Search in sources :

Example 1 with RolePermissionMapping

use of io.jans.as.model.config.adminui.RolePermissionMapping in project jans by JanssenProject.

the class UserManagementService method addPermissionsToRole.

public List<RolePermissionMapping> addPermissionsToRole(RolePermissionMapping rolePermissionMappingArg) throws ApplicationException {
    try {
        AdminConf adminConf = entryManager.find(AdminConf.class, CONFIG_DN);
        List<RolePermissionMapping> roleScopeMappingList = getRolePermMapByRole(adminConf, rolePermissionMappingArg);
        if (CollectionUtils.isNotEmpty(roleScopeMappingList)) {
            log.warn(ErrorResponse.ROLE_PERMISSION_MAPPING_PRESENT.getDescription());
            throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.ROLE_PERMISSION_MAPPING_PRESENT.getDescription());
        }
        // create new RolePermissionMapping
        RolePermissionMapping rolePermissionMapping = new RolePermissionMapping();
        // add role to it
        rolePermissionMapping.setRole(rolePermissionMappingArg.getRole());
        // remove duplicate permissions
        Set<String> scopesSet = new LinkedHashSet<>(rolePermissionMappingArg.getPermissions());
        List<String> combinedScopes = new ArrayList<>(scopesSet);
        rolePermissionMapping.setPermissions(combinedScopes);
        // add permission
        roleScopeMappingList.add(rolePermissionMapping);
        adminConf.getDynamic().getRolePermissionMapping().addAll(roleScopeMappingList);
        entryManager.merge(adminConf);
        return adminConf.getDynamic().getRolePermissionMapping();
    } catch (ApplicationException e) {
        log.error(ErrorResponse.ERROR_IN_MAPPING_ROLE_PERMISSION.getDescription());
        throw e;
    } catch (Exception e) {
        log.error(ErrorResponse.ERROR_IN_MAPPING_ROLE_PERMISSION.getDescription(), e);
        throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.ERROR_IN_MAPPING_ROLE_PERMISSION.getDescription());
    }
}
Also used : RolePermissionMapping(io.jans.as.model.config.adminui.RolePermissionMapping) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) AdminConf(io.jans.as.model.config.adminui.AdminConf) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException)

Example 2 with RolePermissionMapping

use of io.jans.as.model.config.adminui.RolePermissionMapping in project jans by JanssenProject.

the class UserManagementService method deleteRole.

public List<AdminRole> deleteRole(String role) throws ApplicationException {
    try {
        AdminConf adminConf = entryManager.find(AdminConf.class, CONFIG_DN);
        List<RolePermissionMapping> roleScopeMapping = adminConf.getDynamic().getRolePermissionMapping().stream().filter(ele -> ele.getRole().equalsIgnoreCase(role)).collect(Collectors.toList());
        if (!roleScopeMapping.isEmpty()) {
            Optional<RolePermissionMapping> rolePermissionMappingOptional = roleScopeMapping.stream().findAny();
            List<String> permissions = Lists.newArrayList();
            if (rolePermissionMappingOptional.isPresent()) {
                permissions = rolePermissionMappingOptional.get().getPermissions();
            }
            if (!permissions.isEmpty()) {
                log.error(ErrorResponse.UNABLE_TO_DELETE_ROLE_MAPPED_TO_PERMISSIONS.getDescription());
                throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.UNABLE_TO_DELETE_ROLE_MAPPED_TO_PERMISSIONS.getDescription());
            }
        }
        List<AdminRole> roles = adminConf.getDynamic().getRoles();
        if (isFalse(getRoleObjByName(role).getDeletable())) {
            log.error(ErrorResponse.ROLE_MARKED_UNDELETABLE.getDescription());
            throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.ROLE_MARKED_UNDELETABLE.getDescription());
        }
        roles.removeIf(ele -> ele.getRole().equals(role));
        adminConf.getDynamic().setRoles(roles);
        entryManager.merge(adminConf);
        return adminConf.getDynamic().getRoles();
    } catch (ApplicationException e) {
        log.error(ErrorResponse.DELETE_ADMIUI_ROLES_ERROR.getDescription());
        throw e;
    } catch (Exception e) {
        log.error(ErrorResponse.DELETE_ADMIUI_ROLES_ERROR.getDescription(), e);
        throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.DELETE_ADMIUI_ROLES_ERROR.getDescription());
    }
}
Also used : java.util(java.util) Logger(org.slf4j.Logger) AdminPermission(io.jans.as.model.config.adminui.AdminPermission) Singleton(javax.inject.Singleton) PersistenceEntryManager(io.jans.orm.PersistenceEntryManager) Collectors(java.util.stream.Collectors) AdminRole(io.jans.as.model.config.adminui.AdminRole) ErrorResponse(io.jans.ca.plugin.adminui.utils.ErrorResponse) AdminConf(io.jans.as.model.config.adminui.AdminConf) Inject(javax.inject.Inject) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) Response(javax.ws.rs.core.Response) CollectionUtils(org.apache.commons.collections.CollectionUtils) RolePermissionMapping(io.jans.as.model.config.adminui.RolePermissionMapping) Lists(com.google.api.client.util.Lists) RolePermissionMapping(io.jans.as.model.config.adminui.RolePermissionMapping) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) AdminConf(io.jans.as.model.config.adminui.AdminConf) AdminRole(io.jans.as.model.config.adminui.AdminRole) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException)

Example 3 with RolePermissionMapping

use of io.jans.as.model.config.adminui.RolePermissionMapping in project jans by JanssenProject.

the class UserManagementService method mapPermissionsToRole.

public List<RolePermissionMapping> mapPermissionsToRole(RolePermissionMapping rolePermissionMappingArg) throws ApplicationException {
    try {
        AdminConf adminConf = entryManager.find(AdminConf.class, CONFIG_DN);
        List<RolePermissionMapping> roleScopeMappingList = getRolePermMapByRole(adminConf, rolePermissionMappingArg);
        if (roleScopeMappingList == null || roleScopeMappingList.isEmpty()) {
            RolePermissionMapping rolePermissionMapping = new RolePermissionMapping();
            rolePermissionMapping.setRole(rolePermissionMappingArg.getRole());
            roleScopeMappingList = Lists.newArrayList();
            roleScopeMappingList.add(rolePermissionMapping);
        }
        // remove duplicate permissions
        Set<String> scopesSet = new LinkedHashSet<>(rolePermissionMappingArg.getPermissions());
        List<String> combinedScopes = new ArrayList<>(scopesSet);
        if (adminConf.getDynamic().getRolePermissionMapping().stream().anyMatch(ele -> ele.getRole().equalsIgnoreCase(rolePermissionMappingArg.getRole()))) {
            adminConf.getDynamic().getRolePermissionMapping().stream().filter(ele -> ele.getRole().equalsIgnoreCase(rolePermissionMappingArg.getRole())).collect(Collectors.toList()).forEach(ele -> ele.setPermissions(combinedScopes));
        } else {
            roleScopeMappingList.forEach(ele -> ele.setPermissions(combinedScopes));
            adminConf.getDynamic().getRolePermissionMapping().addAll(roleScopeMappingList);
        }
        entryManager.merge(adminConf);
        return adminConf.getDynamic().getRolePermissionMapping();
    } catch (ApplicationException e) {
        log.error(ErrorResponse.ERROR_IN_MAPPING_ROLE_PERMISSION.getDescription());
        throw e;
    } catch (Exception e) {
        log.error(ErrorResponse.ERROR_IN_MAPPING_ROLE_PERMISSION.getDescription(), e);
        throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.ERROR_IN_MAPPING_ROLE_PERMISSION.getDescription());
    }
}
Also used : RolePermissionMapping(io.jans.as.model.config.adminui.RolePermissionMapping) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) AdminConf(io.jans.as.model.config.adminui.AdminConf) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException)

Example 4 with RolePermissionMapping

use of io.jans.as.model.config.adminui.RolePermissionMapping in project jans by JanssenProject.

the class UserManagementService method removePermissionsFromRole.

public List<RolePermissionMapping> removePermissionsFromRole(RolePermissionMapping rolePermissionMappingArg) throws ApplicationException {
    try {
        AdminConf adminConf = entryManager.find(AdminConf.class, CONFIG_DN);
        if (isFalse(getRoleObjByName(rolePermissionMappingArg.getRole()).getDeletable())) {
            log.error(ErrorResponse.ROLE_MARKED_UNDELETABLE.getDescription());
            throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.ROLE_MARKED_UNDELETABLE.getDescription());
        }
        List<RolePermissionMapping> roleScopeMapping = adminConf.getDynamic().getRolePermissionMapping().stream().filter(ele -> !ele.getRole().equalsIgnoreCase(rolePermissionMappingArg.getRole())).collect(Collectors.toList());
        adminConf.getDynamic().setRolePermissionMapping(roleScopeMapping);
        entryManager.merge(adminConf);
        return adminConf.getDynamic().getRolePermissionMapping();
    } catch (ApplicationException e) {
        log.error(ErrorResponse.ERROR_IN_DELETING_ROLE_PERMISSION.getDescription());
        throw e;
    } catch (Exception e) {
        log.error(ErrorResponse.ERROR_IN_DELETING_ROLE_PERMISSION.getDescription(), e);
        throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.ERROR_IN_DELETING_ROLE_PERMISSION.getDescription());
    }
}
Also used : java.util(java.util) Logger(org.slf4j.Logger) AdminPermission(io.jans.as.model.config.adminui.AdminPermission) Singleton(javax.inject.Singleton) PersistenceEntryManager(io.jans.orm.PersistenceEntryManager) Collectors(java.util.stream.Collectors) AdminRole(io.jans.as.model.config.adminui.AdminRole) ErrorResponse(io.jans.ca.plugin.adminui.utils.ErrorResponse) AdminConf(io.jans.as.model.config.adminui.AdminConf) Inject(javax.inject.Inject) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) Response(javax.ws.rs.core.Response) CollectionUtils(org.apache.commons.collections.CollectionUtils) RolePermissionMapping(io.jans.as.model.config.adminui.RolePermissionMapping) Lists(com.google.api.client.util.Lists) RolePermissionMapping(io.jans.as.model.config.adminui.RolePermissionMapping) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) AdminConf(io.jans.as.model.config.adminui.AdminConf) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException)

Aggregations

AdminConf (io.jans.as.model.config.adminui.AdminConf)4 RolePermissionMapping (io.jans.as.model.config.adminui.RolePermissionMapping)4 ApplicationException (io.jans.ca.plugin.adminui.model.exception.ApplicationException)4 Lists (com.google.api.client.util.Lists)2 AdminPermission (io.jans.as.model.config.adminui.AdminPermission)2 AdminRole (io.jans.as.model.config.adminui.AdminRole)2 ErrorResponse (io.jans.ca.plugin.adminui.utils.ErrorResponse)2 PersistenceEntryManager (io.jans.orm.PersistenceEntryManager)2 java.util (java.util)2 Collectors (java.util.stream.Collectors)2 Inject (javax.inject.Inject)2 Singleton (javax.inject.Singleton)2 Response (javax.ws.rs.core.Response)2 CollectionUtils (org.apache.commons.collections.CollectionUtils)2 Logger (org.slf4j.Logger)2