use of org.wso2.carbon.apimgt.api.model.TierPermission in project carbon-apimgt by wso2.
the class ApiMgtDAO method getThrottleTierPermission.
public TierPermissionDTO getThrottleTierPermission(String tierName, int tenantId) throws APIManagementException {
Connection conn = null;
PreparedStatement ps = null;
ResultSet resultSet = null;
TierPermissionDTO tierPermission = null;
try {
String getTierPermissionQuery = SQLConstants.GET_THROTTLE_TIER_PERMISSION_SQL;
conn = APIMgtDBUtil.getConnection();
ps = conn.prepareStatement(getTierPermissionQuery);
ps.setString(1, tierName);
ps.setInt(2, tenantId);
resultSet = ps.executeQuery();
while (resultSet.next()) {
tierPermission = new TierPermissionDTO();
tierPermission.setTierName(tierName);
tierPermission.setPermissionType(resultSet.getString("PERMISSIONS_TYPE"));
String roles = resultSet.getString("ROLES");
if (roles != null) {
String[] roleList = roles.split(",");
tierPermission.setRoles(roleList);
}
}
} catch (SQLException e) {
handleException("Failed to get Tier permission information for Tier " + tierName, e);
} finally {
APIMgtDBUtil.closeAllConnections(ps, conn, resultSet);
}
return tierPermission;
}
use of org.wso2.carbon.apimgt.api.model.TierPermission in project carbon-apimgt by wso2.
the class APIConsumerImpl method getTierPermissions.
@Override
public Set<TierPermission> getTierPermissions() throws APIManagementException {
Set<TierPermission> tierPermissions = new HashSet<TierPermission>();
if (tenantId != 0) {
Set<TierPermissionDTO> tierPermissionDtos = apiMgtDAO.getThrottleTierPermissions(tenantId);
for (TierPermissionDTO tierDto : tierPermissionDtos) {
TierPermission tierPermission = new TierPermission(tierDto.getTierName());
tierPermission.setRoles(tierDto.getRoles());
tierPermission.setPermissionType(tierDto.getPermissionType());
tierPermissions.add(tierPermission);
}
}
return tierPermissions;
}
use of org.wso2.carbon.apimgt.api.model.TierPermission in project carbon-apimgt by wso2.
the class APIConsumerImpl method getDeniedTiers.
/**
* Returns a list of tiers denied
* @param apiProviderTenantId tenant id of API provider
* @return Set<Tier>
*/
@Override
public Set<String> getDeniedTiers(int apiProviderTenantId) throws APIManagementException {
Set<String> deniedTiers = new HashSet<String>();
String[] currentUserRoles;
Set<TierPermissionDTO> tierPermissions = apiMgtDAO.getThrottleTierPermissions(apiProviderTenantId);
if (apiProviderTenantId == 0) {
apiProviderTenantId = tenantId;
}
if (apiProviderTenantId != 0) {
if (APIUtil.isOnPremResolver()) {
if (tenantId != apiProviderTenantId) {
// therefore any POLICY that have a permission attached marked as deny policy.
for (TierPermissionDTO tierPermission : tierPermissions) {
deniedTiers.add(tierPermission.getTierName());
}
return deniedTiers;
}
}
/* Get the roles of the Current User */
String userName = (userNameWithoutChange != null) ? userNameWithoutChange : username;
currentUserRoles = APIUtil.getListOfRoles(userName);
for (TierPermissionDTO tierPermission : tierPermissions) {
String type = tierPermission.getPermissionType();
List<String> currentRolesList = new ArrayList<String>(Arrays.asList(currentUserRoles));
String[] rolesList = tierPermission.getRoles();
List<String> roles = new ArrayList<>();
if (rolesList != null) {
roles = new ArrayList<>(Arrays.asList(rolesList));
}
currentRolesList.retainAll(roles);
if (APIConstants.TIER_PERMISSION_ALLOW.equals(type)) {
/* Current User is not allowed for this Tier*/
if (currentRolesList.isEmpty()) {
deniedTiers.add(tierPermission.getTierName());
}
} else {
/* Current User is denied for this Tier*/
if (currentRolesList.size() > 0) {
deniedTiers.add(tierPermission.getTierName());
}
}
}
}
return deniedTiers;
}
use of org.wso2.carbon.apimgt.api.model.TierPermission in project carbon-apimgt by wso2.
the class ThrottlingPolicyMappingUtil method setTierPermissions.
/**
* Fills the tier information on TierDTO
*
* @param throttlingPolicyDTO Object Containing throttling policy DTOs
* @param throttlingPolicy Throttling Policy object
* @return ThrottlingPolicyDTO with permission info
*/
public static ThrottlingPolicyDTO setTierPermissions(ThrottlingPolicyDTO throttlingPolicyDTO, Tier throttlingPolicy) {
ThrottlingPolicyPermissionInfoDTO tierPermission = new ThrottlingPolicyPermissionInfoDTO();
// If no permission found for the tier, the default permission will be applied
if (throttlingPolicy.getTierPermission() == null || throttlingPolicy.getTierPermission().getPermissionType() == null) {
tierPermission.setType(ThrottlingPolicyPermissionInfoDTO.TypeEnum.valueOf("ALLOW"));
List<String> roles = new ArrayList<>();
roles.add("Internal/everyone");
tierPermission.setRoles(roles);
} else {
String permissionType = throttlingPolicy.getTierPermission().getPermissionType();
tierPermission.setType(ThrottlingPolicyPermissionInfoDTO.TypeEnum.valueOf(permissionType.toUpperCase()));
tierPermission.setRoles(Arrays.asList(throttlingPolicy.getTierPermission().getRoles()));
}
throttlingPolicyDTO.setThrottlingPolicyPermissions(tierPermission);
return throttlingPolicyDTO;
}
use of org.wso2.carbon.apimgt.api.model.TierPermission in project carbon-apimgt by wso2.
the class ApiMgtDAO method getTierPermissions.
public Set<TierPermissionDTO> getTierPermissions(int tenantId) throws APIManagementException {
Connection conn = null;
PreparedStatement ps = null;
ResultSet resultSet = null;
Set<TierPermissionDTO> tierPermissions = new HashSet<TierPermissionDTO>();
try {
String getTierPermissionQuery = SQLConstants.GET_TIER_PERMISSIONS_SQL;
conn = APIMgtDBUtil.getConnection();
ps = conn.prepareStatement(getTierPermissionQuery);
ps.setInt(1, tenantId);
resultSet = ps.executeQuery();
while (resultSet.next()) {
TierPermissionDTO tierPermission = new TierPermissionDTO();
tierPermission.setTierName(resultSet.getString("TIER"));
tierPermission.setPermissionType(resultSet.getString("PERMISSIONS_TYPE"));
String roles = resultSet.getString("ROLES");
if (roles != null && !roles.isEmpty()) {
String[] roleList = roles.split(",");
tierPermission.setRoles(roleList);
}
tierPermissions.add(tierPermission);
}
} catch (SQLException e) {
handleException("Failed to get Tier permission information ", e);
} finally {
APIMgtDBUtil.closeAllConnections(ps, conn, resultSet);
}
return tierPermissions;
}
Aggregations