Examples with APIProductIdentifier org.wso2.carbon.apimgt.api.model.APIProductIdentifier used on opensource projects

Example 21 with APIProductIdentifier

use of org.wso2.carbon.apimgt.api.model.APIProductIdentifier in project carbon-apimgt by wso2.

the class APIProviderImpl method getAPIProductUsageByAPIProductId.

/**
 * Returns usage details of a particular API
 *
 * @param apiProductId API Product identifier
 * @return UserApplicationAPIUsages for given provider
 * @throws org.wso2.carbon.apimgt.api.APIManagementException If failed to get UserApplicationAPIUsage
 */
@Override
public List<SubscribedAPI> getAPIProductUsageByAPIProductId(APIProductIdentifier apiProductId) throws APIManagementException {
    APIProductIdentifier apiIdEmailReplaced = new APIProductIdentifier(APIUtil.replaceEmailDomain(apiProductId.getProviderName()), apiProductId.getName(), apiProductId.getVersion());
    UserApplicationAPIUsage[] allApiProductResult = apiMgtDAO.getAllAPIProductUsageByProvider(apiProductId.getProviderName());
    List<SubscribedAPI> subscribedAPIs = new ArrayList<>();
    for (UserApplicationAPIUsage usage : allApiProductResult) {
        for (SubscribedAPI apiSubscription : usage.getApiSubscriptions()) {
            APIProductIdentifier subsApiProductId = apiSubscription.getProductId();
            APIProductIdentifier subsApiProductIdEmailReplaced = new APIProductIdentifier(APIUtil.replaceEmailDomain(subsApiProductId.getProviderName()), subsApiProductId.getName(), subsApiProductId.getVersion());
            if (subsApiProductIdEmailReplaced.equals(apiIdEmailReplaced)) {
                subscribedAPIs.add(apiSubscription);
            }
        }
    }
    return subscribedAPIs;
}

Example 22 with APIProductIdentifier

use of org.wso2.carbon.apimgt.api.model.APIProductIdentifier in project carbon-apimgt by wso2.

the class APIProviderImpl method getAPIProductbyUUID.

public APIProduct getAPIProductbyUUID(String uuid, String organization) throws APIManagementException {
    try {
        Organization org = new Organization(organization);
        PublisherAPIProduct publisherAPIProduct = apiPersistenceInstance.getPublisherAPIProduct(org, uuid);
        if (publisherAPIProduct != null) {
            APIProduct product = APIProductMapper.INSTANCE.toApiProduct(publisherAPIProduct);
            product.setID(new APIProductIdentifier(publisherAPIProduct.getProviderName(), publisherAPIProduct.getApiProductName(), publisherAPIProduct.getVersion(), uuid));
            checkAccessControlPermission(userNameWithoutChange, product.getAccessControl(), product.getAccessControlRoles());
            populateRevisionInformation(product, uuid);
            populateAPIProductInformation(uuid, organization, product);
            populateAPIStatus(product);
            populateAPITier(product);
            return product;
        } else {
            String msg = "Failed to get API Product. API Product artifact corresponding to artifactId " + uuid + " does not exist";
            throw new APIMgtResourceNotFoundException(msg);
        }
    } catch (APIPersistenceException | OASPersistenceException | ParseException e) {
        String msg = "Failed to get API Product";
        throw new APIManagementException(msg, e);
    }
}

Example 23 with APIProductIdentifier

use of org.wso2.carbon.apimgt.api.model.APIProductIdentifier in project carbon-apimgt by wso2.

the class APIProviderImpl method deleteAPIProduct.

@Override
public void deleteAPIProduct(APIProductIdentifier identifier, String apiProductUUID, String organization) throws APIManagementException {
    if (StringUtils.isEmpty(apiProductUUID)) {
        if (identifier.getUUID() != null) {
            apiProductUUID = identifier.getUUID();
        } else {
            apiProductUUID = apiMgtDAO.getUUIDFromIdentifier(identifier, organization);
        }
    }
    APIProduct apiProduct = getAPIProductbyUUID(apiProductUUID, organization);
    apiProduct.setOrganization(organization);
    deleteAPIProduct(apiProduct);
}

Example 24 with APIProductIdentifier

use of org.wso2.carbon.apimgt.api.model.APIProductIdentifier in project carbon-apimgt by wso2.

the class APIProviderImpl method undeployAPIProductRevisionDeployment.

@Override
public void undeployAPIProductRevisionDeployment(String apiProductId, String apiRevisionId, List<APIRevisionDeployment> apiRevisionDeployments) throws APIManagementException {
    APIProductIdentifier apiProductIdentifier = APIUtil.getAPIProductIdentifierFromUUID(apiProductId);
    if (apiProductIdentifier == null) {
        throw new APIMgtResourceNotFoundException("Couldn't retrieve existing API Product with ID: " + apiProductId, ExceptionCodes.from(ExceptionCodes.API_NOT_FOUND, apiProductId));
    }
    APIRevision apiRevision = apiMgtDAO.getRevisionByRevisionUUID(apiRevisionId);
    if (apiRevision == null) {
        throw new APIMgtResourceNotFoundException("Couldn't retrieve existing API Revision with Revision UUID: " + apiRevisionId, ExceptionCodes.from(ExceptionCodes.API_REVISION_NOT_FOUND, apiRevisionId));
    }
    APIProduct product = getAPIProductbyUUID(apiRevisionId, tenantDomain);
    product.setUuid(apiProductId);
    Set<String> environmentsToRemove = new HashSet<>();
    for (APIRevisionDeployment apiRevisionDeployment : apiRevisionDeployments) {
        environmentsToRemove.add(apiRevisionDeployment.getDeployment());
    }
    product.setEnvironments(environmentsToRemove);
    removeFromGateway(product, tenantDomain, new HashSet<>(apiRevisionDeployments), Collections.emptySet());
    apiMgtDAO.removeAPIRevisionDeployment(apiRevisionId, apiRevisionDeployments);
    GatewayArtifactsMgtDAO.getInstance().removePublishedGatewayLabels(apiProductId, apiRevisionId);
}

Example 25 with APIProductIdentifier

use of org.wso2.carbon.apimgt.api.model.APIProductIdentifier in project carbon-apimgt by wso2.

the class APIProviderImpl method checkAccessControlPermission.

/* To check authorization of the API against current logged in user. If the user is not authorized an exception
     * will be thrown.
     *
     * @param identifier API identifier
     * @throws APIManagementException APIManagementException
     */
protected void checkAccessControlPermission(Identifier identifier) throws APIManagementException {
    if (identifier == null || !isAccessControlRestrictionEnabled) {
        if (!isAccessControlRestrictionEnabled && log.isDebugEnabled()) {
            log.debug("Publisher access control restriction is not enabled. Hence the API " + identifier + " can be editable and viewable by all the API publishers and creators.");
        }
        return;
    }
    String resourcePath = StringUtils.EMPTY;
    String identifierType = StringUtils.EMPTY;
    if (identifier instanceof APIIdentifier) {
        resourcePath = APIUtil.getAPIPath((APIIdentifier) identifier);
        identifierType = APIConstants.API_IDENTIFIER_TYPE;
    } else if (identifier instanceof APIProductIdentifier) {
        resourcePath = APIUtil.getAPIProductPath((APIProductIdentifier) identifier);
        identifierType = APIConstants.API_PRODUCT_IDENTIFIER_TYPE;
    }
    try {
        Registry sysRegistry = getRegistryService().getGovernanceSystemRegistry();
        // Need user name with tenant domain to get correct domain name from
        // MultitenantUtils.getTenantDomain(username)
        String userNameWithTenantDomain = (userNameWithoutChange != null) ? userNameWithoutChange : username;
        if (!sysRegistry.resourceExists(resourcePath)) {
            if (log.isDebugEnabled()) {
                log.debug("Resource does not exist in the path : " + resourcePath + " this can happen if this is in the " + "middle of the new " + identifierType + " creation, hence not checking the access control");
            }
            return;
        }
        Resource resource = sysRegistry.get(resourcePath);
        if (resource == null) {
            return;
        }
        String accessControlProperty = resource.getProperty(APIConstants.ACCESS_CONTROL);
        if (accessControlProperty == null || accessControlProperty.trim().isEmpty() || accessControlProperty.equalsIgnoreCase(APIConstants.NO_ACCESS_CONTROL)) {
            if (log.isDebugEnabled()) {
                log.debug(identifierType + " in the path  " + resourcePath + " does not have any access control restriction");
            }
            return;
        }
        if (APIUtil.hasPermission(userNameWithTenantDomain, APIConstants.Permissions.APIM_ADMIN)) {
            return;
        }
        String publisherAccessControlRoles = resource.getProperty(APIConstants.DISPLAY_PUBLISHER_ROLES);
        if (publisherAccessControlRoles != null && !publisherAccessControlRoles.trim().isEmpty()) {
            String[] accessControlRoleList = publisherAccessControlRoles.replaceAll("\\s+", "").split(",");
            if (log.isDebugEnabled()) {
                log.debug(identifierType + " has restricted access to creators and publishers with the roles : " + Arrays.toString(accessControlRoleList));
            }
            String[] userRoleList = APIUtil.getListOfRoles(userNameWithTenantDomain);
            if (log.isDebugEnabled()) {
                log.debug("User " + username + " has roles " + Arrays.toString(userRoleList));
            }
            for (String role : accessControlRoleList) {
                if (!role.equalsIgnoreCase(APIConstants.NULL_USER_ROLE_LIST) && APIUtil.compareRoleList(userRoleList, role)) {
                    return;
                }
            }
            if (log.isDebugEnabled()) {
                log.debug(identifierType + " " + identifier + " cannot be accessed by user '" + username + "'. It " + "has a publisher access control restriction");
            }
            throw new APIManagementException(APIConstants.UN_AUTHORIZED_ERROR_MESSAGE + " view or modify the " + identifierType + " " + identifier);
        }
    } catch (RegistryException e) {
        throw new APIManagementException("Registry Exception while trying to check the access control restriction of " + identifierType + " " + identifier.getName(), e);
    }
}