CLOUDOPS-391: Fix UssdCallManager. Fix USSD tests. Cleanup Permission…

…sUtil
RestComm · Nov 24, 2017 · 3149e8b · 3149e8b
1 parent 810a714
commit 3149e8b
Show file tree

Hide file tree

Showing 5 changed files with 41 additions and 104 deletions.
diff --git a/...omm.identity/src/main/java/org/restcomm/connect/identity/permissions/PermissionsUtil.java b/...omm.identity/src/main/java/org/restcomm/connect/identity/permissions/PermissionsUtil.java
@@ -26,17 +26,13 @@ public class PermissionsUtil {
 
     protected Logger logger = Logger.getLogger(PermissionsUtil.class);
 
-    //private IdentityContext identityContext;
-    //private ServletContext context;
-    //private UserIdentityContext userIdentityContext;
-
     private AccountsDao accountsDao;
     private DaoManager storage;
     private RestcommRoles restcommRoles;
 
     public static PermissionsUtil getInstance() {
         if (instance == null) {
-            //throw Exception!
+            throw new RuntimeException();
         }
         return instance;
     }
@@ -62,20 +58,13 @@ private PermissionsUtil(ServletContext context, DaoManager storage, Configuratio
      *
      * @param permission - e.g. 'RestComm:Create:Accounts'
      */
-//    public void checkPermission(final String permission) {
-//        //checkAuthenticatedAccount(); // ok there is a valid authenticated account
-//        if ( checkPermission(permission, userIdentityContext.getEffectiveAccountRoles()) != AuthOutcome.OK )
-//            throw new InsufficientPermission();
-//    }
-
     public AuthOutcome checkPermission(String neededPermissionString, Sid accountSid) {
         WildcardPermissionResolver resolver = new WildcardPermissionResolver();
         Permission neededPermission = resolver.resolvePermission(neededPermissionString);
         List<org.restcomm.connect.dao.entities.Permission> accountPermissions = accountsDao.getAccountPermissions(accountSid);
         // check the neededPermission against all roles of the user
         RestcommRoles restcommRoles = this.getRestcommRoles();
 
-        //should get union of permissions
         //FIXME: should an account have more than one role??
         Set<String> roleNames = new HashSet<String>();
         roleNames.add(accountsDao.getAccount(accountSid).getRole());
@@ -117,6 +106,7 @@ public AuthOutcome checkPermission(String neededPermissionString, Sid accountSid
         //allRolePermissions.containsKey(checkPerm);
         //allRolePermissions.implies(checkPerm);
         //FIXME:can we not loop through this again?
+        //TODO: add memoization table
         for(Permission p : allRolePermissions){
             if(p.implies(neededPermission)){
                 if (logger.isDebugEnabled()) {
@@ -132,74 +122,6 @@ public AuthOutcome checkPermission(String neededPermissionString, Sid accountSid
         return AuthOutcome.FAILED;
 
     }
-//    public AuthOutcome checkPermission(String neededPermissionString, Set<String> roleNames) {
-//        // if this is an administrator ask no more questions
-//        if ( roleNames.contains(getAdministratorRole()))
-//            return AuthOutcome.OK;
-//
-//        WildcardPermissionResolver resolver = new WildcardPermissionResolver();
-//        Permission neededPermission = resolver.resolvePermission(neededPermissionString);
-//        List<org.restcomm.connect.dao.entities.Permission> accountPermissions = this.userIdentityContext.getAccountPermissions();
-//        // check the neededPermission against all roles of the user
-//        RestcommRoles restcommRoles = this.getRestcommRoles();
-//
-//        //should get union of permissions
-//        Set<Permission> allRolePermissions = new HashSet<Permission>();
-//        for (String roleName: roleNames) {
-//            SimpleRole simpleRole = restcommRoles.getRole(roleName);
-//            if ( simpleRole == null) {
-//                logger.error(roleName+" doesnt exist");
-//            }else{
-//
-//                try {
-//                    Set<Permission> rolePermissions = simpleRole.getPermissions();
-//
-//                    allRolePermissions.addAll(rolePermissions);
-//                } catch (Exception e) {
-//                    // TODO: handle exception
-//                    logger.debug(e);
-//                }
-//            }
-//        }
-//        for(org.restcomm.connect.dao.entities.Permission p: accountPermissions){
-//            String name = p.getName();
-//            //FIXME:cast problem??
-//            AccountPermission ap = (AccountPermission)p;
-//
-//            //check if account permission is false and exists in rolePermissions
-//            //if it does, remove it from rolePermissions
-//            if(allRolePermissions.contains(ap) && ap.getValue()==false){
-//                allRolePermissions.remove(ap);
-//            }
-//            //check if account permission is true and does not exist in rolePermissions
-//            //add it to rolePermissions
-//            if(!allRolePermissions.contains(ap) && ap.getValue()){
-//                allRolePermissions.add(ap);
-//            }
-//        }
-//        //check if neededPermission is implied in all permissions
-//        //WildcardPermission checkPerm = new WildcardPermission(neededPermissionString);
-//        //allRolePermissions.containsKey(checkPerm);
-//        //allRolePermissions.implies(checkPerm);
-//        //FIXME:can we not loop through this again?
-//        for(Permission p : allRolePermissions){
-//            if(p.implies(neededPermission)){
-//                if (logger.isDebugEnabled()) {
-//                    logger.debug("Granted access by permission " + p.toString());
-//                }
-//                return AuthOutcome.OK;
-//            }
-//        }
-//        if (logger.isDebugEnabled()) {
-//            logger.debug("No permissions " + neededPermissionString);
-//        }
-//
-//        return AuthOutcome.FAILED;
-//    }
-
-    public void getEffectivePermission(){
-
-    }
 
     /**
      * Returns the string literal for the administrator role. This role is granted implicitly access from checkAuthenticatedAccount() method.
@@ -211,14 +133,6 @@ protected String getAdministratorRole() {
         return "Administrator";
     }
 
-//    public void setUserIdentityContext(UserIdentityContext userIdentityContext){
-//        this.userIdentityContext = userIdentityContext;
-//    }
-//
-//    public UserIdentityContext getUserIdentityContext(){
-//        return this.userIdentityContext;
-//    }
-
     public RestcommRoles getRestcommRoles() {
         return restcommRoles;
     }

diff --git a/....testsuite/src/test/java/org/restcomm/connect/testsuite/http/RestcommPermissionsTool.java b/....testsuite/src/test/java/org/restcomm/connect/testsuite/http/RestcommPermissionsTool.java
@@ -96,7 +96,7 @@ public JsonObject getPermission(String deploymentUrl, String adminUsername, Stri
         ClientResponse clientResponse = webResource.path(permissionSid).get(ClientResponse.class);
         int status = clientResponse.getStatus();
         response = clientResponse.getEntity(String.class);
-        System.out.println("YUIO status="+status+" response="+response+" "+clientResponse.toString()+" "+clientResponse.getClientResponseStatus());
+        //System.out.println("status="+status+" response="+response+" "+clientResponse.toString()+" "+clientResponse.getClientResponseStatus());
         //TODO: handle other Statuses?
         if(clientResponse.getClientResponseStatus().equals(Status.NOT_FOUND) ){
             throw new NotFoundException();

diff --git a/...tcomm.testsuite/src/test/resources/org/restcomm/connect/ussd/restcomm.script_ussdPullTest b/...tcomm.testsuite/src/test/resources/org/restcomm/connect/ussd/restcomm.script_ussdPullTest
@@ -37,3 +37,5 @@ INSERT INTO "restcomm_incoming_phone_numbers" VALUES('PHae6e420f425248d6a26948c1
 INSERT INTO "restcomm_incoming_phone_numbers" VALUES('PHae6e420f425248d6a26948c17a9e2awl','2012-04-24 22:51:29.372000000','2012-04-24 22:51:29.372000000','UssdPullTestNumber4','ACae6e420f425248d6a26948c17a9e2acf','*777#','2012-04-24',FALSE,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acf/IncomingPhoneNumbers/PHae6e420f425248d6a26948c17a9e2awl',NULL,NULL,NULL,NULL, TRUE,'0.0','http://127.0.0.1:8080/restcomm/ussd-rcml.xml','GET', NULL, NULL, NULL, NULL, NULL, NULL, 'ORafbe225ad37541eba518a74248f0ac4c')
 INSERT INTO "restcomm_incoming_phone_numbers" VALUES('PHae6e420f425248d6a26948c17a9e2arl','2012-04-24 22:51:29.372000000','2012-04-24 22:51:29.372000000','UssdPullTestNumber5','ACae6e420f425248d6a26948c17a9e2acf','*888#','2012-04-24',FALSE,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acf/IncomingPhoneNumbers/PHae6e420f425248d6a26948c17a9e2arl',NULL,NULL,NULL,NULL, TRUE,'0.0','http://192.168.1.151:8080/restcomm-rvd/services/apps/AP76bd0886bb414195a6d5ccbd55b552bd/controller','GET', NULL, NULL, NULL, NULL, NULL, NULL, 'ORafbe225ad37541eba518a74248f0ac4c')
 INSERT INTO "restcomm_incoming_phone_numbers" VALUES('PHae6e420f425248d6a26948c17a9e2awr','2012-04-24 22:51:29.372000000','2012-04-24 22:51:29.372000000','UssdPullTestNumber6','ACae6e420f425248d6a26948c17a9e2acf','5577','2012-04-24',FALSE,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acf/IncomingPhoneNumbers/PHae6e420f425248d6a26948c17a9e2awr',NULL,NULL,NULL,NULL, TRUE,'0.0','http://127.0.0.1:8080/restcomm/ussd-rcml.xml','', NULL, NULL, NULL, NULL, NULL, NULL, 'ORafbe225ad37541eba518a74248f0ac4c')
+INSERT INTO "restcomm_clients" VALUES('CL00000000000000000000000000000001','2013-11-04 12:52:44.144000000','2013-11-04 12:52:44.144000000','ACae6e420f425248d6a26948c17a9e2acf','2012-04-24','alice','alice','1234',1,NULL,'POST',NULL,'POST',NULL,'/restcomm/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acf/Clients/CL00000000000000000000000000000001',NULL)
+INSERT INTO "restcomm_clients" VALUES('CL00000000000000000000000000000002','2013-11-04 12:52:44.144000000','2013-11-04 12:52:44.144000000','ACae6e420f425248d6a26948c17a9e2acf','2012-04-24','bob','bob','1234',1,NULL,'POST',NULL,'POST',NULL,'/restcomm/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acf/Clients/CL00000000000000000000000000000002',NULL)
diff --git a/restcomm/restcomm.testsuite/src/test/resources/restcomm.script_callRegexTest b/restcomm/restcomm.testsuite/src/test/resources/restcomm.script_callRegexTest
@@ -34,6 +34,7 @@ INSERT INTO "restcomm_accounts" VALUES('ACae6e420f425248d6a26948c17a9e2acf','201
 INSERT INTO "restcomm_accounts" VALUES('ACae6e420f425248d6a26948c17a9e2acg','2012-04-24 22:51:29.372000000','2012-04-24 22:51:29.372000000','subadministrator@company.com','Sub Administrator Account','ACae6e420f425248d6a26948c17a9e2acf','Full','active','77f8c12cc7b8f8423e5c38b035249166','Administrator','/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acg','ORafbe225ad37541eba518a74248f0ac4c')
 INSERT INTO "restcomm_clients" VALUES('CLa2b99142e111427fbb489c3de357f60a','2013-11-04 12:52:44.144000000','2013-11-04 12:52:44.144000000','ACae6e420f425248d6a26948c17a9e2acf','2012-04-24','alice','alice','1234',1,NULL,'POST',NULL,'POST',NULL,'/restcomm/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acf/Clients/CLa2b99142e111427fbb489c3de357f60a',NULL)
 INSERT INTO "restcomm_clients" VALUES('CLa2b99142e111427fbb489c3de357f60b','2013-11-04 12:52:44.144000000','2013-11-04 12:52:44.144000000','ACae6e420f425248d6a26948c17a9e2acg','2012-04-24','subaccountclient','subaccountclient','1234',1,NULL,'POST',NULL,'POST',NULL,'/restcomm/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acg/Clients/CLa2b99142e111427fbb489c3de357f60b',NULL)
+INSERT INTO "restcomm_clients" VALUES('CLa2b99142e111427fbb489c3de357f60c','2013-11-04 12:52:44.144000000','2013-11-04 12:52:44.144000000','ACae6e420f425248d6a26948c17a9e2acf','2012-04-24','bob','bob','1234',1,NULL,'POST',NULL,'POST',NULL,'/restcomm/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acf/Clients/CLa2b99142e111427fbb489c3de357f60c',NULL)
 INSERT INTO "restcomm_incoming_phone_numbers" VALUES('PHae6e420f425248d6a26948c17a9e2aca','2012-04-24 22:51:29.372000000','2012-04-24 22:51:29.372000000','Test Number0','ACae6e420f425248d6a26948c17a9e2acf','1313','2012-04-24',FALSE,'http://127.0.0.1:8090/1313','GET',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acf/IncomingPhoneNumbers/PHae6e420f425248d6a26948c17a9e2aca',NULL,NULL,NULL,NULL, TRUE,'0.0','http://127.0.0.1:8080/restcomm/ussd-rcml.xml','GET', NULL, NULL, NULL, NULL, NULL, NULL, 'ORafbe225ad37541eba518a74248f0ac4c')
 INSERT INTO "restcomm_incoming_phone_numbers" VALUES('PHae6e420f425248d6a26948c17a9e2acf','2012-04-24 22:51:29.372000000','2012-04-24 22:51:29.372000000','Test Number1','ACae6e420f425248d6a26948c17a9e2acf','7777|8888','2012-04-24',FALSE,'http://127.0.0.1:8090/regex','GET',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acf/IncomingPhoneNumbers/PHae6e420f425248d6a26948c17a9e2acf',NULL,NULL,NULL,NULL, TRUE,'0.0','http://127.0.0.1:8080/restcomm/ussd-rcml.xml','GET', NULL, NULL, NULL, NULL, NULL, NULL, 'ORafbe225ad37541eba518a74248f0ac4c')
 INSERT INTO "restcomm_incoming_phone_numbers" VALUES('PHae6e420f425248d6a26948c17a9e2acg','2012-04-24 22:51:29.372000000','2012-04-24 22:51:29.372000000','Test Number 2','ACae6e420f425248d6a26948c17a9e2acf','^*77...33#$','2012-04-24',FALSE,'http://127.0.0.1:8090/regex','GET',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,'/2012-04-24/Accounts/ACae6e420f425248d6a26948c17a9e2acf/IncomingPhoneNumbers/PHae6e420f425248d6a26948c17a9e2acg',NULL,NULL,NULL,NULL, TRUE,'0.0','http://127.0.0.1:8080/restcomm/ussd-rcml.xml','GET', NULL, NULL, NULL, NULL, NULL, NULL, 'ORafbe225ad37541eba518a74248f0ac4c')

diff --git a/...comm/restcomm.ussd/src/main/java/org/restcomm/connect/ussd/telephony/UssdCallManager.java b/...comm/restcomm.ussd/src/main/java/org/restcomm/connect/ussd/telephony/UssdCallManager.java
@@ -26,7 +26,7 @@
 
 import java.io.IOException;
 import java.util.List;
-import java.util.Map;
+
 import java.util.regex.Pattern;
 
 import javax.servlet.ServletContext;
@@ -41,11 +41,12 @@
 import org.restcomm.connect.commons.configuration.RestcommConfiguration;
 import org.restcomm.connect.commons.configuration.sets.RcmlserverConfigurationSet;
 import org.restcomm.connect.commons.dao.Sid;
-import org.restcomm.connect.commons.dao.Sid.Type;
+
 import org.restcomm.connect.commons.faulttolerance.RestcommUntypedActor;
 import org.restcomm.connect.commons.util.UriUtils;
 import org.restcomm.connect.dao.AccountsDao;
 import org.restcomm.connect.dao.ApplicationsDao;
+import org.restcomm.connect.dao.ClientsDao;
 import org.restcomm.connect.dao.DaoManager;
 import org.restcomm.connect.dao.IncomingPhoneNumbersDao;
 import org.restcomm.connect.dao.common.OrganizationUtil;
@@ -157,10 +158,11 @@ public void onReceive(final Object message) throws Exception {
         if (CreateCall.class.equals(klass)) {
             this.createCallRequest = (CreateCall) message;
             effectiveAccount = accountsDao.getAccount(this.createCallRequest.accountId());
-        }else if (SipServletRequest.class.equals(klass)){
+        }else if (message instanceof SipServletRequest){
             effectiveAccount = accountsDao.getAccount(getAccountIdFromSipRequest((SipServletRequest) message));
         }
 
+
 //        UserIdentityContext uic = new UserIdentityContext(effectiveAccount, accountsDao);
 //        permissionsUtil.setUserIdentityContext(uic);
         try {
@@ -200,21 +202,38 @@ public void onReceive(final Object message) throws Exception {
     }
 
     private Sid getAccountIdFromSipRequest(SipServletRequest request) {
+        final ClientsDao clients = storage.getClientsDao();
         //FIXME: a null check is faster?
-        Sid accountSid = Sid.generate(Type.INVALID);
-        final String authorization = request.getHeader("Proxy-Authorization");
-        if(authorization!=null){
-            final Map<String, String> map = CallControlHelper.authHeaderToMap(authorization);
-            final String user = map.get("username");
-
-            //FIXME: how to derive org here?
-            //Sid toOrganizationSid = OrganizationUtil.getOrganizationSidBySipURIHost(storage, (SipURI) request.getTo().getURI());
-            Sid organizationSid = null;
-            Client client = storage.getClientsDao().getClient(user, organizationSid);
-            if (client != null) {
-                accountSid = client.getAccountSid();
+        Sid accountSid = null ; //Sid.generate(Type.INVALID);
+
+        //TODO: implement get from Proxy-Authorization
+
+        final SipURI fromUri = (SipURI) request.getFrom().getURI();
+        Sid sourceOrganizationSid = OrganizationUtil.getOrganizationSidBySipURIHost(storage, fromUri);
+        if(logger.isDebugEnabled()) {
+            logger.debug("sourceOrganizationSid: " + sourceOrganizationSid);
+        }
+        if(sourceOrganizationSid == null){
+            logger.error("Null Organization: fromUri: "+fromUri);
+        }
+
+        //get from From
+        final String fromUser = fromUri.getUser();
+        final Client client = clients.getClient(fromUser,sourceOrganizationSid);
+        if (client != null) {
+            accountSid = client.getAccountSid();
+        }
+
+        //TODO: if not available from From, should we actually get the accountSid from the To??
+        if(accountSid == null){
+            final String toUser = CallControlHelper.getUserSipId(request, useTo);
+            MostOptimalNumberResponse mostOptimalNumber = OrganizationUtil.getMostOptimalIncomingPhoneNumber(storage, request, toUser, sourceOrganizationSid);
+            IncomingPhoneNumber number = mostOptimalNumber.number();
+            if(number!=null){
+                accountSid = number.getAccountSid();
             }
         }
+
         return accountSid;
     }
 
@@ -224,6 +243,7 @@ private void invite(final Object message) throws Exception {
         // Make sure we handle re-invites properly.
         if (!request.isInitial()) {
             final SipServletResponse okay = request.createResponse(SC_OK);
+            //FIXME: should check request session first?
             okay.send();
             return;
         }