmt> {
+ private final static String[] options = {"add","del"};
+
+ public Log(Mgmt mgmt) throws APIException {
+ super(mgmt, "log",
+ new Param(optionsToString(options),true),
+ new Param("id[,id]*",true));
+ }
+
+ @Override
+ public int _exec(int _idx, String ... args) throws CadiException, APIException, LocatorException {
+ int rv=409;
+ int idx = _idx;
+ final int option = whichOption(options, args[idx++]);
+
+ for(String name : args[idx++].split(COMMA)) {
+ final String fname;
+ if(name.indexOf("@")<0) {
+ fname=name+'@'+ env.getProperty(AAFcli.AAF_DEFAULT_REALM);
+ } else {
+ fname = name;
+ }
+
+
+
+ rv = all(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws APIException, CadiException {
+ int rv = 409;
+ Future<Void> fp;
+ String str = "/mgmt/log/id/"+fname;
+ String msg;
+ switch(option) {
+ case 0:
+ fp = client.create(str,Void.class);
+ msg = "Added";
+ break;
+ case 1:
+ fp = client.delete(str,Void.class);
+ msg = "Deleted";
+ break;
+ default:
+ fp = null;
+ msg = "Ignored";
+ }
+
+ if(fp!=null) {
+ if(fp.get(AAFcli.timeout())) {
+ pw().println(msg + " Special Log for " + fname + " on " + client);
+ rv=200;
+ } else {
+ if(rv==409)rv = fp.code();
+ error(fp);
+ }
+ return rv;
+ }
+ return rv;
+ }
+ });
+ }
+ return rv;
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Clear the cache for certain tables");
+ indent+=2;
+ detailLine(sb,indent,"name - name of table or 'all'");
+ detailLine(sb,indent+14,"Must have admin rights to '" + Define.ROOT_NS + '\'');
+ indent-=2;
+ api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true);
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Mgmt.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Mgmt.java
new file mode 100644
index 0000000..d52b60f
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Mgmt.java
@@ -0,0 +1,38 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.mgmt;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+
+import org.onap.aaf.inno.env.APIException;
+
+public class Mgmt extends BaseCmd<Mgmt> {
+ public Mgmt(AAFcli aafcli) throws APIException {
+ super(aafcli, "mgmt");
+ cmds.add(new Cache(this));
+ cmds.add(new Deny(this));
+ cmds.add(new Log(this));
+ cmds.add(new Session(this));
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/SessClear.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/SessClear.java
new file mode 100644
index 0000000..5941a52
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/SessClear.java
@@ -0,0 +1,84 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.mgmt;
+
+import org.onap.aaf.authz.common.Define;
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+/**
+ * p
+ *
+ */
+public class SessClear extends Cmd {
+ public SessClear(Session parent) {
+ super(parent,"clear",
+ new Param("machine",true));
+ }
+
+ @Override
+ public int _exec(int idx, String ... args) throws CadiException, APIException, LocatorException {
+ int rv=409;
+ String machine = args[idx++];
+ rv = oneOf(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws APIException, CadiException {
+ int rv = 409;
+ Future<Void> fp = client.delete(
+ "/mgmt/dbsession",
+ Void.class
+ );
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Cleared DBSession on " + client);
+ rv=200;
+ } else {
+ if(rv==409)rv = fp.code();
+ error(fp);
+ }
+ return rv;
+ }
+ },machine);
+ return rv;
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Clear the cache for certain tables");
+ indent+=2;
+ detailLine(sb,indent,"name - name of table or 'all'");
+ detailLine(sb,indent+14,"Must have admin rights to '" + Define.ROOT_NS + '\'');
+ indent-=2;
+ api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Session.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Session.java
new file mode 100644
index 0000000..b49e523
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/mgmt/Session.java
@@ -0,0 +1,34 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.mgmt;
+
+import org.onap.aaf.cmd.BaseCmd;
+
+import org.onap.aaf.inno.env.APIException;
+
+public class Session extends BaseCmd<Mgmt> {
+ public Session(Mgmt mgmt) throws APIException {
+ super(mgmt, "dbsession");
+ cmds.add(new SessClear(this));
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Admin.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Admin.java
new file mode 100644
index 0000000..ff105ce
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Admin.java
@@ -0,0 +1,106 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+public class Admin extends BaseCmd<NS> {
+ private final static String[] options = {"add","del"};
+
+ public Admin(NS ns) throws APIException {
+ super(ns,"admin",
+ new Param(optionsToString(options),true),
+ new Param("name",true),
+ new Param("id[,id]*",true)
+ );
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final int option = whichOption(options, args[idx++]);
+ final String ns = args[idx++];
+ final String ids[] = args[idx++].split(",");
+ final String realm = getOrgRealm();
+// int rv = 500;
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Void> fp = null;
+ for(String id : ids) {
+ if (id.indexOf('@') < 0 && realm != null) id += '@' + realm;
+ String verb;
+ switch(option) {
+ case 0:
+ fp = client.create("/authz/ns/"+ns+"/admin/"+id,Void.class);
+ verb = " added to ";
+ break;
+ case 1:
+ fp = client.delete("/authz/ns/"+ns+"/admin/"+id,Void.class);
+ verb = " deleted from ";
+ break;
+ default:
+ throw new CadiException("Bad Argument");
+ };
+
+ if(fp.get(AAFcli.timeout())) {
+ pw().append("Admin ");
+ pw().append(id);
+ pw().append(verb);
+ pw().println(ns);
+ } else {
+ error(fp);
+ return fp.code();
+ }
+
+ }
+ return fp==null?500:fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add or Delete Administrator to/from Namespace");
+ indent+=4;
+ detailLine(sb,indent,"name - Name of Namespace");
+ detailLine(sb,indent,"id - Credential of Person(s) to be Administrator");
+ sb.append('\n');
+ detailLine(sb,indent,"aafcli will call API on each ID presented.");
+ indent-=4;
+ api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/admin/<id>",Void.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/admin/<id>",Void.class,false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Attrib.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Attrib.java
new file mode 100644
index 0000000..97e2e9a
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Attrib.java
@@ -0,0 +1,115 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+public class Attrib extends BaseCmd<NS> {
+ private final static String[] options = {"add","upd","del"};
+
+ public Attrib(NS ns) throws APIException {
+ super(ns,"attrib",
+ new Param(optionsToString(options),true),
+ new Param("ns",true),
+ new Param("key",true),
+ new Param("value",false)
+ );
+ }
+
+ @Override
+ public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final int option = whichOption(options, args[idx]);
+ final String ns = args[idx+1];
+ final String key = args[idx+2];
+ final String value;
+ if(option!=2) {
+ if(args.length<=idx+3) {
+ throw new CadiException("Not added: Need more Data");
+ }
+ value = args[idx+3];
+ } else {
+ value = "";
+ }
+
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Void> fp = null;
+ String message;
+ switch(option) {
+ case 0:
+ fp = client.create("/authz/ns/"+ns+"/attrib/"+key+'/'+value,Void.class);
+ message = String.format("Add Attrib %s=%s to %s",
+ key,value,ns);
+ break;
+ case 1:
+ fp = client.update("/authz/ns/"+ns+"/attrib/"+key+'/'+value);
+ message = String.format("Update Attrib %s=%s for %s",
+ key,value,ns);
+ break;
+ case 2:
+ fp = client.delete("/authz/ns/"+ns+"/attrib/"+key,Void.class);
+ message = String.format("Attrib %s deleted from %s",
+ key,ns);
+ break;
+ default:
+ throw new CadiException("Bad Argument");
+ };
+
+ if(fp.get(AAFcli.timeout())) {
+ pw().println(message);
+ } else {
+ error(fp);
+ return fp.code();
+ }
+
+ return fp==null?500:fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add or Delete Administrator to/from Namespace");
+ indent+=4;
+ detailLine(sb,indent,"name - Name of Namespace");
+ detailLine(sb,indent,"id - Credential of Person(s) to be Administrator");
+ sb.append('\n');
+ detailLine(sb,indent,"aafcli will call API on each ID presented.");
+ indent-=4;
+ api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/admin/<id>",Void.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/admin/<id>",Void.class,false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Create.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Create.java
new file mode 100644
index 0000000..32ab43f
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Create.java
@@ -0,0 +1,128 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.NsRequest;
+
+/**
+ * p
+ *
+ */
+public class Create extends Cmd {
+ private static final String COMMA = ",";
+
+ public Create(NS parent) {
+ super(parent,"create",
+ new Param("name",true),
+ new Param("responsible (id[,id]*)",true),
+ new Param("admin (id[,id]*)",false));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+
+ final NsRequest nr = new NsRequest();
+
+ String realm = getOrgRealm();
+
+ nr.setName(args[idx++]);
+ String[] responsible = args[idx++].split(COMMA);
+ for(String s : responsible) {
+ if (s.indexOf('@') < 0 && realm != null) s += '@' + realm;
+ nr.getResponsible().add(s);
+ }
+ String[] admin;
+ if(args.length>idx) {
+ admin = args[idx++].split(COMMA);
+ } else {
+ admin = responsible;
+ }
+ for(String s : admin) {
+ if (s.indexOf('@') < 0 && realm != null) s += '@' + realm;
+ nr.getAdmin().add(s);
+ }
+
+ // Set Start/End commands
+ setStartEnd(nr);
+
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ // Requestable
+ setQueryParamsOn(client);
+ Future<NsRequest> fp = client.create(
+ "/authz/ns",
+ getDF(NsRequest.class),
+ nr
+ );
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Created Namespace");
+ } else {
+ if(fp.code()==202) {
+ pw().println("Namespace Creation Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Create a Namespace");
+ indent+=2;
+ detailLine(sb,indent,"name - Namespaces are dot-delimited, ex com.att.myapp");
+ detailLine(sb,indent+14,"and must be created with parent credentials.");
+ detailLine(sb,indent+14,"Ex: to create com.att.myapp, you must be admin for com.att");
+ detailLine(sb,indent+14,"or com");
+ detailLine(sb,indent,"responsible - This is the person(s) who receives Notifications and");
+ detailLine(sb,indent+14,"approves Requests regarding this Namespace. Companies have");
+ detailLine(sb,indent+14,"Policies as to who may take on this responsibility");
+ detailLine(sb,indent,"admin - These are the people who are allowed to make changes on");
+ detailLine(sb,indent+14,"the Namespace, including creating Roles, Permissions");
+ detailLine(sb,indent+14,"and Credentials");
+ sb.append('\n');
+ detailLine(sb,indent,"Namespaces can be created even though there are Roles/Permissions which");
+ detailLine(sb,indent,"start with the requested sub-namespace. They are reassigned to the");
+ detailLine(sb,indent,"Child Namespace");
+ indent-=2;
+ api(sb,indent,HttpMethods.POST,"authz/ns",NsRequest.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Delete.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Delete.java
new file mode 100644
index 0000000..5254d46
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Delete.java
@@ -0,0 +1,90 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+/**
+ * p
+ *
+ */
+public class Delete extends Cmd {
+ public Delete(NS parent) {
+ super(parent,"delete",
+ new Param("name",true));
+ }
+
+ @Override
+ public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int index = idx;
+ StringBuilder path = new StringBuilder("/authz/ns/");
+ path.append(args[index++]);
+
+ // Send "Force" if set
+ setQueryParamsOn(client);
+ Future<Void> fp = client.delete(path.toString(),Void.class);
+
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Deleted Namespace");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Delete a Namespace");
+ indent+=4;
+ detailLine(sb,indent,"Namespaces cannot normally be deleted when there are still credentials,");
+ detailLine(sb,indent,"permissions or roles associated with them. These can be deleted");
+ detailLine(sb,indent,"automatically by setting \"force\" property.");
+ detailLine(sb,indent,"i.e. set force=true or just starting with \"force\"");
+ detailLine(sb,indent," (note force is unset after first use)");
+ sb.append('\n');
+ detailLine(sb,indent,"If \"set force=move\" is set, credentials are deleted, but ");
+ detailLine(sb,indent,"Permissions and Roles are assigned to the Parent Namespace instead of");
+ detailLine(sb,indent,"being deleted. Similarly, Namespaces can be created even though there");
+ detailLine(sb,indent,"are Roles/Perms whose type starts with the requested sub-namespace.");
+ detailLine(sb,indent,"They are simply reassigned to the Child Namespace");
+ indent-=4;
+ api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>[?force=true]",Void.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Describe.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Describe.java
new file mode 100644
index 0000000..2939964
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Describe.java
@@ -0,0 +1,96 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.NsRequest;
+
+public class Describe extends Cmd {
+ private static final String NS_PATH = "/authz/ns";
+ public Describe(NS parent) {
+ super(parent,"describe",
+ new Param("name",true),
+ new Param("description",true));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String name = args[idx++];
+ StringBuilder desc = new StringBuilder();
+ while (idx < args.length) {
+ desc.append(args[idx++] + ' ');
+ }
+
+ NsRequest nsr = new NsRequest();
+ nsr.setName(name);
+ nsr.setDescription(desc.toString());
+
+ // Set Start/End commands
+ setStartEnd(nsr);
+
+ Future<NsRequest> fn = null;
+ int rv;
+
+ fn = client.update(
+ NS_PATH,
+ getDF(NsRequest.class),
+ nsr
+ );
+
+ if(fn.get(AAFcli.timeout())) {
+ rv=fn.code();
+ pw().println("Description added to Namespace");
+ } else {
+ if((rv=fn.code())==202) {
+ pw().print("Adding description");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fn);
+ }
+ }
+ return rv;
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Add a description to a namespace");
+ api(sb,indent,HttpMethods.PUT,"authz/ns",NsRequest.class,true);
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/List.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/List.java
new file mode 100644
index 0000000..47c9a25
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/List.java
@@ -0,0 +1,170 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import java.util.Collections;
+import java.util.Comparator;
+
+import org.onap.aaf.cmd.BaseCmd;
+
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.inno.env.util.Chrono;
+
+import aaf.v2_0.Nss;
+import aaf.v2_0.Nss.Ns;
+import aaf.v2_0.Nss.Ns.Attrib;
+import aaf.v2_0.Perms;
+import aaf.v2_0.Roles;
+import aaf.v2_0.Users;
+import aaf.v2_0.Users.User;
+
+public class List extends BaseCmd<NS> {
+
+ public List(NS parent) {
+ super(parent,"list");
+ cmds.add(new ListByName(this));
+
+// TODO: uncomment when on cassandra 2.1.2 if we like cli command to get all ns's
+// a user is admin or responsible for
+ cmds.add(new ListAdminResponsible(this));
+
+ cmds.add(new ListActivity(this));
+ cmds.add(new ListUsers(this));
+ cmds.add(new ListChildren(this));
+ cmds.add(new ListNsKeysByAttrib(this));
+ }
+
+ private static final String sformat = " %-72s\n";
+ protected static final String kformat = " %-72s\n";
+
+
+ public void report(Future<Nss> fp, String ... str) {
+ reportHead(str);
+ if(fp==null) {
+ pw().println(" *** Namespace Not Found ***");
+ }
+
+ if(fp!=null && fp.value!=null) {
+ for(Ns ns : fp.value.getNs()) {
+ pw().println(ns.getName());
+ if (this.aafcli.isDetailed()) {
+ pw().println(" Description");
+ pw().format(sformat,ns.getDescription()==null?"":ns.getDescription());
+ }
+ if(ns.getAdmin().size()>0) {
+ pw().println(" Administrators");
+ for(String admin : ns.getAdmin()) {
+ pw().format(sformat,admin);
+ }
+ }
+ if(ns.getResponsible().size()>0) {
+ pw().println(" Responsible Parties");
+ for(String responsible : ns.getResponsible()) {
+ pw().format(sformat,responsible);
+ }
+ }
+ if(ns.getAttrib().size()>0) {
+ pw().println(" Namespace Attributes");
+ for(Attrib attrib : ns.getAttrib()) {
+ StringBuilder sb = new StringBuilder(attrib.getKey());
+ if(attrib.getValue()==null || attrib.getValue().length()>0) {
+ sb.append('=');
+ sb.append(attrib.getValue());
+ }
+ pw().format(sformat,sb.toString());
+ }
+
+ }
+ }
+ }
+ }
+
+ public void reportName(Future<Nss> fp, String ... str) {
+ reportHead(str);
+ if(fp!=null && fp.value!=null) {
+ java.util.List<Ns> nss = fp.value.getNs();
+ Collections.sort(nss, new Comparator<Ns>() {
+ @Override
+ public int compare(Ns ns1, Ns ns2) {
+ return ns1.getName().compareTo(ns2.getName());
+ }
+ });
+
+ for(Ns ns : nss) {
+ pw().println(ns.getName());
+ if (this.aafcli.isDetailed() && ns.getDescription() != null) {
+ pw().println(" " + ns.getDescription());
+ }
+ }
+ }
+ }
+
+ public void reportRole(Future<Roles> fr) {
+ if(fr!=null && fr.value!=null && fr.value.getRole().size()>0) {
+ pw().println(" Roles");
+ for(aaf.v2_0.Role r : fr.value.getRole()) {
+ pw().format(sformat,r.getName());
+ }
+ }
+ }
+
+ private static final String pformat = " %-30s %-24s %-15s\n";
+ public void reportPerm(Future<Perms> fp) {
+ if(fp!=null && fp.value!=null && fp.value.getPerm().size()>0) {
+ pw().println(" Permissions");
+ for(aaf.v2_0.Perm p : fp.value.getPerm()) {
+ pw().format(pformat,p.getType(),p.getInstance(),p.getAction());
+ }
+ }
+ }
+
+
+ private static final String cformat = " %-30s %-6s %-24s\n";
+ public void reportCred(Future<Users> fc) {
+ if(fc!=null && fc.value!=null && fc.value.getUser().size()>0) {
+ pw().println(" Credentials");
+ java.util.List<User> users = fc.value.getUser();
+ Collections.sort(users, new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ for(aaf.v2_0.Users.User u : users) {
+ if (this.aafcli.isTest()) {
+ pw().format(sformat,u.getId());
+ } else {
+ String type;
+ switch(u.getType()) {
+ case 1: type = "U/P"; break;
+ case 10: type="Cert"; break;
+ case 200: type="x509"; break;
+ default: type = "";
+ }
+ pw().format(cformat,u.getId(),type,Chrono.niceDateStamp(u.getExpires()));
+ }
+ }
+ }
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListActivity.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListActivity.java
new file mode 100644
index 0000000..74bcb92
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListActivity.java
@@ -0,0 +1,81 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.History;
+
+/**
+ *
+ */
+public class ListActivity extends Cmd {
+ private static final String HEADER = "List Activity of Namespace";
+
+ public ListActivity(List parent) {
+ super(parent,"activity",
+ new Param("name",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns = args[idx++];
+
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<History> fp = client.read(
+ "/authz/hist/ns/"+ns,
+ getDF(History.class)
+ );
+
+ if(fp.get(AAFcli.timeout())) {
+ activity(fp.value, HEADER + " [ " + ns + " ]");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/hist/ns/<ns>",History.class,true);
+ }
+
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListAdminResponsible.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListAdminResponsible.java
new file mode 100644
index 0000000..87ed924
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListAdminResponsible.java
@@ -0,0 +1,79 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Nss;
+
+public class ListAdminResponsible extends Cmd {
+ private static final String HEADER="List Namespaces with ";
+ private final static String[] options = {"admin","responsible"};
+
+ public ListAdminResponsible(List parent) {
+ super(parent,null,
+ new Param(optionsToString(options),true),
+ new Param("user",true));
+ }
+
+ @Override
+ protected int _exec(final int index, final String... args) throws CadiException, APIException, LocatorException {
+
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String title = args[idx++];
+ String user = args[idx++];
+ if (user.indexOf('@') < 0 && getOrgRealm() != null) user += '@' + getOrgRealm();
+
+ Future<Nss> fn = client.read("/authz/nss/"+title+"/"+user,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ ((List)parent).reportName(fn,HEADER + title + " privileges for ",user);
+ } else if(fn.code()==404) {
+ ((List)parent).report(null,HEADER + title + " privileges for ",user);
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER + "admin or responsible priveleges for user");
+ api(sb,indent,HttpMethods.GET,"authz/nss/<admin|responsible>/<user>",Nss.class,true);
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListByName.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListByName.java
new file mode 100644
index 0000000..a63aacf
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListByName.java
@@ -0,0 +1,105 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Nss;
+import aaf.v2_0.Nss.Ns;
+import aaf.v2_0.Perms;
+import aaf.v2_0.Roles;
+import aaf.v2_0.Users;
+
+/**
+ *
+ */
+public class ListByName extends Cmd {
+ private static final String HEADER="List Namespaces by Name";
+
+ public ListByName(List parent) {
+ super(parent,"name",
+ new Param("ns",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns=args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ ((List)parent).report(fn,HEADER,ns);
+ if(fn.value!=null) {
+ for(Ns n : fn.value.getNs()) {
+ Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class));
+ if(fr.get(AAFcli.timeout())) {
+ ((List)parent).reportRole(fr);
+ }
+ }
+ for(Ns n : fn.value.getNs()) {
+ Future<Perms> fp = client.read("/authz/perms/ns/"+n.getName(), getDF(Perms.class));
+ if(fp.get(AAFcli.timeout())) {
+ ((List)parent).reportPerm(fp);
+ }
+ }
+ for(Ns n : fn.value.getNs()) {
+ Future<Users> fu = client.read("/authn/creds/ns/"+n.getName(), getDF(Users.class));
+ if(fu.get(AAFcli.timeout())) {
+ ((List)parent).reportCred(fu);
+ }
+ }
+ }
+ } else if(fn.code()==404) {
+ ((List)parent).report(null,HEADER,ns);
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
+ detailLine(sb,indent,"Indirectly uses:");
+ api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false);
+ api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListChildren.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListChildren.java
new file mode 100644
index 0000000..670729e
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListChildren.java
@@ -0,0 +1,82 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Nss;
+import aaf.v2_0.Nss.Ns;
+
+/**
+ * p
+ *
+ */
+public class ListChildren extends Cmd {
+ private static final String HEADER="List Child Namespaces";
+
+ public ListChildren(List parent) {
+ super(parent,"children",
+ new Param("ns",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns=args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Nss> fn = client.read("/authz/nss/children/"+ns,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ parent.reportHead(HEADER);
+ for(Ns ns : fn.value.getNs()) {
+ pw().format(List.kformat, ns.getName());
+ }
+ } else if(fn.code()==404) {
+ ((List)parent).report(null,HEADER,ns);
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/nss/children/<ns>",Nss.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListNsKeysByAttrib.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListNsKeysByAttrib.java
new file mode 100644
index 0000000..516bcd3
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListNsKeysByAttrib.java
@@ -0,0 +1,89 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Keys;
+import aaf.v2_0.Nss;
+import aaf.v2_0.Perms;
+import aaf.v2_0.Roles;
+import aaf.v2_0.Users;
+
+/**
+ * p
+ *
+ */
+public class ListNsKeysByAttrib extends Cmd {
+ private static final String HEADER="List Namespace Names by Attribute";
+
+ public ListNsKeysByAttrib(List parent) {
+ super(parent,"keys",
+ new Param("attrib",true));
+ }
+
+ @Override
+ public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String attrib=args[idx];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Keys> fn = client.read("/authz/ns/attrib/"+attrib,getDF(Keys.class));
+ if(fn.get(AAFcli.timeout())) {
+ parent.reportHead(HEADER);
+ for(String key : fn.value.getKey()) {
+ pw().printf(List.kformat, key);
+ }
+ } else if(fn.code()==404) {
+ parent.reportHead(HEADER);
+ pw().println(" *** No Namespaces Found ***");
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
+ detailLine(sb,indent,"Indirectly uses:");
+ api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false);
+ api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListUsers.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListUsers.java
new file mode 100644
index 0000000..f035901
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListUsers.java
@@ -0,0 +1,53 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import javax.xml.datatype.XMLGregorianCalendar;
+
+import org.onap.aaf.cmd.BaseCmd;
+
+import aaf.v2_0.Users.User;
+
+public class ListUsers extends BaseCmd<List> {
+
+ public ListUsers(List parent) {
+ super(parent,"user");
+ cmds.add(new ListUsersWithPerm(this));
+ cmds.add(new ListUsersInRole(this));
+ }
+
+ public void report(String header, String ns) {
+ ((List)parent).report(null, header,ns);
+ }
+
+ public void report(String subHead) {
+ pw().println(subHead);
+ }
+
+ private static final String uformat = "%s%-50s expires:%02d/%02d/%04d\n";
+ public void report(String prefix, User u) {
+ XMLGregorianCalendar xgc = u.getExpires();
+ pw().format(uformat,prefix,u.getId(),xgc.getMonth()+1,xgc.getDay(),xgc.getYear());
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListUsersInRole.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListUsersInRole.java
new file mode 100644
index 0000000..8fdee9b
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListUsersInRole.java
@@ -0,0 +1,129 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Nss;
+import aaf.v2_0.Nss.Ns;
+import aaf.v2_0.Role;
+import aaf.v2_0.Roles;
+import aaf.v2_0.Users;
+import aaf.v2_0.Users.User;
+
+/**
+ * p
+ *
+ */
+public class ListUsersInRole extends Cmd {
+ private static final String HEADER="List Users in Roles of Namespace ";
+
+ public ListUsersInRole(ListUsers parent) {
+ super(parent,"role",
+ new Param("ns",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns=args[idx++];
+ final boolean detail = aafcli.isDetailed();
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ ((ListUsers)parent).report(HEADER,ns);
+ Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ if(fn.value!=null) {
+ Set<String> uset = detail?null:new HashSet<String>();
+ for(Ns n : fn.value.getNs()) {
+ Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class));
+ if(fr.get(AAFcli.timeout())) {
+ for(Role r : fr.value.getRole()) {
+ if(detail) {
+ ((ListUsers)parent).report(r.getName());
+ }
+ Future<Users> fus = client.read(
+ "/authz/users/role/"+r.getName(),
+ getDF(Users.class)
+ );
+ if(fus.get(AAFcli.timeout())) {
+ for(User u : fus.value.getUser()) {
+ if(detail) {
+ ((ListUsers)parent).report(" ",u);
+ } else {
+ uset.add(u.getId());
+ }
+ }
+ } else if(fn.code()==404) {
+ return 200;
+ }
+ }
+ }
+ }
+ if(uset!=null) {
+ for(String u : uset) {
+ pw().print(" ");
+ pw().println(u);
+ }
+ }
+ }
+ } else if(fn.code()==404) {
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=4;
+ detailLine(sb,indent,"Report Users associated with this Namespace's Roles");
+ sb.append('\n');
+ detailLine(sb,indent,"If \"set details=true\" is specified, then all roles are printed ");
+ detailLine(sb,indent,"with the associated users and expiration dates");
+ indent-=4;
+ api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/users/role/<ns>",Users.class,false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListUsersWithPerm.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListUsersWithPerm.java
new file mode 100644
index 0000000..ad65fae
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/ListUsersWithPerm.java
@@ -0,0 +1,128 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Nss;
+import aaf.v2_0.Nss.Ns;
+import aaf.v2_0.Perm;
+import aaf.v2_0.Perms;
+import aaf.v2_0.Users;
+import aaf.v2_0.Users.User;
+
+/**
+ * p
+ *
+ */
+public class ListUsersWithPerm extends Cmd {
+ private static final String HEADER="List Users of Permissions of Namespace ";
+
+ public ListUsersWithPerm(ListUsers parent) {
+ super(parent,"perm",
+ new Param("ns",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns=args[idx++];
+ final boolean detail = aafcli.isDetailed();
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ ((ListUsers)parent).report(HEADER,ns);
+ Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ if(fn.value!=null) {
+ Set<String> uset = detail?null:new HashSet<String>();
+
+ for(Ns n : fn.value.getNs()) {
+ Future<Perms> fp = client.read("/authz/perms/ns/"+n.getName(), getDF(Perms.class));
+ if(fp.get(AAFcli.timeout())) {
+ for(Perm p : fp.value.getPerm()) {
+ String perm = p.getType()+'/'+p.getInstance()+'/'+p.getAction();
+ if(detail)((ListUsers)parent).report(perm);
+ Future<Users> fus = client.read(
+ "/authz/users/perm/"+perm,
+ getDF(Users.class)
+ );
+ if(fus.get(AAFcli.timeout())) {
+ for(User u : fus.value.getUser()) {
+ if(detail)
+ ((ListUsers)parent).report(" ",u);
+ else
+ uset.add(u.getId());
+ }
+ } else if(fn.code()==404) {
+ return 200;
+ }
+ }
+ }
+ }
+ if(uset!=null) {
+ for(String u : uset) {
+ pw().print(" ");
+ pw().println(u);
+ }
+ }
+ }
+ } else if(fn.code()==404) {
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=4;
+ detailLine(sb,indent,"Report Users associated with this Namespace's Permissions");
+ sb.append('\n');
+ detailLine(sb,indent,"If \"set detail=true\" is specified, then Permissions are printed with the associated");
+ detailLine(sb,indent,"users and expiration dates");
+ indent-=4;
+ api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/users/perm/<type>/<instance>/<action>",Users.class,false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/NS.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/NS.java
new file mode 100644
index 0000000..979e418
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/NS.java
@@ -0,0 +1,47 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+
+import org.onap.aaf.inno.env.APIException;
+
+public class NS extends BaseCmd<NS> {
+// final Role role;
+
+ public NS(AAFcli aafcli) throws APIException {
+ super(aafcli, "ns");
+// this.role = role;
+
+ cmds.add(new Create(this));
+ cmds.add(new Delete(this));
+ cmds.add(new Admin(this));
+ cmds.add(new Responsible(this));
+ cmds.add(new Describe(this));
+ cmds.add(new Attrib(this));
+ cmds.add(new List(this));
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Responsible.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Responsible.java
new file mode 100644
index 0000000..e84bd4d
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/ns/Responsible.java
@@ -0,0 +1,111 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.ns;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+public class Responsible extends BaseCmd<NS> {
+ private final static String[] options = {"add","del"};
+
+ public Responsible(NS ns) throws APIException {
+ super(ns,"responsible",
+ new Param(optionsToString(options),true),
+ new Param("name",true),
+ new Param("id[,id]*",true)
+ );
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+
+ final int option = whichOption(options, args[idx++]);
+ final String ns = args[idx++];
+ final String ids[] = args[idx++].split(",");
+ final String realm = getOrgRealm();
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Void> fp=null;
+ for(String id : ids) {
+ if (id.indexOf('@') < 0 && realm != null) id += '@' + realm;
+ String verb;
+ switch(option) {
+ case 0:
+ fp = client.create("/authz/ns/"+ns+"/responsible/"+id,Void.class);
+ verb = " is now ";
+ break;
+ case 1:
+ fp = client.delete("/authz/ns/"+ns+"/responsible/"+id,Void.class);
+ verb = " is no longer ";
+ break;
+ default:
+ throw new CadiException("Bad Argument");
+ };
+
+ if(fp.get(AAFcli.timeout())) {
+ pw().append(id);
+ pw().append(verb);
+ pw().append("responsible for ");
+ pw().println(ns);
+ } else {
+ error(fp);
+ return fp.code();
+ }
+ }
+ return fp==null?500:fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add or Delete Responsible person to/from Namespace");
+ indent+=2;
+ detailLine(sb,indent,"Responsible persons receive Notifications and approve Requests ");
+ detailLine(sb,indent,"regarding this Namespace. Companies have Policies as to who may");
+ detailLine(sb,indent,"take on this responsibility");
+
+ indent+=2;
+ detailLine(sb,indent,"name - Name of Namespace");
+ detailLine(sb,indent,"id - Credential of Person(s) to be made responsible");
+ sb.append('\n');
+ detailLine(sb,indent,"aafcli will call API on each ID presented.");
+ indent-=4;
+ api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/responsible/<id>",Void.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/responsible/<id>",Void.class,false);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Create.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Create.java
new file mode 100644
index 0000000..2c49269
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Create.java
@@ -0,0 +1,165 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import com.att.aft.dme2.internal.jetty.http.HttpStatus;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.PermRequest;
+import aaf.v2_0.RoleRequest;
+
+/**
+ *
+ *
+ */
+public class Create extends Cmd {
+ public Create(Perm parent) {
+ super(parent,"create",
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action", true),
+ new Param("role[,role]* (to Grant to)", false)
+ );
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ final PermRequest pr = new PermRequest();
+ pr.setType(args[idx++]);
+ pr.setInstance(args[idx++]);
+ pr.setAction(args[idx++]);
+ String roleCommas = (args.length>idx)?args[idx++]:null;
+ String[] roles = roleCommas==null?null:roleCommas.split("\\s*,\\s*");
+ boolean force = aafcli.forceString()!=null;
+ int rv;
+
+ if(roles!=null && force) { // Make sure Roles are Created
+ RoleRequest rr = new RoleRequest();
+ for(String role : roles) {
+ rr.setName(role);;
+ Future<RoleRequest> fr = client.create(
+ "/authz/role",
+ getDF(RoleRequest.class),
+ rr
+ );
+ fr.get(AAFcli.timeout());
+ switch(fr.code()){
+ case 201:
+ pw().println("Created Role [" + role + ']');
+ break;
+ case 409:
+ break;
+ default:
+ pw().println("Role [" + role + "] does not exist, and cannot be created.");
+ return HttpStatus.PARTIAL_CONTENT_206;
+ }
+ }
+ }
+
+ // Set Start/End commands
+ setStartEnd(pr);
+ setQueryParamsOn(client);
+ Future<PermRequest> fp = client.create(
+ "/authz/perm",
+ getDF(PermRequest.class),
+ pr
+ );
+ if(fp.get(AAFcli.timeout())) {
+ rv = fp.code();
+ pw().println("Created Permission");
+ if(roles!=null) {
+ if(aafcli.forceString()!=null) { // Make sure Roles are Created
+ RoleRequest rr = new RoleRequest();
+ for(String role : roles) {
+ rr.setName(role);;
+ Future<RoleRequest> fr = client.create(
+ "/authz/role",
+ getDF(RoleRequest.class),
+ rr
+ );
+ fr.get(AAFcli.timeout());
+ switch(fr.code()){
+ case 201:
+ case 409:break;
+ default:
+
+ }
+ }
+ }
+
+ try {
+ if(201!=(rv=((Perm)parent)._exec(0,
+ new String[] {"grant",pr.getType(),pr.getInstance(),pr.getAction(),roleCommas}))) {
+ rv = HttpStatus.PARTIAL_CONTENT_206;
+ }
+ } catch (LocatorException e) {
+ throw new CadiException(e);
+ }
+ }
+ } else {
+ rv = fp.code();
+ if(rv==409 && force) {
+ rv = 201;
+ } else if(rv==202) {
+ pw().println("Permission Creation Accepted, but requires Approvals before actualizing");
+ if (roles!=null)
+ pw().println("You need to grant the roles after approval.");
+ } else {
+ error(fp);
+ }
+ }
+ return rv;
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Create a Permission with:");
+ detailLine(sb,indent+=2,"type - A Namespace qualified identifier identifying the kind of");
+ detailLine(sb,indent+11,"resource to be protected");
+ detailLine(sb,indent,"instance - A name that distinguishes a particular instance of resource");
+ detailLine(sb,indent,"action - What kind of action is allowed");
+ detailLine(sb,indent,"role(s) - Perms granted to these Comma separated Role(s)");
+ detailLine(sb,indent+11,"Nonexistent role(s) will be created, if in same namespace");
+ sb.append('\n');
+ detailLine(sb,indent+2,"Note: Instance and Action can be a an '*' (enter \\\\* on Unix Shell)");
+ api(sb,indent,HttpMethods.POST,"authz/perm",PermRequest.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Delete.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Delete.java
new file mode 100644
index 0000000..80bdf4f
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Delete.java
@@ -0,0 +1,90 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.PermRequest;
+
+/**
+ *
+ */
+public class Delete extends Cmd {
+ public Delete(Perm parent) {
+ super(parent,"delete",
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action", true));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ // Object Style Delete
+ PermRequest pk = new PermRequest();
+ pk.setType(args[idx++]);
+ pk.setInstance(args[idx++]);
+ pk.setAction(args[idx++]);
+
+ // Set "Force" if set
+ setQueryParamsOn(client);
+ Future<PermRequest> fp = client.delete(
+ "/authz/perm",
+ getDF(PermRequest.class),
+ pk);
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Deleted Permission");
+ } else {
+ if(fp.code()==202) {
+ pw().println("Permission Deletion Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Delete a Permission with type,instance and action");
+ detailLine(sb,indent+4,"see Create for definitions");
+ api(sb,indent,HttpMethods.DELETE,"authz/perm",PermRequest.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Describe.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Describe.java
new file mode 100644
index 0000000..8925199
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Describe.java
@@ -0,0 +1,102 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.PermRequest;
+
+public class Describe extends Cmd {
+ private static final String PERM_PATH = "/authz/perm";
+ public Describe(Perm parent) {
+ super(parent,"describe",
+ new Param("type",true),
+ new Param("instance", true),
+ new Param("action", true),
+ new Param("description",true));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String type = args[idx++];
+ String instance = args[idx++];
+ String action = args[idx++];
+ StringBuilder desc = new StringBuilder();
+ while (idx < args.length) {
+ desc.append(args[idx++] + ' ');
+ }
+
+ PermRequest pr = new PermRequest();
+ pr.setType(type);
+ pr.setInstance(instance);
+ pr.setAction(action);
+ pr.setDescription(desc.toString());
+
+ // Set Start/End commands
+ setStartEnd(pr);
+
+ Future<PermRequest> fp = null;
+ int rv;
+
+ fp = client.update(
+ PERM_PATH,
+ getDF(PermRequest.class),
+ pr
+ );
+
+ if(fp.get(AAFcli.timeout())) {
+ rv=fp.code();
+ pw().println("Description added to Permission");
+ } else {
+ if((rv=fp.code())==202) {
+ pw().print("Adding description");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return rv;
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Add a description to a permission");
+ api(sb,indent,HttpMethods.PUT,"authz/perm",PermRequest.class,true);
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Grant.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Grant.java
new file mode 100644
index 0000000..d914567
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Grant.java
@@ -0,0 +1,151 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Pkey;
+import aaf.v2_0.RolePermRequest;
+
+/**
+ *
+ *
+ */
+public class Grant extends Cmd {
+ private final static String[] options = {"grant","ungrant","setTo"};
+
+ public Grant(Perm parent) {
+ super(parent,null,
+ new Param(optionsToString(options),true),
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action",true),
+ new Param("role[,role]* (!REQ S)",false)
+ );
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String action = args[idx++];
+ int option = whichOption(options, action);
+
+ RolePermRequest rpr = new RolePermRequest();
+ Pkey pk = new Pkey();
+ pk.setType(args[idx++]);
+ pk.setInstance(args[idx++]);
+ pk.setAction(args[idx++]);
+ rpr.setPerm(pk);
+ setStartEnd(rpr);
+
+ Future<RolePermRequest> frpr = null;
+
+ if (option != 2) {
+ String[] roles = args[idx++].split(",");
+ String strA,strB;
+ for(String role : roles) {
+ rpr.setRole(role);
+ if(option==0) {
+ // You can request to Grant Permission to a Role
+ setQueryParamsOn(client);
+ frpr = client.create(
+ "/authz/role/perm",
+ getDF(RolePermRequest.class),
+ rpr
+ );
+ strA = "Granted Permission [";
+ strB = "] to Role [";
+ } else {
+ // You can request to UnGrant Permission to a Role
+ setQueryParamsOn(client);
+ frpr = client.delete(
+ "/authz/role/" + role + "/perm",
+ getDF(RolePermRequest.class),
+ rpr
+ );
+ strA = "UnGranted Permission [";
+ strB = "] from Role [";
+ }
+ if(frpr.get(AAFcli.timeout())) {
+ pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction()
+ + strB + role +']');
+ } else {
+ if (frpr.code()==202) {
+ pw().print("Permission Role ");
+ pw().print(option==0?"Granted":"Ungranted");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ } else {
+ error(frpr);
+ idx=Integer.MAX_VALUE;
+ }
+ }
+ }
+ } else {
+ String allRoles = "";
+ if (idx < args.length)
+ allRoles = args[idx++];
+
+ rpr.setRole(allRoles);
+ frpr = client.update(
+ "/authz/role/perm",
+ getDF(RolePermRequest.class),
+ rpr);
+ if(frpr.get(AAFcli.timeout())) {
+ pw().println("Set Permission's Roles to [" + allRoles + "]");
+ } else {
+ error(frpr);
+ }
+ }
+ return frpr==null?0:frpr.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Grant a Permission to a Role or Roles OR");
+ detailLine(sb,indent,"Ungrant a Permission from a Role or Roles OR");
+ detailLine(sb,indent,"Set a Permission's roles to roles supplied.");
+ detailLine(sb,indent+4,"WARNING: Roles supplied with setTo will be the ONLY roles attached to this permission");
+ detailLine(sb,indent+8,"If no roles are supplied, permission's roles are reset.");
+ detailLine(sb,indent,"see Create for definitions of type,instance and action");
+ api(sb,indent,HttpMethods.POST,"authz/role/perm",RolePermRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/role/<role>/perm",RolePermRequest.class,false);
+ api(sb,indent,HttpMethods.PUT,"authz/role/perm",RolePermRequest.class,false);
+
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/List.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/List.java
new file mode 100644
index 0000000..b29d6ee
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/List.java
@@ -0,0 +1,129 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Comparator;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Nss;
+import aaf.v2_0.Perms;
+import aaf.v2_0.Pkey;
+
+
+public class List extends BaseCmd<Perm> {
+// private static final String LIST_PERM_DETAILS = "list permission details";
+
+ public List(Perm parent) {
+ super(parent,"list");
+
+ cmds.add(new ListByUser(this));
+ cmds.add(new ListByName(this));
+ cmds.add(new ListByNS(this));
+ cmds.add(new ListByRole(this));
+ cmds.add(new ListActivity(this));
+ }
+ // Package Level on purpose
+ abstract class ListPerms extends Retryable<Integer> {
+ protected int list(Future<Perms> fp,Rcli<?> client, String header, String parentPerm) throws CadiException, APIException {
+ if(fp.get(AAFcli.timeout())) {
+ ArrayList<String> permNss = null;
+ if (aafcli.isDetailed()) {
+ permNss = new ArrayList<String>();
+ String permNs = null;
+ for(Pkey perm : fp.value.getPerm()) {
+ if (permNs != null && perm.getType().contains(permNs)) {
+ permNss.add(permNs);
+ } else {
+ Future<Nss> fpn = null;
+ String permType = perm.getType();
+ permNs = permType;
+ do {
+ permNs = permType.substring(0,permNs.lastIndexOf('.'));
+ fpn = client.read("/authz/nss/"+permNs,getDF(Nss.class));
+ } while (!fpn.get(AAFcli.timeout()));
+ permNss.add(permNs);
+ }
+ }
+ }
+ report(fp,permNss,header, parentPerm);
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ }
+
+ private static final Comparator<aaf.v2_0.Perm> permCompare = new Comparator<aaf.v2_0.Perm>() {
+ @Override
+ public int compare(aaf.v2_0.Perm a, aaf.v2_0.Perm b) {
+ int rc;
+ if((rc=a.getType().compareTo(b.getType()))!=0) {
+ return rc;
+ }
+ if((rc=a.getInstance().compareTo(b.getInstance()))!=0) {
+ return rc;
+ }
+ return a.getAction().compareTo(b.getAction());
+ }
+ };
+
+ void report(Future<Perms> fp, ArrayList<String> permNss, String ... str) {
+ reportHead(str);
+ if (this.aafcli.isDetailed()) {
+ String format = reportColHead("%-20s %-15s %-30s %-15s\n %-75s\n","PERM NS","Type","Instance","Action", "Description");
+ Collections.sort(fp.value.getPerm(),permCompare);
+ for(aaf.v2_0.Perm p : fp.value.getPerm()) {
+ String permNs = permNss.remove(0);
+ pw().format(format,
+ permNs,
+ p.getType().substring(permNs.length()+1),
+ p.getInstance(),
+ p.getAction(),
+ p.getDescription()==null?"":p.getDescription());
+ }
+ pw().println();
+ } else {
+ String format = reportColHead("%-30s %-30s %-10s\n","PERM Type","Instance","Action");
+
+ Collections.sort(fp.value.getPerm(),permCompare);
+ for(aaf.v2_0.Perm p : fp.value.getPerm()) {
+ pw().format(format,
+ p.getType(),
+ p.getInstance(),
+ p.getAction());
+ }
+ pw().println();
+ }
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListActivity.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListActivity.java
new file mode 100644
index 0000000..28709b4
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListActivity.java
@@ -0,0 +1,77 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.History;
+
+/**
+ *
+ */
+public class ListActivity extends Cmd {
+ private static final String HEADER = "List Activity of Permission";
+
+ public ListActivity(List parent) {
+ super(parent,"activity",
+ new Param("type",true));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String type = args[idx++];
+ Future<History> fp = client.read(
+ "/authz/hist/perm/"+type,
+ getDF(History.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ activity(fp.value, HEADER + " [ " + type + " ]");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/hist/perm/<type>",History.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByNS.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByNS.java
new file mode 100644
index 0000000..24aa990
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByNS.java
@@ -0,0 +1,72 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Perms;
+
+/**
+ * Return Perms by NS
+ *
+ *
+ */
+public class ListByNS extends Cmd {
+ private static final String HEADER = "List Perms by NS ";
+
+ public ListByNS(List parent) {
+ super(parent,"ns",
+ new Param("name",true));
+ }
+
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String ns=args[idx];
+
+ return same(((List)parent).new ListPerms() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Perms> fp = client.read(
+ "/authz/perms/ns/"+ns,
+ getDF(Perms.class)
+ );
+ return list(fp,client, HEADER, ns);
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,true);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByName.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByName.java
new file mode 100644
index 0000000..b2ae471
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByName.java
@@ -0,0 +1,70 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Perms;
+
+/**
+ *
+ *
+ */
+public class ListByName extends Cmd {
+ private static final String HEADER = "List Child Permissions";
+
+ public ListByName(List parent) {
+ super(parent,"name",
+ new Param("root perm name",true));
+ }
+
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(((List)parent).new ListPerms() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ String parentPerm=args[index];
+
+ Future<Perms> fp = client.read(
+ "/authz/perms/"+parentPerm,
+ getDF(Perms.class)
+ );
+ return list(fp,client,HEADER,parentPerm);
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/perms/<parent type>",Perms.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByRole.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByRole.java
new file mode 100644
index 0000000..8f387c0
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByRole.java
@@ -0,0 +1,73 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Perms;
+
+/**
+ * Return Perms by Role
+ *
+ *
+ */
+public class ListByRole extends Cmd {
+ private static final String HEADER = "List Perms by Role ";
+
+ public ListByRole(List parent) {
+ super(parent,"role",
+ new Param("name",true));
+ }
+
+ public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String role=args[idx];
+
+ return same(((List)parent).new ListPerms() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+
+ Future<Perms> fp = client.read(
+ "/authz/perms/role/"+role,
+ getDF(Perms.class)
+ );
+ return list(fp,client, HEADER, role);
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/perms/role/<role>",Perms.class,true);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByUser.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByUser.java
new file mode 100644
index 0000000..b08fb4e
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/ListByUser.java
@@ -0,0 +1,76 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Perms;
+
+/**
+ *
+ *
+ */
+public class ListByUser extends Cmd {
+ private static final String HEADER = "List Permissions by User";
+ public ListByUser(List parent) {
+ super(parent,"user",
+ new Param("id",true));
+ }
+
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ String user=args[idx];
+ String realm = getOrgRealm();
+ final String fullUser;
+ if (user.indexOf('@') < 0 && realm != null)
+ fullUser = user + '@' + realm;
+ else
+ fullUser = user;
+
+ return same(((List)parent).new ListPerms() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Perms> fp = client.read(
+ "/authz/perms/user/"+fullUser,
+ getDF(Perms.class)
+ );
+ return list(fp, client, HEADER, fullUser);
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/perms/user/<user id>",Perms.class,true);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Perm.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Perm.java
new file mode 100644
index 0000000..5810998
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Perm.java
@@ -0,0 +1,44 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import org.onap.aaf.cmd.BaseCmd;
+import org.onap.aaf.cmd.role.Role;
+
+import org.onap.aaf.inno.env.APIException;
+
+public class Perm extends BaseCmd<Perm> {
+ Role role;
+
+ public Perm(Role role) throws APIException {
+ super(role.aafcli, "perm");
+ this.role = role;
+
+ cmds.add(new Create(this));
+ cmds.add(new Delete(this));
+ cmds.add(new Grant(this));
+ cmds.add(new Rename(this));
+ cmds.add(new Describe(this));
+ cmds.add(new List(this));
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Rename.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Rename.java
new file mode 100644
index 0000000..0198569
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/perm/Rename.java
@@ -0,0 +1,103 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.perm;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.PermRequest;
+
+public class Rename extends Cmd {
+ public Rename(Perm parent) {
+ super(parent,"rename",
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action", true),
+ new Param("new type",true),
+ new Param("new instance",true),
+ new Param("new action", true)
+ );
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String origType = args[idx++];
+ String origInstance = args[idx++];
+ String origAction = args[idx++];
+
+ //Create new permission
+ PermRequest pr = new PermRequest();
+ pr.setType(args[idx++]);
+ pr.setInstance(args[idx++]);
+ pr.setAction(args[idx++]);
+
+ // Set Start/End commands
+ setStartEnd(pr);
+ Future<PermRequest> fp = client.update(
+ "/authz/perm/"+origType+"/"+origInstance+"/"+origAction,
+ getDF(PermRequest.class),
+ pr
+ );
+ int rv;
+ if(fp.get(AAFcli.timeout())) {
+ rv = fp.code();
+ pw().println("Updated Permission");
+ } else {
+ rv = fp.code();
+ if(rv==202) {
+ pw().println("Permission Update Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return rv;
+ }
+ });
+
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Rename a Permission from:");
+ detailLine(sb,indent+2,"<type> <instance> <action>");
+ detailLine(sb,indent,"to:");
+ detailLine(sb,indent+2,"<new type> <new instance> <new action>");
+ sb.append('\n');
+ detailLine(sb,indent,"Namespace must be the same in <type> and <new type>");
+ detailLine(sb,indent+4,"see Create for definitions of type,instance and action");
+ api(sb,indent,HttpMethods.PUT,"authz/perm/<type>/<instance>/<action>",PermRequest.class,true);
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/CreateDelete.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/CreateDelete.java
new file mode 100644
index 0000000..78ab181
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/CreateDelete.java
@@ -0,0 +1,132 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import com.att.aft.dme2.internal.jetty.http.HttpStatus;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.RoleRequest;
+
+/**
+ *
+ *
+ */
+public class CreateDelete extends Cmd {
+ private static final String ROLE_PATH = "/authz/role";
+ private final static String[] options = {"create","delete"};
+ public CreateDelete(Role parent) {
+ super(parent,null,
+ new Param(optionsToString(options),true),
+ new Param("name",true));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String action = args[idx++];
+ int option = whichOption(options, action);
+
+ RoleRequest rr = new RoleRequest();
+ rr.setName(args[idx++]);
+
+ // Set Start/End commands
+ setStartEnd(rr);
+
+ Future<RoleRequest> fp = null;
+ String verb = null;
+ int rv;
+ switch(option) {
+ case 0:
+ fp = client.create(
+ ROLE_PATH,
+ getDF(RoleRequest.class),
+ rr
+ );
+ verb = "Create";
+ break;
+ case 1:
+ // Send "Force" if set
+ setQueryParamsOn(client);
+ fp = client.delete(
+ ROLE_PATH, // +args[idx++],
+ getDF(RoleRequest.class),
+ rr
+ );
+ verb = "Delete";
+ break;
+ default: // note, if not an option, whichOption throws Exception
+ break;
+
+ }
+ boolean rolesSupplied = (args.length>idx);
+ if(fp.get(AAFcli.timeout())) {
+ rv=fp.code();
+ pw().print(verb);
+ pw().println("d Role");
+ if(rolesSupplied) {
+ for(;args.length>idx;++idx ) {
+ try {
+ if(201!=(rv=((Role)parent)._exec(0,new String[] {"user","add",rr.getName(),args[idx]}))) {
+ rv = HttpStatus.PARTIAL_CONTENT_206;
+ }
+ } catch (LocatorException e) {
+ throw new CadiException(e);
+ }
+ }
+ }
+ } else {
+ if((rv=fp.code())==202) {
+ pw().print("Role ");
+ pw().print(verb);
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return rv;
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Create OR Delete a Role");
+ detailLine(sb,indent+2,"name - Name of Role to create");
+ api(sb,indent,HttpMethods.POST,"authz/role",RoleRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/role",RoleRequest.class,false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/Describe.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/Describe.java
new file mode 100644
index 0000000..d5fa19e
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/Describe.java
@@ -0,0 +1,96 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.RoleRequest;
+
+public class Describe extends Cmd {
+ private static final String ROLE_PATH = "/authz/role";
+ public Describe(Role parent) {
+ super(parent,"describe",
+ new Param("name",true),
+ new Param("description",true));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String role = args[idx++];
+ StringBuilder desc = new StringBuilder();
+ while (idx < args.length) {
+ desc.append(args[idx++] + ' ');
+ }
+
+ RoleRequest rr = new RoleRequest();
+ rr.setName(role);
+ rr.setDescription(desc.toString());
+
+ // Set Start/End commands
+ setStartEnd(rr);
+
+ Future<RoleRequest> fp = null;
+ int rv;
+
+ fp = client.update(
+ ROLE_PATH,
+ getDF(RoleRequest.class),
+ rr
+ );
+
+ if(fp.get(AAFcli.timeout())) {
+ rv=fp.code();
+ pw().println("Description added to role");
+ } else {
+ if((rv=fp.code())==202) {
+ pw().print("Adding description");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return rv;
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Add a description to a role");
+ api(sb,indent,HttpMethods.PUT,"authz/role",RoleRequest.class,true);
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/List.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/List.java
new file mode 100644
index 0000000..33f9a99
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/List.java
@@ -0,0 +1,169 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.HashMap;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Nss;
+import aaf.v2_0.Pkey;
+import aaf.v2_0.Roles;
+
+
+
+public class List extends BaseCmd<Role> {
+ private static final String LIST_ROLES_BY_NAME = "list roles for role";
+
+ public List(Role parent) {
+ super(parent,"list");
+ cmds.add(new ListByUser(this));
+ cmds.add(new ListByRole(this));
+ cmds.add(new ListByNS(this));
+ cmds.add(new ListByNameOnly(this));
+ cmds.add(new ListByPerm(this));
+ cmds.add(new ListActivity(this));
+ }
+
+ // Package Level on purpose
+ abstract class ListRoles extends Retryable<Integer> {
+ protected int list(Future<Roles> fp,Rcli<?> client, String header) throws APIException, CadiException {
+ if(fp.get(AAFcli.timeout())) {
+ Future<Nss> fn = null;
+ ArrayList<String> roleNss = null;
+ ArrayList<String> permNss = null;
+ if (aafcli.isDetailed()) {
+ roleNss = new ArrayList<String>();
+ permNss = new ArrayList<String>();
+ for(aaf.v2_0.Role p : fp.value.getRole()) {
+ String roleNs = p.getName();
+ do {
+ roleNs = p.getName().substring(0,roleNs.lastIndexOf('.'));
+ fn = client.read("/authz/nss/"+roleNs,getDF(Nss.class));
+ } while (!fn.get(AAFcli.timeout()));
+ roleNss.add(roleNs);
+
+ for(Pkey perm : p.getPerms()) {
+ if (perm.getType().contains(roleNs))
+ permNss.add(roleNs);
+ else {
+ Future<Nss> fpn = null;
+ String permType = perm.getType();
+ String permNs = permType;
+ do {
+ permNs = permType.substring(0,permNs.lastIndexOf('.'));
+ fpn = client.read("/authz/nss/"+permNs,getDF(Nss.class));
+ } while (!fpn.get(AAFcli.timeout()));
+ permNss.add(permNs);
+ }
+ }
+ }
+ }
+ report(fp,roleNss,permNss,null,header);
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ }
+
+ private final static String roleFormat = "%-50s\n";
+
+ private static final Comparator<aaf.v2_0.Role> roleCompare = new Comparator<aaf.v2_0.Role>() {
+ @Override
+ public int compare(aaf.v2_0.Role a, aaf.v2_0.Role b) {
+ return a.getName().compareTo(b.getName());
+ }
+ };
+ public void report(Future<Roles> fp, ArrayList<String> roleNss, ArrayList<String> permNss,
+ HashMap<String,Boolean> expiredMap, String ... str) {
+ reportHead(str);
+ if (fp != null && aafcli.isDetailed() && str[0].toLowerCase().contains(LIST_ROLES_BY_NAME)) {
+ String description = fp.value.getRole().get(0).getDescription();
+ if (description == null) description = "";
+ reportColHead("%-80s\n","Description: " + description);
+ }
+
+ if(fp==null) {
+ pw().println("<No Roles Found>");
+ } else if (aafcli.isDetailed()){
+ String permFormat = " %-20s %-15s %-30s %-15s\n";
+ String fullFormat = roleFormat+permFormat;
+ reportColHead(fullFormat,"[ROLE NS].Name","PERM NS","Type","Instance","Action");
+ Collections.sort(fp.value.getRole(),roleCompare);
+ for(aaf.v2_0.Role p : fp.value.getRole()) {
+ String roleNs = roleNss.remove(0);
+ pw().format(roleFormat, "["+roleNs+"]"+p.getName().substring(roleNs.length()));
+ for(Pkey perm : p.getPerms()) {
+ String permNs = permNss.remove(0);
+ pw().format(permFormat,
+ permNs,
+ perm.getType().substring(permNs.length()+1),
+ perm.getInstance(),
+ perm.getAction());
+ }
+ }
+ } else {
+ String permFormat = " %-30s %-30s %-15s\n";
+ String fullFormat = roleFormat+permFormat;
+ reportColHead(fullFormat,"ROLE Name","PERM Type","Instance","Action");
+ Collections.sort(fp.value.getRole(),roleCompare);
+ for(aaf.v2_0.Role p : fp.value.getRole()) {
+ if (expiredMap != null) {
+ String roleName = p.getName();
+ Boolean b = expiredMap.get(roleName);
+ if (b != null && b.booleanValue())
+ pw().format(roleFormat, roleName+"*");
+ else {
+ pw().format(roleFormat, roleName);
+ for(Pkey perm : p.getPerms()) {
+ pw().format(permFormat,
+ perm.getType(),
+ perm.getInstance(),
+ perm.getAction());
+ }
+ }
+ } else {
+ pw().format(roleFormat, p.getName());
+ for(Pkey perm : p.getPerms()) {
+ pw().format(permFormat,
+ perm.getType(),
+ perm.getInstance(),
+ perm.getAction());
+ }
+ }
+ }
+ }
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListActivity.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListActivity.java
new file mode 100644
index 0000000..780bb48
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListActivity.java
@@ -0,0 +1,76 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.History;
+
+/**
+ *
+ */
+public class ListActivity extends Cmd {
+ private static final String HEADER = "List Activity of Role";
+
+ public ListActivity(List parent) {
+ super(parent,"activity",
+ new Param("name",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String role = args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<History> fp = client.read(
+ "/authz/hist/role/"+role,
+ getDF(History.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ activity(fp.value,HEADER + " [ " + role + " ]");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/hist/role/<role>",History.class,true);
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByNS.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByNS.java
new file mode 100644
index 0000000..35ef634
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByNS.java
@@ -0,0 +1,73 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Roles;
+
+/**
+ * Return Roles by NS
+ *
+ *
+ */
+public class ListByNS extends Cmd {
+ private static final String HEADER = "List Roles by NS ";
+
+ public ListByNS(List parent) {
+ super(parent,"ns",
+ new Param("name",true));
+ }
+
+ @Override
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String ns=args[idx];
+
+ return same(((List)parent).new ListRoles() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Roles> fp = client.read(
+ "/authz/roles/ns/"+ns,
+ getDF(Roles.class)
+ );
+ return list(fp,client, HEADER+"["+ns+"]");
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/roles/name/<ns>",Roles.class,true);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByNameOnly.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByNameOnly.java
new file mode 100644
index 0000000..5db02e4
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByNameOnly.java
@@ -0,0 +1,73 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Roles;
+
+/**
+ * Return Roles by NS
+ *
+ *
+ */
+public class ListByNameOnly extends Cmd {
+ private static final String HEADER = "List Roles by Name ";
+
+ public ListByNameOnly(List parent) {
+ super(parent,"name",
+ new Param("name",true));
+ }
+
+ @Override
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String name=args[idx];
+
+ return same(((List)parent).new ListRoles() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Roles> fp = client.read(
+ "/authz/roles/name/"+name,
+ getDF(Roles.class)
+ );
+ return list(fp,client, HEADER+"["+name+"]");
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/roles/name/<name>",Roles.class,true);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByPerm.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByPerm.java
new file mode 100644
index 0000000..4fcdca9
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByPerm.java
@@ -0,0 +1,79 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Roles;
+
+/**
+ * Return Roles by NS
+ *
+ *
+ */
+public class ListByPerm extends Cmd {
+ private static final String HEADER = "List Roles by Perm ";
+
+ public ListByPerm(List parent) {
+ super(parent,"perm",
+ new Param("type",true),
+ new Param("instance", true),
+ new Param("action", true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String type=args[idx];
+ final String instance=args[++idx];
+ final String action=args[++idx];
+
+ return same(((List)parent).new ListRoles() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+
+ Future<Roles> fp = client.read(
+ "/authz/roles/perm/"+type+'/'+instance+'/'+action,
+ getDF(Roles.class)
+ );
+ return list(fp,client, HEADER+type+'|'+instance+'|'+action);
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByRole.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByRole.java
new file mode 100644
index 0000000..f4db514
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByRole.java
@@ -0,0 +1,70 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Roles;
+
+/**
+ *
+ *
+ */
+public class ListByRole extends Cmd {
+ private static final String HEADER="List Roles for Role";
+
+ public ListByRole(List parent) {
+ super(parent,"role",
+ new Param("role",true));
+ }
+
+ @Override
+ public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(((List)parent).new ListRoles() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ String role=args[idx];
+ Future<Roles> fp = client.read(
+ "/authz/roles/"+role,
+ getDF(Roles.class)
+ );
+ return list(fp,client,HEADER+"["+role+"]");
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/roles/<role>",Roles.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByUser.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByUser.java
new file mode 100644
index 0000000..b333dec
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/ListByUser.java
@@ -0,0 +1,146 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+import org.onap.aaf.inno.env.util.Chrono;
+
+import aaf.v2_0.Nss;
+import aaf.v2_0.Pkey;
+import aaf.v2_0.Roles;
+import aaf.v2_0.Users;
+
+/**
+ * p
+ *
+ */
+public class ListByUser extends Cmd {
+ private static final String HEADER = "List Roles for User ";
+
+ public ListByUser(List parent) {
+ super(parent,"user",
+ new Param("id",true));
+ }
+
+ @Override
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ String user=args[idx];
+ String realm = getOrgRealm();
+ final String fullUser;
+ if (user.indexOf('@') < 0 && realm != null) {
+ fullUser = user + '@' + realm;
+ } else {
+ fullUser = user;
+ }
+
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+
+ Future<Roles> fp = client.read(
+ "/authz/roles/user/"+fullUser,
+ getDF(Roles.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ Future<Nss> fn = null;
+ ArrayList<String> roleNss = null;
+ ArrayList<String> permNss = null;
+ HashMap<String, Boolean> expiredMap = new HashMap<String, Boolean>();
+ if (aafcli.isDetailed()) {
+ roleNss = new ArrayList<String>();
+ permNss = new ArrayList<String>();
+ for(aaf.v2_0.Role p : fp.value.getRole()) {
+ String roleNs = p.getName();
+ do {
+ roleNs = p.getName().substring(0,roleNs.lastIndexOf('.'));
+ fn = client.read("/authz/nss/"+roleNs,getDF(Nss.class));
+ } while (!fn.get(AAFcli.timeout()));
+ roleNss.add(roleNs);
+
+ for(Pkey perm : p.getPerms()) {
+ if (perm.getType().contains(roleNs)) {
+ permNss.add(roleNs);
+ } else {
+ Future<Nss> fpn = null;
+ String permType = perm.getType();
+ String permNs = permType;
+ do {
+ permNs = permType.substring(0,permNs.lastIndexOf('.'));
+ fpn = client.read("/authz/nss/"+permNs,getDF(Nss.class));
+ } while (!fpn.get(AAFcli.timeout()));
+ permNss.add(permNs);
+ }
+ }
+ }
+ }
+
+ if (fp.value != null) {
+ for(aaf.v2_0.Role p : fp.value.getRole()) {
+ Future<Users> fu = client.read(
+ "/authz/userRole/"+fullUser+"/"+p.getName(),
+ getDF(Users.class)
+ );
+ if (fu.get(5000)) {
+ if(fu.value != null) {
+ for (Users.User u : fu.value.getUser()) {
+ if(u.getExpires().normalize().compare(Chrono.timeStamp().normalize()) > 0) {
+ expiredMap.put(p.getName(), new Boolean(false));
+ } else {
+ expiredMap.put(p.getName(), new Boolean(true));
+ }
+ }
+ }
+ }
+ }
+ }
+
+ ((List)parent).report(fp,roleNss,permNss,expiredMap,HEADER,fullUser);
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/Role.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/Role.java
new file mode 100644
index 0000000..4b5c225
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/Role.java
@@ -0,0 +1,41 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+
+import org.onap.aaf.inno.env.APIException;
+
+public class Role extends BaseCmd<Role> {
+ public List list;
+
+ public Role(AAFcli aafcli) throws APIException {
+ super(aafcli, "role");
+ cmds.add(new CreateDelete(this));
+// cmds.add(new Delete(this));
+ cmds.add(new User(this));
+ cmds.add(new Describe(this));
+ cmds.add(list = new List(this));
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/role/User.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/User.java
new file mode 100644
index 0000000..239ab84
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/role/User.java
@@ -0,0 +1,171 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.role;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.UserRoleRequest;
+
+/**
+ * p
+ *
+ */
+public class User extends Cmd {
+ private final static String[] options = {"add","del","setTo","extend"};
+ public User(Role parent) {
+ super(parent,"user",
+ new Param(optionsToString(options),true),
+ new Param("role",true),
+ new Param("id[,id]* (not required for setTo)",false));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String realm = getOrgRealm();
+ String action = args[idx++];
+ int option = whichOption(options, action);
+ UserRoleRequest urr = new UserRoleRequest();
+ urr.setRole(args[idx++]);
+ // Set Start/End commands
+ setStartEnd(urr);
+
+ Future<?> fp = null;
+
+ if (option != 2) {
+ String[] ids = args[idx++].split(",");
+ String verb=null,participle=null;
+ // You can request to be added or removed from role.
+ setQueryParamsOn(client);
+
+ for(String id: ids) {
+ if (id.indexOf('@') < 0 && realm != null) id += '@' + realm;
+ urr.setUser(id);
+ switch(option) {
+ case 0:
+ fp = client.create(
+ "/authz/userRole",
+ getDF(UserRoleRequest.class),
+ urr);
+ verb = "Added";
+ participle = "] to Role [" ;
+ break;
+ case 1:
+ fp = client.delete(
+ "/authz/userRole/"+urr.getUser()+'/'+urr.getRole(),
+ Void.class);
+ verb = "Removed";
+ participle = "] from Role [" ;
+ break;
+ case 3:
+ fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
+ verb = "Extended";
+ participle = "] in Role [" ;
+ break;
+
+ default: // actually, should never get here...
+ throw new CadiException("Invalid action [" + action + ']');
+ }
+ if(fp.get(AAFcli.timeout())) {
+ pw().print(verb);
+ pw().print(" User [");
+ pw().print(urr.getUser());
+ pw().print(participle);
+ pw().print(urr.getRole());
+ pw().println(']');
+ } else {
+ switch(fp.code()) {
+ case 202:
+ pw().print("User Role ");
+ pw().print(action);
+ pw().println(" is Accepted, but requires Approvals before actualizing");
+ break;
+ case 404:
+ if(option==3) {
+ pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
+ break;
+ }
+ default:
+ error(fp);
+ }
+ }
+ }
+ } else {
+ String allUsers = "";
+ if (idx < args.length)
+ allUsers = args[idx++];
+ StringBuilder finalUsers = new StringBuilder();
+ for (String u : allUsers.split(",")) {
+ if (u != "") {
+ if (u.indexOf('@') < 0 && realm != null) u += '@' + realm;
+ if (finalUsers.length() > 0) finalUsers.append(",");
+ finalUsers.append(u);
+ }
+ }
+
+ urr.setUser(finalUsers.toString());
+ fp = client.update(
+ "/authz/userRole/role",
+ getDF(UserRoleRequest.class),
+ urr);
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Set the Role to Users [" + allUsers + "]");
+ } else {
+ error(fp);
+ }
+ }
+ return fp==null?0:fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Add OR Delete a User to/from a Role OR");
+ detailLine(sb,indent,"Set a User's Roles to the roles supplied");
+ detailLine(sb,indent+2,"role - Name of Role to create");
+ detailLine(sb,indent+2,"id(s) - ID or IDs to add to the Role");
+ sb.append('\n');
+ detailLine(sb,indent+2,"Note: this is the same as \"user role add...\" except allows");
+ detailLine(sb,indent+2,"assignment of role to multiple userss");
+ detailLine(sb,indent+2,"WARNING: Users supplied with setTo will be the ONLY users attached to this role");
+ detailLine(sb,indent+2,"If no users are supplied, the users attached to this role are reset.");
+ api(sb,indent,HttpMethods.POST,"authz/userRole",UserRoleRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/userRole/<user>/<role>",Void.class,false);
+ api(sb,indent,HttpMethods.PUT,"authz/userRole/<role>",UserRoleRequest.class,false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/Cred.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/Cred.java
new file mode 100644
index 0000000..b6fd83f
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/Cred.java
@@ -0,0 +1,153 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.CredRequest;
+
+public class Cred extends Cmd {
+ private static final String CRED_PATH = "/authn/cred";
+ private static final String[] options = {"add","del","reset","extend"/*,"clean"*/};
+// private Clean clean;
+ public Cred(User parent) {
+ super(parent,"cred",
+ new Param(optionsToString(options),true),
+ new Param("id",true),
+ new Param("password (! D|E)",false),
+ new Param("entry# (if multi)",false)
+ );
+// clean = new Clean(this);
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ String key = args[idx++];
+ final int option = whichOption(options,key);
+
+ final CredRequest cr = new CredRequest();
+ cr.setId(args[idx++]);
+ if(option!=1 && option!=3) {
+ if(idx>=args.length) throw new CadiException("Password Required");
+ cr.setPassword(args[idx++]);
+ }
+ if(args.length>idx)
+ cr.setEntry(args[idx++]);
+
+ // Set Start/End commands
+ setStartEnd(cr);
+// final int cleanIDX = _idx+1;
+ Integer ret = same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<CredRequest> fp=null;
+ String verb =null;
+ switch(option) {
+ case 0:
+ fp = client.create(
+ CRED_PATH,
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Added Credential [";
+ break;
+ case 1:
+// if(aafcli.addForce())cr.setForce("TRUE");
+ setQueryParamsOn(client);
+ fp = client.delete(CRED_PATH,
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Deleted Credential [";
+ break;
+ case 2:
+ fp = client.update(
+ CRED_PATH,
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Reset Credential [";
+ break;
+ case 3:
+ fp = client.update(
+ CRED_PATH+"/5",
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Extended Credential [";
+ break;
+// case 4:
+// return clean.exec(cleanIDX, args);
+ }
+ if(fp.get(AAFcli.timeout())) {
+ pw().print(verb);
+ pw().print(cr.getId());
+ pw().println(']');
+ } else if(fp.code()==202) {
+ pw().println("Credential Action Accepted, but requires Approvals before actualizing");
+ } else if(fp.code()==406 && option==1) {
+ pw().println("You cannot delete this Credential");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ if(ret==null)ret = -1;
+ return ret;
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add, Delete or Reset Credential");
+ indent+=2;
+ detailLine(sb,indent,"id - the ID to create/delete/reset within AAF");
+ detailLine(sb,indent,"password - Company Policy compliant Password (not required for Delete)");
+ detailLine(sb,indent,"entry - selected option when deleting/resetting a cred with multiple entries");
+ sb.append('\n');
+ detailLine(sb,indent,"The Domain can be related to any Namespace you have access to *");
+ detailLine(sb,indent,"The Domain is in reverse order of Namespace, i.e. ");
+ detailLine(sb,indent+2,"NS of com.att.myapp can create user of XY1234@myapp.att.com");
+ sb.append('\n');
+ detailLine(sb,indent,"NOTE: AAF does support multiple creds with the same ID. Check with your org if you");
+ detailLine(sb,indent+2,"have this implemented. (For example, this is implemented for MechIDs at AT&T)");
+ sb.append('\n');
+ detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
+ indent-=2;
+ api(sb,indent,HttpMethods.POST,"authn/cred",CredRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authn/cred",CredRequest.class,false);
+ api(sb,indent,HttpMethods.PUT,"authn/cred",CredRequest.class,false);
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/Delg.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/Delg.java
new file mode 100644
index 0000000..edb5c38
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/Delg.java
@@ -0,0 +1,136 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import java.text.ParseException;
+import java.util.Date;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+import org.onap.aaf.inno.env.util.Chrono;
+import org.onap.aaf.rosetta.env.RosettaDF;
+
+import aaf.v2_0.DelgRequest;
+
+public class Delg extends BaseCmd<User> {
+ static final String AUTHZ_DELG = "/authz/delegate";
+ private final static String[] options = {"add","upd","del"};
+
+ public Delg(User user) throws APIException {
+ super(user,"delegate",
+ new Param(optionsToString(options),true),
+ new Param("from",true),
+ new Param("to REQ A&U",false),
+ new Param("until (YYYY-MM-DD) REQ A", false)
+ );
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String realm = getOrgRealm();
+ DelgRequest dr = new DelgRequest();
+ setStartEnd(dr);
+
+ int option= whichOption(options, args[idx++]);
+ String user = args[idx++];
+ if (user.indexOf('@') < 0 && realm != null) user += '@' + realm;
+ dr.setUser(user);
+ if(option<2) {
+ String delegate = args[idx++];
+ if (delegate.indexOf('@') < 0 && realm != null) delegate += '@' + realm;
+ dr.setDelegate(delegate);
+ if(option<2 && args.length>idx) {
+ Date date;
+ try {
+ date = Chrono.dateOnlyFmt.parse(args[idx++]);
+ } catch (ParseException e) {
+ throw new CadiException(e);
+ }
+ dr.setEnd(Chrono.timeStamp(date));
+ }
+ }
+
+ Future<DelgRequest> fp;
+ RosettaDF<DelgRequest> df = getDF(DelgRequest.class);
+ String verb;
+ setQueryParamsOn(client);
+
+ switch(option) {
+ case 0:
+ fp = client.create(AUTHZ_DELG, df, dr);
+ verb = "Added";
+ break;
+ case 1:
+ fp = client.update(AUTHZ_DELG, df, dr);
+ verb = "Updated";
+ break;
+ case 2:
+ fp = client.delete(AUTHZ_DELG, df, dr);
+ verb = "Deleted";
+ break;
+ default:
+ throw new CadiException("Bad Argument");
+ };
+
+ if(fp.get(AAFcli.timeout())) {
+ pw().append("Delegate ");
+ pw().println(verb);
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add, Update or Delete Delegate");
+ indent+=2;
+ detailLine(sb,indent,"A Delegate is a person who will temporarily cover the Approval and");
+ detailLine(sb,indent,"Ownership questions on behalf of the person Responsible.");
+ sb.append('\n');
+ detailLine(sb,indent,"fromID - the person who is the Responsible person of record");
+ detailLine(sb,indent,"toID - the person who will be delegated (required for Add/Update)");
+ detailLine(sb,indent,"until - the end date for this delegation");
+ indent-=2;
+ api(sb,indent,HttpMethods.POST,AUTHZ_DELG,DelgRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,AUTHZ_DELG,DelgRequest.class,false);
+ api(sb,indent,HttpMethods.PUT,AUTHZ_DELG,DelgRequest.class,false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/List.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/List.java
new file mode 100644
index 0000000..61779be
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/List.java
@@ -0,0 +1,122 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import java.util.Collections;
+import java.util.Comparator;
+
+import org.onap.aaf.cmd.BaseCmd;
+
+import org.onap.aaf.inno.env.util.Chrono;
+
+import aaf.v2_0.Approval;
+import aaf.v2_0.Approvals;
+import aaf.v2_0.Delg;
+import aaf.v2_0.Delgs;
+import aaf.v2_0.Users;
+
+public class List extends BaseCmd<User> {
+
+ public List(User parent) {
+ super(parent,"list");
+ cmds.add(new ListForRoles(this));
+ cmds.add(new ListForPermission(this));
+ cmds.add(new ListForCreds(this));
+ cmds.add(new ListDelegates(this));
+ cmds.add(new ListApprovals(this));
+ cmds.add(new ListActivity(this));
+ }
+
+
+ void report(Users users, boolean count, String ... str) {
+ reportHead(str);
+ String format = reportColHead("%-50s %-30s\n","User","Expires");
+ String date = "XXXX-XX-XX";
+ int idx = 0;
+ java.util.List<aaf.v2_0.Users.User> sorted = users.getUser();
+ Collections.sort(sorted, new Comparator<aaf.v2_0.Users.User>() {
+ @Override
+ public int compare(aaf.v2_0.Users.User u1, aaf.v2_0.Users.User u2) {
+ if(u2==null || u2 == null) {
+ return -1;
+ }
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ for(aaf.v2_0.Users.User user : sorted) {
+ if(!aafcli.isTest())
+ date = Chrono.dateOnlyStamp(user.getExpires());
+
+ pw().format(format,
+ count? (Integer.valueOf(++idx) + ") " + user.getId()): user.getId(),
+ date);
+ }
+ pw().println();
+ }
+
+ public void report(Approvals approvals, String title, String id) {
+ reportHead(title,id);
+ String format = reportColHead(" %-20s %-20s %-11s %-6s %12s\n","User","Approver","Type","Status","Updated");
+ java.util.List<Approval> lapp = approvals.getApprovals();
+ Collections.sort(lapp, new Comparator<Approval>() {
+ @Override
+ public int compare(Approval a1, Approval a2) {
+ return a1.getTicket().compareTo(a2.getTicket());
+ }
+ } );
+ String ticket = null, prev = null;
+ for(Approval app : lapp ) {
+ ticket = app.getTicket();
+ if(!ticket.equals(prev)) {
+ pw().print("Ticket: ");
+ pw().println(ticket);
+ }
+ prev = ticket;
+
+ pw().format(format,
+ app.getUser(),
+ app.getApprover(),
+ app.getType(),
+ app.getStatus(),
+ Chrono.niceDateStamp(app.getUpdated())
+ );
+ }
+ }
+
+ public void report(Delgs delgs, String title, String id) {
+ reportHead(title,id);
+ String format = reportColHead(" %-25s %-25s %-10s\n","User","Delegate","Expires");
+ String date = "XXXX-XX-XX";
+ for(Delg delg : delgs.getDelgs()) {
+ if(!this.aafcli.isTest())
+ date = Chrono.dateOnlyStamp(delg.getExpires());
+ pw().printf(format,
+ delg.getUser(),
+ delg.getDelegate(),
+ date
+ );
+ }
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListActivity.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListActivity.java
new file mode 100644
index 0000000..d8ce474
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListActivity.java
@@ -0,0 +1,81 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.History;
+
+/**
+ *
+ */
+public class ListActivity extends Cmd {
+ private static final String HEADER = "List Activity of User";
+
+ public ListActivity(List parent) {
+ super(parent,"activity",
+ new Param("user",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ String user = args[idx++];
+ String realm = getOrgRealm();
+ final String fullUser = (user.indexOf('@') < 0 && realm != null)?user + '@' + realm:user;
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+
+ Future<History> fp = client.read(
+ "/authz/hist/user/"+fullUser,
+ getDF(History.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ activity(fp.value,HEADER + " [ " + fullUser + " ]");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/hist/user/<user>",History.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListApprovals.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListApprovals.java
new file mode 100644
index 0000000..e478d20
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListApprovals.java
@@ -0,0 +1,104 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Approvals;
+
+/**
+ *
+ *
+ */
+public class ListApprovals extends Cmd {
+ private static final String HEADER = "List Approvals";
+ private final static String[] options = {"user","approver","ticket"};
+ public ListApprovals(List parent) {
+ super(parent,"approvals",
+ new Param(optionsToString(options),true),
+ new Param("value",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String type = args[idx++];
+ int option = whichOption(options,type);
+ String value = args[idx++];
+ final String fullValue;
+ if (option != 2) {
+ String realm = getOrgRealm();
+ fullValue = (value.indexOf('@')<0 && realm != null)?value +'@'+realm:value;
+ } else {
+ fullValue = value;
+ }
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Approvals> fp = client.read(
+ "/authz/approval/"+type+'/'+fullValue,
+ getDF(Approvals.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ ((List)parent).report(fp.value,HEADER + " by " + type,fullValue);
+ if(fp.code()==404) {
+ return 200;
+ }
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"Approvals are used when the Requestor does not have the rights");
+ detailLine(sb,indent,"to perform the action required. Approvers are those listed as");
+ detailLine(sb,indent,"responsible for Namespace associated with the request, and those");
+ detailLine(sb,indent,"required by the Company by Policy. This may be, for instance");
+ detailLine(sb,indent,"the supervisor of the requestor");
+ sb.append('\n');
+ detailLine(sb,indent,"Delegates can be listed by User, Approver or Ticket.");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/approval/user/<value>",Approvals.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/approval/approver/<value>",Approvals.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/approval/ticket/<value>",Approvals.class,false);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListDelegates.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListDelegates.java
new file mode 100644
index 0000000..723e302
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListDelegates.java
@@ -0,0 +1,95 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Delgs;
+
+/**
+ *
+ */
+public class ListDelegates extends Cmd {
+ private static final String HEADER = "List Delegates";
+ private static final String[] options = {"user","delegate"};
+ public ListDelegates(List parent) {
+ super(parent,"delegates",
+ new Param(optionsToString(options),true),
+ new Param("id",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ String realm = getOrgRealm();
+ int idx = _idx;
+ final String key = args[idx++];
+ //int option = whichOption(options,key);
+ String id = args[idx++];
+ final String fullID = (id.indexOf('@') < 0 && realm != null)? id + '@' + realm:id;
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+
+ Future<Delgs> fp = client.read(
+ "/authz/delegates/" + key + '/' + fullID,
+ getDF(Delgs.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ ((List)parent).report(fp.value,HEADER + " by " + key, fullID);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"Delegates are those people temporarily assigned to cover the");
+ detailLine(sb,indent,"responsibility of Approving, etc, while the actual Responsible");
+ detailLine(sb,indent,"Party is absent. Typically, this is for Vacation, or Business");
+ detailLine(sb,indent,"Travel.");
+ sb.append('\n');
+ detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/delegates/user/<id>",Delgs.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/delegates/delegate/<id>",Delgs.class,false);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListForCreds.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListForCreds.java
new file mode 100644
index 0000000..ec76e17
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListForCreds.java
@@ -0,0 +1,99 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import java.util.Collections;
+import java.util.Comparator;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Users;
+import aaf.v2_0.Users.User;
+
+/**
+ * List for Creds
+ *
+ */
+public class ListForCreds extends Cmd {
+ private final static String[] options = {"ns","id"};
+
+ private static final String HEADER = "List creds for ";
+ public ListForCreds(List parent) {
+ super(parent,"cred",
+ new Param(optionsToString(options),true),
+ new Param("value",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final int option = whichOption(options, args[idx++]);
+ final String which = options[option];
+ final String value = args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Users> fp = client.read(
+ "/authn/creds/"+which+'/'+value,
+ getDF(Users.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ if (aafcli.isTest())
+ Collections.sort(fp.value.getUser(), new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ ((org.onap.aaf.cmd.user.List)parent).report(fp.value,option==1,HEADER+which,value);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"This report lists the users associated to Roles.");
+ detailLine(sb,indent,"role - the Role name");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/users/role/<role>",Users.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListForPermission.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListForPermission.java
new file mode 100644
index 0000000..c433610
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListForPermission.java
@@ -0,0 +1,104 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import java.util.Collections;
+import java.util.Comparator;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Users;
+import aaf.v2_0.Users.User;
+
+/**
+ * p
+ *
+ */
+public class ListForPermission extends Cmd {
+ private static final String HEADER = "List Users for Permission";
+ public ListForPermission(List parent) {
+ super(parent,"perm",
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action",true));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String type = args[idx++];
+ String instance = args[idx++];
+ if("\\*".equals(instance))instance="*";
+ String action = args[idx++];
+ if("\\*".equals(action))action="*";
+ Future<Users> fp = client.read(
+ "/authz/users/perm/"+type+'/'+instance+'/'+action,
+ getDF(Users.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ if (aafcli.isTest())
+ Collections.sort(fp.value.getUser(), new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ ((org.onap.aaf.cmd.user.List)parent).report(fp.value,false,HEADER,type+"|"+instance+"|"+action);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"This report lists the users associated to Permissions. Since Users");
+ detailLine(sb,indent,"are associated to Roles, and Roles have Permissions, this report");
+ detailLine(sb,indent,"accomodates all these linkages.");
+ sb.append('\n');
+ detailLine(sb,indent,"The URL must contain the Permission's type,instance and action, and ");
+ detailLine(sb,indent,"may include \"*\"s (type in as \\\\*).");
+ detailLine(sb,indent,"See Perm Create Documentation for definitions.");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/users/perm/<type>/<instance>/<action>",Users.class,true);
+ }
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListForRoles.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListForRoles.java
new file mode 100644
index 0000000..528a33b
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/ListForRoles.java
@@ -0,0 +1,93 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import java.util.Collections;
+import java.util.Comparator;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.Users;
+import aaf.v2_0.Users.User;
+
+/**
+ * p
+ *
+ */
+public class ListForRoles extends Cmd {
+ private static final String HEADER = "List Users for Role";
+ public ListForRoles(List parent) {
+ super(parent,"role", new Param("role",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String role = args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Users> fp = client.read(
+ "/authz/users/role/"+role,
+ getDF(Users.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ if (aafcli.isTest())
+ Collections.sort(fp.value.getUser(), new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ ((org.onap.aaf.cmd.user.List)parent).report(fp.value,false, HEADER,role);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"This report lists the users associated to Roles.");
+ detailLine(sb,indent,"role - the Role name");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/users/role/<role>",Users.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/Role.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/Role.java
new file mode 100644
index 0000000..bf7baaf
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/Role.java
@@ -0,0 +1,158 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.Cmd;
+import org.onap.aaf.cmd.Param;
+import org.onap.aaf.cssa.rserv.HttpMethods;
+
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.inno.env.APIException;
+
+import aaf.v2_0.UserRoleRequest;
+
+/**
+ * p
+ *
+ *
+ */
+public class Role extends Cmd {
+ private static final String[] options = {"add", "del", "setTo","extend"};
+ public Role(User parent) {
+ super(parent, "role", new Param(optionsToString(options), true), new Param("user", true), new Param(
+ "role[,role]* (!REQ S)", false));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String key = args[idx++];
+ int option = whichOption(options, key);
+ String user = args[idx++];
+ String realm = getOrgRealm();
+
+ UserRoleRequest urr = new UserRoleRequest();
+ if (user.indexOf('@') < 0 && realm != null) user += '@' + realm;
+ urr.setUser(user);
+ // Set Start/End commands
+ setStartEnd(urr);
+
+ Future<?> fp = null;
+
+ if (option != 2) {
+ if (args.length < 5) {
+ throw new CadiException(build(new StringBuilder("Too few args: "), null).toString());
+ }
+ String[] roles = args[idx++].split(",");
+ for (String role : roles) {
+ String verb = null,participle=null;
+ urr.setRole(role);
+ // You can request to be added or removed from role.
+ setQueryParamsOn(client);
+ switch(option) {
+ case 0:
+ fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr);
+ verb = "Added";
+ participle = "] to User [" ;
+ break;
+ case 1:
+ fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class);
+ verb = "Removed";
+ participle = "] from User [" ;
+ break;
+ case 3:
+ fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
+ verb = "Extended";
+ participle = "] to User [" ;
+ break;
+ default:
+ throw new CadiException("Invalid action [" + key + ']');
+ }
+ if (fp.get(AAFcli.timeout())) {
+ pw().print(verb);
+ pw().print(" Role [");
+ pw().print(urr.getRole());
+ pw().print(participle);
+ pw().print(urr.getUser());
+ pw().println(']');
+ } else {
+ switch(fp.code()) {
+ case 202:
+ pw().print("UserRole ");
+ pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ break;
+ case 404:
+ if(option==3) {
+ pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
+ break;
+ }
+ default:
+ error(fp);
+ }
+ }
+ }
+ } else {
+ // option 2 is setTo command (an update call)
+ String allRoles = "";
+ if (idx < args.length)
+ allRoles = args[idx++];
+
+ urr.setRole(allRoles);
+ fp = client.update("/authz/userRole/user", getDF(UserRoleRequest.class), urr);
+ if (fp.get(AAFcli.timeout())) {
+ pw().println("Set User's Roles to [" + allRoles + "]");
+ } else {
+ error(fp);
+ }
+ }
+ return fp == null ? 0 : fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb, indent, "Add OR Delete a User to/from a Role OR");
+ detailLine(sb, indent, "Set a User's Roles to the roles supplied");
+ detailLine(sb, indent + 2, "user - ID of User");
+ detailLine(sb, indent + 2, "role(s) - Role or Roles to which to add the User");
+ sb.append('\n');
+ detailLine(sb, indent + 2, "Note: this is the same as \"role user add...\" except allows");
+ detailLine(sb, indent + 2, "assignment of user to multiple roles");
+ detailLine(sb, indent + 2, "WARNING: Roles supplied with setTo will be the ONLY roles attached to this user");
+ detailLine(sb, indent + 2, "If no roles are supplied, user's roles are reset.");
+ api(sb, indent, HttpMethods.POST, "authz/userRole", UserRoleRequest.class, true);
+ api(sb, indent, HttpMethods.DELETE, "authz/userRole/<user>/<role>", Void.class, false);
+ api(sb, indent, HttpMethods.PUT, "authz/userRole/<user>", UserRoleRequest.class, false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/org/onap/aaf/cmd/user/User.java b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/User.java
new file mode 100644
index 0000000..bfc29cf
--- /dev/null
+++ b/authz-cmd/src/main/java/org/onap/aaf/cmd/user/User.java
@@ -0,0 +1,38 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.cmd.user;
+
+import org.onap.aaf.cmd.AAFcli;
+import org.onap.aaf.cmd.BaseCmd;
+
+import org.onap.aaf.inno.env.APIException;
+
+public class User extends BaseCmd<User> {
+ public User(AAFcli aafcli) throws APIException {
+ super(aafcli,"user");
+ cmds.add(new Role(this));
+ cmds.add(new Cred(this));
+ cmds.add(new Delg(this));
+ cmds.add(new List(this));
+ }
+}
diff --git a/authz-cmd/src/main/scripts/aaflogin b/authz-cmd/src/main/scripts/aaflogin
new file mode 100644
index 0000000..1c15a43
--- /dev/null
+++ b/authz-cmd/src/main/scripts/aaflogin
@@ -0,0 +1,199 @@
+#!/bin/bash
+JAVA_HOME=_JAVA_HOME_
+JAVA=${JAVA_HOME}/bin/java
+DEFAULT_DOMAIN=XXX_DOMAIN
+###
+# Give some help hints if first run
+#
+if [ "`declare -f aaflogout`" = "" ] || [ "$1" = "-h" ]; then
+ echo
+ echo " COMMANDS:"
+ echo " aaflogin -f = Redo Local Login"
+ echo " aaflogout = Logout from Environment"
+ echo " aaflogin -r = Reset Password on AAF Service"
+ echo " aaflogin -h = Help"
+ echo " aafcli = AAF Management Tool"
+ echo
+fi
+
+if [ "$1" != "-h" ]; then
+
+
+###
+# Load User/Password for aafcli, and create in function.
+#
+# To use, source aaflogin
+#
+# ex: . ./aaflogin
+#
+# -f = force relogin
+# -r = reset password sequence
+#
+# see aaflogout to logout
+###
+
+###
+# Gather Classpath - warning, DME2 doesn't work with -Djava.ext.dirs
+###
+AAF_CP=_ROOT_DIR_/etc
+for JAR in `find _ROOT_DIR_/lib -name "*.jar"` ; do
+ AAF_CP="$AAF_CP:$JAR"
+done
+
+###
+# Create Keyfile to use temporarily, if not exists
+###
+if [ ! -e $HOME/.aaf/keyfile ]; then
+ mkdir -p $HOME/.aaf
+ ${JAVA} -cp $AAF_CP org.onap.aaf.cadi.CmdLine keygen $HOME/.aaf/keyfile
+ chmod 400 $HOME/.aaf/keyfile
+fi
+
+###
+# Obtain User ID from AAF_ID, or SUDO_USER or USER, that order
+###
+if [ "$AAF_ID" == "" ] || [ "$1" == "-f" ] ; then
+ if [ "$AAF_ID" == "" ] ; then
+ if [ "$SUDO_USER" != "" ] ; then
+ AAF_ID=$SUDO_USER
+ else if [ "$USER" != "" ] ; then
+ AAF_ID=$USER
+ fi
+ fi
+ fi
+
+ echo -n "Enter AAF ID [$AAF_ID]: "
+ read TEMP
+ if [ "$TEMP" != "" ] ; then
+ AAF_ID=$TEMP
+ fi
+ export AAF_ID
+fi
+
+###
+# Add Function to remove AAF Vars and Functions from the Shell
+#
+function aaflogout {
+ unset AAF_ID
+ unset AAF_PASS
+ unset AAF_CP
+ unset -f aafcli
+ unset -f cmcli
+ unset -f aaflogout
+ rm -f $HOME/.aaf/keyfile
+}
+
+
+###
+# Load the Password
+###
+if [ "$AAF_PASS" == "" ] || [ "$1" == "-f" ] ; then
+ # Ask for User and Password. Assuming Unix and availability of "stty"
+ if [[ "$AAF_ID" == *"@$DEFAULT_DOMAIN" ]] || [[ "$AAF_ID" != *"@"* ]] ; then
+ PASS_PROMPT="AT&T Global Login"
+ AAF_DEFAULT_DOMAIN="-Daaf_default_domain=$DEFAULT_DOMAIN"
+ else
+ PASS_PROMPT="AAF"
+ AAF_DEFAULT_DOMAIN=""
+ fi
+
+
+ read -ers -p "Enter "$PASS_PROMPT" Password for $AAF_ID: " AAF_PASS
+ echo
+ AAF_PASS=enc:`$JAVA -cp $AAF_CP $AAF_DEFAULT_DOMAIN org.onap.aaf.cadi.CmdLine digest "$AAF_PASS" $HOME/.aaf/keyfile`
+ export AAF_PASS
+fi
+
+
+
+###
+# load aafcli function in the Shell
+###
+
+function aafcli {
+ # for separating VM_ARGS in aafcli
+ AAF_SPACE=" "
+ THE_ID=$AAF_ID
+ if [ "${AAF_ID}" = "${AAF_ID/@/%}" ]; then
+ THE_ID+="@$DEFAULT_DOMAIN"
+ fi
+ _JAVA_HOME_/bin/java \
+ -cp $AAF_CP \
+ -Daaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=_MAJOR_VER_._MINOR_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_ \
+ -DAFT_LATITUDE=_AFT_LATITUDE_ \
+ -DAFT_LONGITUDE=_AFT_LONGITUDE_ \
+ -DAFT_ENVIRONMENT=_AFT_ENVIRONMENT_ \
+ -Daaf_id=$THE_ID \
+ -Daaf_password=$AAF_PASS \
+ -Daaf_dme_timeout=60000 \
+ -Dcadi_keyfile=$HOME/.aaf/keyfile \
+ -Daaf_default_realm=$DEFAULT_DOMAIN \
+ -DDEPLOYED_VERSION=_ARTIFACT_VERSION_ \
+ _DME2_FS_ \
+ com.att.cmd.AAFcli $*
+ unset THE_ID
+ unset AAF_SPACE
+}
+
+###
+# load cmcli function in the Shell
+###
+
+function cmcli {
+ # for separating VM_ARGS in cmcli
+ AAF_SPACE=" "
+ THE_ID=$AAF_ID
+ if [ "${AAF_ID}" = "${AAF_ID/@/%}" ]; then
+ THE_ID+="@$DEFAULT_DOMAIN"
+ fi
+ CM_URL=_CM_URL_
+ if [ "${CM_URL}" = "" ]; then
+ CM_URL=https://DME2RESOLVE/service=com.att.authz.Certman/version=_MAJOR_VER_._MINOR_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_
+ fi
+
+ _JAVA_HOME_/bin/java \
+ -cp $AAF_CP \
+ -DAFT_LATITUDE=_AFT_LATITUDE_ \
+ -DAFT_LONGITUDE=_AFT_LONGITUDE_ \
+ -DAFT_ENVIRONMENT=_AFT_ENVIRONMENT_ \
+ -Daaf_dme_timeout=60000 \
+ -Daaf_default_realm=$DEFAULT_DOMAIN \
+ -DDEPLOYED_VERSION=_ARTIFACT_VERSION_ \
+ _DME2_FS_ \
+ org.onap.aaf.cadi.cm.CmAgent cm_url=${CM_URL} aaf_id=$THE_ID aaf_password="$AAF_PASS" \
+ cadi_keyfile=$HOME/.aaf/keyfile $*
+ unset THE_ID
+ unset AAF_SPACE
+ unset CM_URL
+}
+
+
+###
+# if "-r" the do Remote Password Reset
+###
+if [ "$1" == "-r" ] ; then
+ # Ask for User and Password. Assuming Unix and availability of "stty"
+ read -ers -p "Enter New AAF Password for $AAF_ID: " AAF_NEWPASS
+ echo
+ read -ers -p "Reenter New AAF Password for $AAF_ID: " AAF_NEWPASS2
+ echo
+ if [ "$AAF_NEWPASS" == "$AAF_NEWPASS2" ] ; then
+ RESP=`aafcli user resetCred "$AAF_ID@aaf.att.com" $AAF_NEWPASS`
+ echo $RESP
+ if [ "$RESP" == "Reset Credential [$AAF_ID@aaf.att.com]" ] ; then
+ export AAF_PASS=enc:`$JAVA -cp $AAF_CP org.onap.aaf.cadi.CmdLine digest $AAF_NEWPASS $HOME/.aaf/keyfile`
+ fi
+ else
+ echo "Passwords don't match!"
+ fi
+fi
+
+###
+# Export key variables for use in other Scripts
+###
+export AAF_ID
+export AAF_PASS
+export AAF_CP
+export -f aafcli
+export -f aaflogout
+fi