private void validateOAuthScope(NsiScope scope) throws ServiceException {
if (!Security.getUserDetails().getNsiScopes().contains(scope)) {
log.warn("OAuth access token not valid for {}", scope);
throw createServiceException(
ConnectionServiceProviderErrorCodes.SECURITY.MISSING_GRANTED_SCOPE);
}
}
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response) {
if (Security.getUserDetails() == null) {
LOGGER.debug("No user present");
response.setStatus(403);
return;
}
String transport = request.getParameter("transport");
if (transport == null) {
LOGGER.debug("No transport defined for the long polling call");
response.setStatus(400);
return;
}
if (transport.equals("longpollajax")
|| transport.equals("longpollxdr")
|| transport.equals("longpolljsonp")) {
doLongPollConnect(request, response, transport);
return;
}
LOGGER.debug("Do not understand the transport '{}'", transport);
response.setStatus(400);
}
@Test
public void do_switch_role_when_user_has_no_selected_role() throws Exception {
user =
new RichUserDetailsFactory()
.addBodRoles(BodRole.createNewUser())
.addUserGroup(new UserGroupFactory().setId("urn:user-group").create())
.create();
Security.setUserDetails(user);
PhysicalResourceGroup pGroup = new PhysicalResourceGroupFactory().setActive(true).create();
when(virtualResourceGroupServiceMock.findByAdminGroup("urn:user-group"))
.thenReturn(Optional.empty());
when(physicalResourceGroupServiceMock.find(2L)).thenReturn(Optional.of(pGroup));
mockMvc
.perform(
post("/request")
.param("physicalResourceGroupId", "2")
.param("userGroupId", "urn:user-group")
.param("bandwidth", "1111")
.param("userLabel", "port")
.param("message", "I want!"))
.andExpect(view().name("redirect:/user"));
assertThat(
"Context should not be cleared",
SecurityContextHolder.getContext().getAuthentication(),
nullValue());
verify(virtualResourceGroupServiceMock).save(any(VirtualResourceGroup.class));
verify(virtualPortServiceMock)
.requestCreateVirtualPort(eq(user), any(VirtualPortCreateRequestLink.class));
}
@Test
public void request_virtual_port_without_email_should_continue() throws Exception {
RichUserDetails user = new RichUserDetailsFactory().setEmail("").create();
Security.setUserDetails(user);
mockMvc
.perform(get("/request"))
.andExpect(model().attributeExists("userGroupViews"))
.andExpect(view().name("virtualports/selectTeamForLocalVirtualPort"));
}
@Before
public void setupAndLogin() {
mockMvc = standaloneSetup(subject).build();
UserGroup group1 = new UserGroupFactory().setName("A").setId("urn:user-group").create();
UserGroup group2 = new UserGroupFactory().setName("B").create();
UserGroup group3 = new UserGroupFactory().setName("C").create();
user =
new RichUserDetailsFactory()
.addUserRole()
.addUserGroup(group3)
.addUserGroup(group1)
.addUserGroup(group2)
.create();
Security.setUserDetails(user);
}
/**
* The reservation method processes an NSI reservation request for inter-domain bandwidth. Those
* parameters required for the request to proceed to a processing actor will be validated,
* however, all other parameters will be validated in the processing actor.
*
* @param parameters The un-marshaled JAXB object holding the NSI reservation request.
* @return The GenericAcknowledgmentType object returning the correlationId sent in the
* reservation request. We are acknowledging that we have received the request.
* @throws ServiceException if we can determine there is processing error before digging into the
* request.
*/
@Override
public GenericAcknowledgmentType reserve(final ReserveRequestType reservationRequest)
throws ServiceException {
checkNotNull(reservationRequest);
validateOAuthScope(NsiScope.RESERVE);
log.info(
"Received a NSI reserve request connectionId {}",
reservationRequest.getReserve().getReservation().getConnectionId());
Connection connection = RESERVE_REQUEST_TO_CONNECTION.apply(reservationRequest);
final NsiRequestDetails requestDetails =
new NsiRequestDetails(
reservationRequest.getReplyTo(), reservationRequest.getCorrelationId());
reserve(connection, requestDetails, Security.getUserDetails());
return createGenericAcknowledgment(requestDetails.getCorrelationId());
}
private void doLongPollConnect(
HttpServletRequest request, HttpServletResponse response, String transport) {
response.setCharacterEncoding("utf-8");
response.setHeader("Access-Control-Allow-Origin", "*");
response.setContentType("text/" + (transport.equals("longpolljsonp") ? "javascript" : "plain"));
final String id = request.getParameter("id");
final int count = Integer.parseInt(request.getParameter("count"));
final int lastEventId = Integer.parseInt(request.getParameter("lastEventId"));
AsyncContext aCtx = request.startAsync(request, response);
aCtx.addListener(
new AsyncListener() {
@Override
public void onTimeout(AsyncEvent event) throws IOException {
LOGGER.debug("onTimeout {}: {}", id, event);
cleanup(event);
}
@Override
public void onStartAsync(AsyncEvent event) throws IOException {}
@Override
public void onError(AsyncEvent event) throws IOException {
LOGGER.debug("onError {}: {}", id, event);
cleanup(event);
}
@Override
public void onComplete(AsyncEvent event) throws IOException {
cleanup(event);
}
private void cleanup(AsyncEvent event) {
connections.removeClient(id, count);
}
});
connections.clientRequest(id, count, lastEventId, aCtx, Security.getUserDetails());
}
@Override
public GenericAcknowledgmentType terminate(TerminateRequestType parameters)
throws ServiceException {
log.info(
"Received a NSI terminate request for connectionId '{}'",
parameters.getTerminate().getConnectionId());
validateOAuthScope(NsiScope.TERMINATE);
validateProviderNsa(parameters.getTerminate().getProviderNSA());
Connection connection = getConnectionOrFail(parameters.getTerminate().getConnectionId());
NsiRequestDetails requestDetails =
new NsiRequestDetails(parameters.getReplyTo(), parameters.getCorrelationId());
connectionService.asyncTerminate(
connection.getId(),
parameters.getTerminate().getRequesterNSA(),
requestDetails,
Security.getUserDetails());
return createGenericAcknowledgment(requestDetails.getCorrelationId());
}
@RequestMapping(value = DELETE, params = ID_KEY, method = RequestMethod.DELETE)
public String delete(
Long id, @RequestParam(value = PAGE_KEY, required = false) Integer page, Model uiModel) {
return physicalPortService
.find(id)
.map(
port -> {
if (port instanceof UniPort) {
virtualServiceService
.findEntriesForUniPort((UniPort) port)
.forEach(
service ->
virtualServiceService.delete(service, Security.getUserDetails()));
}
physicalPortService.delete(id);
uiModel.asMap().clear();
uiModel.addAttribute(PAGE_KEY, page == null ? "1" : page.toString());
return redirectPortListPage(port);
})
.orElse("redirect:");
}
@Before
public void setUp() {
user = new RichUserDetailsFactory().create();
Security.setUserDetails(user);
}