Example 1 with ApplicationAlertMembershipEvent
use of io.gravitee.rest.api.model.alert.ApplicationAlertMembershipEvent in project gravitee-management-rest-api by gravitee-io.
the class GroupServiceImpl method deleteUserFromGroup.
@Override
public void deleteUserFromGroup(String groupId, String username) {
// check if user exist
this.userService.findById(username);
eventManager.publishEvent(ApplicationAlertEventType.APPLICATION_MEMBERSHIP_UPDATE, new ApplicationAlertMembershipEvent(Collections.emptySet(), Collections.singleton(groupId)));
membershipService.deleteReferenceMember(MembershipReferenceType.GROUP, groupId, MembershipMemberType.USER, username);
GroupEntity existingGroup = this.findById(groupId);
if (existingGroup.getApiPrimaryOwner() != null && existingGroup.getApiPrimaryOwner().equals(username)) {
updateApiPrimaryOwner(groupId, username);
}
}
Also used :
ApplicationAlertMembershipEvent(io.gravitee.rest.api.model.alert.ApplicationAlertMembershipEvent)
Example 2 with ApplicationAlertMembershipEvent
use of io.gravitee.rest.api.model.alert.ApplicationAlertMembershipEvent in project gravitee-management-rest-api by gravitee-io.
the class GroupServiceImpl method delete.
@Override
public void delete(String groupId) {
try {
logger.debug("delete {}", groupId);
Optional<Group> group = groupRepository.findById(groupId);
if (!group.isPresent()) {
throw new GroupNotFoundException(groupId);
}
RoleEntity apiPORole = roleService.findByScopeAndName(RoleScope.API, SystemRole.PRIMARY_OWNER.name()).orElseThrow(() -> new TechnicalManagementException("API System Role 'PRIMARY_OWNER' not found."));
final long apiCount = membershipService.getMembershipsByMemberAndReferenceAndRole(MembershipMemberType.GROUP, groupId, MembershipReferenceType.API, apiPORole.getId()).size();
if (apiCount > 0) {
throw new StillPrimaryOwnerException(apiCount, ApiPrimaryOwnerMode.GROUP);
}
// remove all members
membershipService.deleteReference(MembershipReferenceType.GROUP, groupId);
// remove all applications or apis
Date updatedDate = new Date();
apiRepository.search(new ApiCriteria.Builder().environmentId(GraviteeContext.getCurrentEnvironment()).groups(groupId).build()).forEach(api -> {
api.getGroups().remove(groupId);
api.setUpdatedAt(updatedDate);
try {
apiRepository.update(api);
} catch (TechnicalException ex) {
logger.error("An error occurs while trying to delete a group", ex);
throw new TechnicalManagementException("An error occurs while trying to delete a group", ex);
}
// remove from API plans
removeFromAPIPlans(groupId, updatedDate, api.getId());
// remove from API pages
removeGroupFromPages(groupId, updatedDate, api.getId());
// remove idp group mapping using this group
removeIDPGroupMapping(groupId, updatedDate);
});
Set<String> applicationIds = new HashSet<>();
applicationRepository.findByGroups(Collections.singletonList(groupId)).forEach(application -> {
application.getGroups().remove(groupId);
application.setUpdatedAt(updatedDate);
try {
applicationRepository.update(application);
applicationIds.add(application.getId());
} catch (TechnicalException ex) {
logger.error("An error occurs while trying to delete a group", ex);
throw new TechnicalManagementException("An error occurs while trying to delete a group", ex);
}
});
eventManager.publishEvent(ApplicationAlertEventType.APPLICATION_MEMBERSHIP_UPDATE, new ApplicationAlertMembershipEvent(applicationIds, Collections.emptySet()));
// remove from portal pages
removeGroupFromPages(groupId, updatedDate, null);
// remove group
groupRepository.delete(groupId);
// Audit
auditService.createEnvironmentAuditLog(Collections.singletonMap(GROUP, groupId), GROUP_DELETED, new Date(), group.get(), null);
logger.debug("delete {} - DONE", groupId);
} catch (TechnicalException ex) {
logger.error("An error occurs while trying to delete a group", ex);
throw new TechnicalManagementException("An error occurs while trying to delete a group", ex);
}
}
Also used :
ApiCriteria(io.gravitee.repository.management.api.search.ApiCriteria)
TechnicalException(io.gravitee.repository.exceptions.TechnicalException)
UuidString(io.gravitee.rest.api.service.common.UuidString)
ApplicationAlertMembershipEvent(io.gravitee.rest.api.model.alert.ApplicationAlertMembershipEvent)
Example 3 with ApplicationAlertMembershipEvent
use of io.gravitee.rest.api.model.alert.ApplicationAlertMembershipEvent in project gravitee-management-rest-api by gravitee-io.
the class MembershipServiceImpl method removeMemberMemberships.
@Override
public void removeMemberMemberships(MembershipMemberType memberType, String memberId) {
Set<String> applicationIds = new HashSet<>();
Set<String> groupIds = new HashSet<>();
try {
for (io.gravitee.repository.management.model.Membership membership : membershipRepository.findByMemberIdAndMemberType(memberId, convert(memberType))) {
if (convert(MembershipReferenceType.APPLICATION).equals(membership.getReferenceType())) {
applicationIds.add(membership.getReferenceId());
}
if (convert(MembershipReferenceType.GROUP).equals(membership.getReferenceType())) {
groupIds.add(membership.getReferenceId());
}
membershipRepository.delete(membership.getId());
}
eventManager.publishEvent(ApplicationAlertEventType.APPLICATION_MEMBERSHIP_UPDATE, new ApplicationAlertMembershipEvent(applicationIds, groupIds));
} catch (TechnicalException ex) {
LOGGER.error("An error occurs while trying to remove member {} {}", memberType, memberId, ex);
throw new TechnicalManagementException("An error occurs while trying to remove " + memberType + " " + memberId, ex);
}
}
Also used :
ApplicationAlertMembershipEvent(io.gravitee.rest.api.model.alert.ApplicationAlertMembershipEvent)
TechnicalException(io.gravitee.repository.exceptions.TechnicalException)
io.gravitee.rest.api.model(io.gravitee.rest.api.model)
UuidString(io.gravitee.rest.api.service.common.UuidString)
Example 4 with ApplicationAlertMembershipEvent
use of io.gravitee.rest.api.model.alert.ApplicationAlertMembershipEvent in project gravitee-management-rest-api by gravitee-io.
the class GroupMembersResource method addOrUpdateGroupMember.
@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Add or update a group member")
@ApiResponses({ @ApiResponse(code = 201, message = "Member has been added"), @ApiResponse(code = 200, message = "Member has been updated"), @ApiResponse(code = 400, message = "Membership is not valid"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = ENVIRONMENT_GROUP, acls = RolePermissionAction.CREATE), @Permission(value = ENVIRONMENT_GROUP, acls = RolePermissionAction.UPDATE), @Permission(value = RolePermission.GROUP_MEMBER, acls = RolePermissionAction.CREATE), @Permission(value = RolePermission.GROUP_MEMBER, acls = RolePermissionAction.UPDATE) })
public Response addOrUpdateGroupMember(@Valid @NotNull final List<GroupMembership> memberships) {
// Check that group exists
final GroupEntity groupEntity = groupService.findById(group);
// check if user is a 'simple group admin' or a platform admin
final boolean hasPermission = permissionService.hasPermission(ENVIRONMENT_GROUP, GraviteeContext.getCurrentEnvironment(), CREATE, UPDATE, DELETE);
if (!hasPermission) {
if (groupEntity.getMaxInvitation() != null) {
final Set<MemberEntity> members = membershipService.getMembersByReference(MembershipReferenceType.GROUP, group);
final long membershipsToAddSize = memberships.stream().map(GroupMembership::getId).filter(s -> {
final List<String> membershipIdsToSave = members.stream().map(MemberEntity::getId).collect(toList());
return !membershipIdsToSave.contains(s);
}).count();
if ((groupService.getNumberOfMembers(group) + membershipsToAddSize) > groupEntity.getMaxInvitation()) {
throw new GroupMembersLimitationExceededException(groupEntity.getMaxInvitation());
}
}
if (!groupEntity.isSystemInvitation()) {
throw new GroupInvitationForbiddenException(SYSTEM, group);
}
}
for (GroupMembership membership : memberships) {
RoleEntity previousApiRole = null;
RoleEntity previousApplicationRole = null;
RoleEntity previousGroupRole = null;
if (membership.getId() != null) {
Set<RoleEntity> userRoles = membershipService.getRoles(MembershipReferenceType.GROUP, group, MembershipMemberType.USER, membership.getId());
for (RoleEntity role : userRoles) {
switch(role.getScope()) {
case API:
previousApiRole = role;
break;
case APPLICATION:
previousApplicationRole = role;
break;
case GROUP:
previousGroupRole = role;
break;
default:
break;
}
}
}
// Process add / update before delete to avoid having a user without role
if (membership.getRoles() != null && !membership.getRoles().isEmpty()) {
Map<RoleScope, RoleEntity> roleEntities = new HashMap<>();
for (MemberRoleEntity item : membership.getRoles()) {
roleService.findByScopeAndName(item.getRoleScope(), item.getRoleName()).ifPresent(roleEntity -> roleEntities.put(item.getRoleScope(), roleEntity));
}
MemberEntity updatedMembership = null;
// Replace if new role to add
RoleEntity apiRoleEntity = roleEntities.get(RoleScope.API);
if (apiRoleEntity != null && !apiRoleEntity.equals(previousApiRole)) {
String roleName = apiRoleEntity.getName();
if (!hasPermission && groupEntity.isLockApiRole()) {
final List<RoleEntity> defaultRoles = roleService.findDefaultRoleByScopes(RoleScope.API);
if (defaultRoles != null && !defaultRoles.isEmpty()) {
roleName = defaultRoles.get(0).getName();
}
}
updatedMembership = membershipService.addRoleToMemberOnReference(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, group), new MembershipService.MembershipMember(membership.getId(), membership.getReference(), MembershipMemberType.USER), new MembershipService.MembershipRole(RoleScope.API, roleName));
if (previousApiRole != null) {
membershipService.removeRole(MembershipReferenceType.GROUP, group, MembershipMemberType.USER, updatedMembership.getId(), previousApiRole.getId());
}
if (previousApiRole != null && previousApiRole.getName().equals(SystemRole.PRIMARY_OWNER.name())) {
groupService.updateApiPrimaryOwner(group, null);
} else if (roleName.equals(SystemRole.PRIMARY_OWNER.name())) {
groupService.updateApiPrimaryOwner(group, updatedMembership.getId());
}
}
RoleEntity applicationRoleEntity = roleEntities.get(RoleScope.APPLICATION);
if (applicationRoleEntity != null && !applicationRoleEntity.equals(previousApplicationRole)) {
String roleName = applicationRoleEntity.getName();
if (!hasPermission && groupEntity.isLockApplicationRole()) {
final List<RoleEntity> defaultRoles = roleService.findDefaultRoleByScopes(RoleScope.APPLICATION);
if (defaultRoles != null && !defaultRoles.isEmpty()) {
roleName = defaultRoles.get(0).getName();
}
}
updatedMembership = membershipService.addRoleToMemberOnReference(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, group), new MembershipService.MembershipMember(membership.getId(), membership.getReference(), MembershipMemberType.USER), new MembershipService.MembershipRole(RoleScope.APPLICATION, roleName));
if (previousApplicationRole != null) {
membershipService.removeRole(MembershipReferenceType.GROUP, group, MembershipMemberType.USER, updatedMembership.getId(), previousApplicationRole.getId());
}
}
RoleEntity groupRoleEntity = roleEntities.get(RoleScope.GROUP);
if (groupRoleEntity != null && !groupRoleEntity.equals(previousGroupRole)) {
updatedMembership = membershipService.addRoleToMemberOnReference(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, group), new MembershipService.MembershipMember(membership.getId(), membership.getReference(), MembershipMemberType.USER), new MembershipService.MembershipRole(RoleScope.GROUP, groupRoleEntity.getName()));
if (previousGroupRole != null) {
membershipService.removeRole(MembershipReferenceType.GROUP, group, MembershipMemberType.USER, updatedMembership.getId(), previousGroupRole.getId());
}
}
// Delete if existing and new role is empty
if (apiRoleEntity == null && previousApiRole != null) {
membershipService.removeRole(MembershipReferenceType.GROUP, group, MembershipMemberType.USER, membership.getId(), previousApiRole.getId());
}
if (applicationRoleEntity == null && previousApplicationRole != null) {
membershipService.removeRole(MembershipReferenceType.GROUP, group, MembershipMemberType.USER, membership.getId(), previousApplicationRole.getId());
}
if (groupRoleEntity == null && previousGroupRole != null) {
membershipService.removeRole(MembershipReferenceType.GROUP, group, MembershipMemberType.USER, membership.getId(), previousGroupRole.getId());
}
// Send notification
if (previousApiRole == null && previousApplicationRole == null && previousGroupRole == null && updatedMembership != null) {
UserEntity userEntity = this.userService.findById(updatedMembership.getId());
Map<String, Object> params = new HashMap<>();
params.put("group", groupEntity);
params.put("user", userEntity);
this.notifierService.trigger(GROUP_INVITATION, params);
}
}
}
eventManager.publishEvent(ApplicationAlertEventType.APPLICATION_MEMBERSHIP_UPDATE, new ApplicationAlertMembershipEvent(Collections.emptySet(), Collections.singleton(group)));
return Response.ok().build();
}
Also used :
GROUP_INVITATION(io.gravitee.rest.api.service.notification.PortalHook.GROUP_INVITATION)
PagedResult(io.gravitee.rest.api.management.rest.model.PagedResult)
GroupMembersLimitationExceededException(io.gravitee.rest.api.service.exceptions.GroupMembersLimitationExceededException)
java.util(java.util)
Page(io.gravitee.common.data.domain.Page)
GraviteeContext(io.gravitee.rest.api.service.common.GraviteeContext)
ApplicationAlertEventType(io.gravitee.rest.api.model.alert.ApplicationAlertEventType)
RoleScope(io.gravitee.rest.api.model.permissions.RoleScope)
ApplicationAlertMembershipEvent(io.gravitee.rest.api.model.alert.ApplicationAlertMembershipEvent)
Inject(javax.inject.Inject)
Valid(javax.validation.Valid)
GroupMembership(io.gravitee.rest.api.management.rest.model.GroupMembership)
UserService(io.gravitee.rest.api.service.UserService)
io.gravitee.rest.api.model(io.gravitee.rest.api.model)
io.swagger.annotations(io.swagger.annotations)
NotifierService(io.gravitee.rest.api.service.NotifierService)
GroupInvitationForbiddenException(io.gravitee.rest.api.service.exceptions.GroupInvitationForbiddenException)
RolePermissionAction(io.gravitee.rest.api.model.permissions.RolePermissionAction)
GroupService(io.gravitee.rest.api.service.GroupService)
Context(javax.ws.rs.core.Context)
MembershipService(io.gravitee.rest.api.service.MembershipService)
SYSTEM(io.gravitee.rest.api.service.exceptions.GroupInvitationForbiddenException.Type.SYSTEM)
Pageable(io.gravitee.rest.api.management.rest.model.Pageable)
NotNull(javax.validation.constraints.NotNull)
Collectors(java.util.stream.Collectors)
Permission(io.gravitee.rest.api.management.rest.security.Permission)
Collectors.toList(java.util.stream.Collectors.toList)
MediaType(io.gravitee.common.http.MediaType)
ENVIRONMENT_GROUP(io.gravitee.rest.api.model.permissions.RolePermission.ENVIRONMENT_GROUP)
javax.ws.rs(javax.ws.rs)
Response(javax.ws.rs.core.Response)
EventManager(io.gravitee.common.event.EventManager)
ResourceContext(javax.ws.rs.container.ResourceContext)
ApplicationService(io.gravitee.rest.api.service.ApplicationService)
Permissions(io.gravitee.rest.api.management.rest.security.Permissions)
SystemRole(io.gravitee.rest.api.model.permissions.SystemRole)
RolePermission(io.gravitee.rest.api.model.permissions.RolePermission)
GroupMembership(io.gravitee.rest.api.management.rest.model.GroupMembership)
ApplicationAlertMembershipEvent(io.gravitee.rest.api.model.alert.ApplicationAlertMembershipEvent)
RoleScope(io.gravitee.rest.api.model.permissions.RoleScope)
GroupInvitationForbiddenException(io.gravitee.rest.api.service.exceptions.GroupInvitationForbiddenException)
Collectors.toList(java.util.stream.Collectors.toList)
GroupMembersLimitationExceededException(io.gravitee.rest.api.service.exceptions.GroupMembersLimitationExceededException)
Permissions(io.gravitee.rest.api.management.rest.security.Permissions)
Aggregations
ApplicationAlertMembershipEvent (io.gravitee.rest.api.model.alert.ApplicationAlertMembershipEvent)4
TechnicalException (io.gravitee.repository.exceptions.TechnicalException)2
io.gravitee.rest.api.model (io.gravitee.rest.api.model)2
UuidString (io.gravitee.rest.api.service.common.UuidString)2
Page (io.gravitee.common.data.domain.Page)1
EventManager (io.gravitee.common.event.EventManager)1
MediaType (io.gravitee.common.http.MediaType)1
ApiCriteria (io.gravitee.repository.management.api.search.ApiCriteria)1
GroupMembership (io.gravitee.rest.api.management.rest.model.GroupMembership)1
Pageable (io.gravitee.rest.api.management.rest.model.Pageable)1
PagedResult (io.gravitee.rest.api.management.rest.model.PagedResult)1
Permission (io.gravitee.rest.api.management.rest.security.Permission)1
Permissions (io.gravitee.rest.api.management.rest.security.Permissions)1
ApplicationAlertEventType (io.gravitee.rest.api.model.alert.ApplicationAlertEventType)1
RolePermission (io.gravitee.rest.api.model.permissions.RolePermission)1
ENVIRONMENT_GROUP (io.gravitee.rest.api.model.permissions.RolePermission.ENVIRONMENT_GROUP)1
RolePermissionAction (io.gravitee.rest.api.model.permissions.RolePermissionAction)1
RoleScope (io.gravitee.rest.api.model.permissions.RoleScope)1
SystemRole (io.gravitee.rest.api.model.permissions.SystemRole)1
ApplicationService (io.gravitee.rest.api.service.ApplicationService)1
