Examples with ResourcePath org.wso2.carbon.apimgt.api.model.ResourcePath used on opensource projects

Example 26 with ResourcePath

use of org.wso2.carbon.apimgt.api.model.ResourcePath in project carbon-apimgt by wso2.

the class AbstractAPIManagerTestCase method testGetAllWsdls.

@Test
public void testGetAllWsdls() throws RegistryException, APIManagementException {
    AbstractAPIManager abstractAPIManager = new AbstractAPIManagerWrapper(registry);
    Collection parentCollection = new CollectionImpl();
    String wsdlResourcepath = APIConstants.API_WSDL_RESOURCE;
    String resourcePath = wsdlResourcepath + "/wsdl1";
    parentCollection.setChildren(new String[] { resourcePath });
    Mockito.when(registry.get(wsdlResourcepath)).thenReturn(parentCollection);
    Resource resource = new ResourceImpl();
    Mockito.when(registry.get(resourcePath)).thenThrow(RegistryException.class).thenReturn(resource);
    Mockito.when(registry.resourceExists(wsdlResourcepath)).thenReturn(true);
    try {
        abstractAPIManager.getAllWsdls();
        Assert.fail("Exception not thrown for error scenario");
    } catch (APIManagementException e) {
        Assert.assertTrue(e.getMessage().contains("Failed to get wsdl list"));
    }
    resource.setUUID(SAMPLE_RESOURCE_ID);
    List<Wsdl> wsdls = abstractAPIManager.getAllWsdls();
    Assert.assertNotNull(wsdls);
    Assert.assertEquals(wsdls.size(), 1);
}

Example 27 with ResourcePath

use of org.wso2.carbon.apimgt.api.model.ResourcePath in project carbon-apimgt by wso2.

the class AbstractAPIManagerTestCase method testGetAllGlobalMediationPolicies.

@Test
public void testGetAllGlobalMediationPolicies() throws RegistryException, APIManagementException, IOException, XMLStreamException {
    AbstractAPIManager abstractAPIManager = new AbstractAPIManagerWrapper(registry);
    Collection parentCollection = new CollectionImpl();
    String mediationResourcePath = APIConstants.API_CUSTOM_SEQUENCE_LOCATION;
    String childCollectionPath = mediationResourcePath + "/testMediation";
    parentCollection.setChildren(new String[] { childCollectionPath });
    Mockito.when(registry.get(mediationResourcePath)).thenReturn(parentCollection);
    Collection childCollection = new CollectionImpl();
    String resourcePath = childCollectionPath + "/policy1";
    childCollection.setChildren(new String[] { resourcePath });
    Mockito.when(registry.get(childCollectionPath)).thenReturn(childCollection);
    Resource resource = new ResourceImpl();
    resource.setUUID(SAMPLE_RESOURCE_ID);
    Mockito.when(registry.get(resourcePath)).thenReturn(resource);
    try {
        abstractAPIManager.getAllGlobalMediationPolicies();
    } catch (APIManagementException e) {
        Assert.assertTrue(e.getMessage().contains("Failed to get global mediation policies"));
    }
    String mediationPolicyContent = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sequence xmlns=\"http://ws.apache.org/ns/synapse\" name=\"default-endpoint\">\n</sequence>";
    resource.setContent(mediationPolicyContent);
    List<Mediation> policies = abstractAPIManager.getAllGlobalMediationPolicies();
    Assert.assertNotNull(policies);
    Assert.assertEquals(policies.size(), 1);
    PowerMockito.mockStatic(IOUtils.class);
    PowerMockito.mockStatic(AXIOMUtil.class);
    PowerMockito.when(IOUtils.toString((InputStream) Mockito.any(), Mockito.anyString())).thenThrow(IOException.class).thenReturn(mediationPolicyContent);
    PowerMockito.when(AXIOMUtil.stringToOM(Mockito.anyString())).thenThrow(XMLStreamException.class);
    // cover the logged only exceptions
    abstractAPIManager.getAllGlobalMediationPolicies();
    // cover the logged only exceptions
    abstractAPIManager.getAllGlobalMediationPolicies();
}

Example 28 with ResourcePath

use of org.wso2.carbon.apimgt.api.model.ResourcePath in project carbon-apimgt by wso2.

the class AbstractAPIManagerTestCase method testUploadWsdl.

@Test
public void testUploadWsdl() throws RegistryException, APIManagementException {
    AbstractAPIManager abstractAPIManager = new AbstractAPIManagerWrapper(registry);
    Resource resource = new ResourceImpl();
    String resourcePath = "/test/wsdl";
    String wsdlContent = "sample wsdl";
    Resource resourceMock = Mockito.mock(Resource.class);
    resourceMock.setContent(wsdlContent);
    resourceMock.setMediaType(String.valueOf(ContentType.APPLICATION_XML));
    Mockito.when(registry.newResource()).thenReturn(resource);
    Mockito.doThrow(RegistryException.class).doReturn(resourcePath).when(registry).put(resourcePath, resource);
    try {
        abstractAPIManager.uploadWsdl(resourcePath, wsdlContent);
        Assert.fail("Exception not thrown for error scenario");
    } catch (APIManagementException e) {
        Assert.assertTrue(e.getMessage().contains("Error while uploading wsdl to from the registry"));
    }
    abstractAPIManager.uploadWsdl(resourcePath, wsdlContent);
    Mockito.verify(registry, Mockito.atLeastOnce()).put(resourcePath, resource);
}

Example 29 with ResourcePath

use of org.wso2.carbon.apimgt.api.model.ResourcePath in project carbon-apimgt by wso2.

the class APIProviderImpl method getAuthorizedRoles.

private String[] getAuthorizedRoles(String artifactPath) throws UserStoreException {
    String resourcePath = RegistryUtils.getAbsolutePath(RegistryContext.getBaseInstance(), APIUtil.getMountedPath(RegistryContext.getBaseInstance(), RegistryConstants.GOVERNANCE_REGISTRY_BASE_PATH) + artifactPath);
    if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
        int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain);
        AuthorizationManager authManager = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getAuthorizationManager();
        return authManager.getAllowedRolesForResource(resourcePath, ActionConstants.GET);
    } else {
        RegistryAuthorizationManager authorizationManager = new RegistryAuthorizationManager(ServiceReferenceHolder.getUserRealm());
        return authorizationManager.getAllowedRolesForResource(resourcePath, ActionConstants.GET);
    }
}

Example 30 with ResourcePath

use of org.wso2.carbon.apimgt.api.model.ResourcePath in project carbon-apimgt by wso2.

the class APIProviderImpl method checkAccessControlPermission.

/* To check authorization of the API against current logged in user. If the user is not authorized an exception
     * will be thrown.
     *
     * @param identifier API identifier
     * @throws APIManagementException APIManagementException
     */
protected void checkAccessControlPermission(Identifier identifier) throws APIManagementException {
    if (identifier == null || !isAccessControlRestrictionEnabled) {
        if (!isAccessControlRestrictionEnabled && log.isDebugEnabled()) {
            log.debug("Publisher access control restriction is not enabled. Hence the API " + identifier + " can be editable and viewable by all the API publishers and creators.");
        }
        return;
    }
    String resourcePath = StringUtils.EMPTY;
    String identifierType = StringUtils.EMPTY;
    if (identifier instanceof APIIdentifier) {
        resourcePath = APIUtil.getAPIPath((APIIdentifier) identifier);
        identifierType = APIConstants.API_IDENTIFIER_TYPE;
    } else if (identifier instanceof APIProductIdentifier) {
        resourcePath = APIUtil.getAPIProductPath((APIProductIdentifier) identifier);
        identifierType = APIConstants.API_PRODUCT_IDENTIFIER_TYPE;
    }
    try {
        Registry sysRegistry = getRegistryService().getGovernanceSystemRegistry();
        // Need user name with tenant domain to get correct domain name from
        // MultitenantUtils.getTenantDomain(username)
        String userNameWithTenantDomain = (userNameWithoutChange != null) ? userNameWithoutChange : username;
        if (!sysRegistry.resourceExists(resourcePath)) {
            if (log.isDebugEnabled()) {
                log.debug("Resource does not exist in the path : " + resourcePath + " this can happen if this is in the " + "middle of the new " + identifierType + " creation, hence not checking the access control");
            }
            return;
        }
        Resource resource = sysRegistry.get(resourcePath);
        if (resource == null) {
            return;
        }
        String accessControlProperty = resource.getProperty(APIConstants.ACCESS_CONTROL);
        if (accessControlProperty == null || accessControlProperty.trim().isEmpty() || accessControlProperty.equalsIgnoreCase(APIConstants.NO_ACCESS_CONTROL)) {
            if (log.isDebugEnabled()) {
                log.debug(identifierType + " in the path  " + resourcePath + " does not have any access control restriction");
            }
            return;
        }
        if (APIUtil.hasPermission(userNameWithTenantDomain, APIConstants.Permissions.APIM_ADMIN)) {
            return;
        }
        String publisherAccessControlRoles = resource.getProperty(APIConstants.DISPLAY_PUBLISHER_ROLES);
        if (publisherAccessControlRoles != null && !publisherAccessControlRoles.trim().isEmpty()) {
            String[] accessControlRoleList = publisherAccessControlRoles.replaceAll("\\s+", "").split(",");
            if (log.isDebugEnabled()) {
                log.debug(identifierType + " has restricted access to creators and publishers with the roles : " + Arrays.toString(accessControlRoleList));
            }
            String[] userRoleList = APIUtil.getListOfRoles(userNameWithTenantDomain);
            if (log.isDebugEnabled()) {
                log.debug("User " + username + " has roles " + Arrays.toString(userRoleList));
            }
            for (String role : accessControlRoleList) {
                if (!role.equalsIgnoreCase(APIConstants.NULL_USER_ROLE_LIST) && APIUtil.compareRoleList(userRoleList, role)) {
                    return;
                }
            }
            if (log.isDebugEnabled()) {
                log.debug(identifierType + " " + identifier + " cannot be accessed by user '" + username + "'. It " + "has a publisher access control restriction");
            }
            throw new APIManagementException(APIConstants.UN_AUTHORIZED_ERROR_MESSAGE + " view or modify the " + identifierType + " " + identifier);
        }
    } catch (RegistryException e) {
        throw new APIManagementException("Registry Exception while trying to check the access control restriction of " + identifierType + " " + identifier.getName(), e);
    }
}