use of org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO in project carbon-apimgt by wso2.
the class ApiMgtDAO method getThrottleTierPermission.
public TierPermissionDTO getThrottleTierPermission(String tierName, int tenantId) throws APIManagementException {
Connection conn = null;
PreparedStatement ps = null;
ResultSet resultSet = null;
TierPermissionDTO tierPermission = null;
try {
String getTierPermissionQuery = SQLConstants.GET_THROTTLE_TIER_PERMISSION_SQL;
conn = APIMgtDBUtil.getConnection();
ps = conn.prepareStatement(getTierPermissionQuery);
ps.setString(1, tierName);
ps.setInt(2, tenantId);
resultSet = ps.executeQuery();
while (resultSet.next()) {
tierPermission = new TierPermissionDTO();
tierPermission.setTierName(tierName);
tierPermission.setPermissionType(resultSet.getString("PERMISSIONS_TYPE"));
String roles = resultSet.getString("ROLES");
if (roles != null) {
String[] roleList = roles.split(",");
tierPermission.setRoles(roleList);
}
}
} catch (SQLException e) {
handleException("Failed to get Tier permission information for Tier " + tierName, e);
} finally {
APIMgtDBUtil.closeAllConnections(ps, conn, resultSet);
}
return tierPermission;
}
use of org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO in project carbon-apimgt by wso2.
the class APIConsumerImplTest method testGetDeniedTiers.
@Test
public void testGetDeniedTiers() throws APIManagementException, org.wso2.carbon.user.core.UserStoreException {
UserRegistry userRegistry = Mockito.mock(UserRegistry.class);
APIManagerConfiguration apiManagerConfiguration = Mockito.mock(APIManagerConfiguration.class);
APIManagerConfigurationService apiManagerConfigurationService = Mockito.mock(APIManagerConfigurationService.class);
Mockito.when(serviceReferenceHolder.getAPIManagerConfigurationService()).thenReturn(apiManagerConfigurationService);
Mockito.when(apiManagerConfigurationService.getAPIManagerConfiguration()).thenReturn(apiManagerConfiguration);
Mockito.when(apiManagerConfiguration.getFirstProperty(Mockito.anyString())).thenReturn("true", "false");
APIConsumerImpl apiConsumer = new UserAwareAPIConsumerWrapper(userRegistry, apiMgtDAO);
Mockito.when(userRegistry.getUserRealm()).thenReturn(userRealm);
Mockito.when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
String[] currentUserRoles = { "role1", "role2" };
PowerMockito.when(APIUtil.getListOfRoles(Mockito.anyString())).thenReturn(currentUserRoles);
Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 0);
TierPermissionDTO tierPermissionDTO = new TierPermissionDTO();
TierPermissionDTO tierPermissionDTO1 = new TierPermissionDTO();
tierPermissionDTO.setRoles(new String[] { "role1" });
Set<TierPermissionDTO> tierPermissionDTOs = new HashSet<TierPermissionDTO>();
tierPermissionDTOs.add(tierPermissionDTO);
Mockito.when(apiMgtDAO.getThrottleTierPermissions(Mockito.anyInt())).thenReturn(tierPermissionDTOs);
Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 1);
tierPermissionDTO.setRoles(new String[] { "role3" });
Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 0);
Mockito.when(apiMgtDAO.getTierPermissions(Mockito.anyInt())).thenReturn(tierPermissionDTOs);
Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 0);
tierPermissionDTO.setPermissionType(APIConstants.TIER_PERMISSION_ALLOW);
Mockito.when(userStoreManager.getRoleListOfUser(Mockito.anyString())).thenReturn(new String[0]);
tierPermissionDTOs.add(tierPermissionDTO1);
tierPermissionDTO1.setRoles(new String[] { "role4" });
Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 1);
Mockito.when(userStoreManager.getRoleListOfUser(Mockito.anyString())).thenReturn(new String[] { "role1", "role2" });
tierPermissionDTO1.setRoles(new String[] { "role2" });
tierPermissionDTO1.setTierName("Silver");
Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 2);
}
use of org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO in project carbon-apimgt by wso2.
the class APIConsumerImpl method getTierPermissions.
@Override
public Set<TierPermission> getTierPermissions() throws APIManagementException {
Set<TierPermission> tierPermissions = new HashSet<TierPermission>();
if (tenantId != 0) {
Set<TierPermissionDTO> tierPermissionDtos = apiMgtDAO.getThrottleTierPermissions(tenantId);
for (TierPermissionDTO tierDto : tierPermissionDtos) {
TierPermission tierPermission = new TierPermission(tierDto.getTierName());
tierPermission.setRoles(tierDto.getRoles());
tierPermission.setPermissionType(tierDto.getPermissionType());
tierPermissions.add(tierPermission);
}
}
return tierPermissions;
}
use of org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO in project carbon-apimgt by wso2.
the class APIConsumerImpl method getDeniedTiers.
/**
* Returns a list of tiers denied
* @param apiProviderTenantId tenant id of API provider
* @return Set<Tier>
*/
@Override
public Set<String> getDeniedTiers(int apiProviderTenantId) throws APIManagementException {
Set<String> deniedTiers = new HashSet<String>();
String[] currentUserRoles;
Set<TierPermissionDTO> tierPermissions = apiMgtDAO.getThrottleTierPermissions(apiProviderTenantId);
if (apiProviderTenantId == 0) {
apiProviderTenantId = tenantId;
}
if (apiProviderTenantId != 0) {
if (APIUtil.isOnPremResolver()) {
if (tenantId != apiProviderTenantId) {
// therefore any POLICY that have a permission attached marked as deny policy.
for (TierPermissionDTO tierPermission : tierPermissions) {
deniedTiers.add(tierPermission.getTierName());
}
return deniedTiers;
}
}
/* Get the roles of the Current User */
String userName = (userNameWithoutChange != null) ? userNameWithoutChange : username;
currentUserRoles = APIUtil.getListOfRoles(userName);
for (TierPermissionDTO tierPermission : tierPermissions) {
String type = tierPermission.getPermissionType();
List<String> currentRolesList = new ArrayList<String>(Arrays.asList(currentUserRoles));
String[] rolesList = tierPermission.getRoles();
List<String> roles = new ArrayList<>();
if (rolesList != null) {
roles = new ArrayList<>(Arrays.asList(rolesList));
}
currentRolesList.retainAll(roles);
if (APIConstants.TIER_PERMISSION_ALLOW.equals(type)) {
/* Current User is not allowed for this Tier*/
if (currentRolesList.isEmpty()) {
deniedTiers.add(tierPermission.getTierName());
}
} else {
/* Current User is denied for this Tier*/
if (currentRolesList.size() > 0) {
deniedTiers.add(tierPermission.getTierName());
}
}
}
}
return deniedTiers;
}
use of org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO in project carbon-apimgt by wso2.
the class APIMgtDAOTest method testAddAndGetSubscriptionPolicy.
@Test
public void testAddAndGetSubscriptionPolicy() throws Exception {
SubscriptionPolicy subscriptionPolicy = (SubscriptionPolicy) getSubscriptionPolicy("testAddAndGetSubscriptionPolicy");
String customAttributes = "{api:abc}";
subscriptionPolicy.setTenantId(-1234);
subscriptionPolicy.setCustomAttributes(customAttributes.getBytes());
subscriptionPolicy.setMonetizationPlan(APIConstants.Monetization.FIXED_RATE);
subscriptionPolicy.setMonetizationPlanProperties(new HashMap<String, String>());
apiMgtDAO.addSubscriptionPolicy(subscriptionPolicy);
SubscriptionPolicy retrievedPolicy = apiMgtDAO.getSubscriptionPolicy(subscriptionPolicy.getPolicyName(), -1234);
SubscriptionPolicy retrievedPolicyFromUUID = apiMgtDAO.getSubscriptionPolicyByUUID(retrievedPolicy.getUUID());
assertEquals(retrievedPolicy.getDescription(), retrievedPolicyFromUUID.getDescription());
assertEquals(retrievedPolicy.getDisplayName(), retrievedPolicyFromUUID.getDisplayName());
assertEquals(retrievedPolicy.getRateLimitCount(), retrievedPolicyFromUUID.getRateLimitCount());
assertEquals(retrievedPolicy.getRateLimitTimeUnit(), retrievedPolicyFromUUID.getRateLimitTimeUnit());
retrievedPolicyFromUUID.setCustomAttributes(customAttributes.getBytes());
apiMgtDAO.updateSubscriptionPolicy(retrievedPolicyFromUUID);
retrievedPolicyFromUUID.setPolicyName(null);
apiMgtDAO.updateSubscriptionPolicy(retrievedPolicyFromUUID);
SubscriptionPolicy[] subscriptionPolicies = apiMgtDAO.getSubscriptionPolicies(-1234);
apiMgtDAO.updateThrottleTierPermissions(subscriptionPolicy.getPolicyName(), "allow", "internal/everyone", -1234);
Set<TierPermissionDTO> throttleTierPermissions = apiMgtDAO.getThrottleTierPermissions(-1234);
for (TierPermissionDTO tierPermissionDTO : throttleTierPermissions) {
if (subscriptionPolicy.getPolicyName().equals(tierPermissionDTO.getTierName())) {
assertTrue(true);
break;
}
}
apiMgtDAO.updateThrottleTierPermissions(subscriptionPolicy.getPolicyName(), "deny", "internal/everyone", -1234);
assertNotNull(apiMgtDAO.getThrottleTierPermission(subscriptionPolicy.getPolicyName(), -1234));
assertTrue(subscriptionPolicies.length > 0);
apiMgtDAO.setPolicyDeploymentStatus(PolicyConstants.POLICY_LEVEL_SUB, subscriptionPolicy.getPolicyName(), -1234, true);
assertTrue(apiMgtDAO.getPolicyNames(PolicyConstants.POLICY_LEVEL_SUB, "admin").length > 0);
assertTrue(apiMgtDAO.isPolicyDeployed(PolicyConstants.POLICY_LEVEL_SUB, -1234, subscriptionPolicy.getPolicyName()));
assertTrue(apiMgtDAO.isPolicyExist(PolicyConstants.POLICY_LEVEL_SUB, -1234, subscriptionPolicy.getPolicyName()));
apiMgtDAO.removeThrottlePolicy(PolicyConstants.POLICY_LEVEL_SUB, "testAddAndGetSubscriptionPolicy", -1234);
}
Aggregations