Search in sources :

Example 1 with TierPermissionDTO

use of org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO in project carbon-apimgt by wso2.

the class ApiMgtDAO method getThrottleTierPermission.

public TierPermissionDTO getThrottleTierPermission(String tierName, int tenantId) throws APIManagementException {
    Connection conn = null;
    PreparedStatement ps = null;
    ResultSet resultSet = null;
    TierPermissionDTO tierPermission = null;
    try {
        String getTierPermissionQuery = SQLConstants.GET_THROTTLE_TIER_PERMISSION_SQL;
        conn = APIMgtDBUtil.getConnection();
        ps = conn.prepareStatement(getTierPermissionQuery);
        ps.setString(1, tierName);
        ps.setInt(2, tenantId);
        resultSet = ps.executeQuery();
        while (resultSet.next()) {
            tierPermission = new TierPermissionDTO();
            tierPermission.setTierName(tierName);
            tierPermission.setPermissionType(resultSet.getString("PERMISSIONS_TYPE"));
            String roles = resultSet.getString("ROLES");
            if (roles != null) {
                String[] roleList = roles.split(",");
                tierPermission.setRoles(roleList);
            }
        }
    } catch (SQLException e) {
        handleException("Failed to get Tier permission information for Tier " + tierName, e);
    } finally {
        APIMgtDBUtil.closeAllConnections(ps, conn, resultSet);
    }
    return tierPermission;
}
Also used : TierPermissionDTO(org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO) SQLException(java.sql.SQLException) Connection(java.sql.Connection) ResultSet(java.sql.ResultSet) PreparedStatement(java.sql.PreparedStatement)

Example 2 with TierPermissionDTO

use of org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO in project carbon-apimgt by wso2.

the class APIConsumerImplTest method testGetDeniedTiers.

@Test
public void testGetDeniedTiers() throws APIManagementException, org.wso2.carbon.user.core.UserStoreException {
    UserRegistry userRegistry = Mockito.mock(UserRegistry.class);
    APIManagerConfiguration apiManagerConfiguration = Mockito.mock(APIManagerConfiguration.class);
    APIManagerConfigurationService apiManagerConfigurationService = Mockito.mock(APIManagerConfigurationService.class);
    Mockito.when(serviceReferenceHolder.getAPIManagerConfigurationService()).thenReturn(apiManagerConfigurationService);
    Mockito.when(apiManagerConfigurationService.getAPIManagerConfiguration()).thenReturn(apiManagerConfiguration);
    Mockito.when(apiManagerConfiguration.getFirstProperty(Mockito.anyString())).thenReturn("true", "false");
    APIConsumerImpl apiConsumer = new UserAwareAPIConsumerWrapper(userRegistry, apiMgtDAO);
    Mockito.when(userRegistry.getUserRealm()).thenReturn(userRealm);
    Mockito.when(userRealm.getUserStoreManager()).thenReturn(userStoreManager);
    String[] currentUserRoles = { "role1", "role2" };
    PowerMockito.when(APIUtil.getListOfRoles(Mockito.anyString())).thenReturn(currentUserRoles);
    Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 0);
    TierPermissionDTO tierPermissionDTO = new TierPermissionDTO();
    TierPermissionDTO tierPermissionDTO1 = new TierPermissionDTO();
    tierPermissionDTO.setRoles(new String[] { "role1" });
    Set<TierPermissionDTO> tierPermissionDTOs = new HashSet<TierPermissionDTO>();
    tierPermissionDTOs.add(tierPermissionDTO);
    Mockito.when(apiMgtDAO.getThrottleTierPermissions(Mockito.anyInt())).thenReturn(tierPermissionDTOs);
    Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 1);
    tierPermissionDTO.setRoles(new String[] { "role3" });
    Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 0);
    Mockito.when(apiMgtDAO.getTierPermissions(Mockito.anyInt())).thenReturn(tierPermissionDTOs);
    Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 0);
    tierPermissionDTO.setPermissionType(APIConstants.TIER_PERMISSION_ALLOW);
    Mockito.when(userStoreManager.getRoleListOfUser(Mockito.anyString())).thenReturn(new String[0]);
    tierPermissionDTOs.add(tierPermissionDTO1);
    tierPermissionDTO1.setRoles(new String[] { "role4" });
    Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 1);
    Mockito.when(userStoreManager.getRoleListOfUser(Mockito.anyString())).thenReturn(new String[] { "role1", "role2" });
    tierPermissionDTO1.setRoles(new String[] { "role2" });
    tierPermissionDTO1.setTierName("Silver");
    Assert.assertEquals(apiConsumer.getDeniedTiers().size(), 2);
}
Also used : TierPermissionDTO(org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO) UserRegistry(org.wso2.carbon.registry.core.session.UserRegistry) Matchers.anyString(org.mockito.Matchers.anyString) HashSet(java.util.HashSet) Test(org.junit.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 3 with TierPermissionDTO

use of org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO in project carbon-apimgt by wso2.

the class APIConsumerImpl method getTierPermissions.

@Override
public Set<TierPermission> getTierPermissions() throws APIManagementException {
    Set<TierPermission> tierPermissions = new HashSet<TierPermission>();
    if (tenantId != 0) {
        Set<TierPermissionDTO> tierPermissionDtos = apiMgtDAO.getThrottleTierPermissions(tenantId);
        for (TierPermissionDTO tierDto : tierPermissionDtos) {
            TierPermission tierPermission = new TierPermission(tierDto.getTierName());
            tierPermission.setRoles(tierDto.getRoles());
            tierPermission.setPermissionType(tierDto.getPermissionType());
            tierPermissions.add(tierPermission);
        }
    }
    return tierPermissions;
}
Also used : TierPermissionDTO(org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO) TierPermission(org.wso2.carbon.apimgt.api.model.TierPermission) LinkedHashSet(java.util.LinkedHashSet) HashSet(java.util.HashSet)

Example 4 with TierPermissionDTO

use of org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO in project carbon-apimgt by wso2.

the class APIConsumerImpl method getDeniedTiers.

/**
 * Returns a list of tiers denied
 * @param apiProviderTenantId tenant id of API provider
 * @return Set<Tier>
 */
@Override
public Set<String> getDeniedTiers(int apiProviderTenantId) throws APIManagementException {
    Set<String> deniedTiers = new HashSet<String>();
    String[] currentUserRoles;
    Set<TierPermissionDTO> tierPermissions = apiMgtDAO.getThrottleTierPermissions(apiProviderTenantId);
    if (apiProviderTenantId == 0) {
        apiProviderTenantId = tenantId;
    }
    if (apiProviderTenantId != 0) {
        if (APIUtil.isOnPremResolver()) {
            if (tenantId != apiProviderTenantId) {
                // therefore any POLICY that have a permission attached marked as deny policy.
                for (TierPermissionDTO tierPermission : tierPermissions) {
                    deniedTiers.add(tierPermission.getTierName());
                }
                return deniedTiers;
            }
        }
        /* Get the roles of the Current User */
        String userName = (userNameWithoutChange != null) ? userNameWithoutChange : username;
        currentUserRoles = APIUtil.getListOfRoles(userName);
        for (TierPermissionDTO tierPermission : tierPermissions) {
            String type = tierPermission.getPermissionType();
            List<String> currentRolesList = new ArrayList<String>(Arrays.asList(currentUserRoles));
            String[] rolesList = tierPermission.getRoles();
            List<String> roles = new ArrayList<>();
            if (rolesList != null) {
                roles = new ArrayList<>(Arrays.asList(rolesList));
            }
            currentRolesList.retainAll(roles);
            if (APIConstants.TIER_PERMISSION_ALLOW.equals(type)) {
                /* Current User is not allowed for this Tier*/
                if (currentRolesList.isEmpty()) {
                    deniedTiers.add(tierPermission.getTierName());
                }
            } else {
                /* Current User is denied for this Tier*/
                if (currentRolesList.size() > 0) {
                    deniedTiers.add(tierPermission.getTierName());
                }
            }
        }
    }
    return deniedTiers;
}
Also used : TierPermissionDTO(org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO) ArrayList(java.util.ArrayList) LinkedHashSet(java.util.LinkedHashSet) HashSet(java.util.HashSet)

Example 5 with TierPermissionDTO

use of org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO in project carbon-apimgt by wso2.

the class APIMgtDAOTest method testAddAndGetSubscriptionPolicy.

@Test
public void testAddAndGetSubscriptionPolicy() throws Exception {
    SubscriptionPolicy subscriptionPolicy = (SubscriptionPolicy) getSubscriptionPolicy("testAddAndGetSubscriptionPolicy");
    String customAttributes = "{api:abc}";
    subscriptionPolicy.setTenantId(-1234);
    subscriptionPolicy.setCustomAttributes(customAttributes.getBytes());
    subscriptionPolicy.setMonetizationPlan(APIConstants.Monetization.FIXED_RATE);
    subscriptionPolicy.setMonetizationPlanProperties(new HashMap<String, String>());
    apiMgtDAO.addSubscriptionPolicy(subscriptionPolicy);
    SubscriptionPolicy retrievedPolicy = apiMgtDAO.getSubscriptionPolicy(subscriptionPolicy.getPolicyName(), -1234);
    SubscriptionPolicy retrievedPolicyFromUUID = apiMgtDAO.getSubscriptionPolicyByUUID(retrievedPolicy.getUUID());
    assertEquals(retrievedPolicy.getDescription(), retrievedPolicyFromUUID.getDescription());
    assertEquals(retrievedPolicy.getDisplayName(), retrievedPolicyFromUUID.getDisplayName());
    assertEquals(retrievedPolicy.getRateLimitCount(), retrievedPolicyFromUUID.getRateLimitCount());
    assertEquals(retrievedPolicy.getRateLimitTimeUnit(), retrievedPolicyFromUUID.getRateLimitTimeUnit());
    retrievedPolicyFromUUID.setCustomAttributes(customAttributes.getBytes());
    apiMgtDAO.updateSubscriptionPolicy(retrievedPolicyFromUUID);
    retrievedPolicyFromUUID.setPolicyName(null);
    apiMgtDAO.updateSubscriptionPolicy(retrievedPolicyFromUUID);
    SubscriptionPolicy[] subscriptionPolicies = apiMgtDAO.getSubscriptionPolicies(-1234);
    apiMgtDAO.updateThrottleTierPermissions(subscriptionPolicy.getPolicyName(), "allow", "internal/everyone", -1234);
    Set<TierPermissionDTO> throttleTierPermissions = apiMgtDAO.getThrottleTierPermissions(-1234);
    for (TierPermissionDTO tierPermissionDTO : throttleTierPermissions) {
        if (subscriptionPolicy.getPolicyName().equals(tierPermissionDTO.getTierName())) {
            assertTrue(true);
            break;
        }
    }
    apiMgtDAO.updateThrottleTierPermissions(subscriptionPolicy.getPolicyName(), "deny", "internal/everyone", -1234);
    assertNotNull(apiMgtDAO.getThrottleTierPermission(subscriptionPolicy.getPolicyName(), -1234));
    assertTrue(subscriptionPolicies.length > 0);
    apiMgtDAO.setPolicyDeploymentStatus(PolicyConstants.POLICY_LEVEL_SUB, subscriptionPolicy.getPolicyName(), -1234, true);
    assertTrue(apiMgtDAO.getPolicyNames(PolicyConstants.POLICY_LEVEL_SUB, "admin").length > 0);
    assertTrue(apiMgtDAO.isPolicyDeployed(PolicyConstants.POLICY_LEVEL_SUB, -1234, subscriptionPolicy.getPolicyName()));
    assertTrue(apiMgtDAO.isPolicyExist(PolicyConstants.POLICY_LEVEL_SUB, -1234, subscriptionPolicy.getPolicyName()));
    apiMgtDAO.removeThrottlePolicy(PolicyConstants.POLICY_LEVEL_SUB, "testAddAndGetSubscriptionPolicy", -1234);
}
Also used : SubscriptionPolicy(org.wso2.carbon.apimgt.api.model.policy.SubscriptionPolicy) TierPermissionDTO(org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Aggregations

TierPermissionDTO (org.wso2.carbon.apimgt.impl.dto.TierPermissionDTO)11 HashSet (java.util.HashSet)5 Connection (java.sql.Connection)4 PreparedStatement (java.sql.PreparedStatement)4 ResultSet (java.sql.ResultSet)4 SQLException (java.sql.SQLException)4 LinkedHashSet (java.util.LinkedHashSet)4 Test (org.junit.Test)3 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)3 UserRegistry (org.wso2.carbon.registry.core.session.UserRegistry)3 ArrayList (java.util.ArrayList)2 UserStoreException (org.wso2.carbon.user.api.UserStoreException)2 Matchers.anyString (org.mockito.Matchers.anyString)1 APIProvider (org.wso2.carbon.apimgt.api.APIProvider)1 TierPermission (org.wso2.carbon.apimgt.api.model.TierPermission)1 SubscriptionPolicy (org.wso2.carbon.apimgt.api.model.policy.SubscriptionPolicy)1