Able to disable feature for creating Topic Roles
Patchset 2: increment version
Change-Id: Ib7b4af0164643940bba608d743b42b350af44363
Signed-off-by: dglFromAtt <dgl@research.att.com>
Issue-ID: DMAAP-1027
Signed-off-by: dglFromAtt <dgl@research.att.com>
diff --git a/pom.xml b/pom.xml
index 2650e46..b735c48 100644
--- a/pom.xml
+++ b/pom.xml
@@ -381,7 +381,7 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<jettyVersion>9.4.12.RC2</jettyVersion>
<eelf.version>1.0.0</eelf.version>
- <artifact.version>1.0.21-SNAPSHOT</artifact.version>
+ <artifact.version>1.0.22-SNAPSHOT</artifact.version>
<!-- SONAR -->
<jacoco.version>0.7.7.201606060606</jacoco.version>
<sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java b/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
index 8ade70f..eeffa5b 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/TopicService.java
@@ -69,16 +69,19 @@
private MirrorMakerService bridge = new MirrorMakerService();
private static String centralCname;
+ private static boolean createTopicRoles;
public TopicService(){
DmaapConfig p = (DmaapConfig)DmaapConfig.getConfig();
defaultGlobalMrHost = p.getProperty("MR.globalHost", "global.host.not.set");
centralCname = p.getProperty("MR.CentralCname");
+ createTopicRoles = "true".equalsIgnoreCase(p.getProperty("aaf.CreateTopicRoles", "true"));
logger.info( "TopicService properties: CentralCname=" + centralCname +
- " defaultGlobarlMrHost=" + defaultGlobalMrHost );
+ " defaultGlobarlMrHost=" + defaultGlobalMrHost +
+ " createTopicRoles=" + createTopicRoles );
}
public Map<String, Topic> getTopics() {
@@ -118,9 +121,9 @@
}
private void aafTopicSetup(Topic topic, ApiError err ) {
-
- String t = dmaapSvc.getTopicPerm();
- if ( t == null ) {
+
+ String nsr = dmaapSvc.getDmaap().getTopicNsRoot();
+ if ( nsr == null ) {
err.setCode(500);
err.setMessage("Unable to establish AAF namespace root: (check /dmaap object)" );
err.setFields("topicNsRoot");
@@ -130,76 +133,85 @@
// establish AAF Connection using TopicMgr identity
AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
-
+ AafRole pubRole = null;
+ AafRole subRole = null;
- // create AAF namespace for this topic
- AafNamespace ns = new AafNamespace( topic.getFqtn(), aaf.getIdentity());
- {
- int rc = aaf.addNamespace( ns );
+ // creating Topic Roles was not an original feature.
+ // For backwards compatibility, only do this if the feature is enabled.
+ // Also, if the namespace of the topic is a foreign namespace, (i.e. not the same as our root ns)
+ // then we likely don't have permission to create sub-ns and Roles so don't try.
+ if ( createTopicRoles && topic.getFqtn().startsWith(nsr)) {
+ // create AAF namespace for this topic
+ AafNamespace ns = new AafNamespace( topic.getFqtn(), aaf.getIdentity());
+ {
+ int rc = aaf.addNamespace( ns );
+ if ( rc != 201 && rc != 409 ) {
+ err.setCode(500);
+ err.setMessage("Unexpected response from AAF:" + rc );
+ err.setFields("namespace:" + topic.getFqtn() + " identity="+ aaf.getIdentity());
+ return;
+ }
+ }
+
+ // create AAF Roles for MR clients of this topic
+ String rn = "publisher";
+ pubRole = new AafRole( topic.getFqtn(), rn );
+ int rc = aaf.addRole( pubRole );
if ( rc != 201 && rc != 409 ) {
err.setCode(500);
err.setMessage("Unexpected response from AAF:" + rc );
- err.setFields("namespace:" + topic.getFqtn() + " identity="+ aaf.getIdentity());
+ err.setFields("topic:" + topic.getFqtn() + " role="+ rn);
return;
}
+ topic.setPublisherRole( pubRole.getFullyQualifiedRole() );
+
+ rn = "subscriber";
+ subRole = new AafRole( topic.getFqtn(), rn );
+ rc = aaf.addRole( subRole );
+ if ( rc != 201 && rc != 409 ) {
+ err.setCode(500);
+ err.setMessage("Unexpected response from AAF:" + rc );
+ err.setFields("topic:" + topic.getFqtn() + " role="+ rn);
+ return;
+ }
+ topic.setSubscriberRole( subRole.getFullyQualifiedRole() );
}
-
- // create AAF Roles for MR clients of this topic
- String rn = "publisher";
- AafRole pubRole = new AafRole( topic.getFqtn(), rn );
- int rc = aaf.addRole( pubRole );
- if ( rc != 201 && rc != 409 ) {
- err.setCode(500);
- err.setMessage("Unexpected response from AAF:" + rc );
- err.setFields("topic:" + topic.getFqtn() + " role="+ rn);
- return;
- }
- topic.setPublisherRole( pubRole.getFullyQualifiedRole() );
-
- rn = "subscriber";
- AafRole subRole = new AafRole( topic.getFqtn(), rn );
- rc = aaf.addRole( subRole );
- if ( rc != 201 && rc != 409 ) {
- err.setCode(500);
- err.setMessage("Unexpected response from AAF:" + rc );
- err.setFields("topic:" + topic.getFqtn() + " role="+ rn);
- return;
- }
- topic.setSubscriberRole( subRole.getFullyQualifiedRole() );
-
// create AAF perms checked by MR
String instance = ":topic." + topic.getFqtn();
String[] actions = { "pub", "sub", "view" };
+ String t = dmaapSvc.getTopicPerm();
for ( String action : actions ){
DmaapPerm perm = new DmaapPerm( t, instance, action );
- rc = aaf.addPerm( perm );
+ int rc = aaf.addPerm( perm );
if ( rc != 201 && rc != 409 ) {
err.setCode(500);
err.setMessage("Unexpected response from AAF:" + rc );
err.setFields("t="+t + " instance="+ instance + " action="+ action);
return;
}
- // Grant perms to our default Roles
- if ( action.equals( "pub") || action.equals( "view") ) {
- DmaapGrant g = new DmaapGrant( perm, pubRole.getFullyQualifiedRole() );
- rc = aaf.addGrant( g );
- if ( rc != 201 && rc != 409 ) {
- err.setCode(rc);
- err.setMessage( "Grant of " + perm.toString() + " failed for " + pubRole.getFullyQualifiedRole() );
- logger.warn( err.getMessage());
- return;
- }
- }
- if ( action.equals( "sub") || action.equals( "view") ) {
- DmaapGrant g = new DmaapGrant( perm, subRole.getFullyQualifiedRole() );
- rc = aaf.addGrant( g );
- if ( rc != 201 && rc != 409 ) {
- err.setCode(rc);
- err.setMessage( "Grant of " + perm.toString() + " failed for " + subRole.getFullyQualifiedRole() );
- logger.warn( err.getMessage());
- return;
- }
+ if ( createTopicRoles ) {
+ // Grant perms to our default Roles
+ if ( action.equals( "pub") || action.equals( "view") ) {
+ DmaapGrant g = new DmaapGrant( perm, pubRole.getFullyQualifiedRole() );
+ rc = aaf.addGrant( g );
+ if ( rc != 201 && rc != 409 ) {
+ err.setCode(rc);
+ err.setMessage( "Grant of " + perm.toString() + " failed for " + pubRole.getFullyQualifiedRole() );
+ logger.warn( err.getMessage());
+ return;
+ }
+ }
+ if ( action.equals( "sub") || action.equals( "view") ) {
+ DmaapGrant g = new DmaapGrant( perm, subRole.getFullyQualifiedRole() );
+ rc = aaf.addGrant( g );
+ if ( rc != 201 && rc != 409 ) {
+ err.setCode(rc);
+ err.setMessage( "Grant of " + perm.toString() + " failed for " + subRole.getFullyQualifiedRole() );
+ logger.warn( err.getMessage());
+ return;
+ }
+ }
}
}
diff --git a/version.properties b/version.properties
index e04b5bc..7674d90 100644
--- a/version.properties
+++ b/version.properties
@@ -27,7 +27,7 @@
major=1
minor=0
-patch=21
+patch=22
base_version=${major}.${minor}.${patch}
# Release must be completed with git revision # in Jenkins