From 0c30b58b3ab189b4101a9d52771cccb003343ed5 Mon Sep 17 00:00:00 2001
From: Alessandro Boch <aboch@cisco.com>
Date: Fri, 4 Oct 2013 20:35:53 -0700
Subject: [PATCH] Fix save config for Container Administrator

- Needed code was missing

Change-Id: Ibe4cbf18db0db96cc7f5b0a717b92ece3066b9c4
Signed-off-by: Alessandro Boch <aboch@cisco.com>
---
 .../controller/web/DaylightWeb.java           | 67 +++++++++++++++----
 1 file changed, 54 insertions(+), 13 deletions(-)

diff --git a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWeb.java b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWeb.java
index 78f4b54497..1d4211a926 100644
--- a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWeb.java
+++ b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWeb.java
@@ -10,12 +10,17 @@ package org.opendaylight.controller.web;
 
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
+import org.opendaylight.controller.configuration.IConfigurationContainerService;
 import org.opendaylight.controller.configuration.IConfigurationService;
+import org.opendaylight.controller.containermanager.IContainerAuthorization;
+import org.opendaylight.controller.sal.authorization.Privilege;
+import org.opendaylight.controller.sal.authorization.Resource;
 import org.opendaylight.controller.sal.authorization.UserLevel;
 import org.opendaylight.controller.sal.utils.ServiceHelper;
 import org.opendaylight.controller.sal.utils.Status;
@@ -75,27 +80,63 @@ public class DaylightWeb {
     @ResponseBody
     public String save(HttpServletRequest request) {
         String username = request.getUserPrincipal().getName();
-        IUserManager userManager = (IUserManager) ServiceHelper
-                .getGlobalInstance(IUserManager.class, this);
+        IUserManager userManager = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
         if (userManager == null) {
             return "User Manager is not available";
         }
-
         UserLevel level = userManager.getUserLevel(username);
-        if (level == UserLevel.NETWORKOPERATOR) {
-            return "Save not permitted for Operator";
-        }
-
-        Status status = new Status(StatusCode.UNAUTHORIZED,
-                "Operation not allowed for current user");
-        if (level == UserLevel.NETWORKADMIN || level == UserLevel.SYSTEMADMIN) {
-            IConfigurationService configService = (IConfigurationService) ServiceHelper
-                    .getGlobalInstance(IConfigurationService.class, this);
+        Status status;
+        switch (level) {
+        case SYSTEMADMIN:
+        case NETWORKADMIN:
+            IConfigurationService configService = (IConfigurationService) ServiceHelper.getGlobalInstance(
+                    IConfigurationService.class, this);
             if (configService != null) {
                 status = configService.saveConfigurations();
+            } else {
+                status = new Status(StatusCode.NOSERVICE, "Configuration Service is not available");
+            }
+            break;
+        case NETWORKOPERATOR:
+        case CONTAINERUSER:
+            IContainerAuthorization containerAuth = (IContainerAuthorization) ServiceHelper.getGlobalInstance(
+                    IContainerAuthorization.class, this);
+            if (containerAuth != null) {
+                boolean oneSaved = false;
+                Set<Resource> authorizedContainers = containerAuth.getAllResourcesforUser(username);
+                if (authorizedContainers.isEmpty()) {
+                    status = new Status(StatusCode.UNAUTHORIZED, "User is not authorized for any container");
+                } else {
+                    for (Resource container : authorizedContainers) {
+                        if (container.getPrivilege() == Privilege.WRITE) {
+                            String containerName = (String)container.getResource();
+                            IConfigurationContainerService containerConfigService = (IConfigurationContainerService) ServiceHelper
+                                    .getInstance(IConfigurationContainerService.class, containerName, this);
+                            if (containerConfigService != null) {
+                                status = containerConfigService.saveConfigurations();
+                                if (status.isSuccess()) {
+                                    oneSaved = true;
+                                }
+                            }
+                        }
+                    }
+                    if (oneSaved) {
+                        status = new Status(StatusCode.SUCCESS);
+                    } else {
+                        status = new Status(StatusCode.UNAUTHORIZED, "Operation not allowed for current user");
+                    }
+                }
+            } else {
+                status = new Status(StatusCode.NOSERVICE, "Container Authorization Service is not available");
             }
+            break;
+        case APPUSER:
+        case NOUSER:
+        default:
+            status = new Status(StatusCode.UNAUTHORIZED, "Operation not allowed for current user");
+            break;
         }
-
+        // This function will eventually return a Status
         return status.getDescription();
     }
 
-- 
2.36.6