Search in sources :

Example 1 with TierPermission

use of org.wso2.carbon.apimgt.api.model.TierPermission in project carbon-apimgt by wso2.

the class ApiMgtDAO method getThrottleTierPermission.

public TierPermissionDTO getThrottleTierPermission(String tierName, int tenantId) throws APIManagementException {
    Connection conn = null;
    PreparedStatement ps = null;
    ResultSet resultSet = null;
    TierPermissionDTO tierPermission = null;
    try {
        String getTierPermissionQuery = SQLConstants.GET_THROTTLE_TIER_PERMISSION_SQL;
        conn = APIMgtDBUtil.getConnection();
        ps = conn.prepareStatement(getTierPermissionQuery);
        ps.setString(1, tierName);
        ps.setInt(2, tenantId);
        resultSet = ps.executeQuery();
        while (resultSet.next()) {
            tierPermission = new TierPermissionDTO();
            tierPermission.setTierName(tierName);
            tierPermission.setPermissionType(resultSet.getString("PERMISSIONS_TYPE"));
            String roles = resultSet.getString("ROLES");
            if (roles != null) {
                String[] roleList = roles.split(",");
                tierPermission.setRoles(roleList);
            }
        }
    } catch (SQLException e) {
        handleException("Failed to get Tier permission information for Tier " + tierName, e);
    } finally {
        APIMgtDBUtil.closeAllConnections(ps, conn, resultSet);
    }
    return tierPermission;
}
Also used : TierPermissionDTO(org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO) SQLException(java.sql.SQLException) Connection(java.sql.Connection) ResultSet(java.sql.ResultSet) PreparedStatement(java.sql.PreparedStatement)

Example 2 with TierPermission

use of org.wso2.carbon.apimgt.api.model.TierPermission in project carbon-apimgt by wso2.

the class APIConsumerImpl method getTierPermissions.

@Override
public Set<TierPermission> getTierPermissions() throws APIManagementException {
    Set<TierPermission> tierPermissions = new HashSet<TierPermission>();
    if (tenantId != 0) {
        Set<TierPermissionDTO> tierPermissionDtos = apiMgtDAO.getThrottleTierPermissions(tenantId);
        for (TierPermissionDTO tierDto : tierPermissionDtos) {
            TierPermission tierPermission = new TierPermission(tierDto.getTierName());
            tierPermission.setRoles(tierDto.getRoles());
            tierPermission.setPermissionType(tierDto.getPermissionType());
            tierPermissions.add(tierPermission);
        }
    }
    return tierPermissions;
}
Also used : TierPermissionDTO(org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO) TierPermission(org.wso2.carbon.apimgt.api.model.TierPermission) LinkedHashSet(java.util.LinkedHashSet) HashSet(java.util.HashSet)

Example 3 with TierPermission

use of org.wso2.carbon.apimgt.api.model.TierPermission in project carbon-apimgt by wso2.

the class APIConsumerImpl method getDeniedTiers.

/**
 * Returns a list of tiers denied
 * @param apiProviderTenantId tenant id of API provider
 * @return Set<Tier>
 */
@Override
public Set<String> getDeniedTiers(int apiProviderTenantId) throws APIManagementException {
    Set<String> deniedTiers = new HashSet<String>();
    String[] currentUserRoles;
    Set<TierPermissionDTO> tierPermissions = apiMgtDAO.getThrottleTierPermissions(apiProviderTenantId);
    if (apiProviderTenantId == 0) {
        apiProviderTenantId = tenantId;
    }
    if (apiProviderTenantId != 0) {
        if (APIUtil.isOnPremResolver()) {
            if (tenantId != apiProviderTenantId) {
                // therefore any POLICY that have a permission attached marked as deny policy.
                for (TierPermissionDTO tierPermission : tierPermissions) {
                    deniedTiers.add(tierPermission.getTierName());
                }
                return deniedTiers;
            }
        }
        /* Get the roles of the Current User */
        String userName = (userNameWithoutChange != null) ? userNameWithoutChange : username;
        currentUserRoles = APIUtil.getListOfRoles(userName);
        for (TierPermissionDTO tierPermission : tierPermissions) {
            String type = tierPermission.getPermissionType();
            List<String> currentRolesList = new ArrayList<String>(Arrays.asList(currentUserRoles));
            String[] rolesList = tierPermission.getRoles();
            List<String> roles = new ArrayList<>();
            if (rolesList != null) {
                roles = new ArrayList<>(Arrays.asList(rolesList));
            }
            currentRolesList.retainAll(roles);
            if (APIConstants.TIER_PERMISSION_ALLOW.equals(type)) {
                /* Current User is not allowed for this Tier*/
                if (currentRolesList.isEmpty()) {
                    deniedTiers.add(tierPermission.getTierName());
                }
            } else {
                /* Current User is denied for this Tier*/
                if (currentRolesList.size() > 0) {
                    deniedTiers.add(tierPermission.getTierName());
                }
            }
        }
    }
    return deniedTiers;
}
Also used : TierPermissionDTO(org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO) ArrayList(java.util.ArrayList) LinkedHashSet(java.util.LinkedHashSet) HashSet(java.util.HashSet)

Example 4 with TierPermission

use of org.wso2.carbon.apimgt.api.model.TierPermission in project carbon-apimgt by wso2.

the class ThrottlingPolicyMappingUtil method setTierPermissions.

/**
 * Fills the tier information on TierDTO
 *
 * @param throttlingPolicyDTO Object Containing throttling policy DTOs
 * @param throttlingPolicy    Throttling Policy object
 * @return ThrottlingPolicyDTO with permission info
 */
public static ThrottlingPolicyDTO setTierPermissions(ThrottlingPolicyDTO throttlingPolicyDTO, Tier throttlingPolicy) {
    ThrottlingPolicyPermissionInfoDTO tierPermission = new ThrottlingPolicyPermissionInfoDTO();
    // If no permission found for the tier, the default permission will be applied
    if (throttlingPolicy.getTierPermission() == null || throttlingPolicy.getTierPermission().getPermissionType() == null) {
        tierPermission.setType(ThrottlingPolicyPermissionInfoDTO.TypeEnum.valueOf("ALLOW"));
        List<String> roles = new ArrayList<>();
        roles.add("Internal/everyone");
        tierPermission.setRoles(roles);
    } else {
        String permissionType = throttlingPolicy.getTierPermission().getPermissionType();
        tierPermission.setType(ThrottlingPolicyPermissionInfoDTO.TypeEnum.valueOf(permissionType.toUpperCase()));
        tierPermission.setRoles(Arrays.asList(throttlingPolicy.getTierPermission().getRoles()));
    }
    throttlingPolicyDTO.setThrottlingPolicyPermissions(tierPermission);
    return throttlingPolicyDTO;
}
Also used : ArrayList(java.util.ArrayList) ThrottlingPolicyPermissionInfoDTO(org.wso2.carbon.apimgt.rest.api.store.v1.dto.ThrottlingPolicyPermissionInfoDTO)

Example 5 with TierPermission

use of org.wso2.carbon.apimgt.api.model.TierPermission in project carbon-apimgt by wso2.

the class ApiMgtDAO method getTierPermissions.

public Set<TierPermissionDTO> getTierPermissions(int tenantId) throws APIManagementException {
    Connection conn = null;
    PreparedStatement ps = null;
    ResultSet resultSet = null;
    Set<TierPermissionDTO> tierPermissions = new HashSet<TierPermissionDTO>();
    try {
        String getTierPermissionQuery = SQLConstants.GET_TIER_PERMISSIONS_SQL;
        conn = APIMgtDBUtil.getConnection();
        ps = conn.prepareStatement(getTierPermissionQuery);
        ps.setInt(1, tenantId);
        resultSet = ps.executeQuery();
        while (resultSet.next()) {
            TierPermissionDTO tierPermission = new TierPermissionDTO();
            tierPermission.setTierName(resultSet.getString("TIER"));
            tierPermission.setPermissionType(resultSet.getString("PERMISSIONS_TYPE"));
            String roles = resultSet.getString("ROLES");
            if (roles != null && !roles.isEmpty()) {
                String[] roleList = roles.split(",");
                tierPermission.setRoles(roleList);
            }
            tierPermissions.add(tierPermission);
        }
    } catch (SQLException e) {
        handleException("Failed to get Tier permission information ", e);
    } finally {
        APIMgtDBUtil.closeAllConnections(ps, conn, resultSet);
    }
    return tierPermissions;
}
Also used : TierPermissionDTO(org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO) SQLException(java.sql.SQLException) Connection(java.sql.Connection) ResultSet(java.sql.ResultSet) PreparedStatement(java.sql.PreparedStatement) LinkedHashSet(java.util.LinkedHashSet) HashSet(java.util.HashSet)

Aggregations

TierPermissionDTO (org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO)7 Connection (java.sql.Connection)4 PreparedStatement (java.sql.PreparedStatement)4 ResultSet (java.sql.ResultSet)4 SQLException (java.sql.SQLException)4 ArrayList (java.util.ArrayList)4 HashSet (java.util.HashSet)4 LinkedHashSet (java.util.LinkedHashSet)4 TierPermission (org.wso2.carbon.apimgt.api.model.TierPermission)2 Tier (org.wso2.carbon.apimgt.api.model.Tier)1 ThrottlingPolicyPermissionInfoDTO (org.wso2.carbon.apimgt.rest.api.store.v1.dto.ThrottlingPolicyPermissionInfoDTO)1 UserRegistry (org.wso2.carbon.registry.core.session.UserRegistry)1 UserStoreException (org.wso2.carbon.user.api.UserStoreException)1