use of org.wso2.carbon.consent.mgt.core.model.ConsentPurpose in project carbon-identity-framework by wso2.
the class ConsentUtilityService method filterPIIsFromReceipt.
/**
* If the consent is not given for a PII
*
* @param keySet
* @param receipt
* @return
* @throws ConsentUtilityServiceException
*/
public Set<String> filterPIIsFromReceipt(Set<String> keySet, ReceiptInput receipt) throws ConsentUtilityServiceException {
if (keySet == null || receipt == null) {
throw new ConsentUtilityServiceException("Key set and receipt should not be null");
}
List<ReceiptServiceInput> services = receipt.getServices();
Set<String> consentedPIIs = new HashSet<>();
for (ReceiptServiceInput service : services) {
List<ReceiptPurposeInput> purposes = service.getPurposes();
for (ReceiptPurposeInput consentPurpose : purposes) {
List<PIICategoryValidity> piiCategories = consentPurpose.getPiiCategory();
for (PIICategoryValidity piiCategory : piiCategories) {
consentedPIIs.add(getPIIName(consentPurpose.getPurposeId(), piiCategory.getId()));
}
}
}
keySet.retainAll(consentedPIIs);
return keySet;
}
use of org.wso2.carbon.consent.mgt.core.model.ConsentPurpose in project carbon-identity-framework by wso2.
the class ApplicationManagementServiceImpl method deleteApplication.
// Will be supported with 'Advance Consent Management Feature'.
/*
private void validateConsentPurposes(ServiceProvider serviceProvider) throws
IdentityApplicationManagementException {
ConsentManager consentManager = ApplicationManagementServiceComponentHolder.getInstance().getConsentManager();
ConsentConfig consentConfig = serviceProvider.getConsentConfig();
if (nonNull(consentConfig)) {
ConsentPurposeConfigs consentPurposeConfigs = consentConfig.getConsentPurposeConfigs();
if (nonNull(consentPurposeConfigs)) {
ConsentPurpose[] consentPurposes = consentPurposeConfigs.getConsentPurpose();
if (nonNull(consentPurposes)) {
for (ConsentPurpose consentPurpose : consentPurposes) {
int purposeId = consentPurpose.getPurposeId();
try {
Purpose purpose = consentManager.getPurpose(purposeId);
if (isNull(purpose)) {
if (log.isDebugEnabled()) {
log.debug("ConsentManager returned null for Purpose ID: " + purposeId);
}
throw new IdentityApplicationManagementException("Invalid purpose ID: " + purposeId);
}
if (!isSPSpecificPurpose(serviceProvider, purpose) && !isSharedPurpose(purpose)) {
String message = "Purpose: %s with ID: %s is not defined under purposes for SP:" +
" %s or 'SHARED' purposes.";
String error = String.format(message, purpose.getName(), purpose.getId(),
serviceProvider.getApplicationName());
throw new IdentityApplicationManagementException(error);
}
} catch (ConsentManagementException e) {
if (ERROR_CODE_PURPOSE_ID_INVALID.getCode().equals(e.getErrorCode())) {
throw new IdentityApplicationManagementException("Invalid purpose ID: " + purposeId, e);
}
throw new IdentityApplicationManagementException("Error while retrieving consent purpose " +
"with ID: " + purposeId, e);
}
}
}
}
}
}
private boolean isSharedPurpose(Purpose purpose) {
return PURPOSE_GROUP_SHARED.equals(purpose.getGroup()) && PURPOSE_GROUP_TYPE_SYSTEM.equals(
purpose.getGroupType());
}
private boolean isSPSpecificPurpose(ServiceProvider serviceProvider, Purpose purpose) {
return serviceProvider.getApplicationName().equals(purpose.getGroup())&& PURPOSE_GROUP_TYPE_SP.equals(
purpose.getGroupType());
}
*/
@Override
public void deleteApplication(String applicationName, String tenantDomain, String username) throws IdentityApplicationManagementException {
ServiceProvider serviceProvider;
// invoking the listeners
Collection<ApplicationMgtListener> listeners = getApplicationMgtListeners();
for (ApplicationMgtListener listener : listeners) {
if (listener.isEnable() && !listener.doPreDeleteApplication(applicationName, tenantDomain, username)) {
throw buildServerException("Pre Delete application operation of listener: " + getName(listener) + " failed for application: " + applicationName + " of tenantDomain: " + tenantDomain);
}
}
try {
startTenantFlow(tenantDomain, username);
doPreDeleteChecks(applicationName, tenantDomain, username);
ApplicationDAO appDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
serviceProvider = appDAO.getApplication(applicationName, tenantDomain);
if (serviceProvider != null) {
ApplicationMgtUtil.deleteAppRole(applicationName);
ApplicationMgtUtil.deletePermissions(applicationName);
appDAO.deleteApplication(applicationName);
} else {
if (log.isDebugEnabled()) {
log.debug("Application cannot be found for name: " + applicationName + " in tenantDomain: " + tenantDomain);
}
return;
}
} catch (Exception e) {
String error = "Error occurred while deleting the application: " + applicationName + ". " + e.getMessage();
throw buildServerException(error, e);
} finally {
endTenantFlow();
}
for (ApplicationMgtListener listener : listeners) {
if (listener.isEnable() && !listener.doPostDeleteApplication(serviceProvider, tenantDomain, username)) {
log.error("Post Delete application operation of listener: " + getName(listener) + " failed for " + "application with name: " + applicationName + " of tenantDomain: " + tenantDomain);
return;
}
}
triggerAuditLogEvent(getInitiatorId(username, tenantDomain), getInitiatorId(username, tenantDomain), USER, CarbonConstants.LogEventConstants.EventCatalog.DELETE_APPLICATION.getEventId(), getAppId(serviceProvider), getApplicationName(serviceProvider), TARGET_APPLICATION, null);
}
use of org.wso2.carbon.consent.mgt.core.model.ConsentPurpose in project carbon-identity-framework by wso2.
the class ApplicationDAOImpl method updateConsentPurposeConfiguration.
/**
* Updates the consent purpose configurations of the application.
*
* @param connection
* @param applicationId
* @param consentConfig
* @param tenantID
*/
private void updateConsentPurposeConfiguration(Connection connection, int applicationId, ConsentConfig consentConfig, int tenantID) throws IdentityApplicationManagementException {
try (PreparedStatement pst = connection.prepareStatement(UPDATE_BASIC_APP_INFO_WITH_CONSENT_ENABLED)) {
pst.setString(1, consentConfig.isEnabled() ? "1" : "0");
pst.setInt(2, tenantID);
pst.setInt(3, applicationId);
pst.executeUpdate();
} catch (SQLException e) {
String error = String.format("Error while setting consentEnabled: %s for applicationId: %s in tenantId: " + "%s", Boolean.toString(consentConfig.isEnabled()), applicationId, tenantID);
throw new IdentityApplicationManagementException(error, e);
}
ConsentPurposeConfigs consentPurposeConfigs = consentConfig.getConsentPurposeConfigs();
if (isNull(consentPurposeConfigs)) {
if (log.isDebugEnabled()) {
log.debug("ConsentPurposeConfigs entry is null for application ID: " + applicationId);
}
return;
}
ConsentPurpose[] consentPurposes = consentPurposeConfigs.getConsentPurpose();
if (isNull(consentPurposes)) {
if (log.isDebugEnabled()) {
log.debug("ConsentPurpose entry is null for application ID: " + applicationId);
}
return;
}
for (ConsentPurpose consentPurpose : consentPurposes) {
try (PreparedStatement ps = connection.prepareStatement(ADD_SP_CONSENT_PURPOSE)) {
ps.setInt(1, applicationId);
ps.setInt(2, consentPurpose.getPurposeId());
ps.setInt(3, consentPurpose.getDisplayOrder());
ps.setInt(4, tenantID);
ps.executeUpdate();
} catch (SQLException e) {
String error = String.format("Error while persisting consent purposeId: %s for applicationId: %s " + "in tenantId: %s", consentPurpose.getPurposeId(), applicationId, tenantID);
throw new IdentityApplicationManagementException(error, e);
}
}
}
use of org.wso2.carbon.consent.mgt.core.model.ConsentPurpose in project carbon-identity-framework by wso2.
the class ConsentPurpose method build.
/**
* Build ConsentPurpose from ConsentPurpose OM element.
*
* @param consentPurposeOM ConsentPurpose OM element.
* @return ConsentPurpose object.
*/
public static ConsentPurpose build(OMElement consentPurposeOM) throws IdentityApplicationManagementException {
ConsentPurpose consentPurpose = new ConsentPurpose();
if (consentPurposeOM == null) {
return consentPurpose;
}
Iterator<?> children = consentPurposeOM.getChildElements();
while (children.hasNext()) {
OMElement member = (OMElement) children.next();
if (PURPOSE_ID_ELEM.equals(member.getLocalName())) {
try {
consentPurpose.setPurposeId(Integer.parseInt(member.getText()));
} catch (NumberFormatException e) {
log.warn("PurposeID should be an Integer. Found: " + member.getText() + " instead.");
throw new IdentityApplicationManagementException("Invalid purpose ID: " + member.getText(), e);
}
} else {
if (DISPLAY_ORDER_ELEM.equals(member.getLocalName())) {
try {
consentPurpose.setDisplayOrder(Integer.parseInt(member.getText()));
} catch (NumberFormatException e) {
log.warn("DisplayOrder should be an Integer. Found: " + member.getText() + " instead. Setting " + "default display order: " + DEFAULT_DISPLAY_ORDER);
consentPurpose.setDisplayOrder(DEFAULT_DISPLAY_ORDER);
}
}
}
}
return consentPurpose;
}
use of org.wso2.carbon.consent.mgt.core.model.ConsentPurpose in project identity-governance by wso2-extensions.
the class Utils method getConsentReceiptDTO.
/**
* This API is used to get ConsentReceiptDTO response.
*
* @param receipt Receipt instance.
* @return ConsentReceiptDTO.
*/
public static ConsentReceiptDTO getConsentReceiptDTO(Receipt receipt) {
ConsentReceiptDTO consentReceiptDTO = new ConsentReceiptDTO();
consentReceiptDTO.setCollectionMethod(receipt.getCollectionMethod());
consentReceiptDTO.setConsentReceiptID(receipt.getConsentReceiptId());
consentReceiptDTO.setJurisdiction(receipt.getJurisdiction());
consentReceiptDTO.setConsentTimestamp(receipt.getConsentTimestamp());
consentReceiptDTO.setLanguage(receipt.getLanguage());
consentReceiptDTO.setPiiPrincipalId(receipt.getPiiPrincipalId());
consentReceiptDTO.setPolicyUrl(receipt.getPolicyUrl());
consentReceiptDTO.setSensitive(receipt.isSensitive());
consentReceiptDTO.setTenantDomain(receipt.getTenantDomain());
consentReceiptDTO.setVersion(receipt.getVersion());
consentReceiptDTO.setState(receipt.getState());
consentReceiptDTO.setServices(receipt.getServices().stream().map(receiptService -> {
ServiceDTO serviceDTO = new ServiceDTO();
serviceDTO.setService(receiptService.getService());
serviceDTO.setTenantDomain(receiptService.getTenantDomain());
serviceDTO.setPurposes(receiptService.getPurposes().stream().map(consentPurpose -> {
PurposeDTO purposeDTO = new PurposeDTO();
purposeDTO.setConsentType(consentPurpose.getConsentType());
purposeDTO.setPiiCategory(consentPurpose.getPiiCategory().stream().map(piiCategoryValidity -> {
PiiCategoryDTO piiCategoryDTO = new PiiCategoryDTO();
piiCategoryDTO.setPiiCategory(piiCategoryValidity.getName());
piiCategoryDTO.setValidity(piiCategoryValidity.getValidity());
return piiCategoryDTO;
}).collect(Collectors.toList()));
purposeDTO.setPrimaryPurpose(consentPurpose.isPrimaryPurpose());
purposeDTO.setPurpose(consentPurpose.getPurpose());
purposeDTO.setPurposeCategory(consentPurpose.getPurposeCategory());
purposeDTO.setTermination(consentPurpose.getTermination());
purposeDTO.setThirdPartyDisclosure(consentPurpose.isThirdPartyDisclosure());
purposeDTO.setThirdPartyName(consentPurpose.getThirdPartyName());
return purposeDTO;
}).collect(Collectors.toList()));
return serviceDTO;
}).collect(Collectors.toList()));
consentReceiptDTO.setSpiCat(receipt.getSpiCat());
consentReceiptDTO.setPiiControllers(receipt.getPiiControllers().stream().map(piiController -> {
PiiControllerDTO piiControllerDTO = new PiiControllerDTO();
AddressDTO addressDTO = new AddressDTO();
consentReceiptDTO.setPublicKey(receipt.getPublicKey());
addressDTO.setAddressCountry(piiController.getAddress().getAddressCountry());
addressDTO.setAddressLocality(piiController.getAddress().getAddressLocality());
addressDTO.setAddressRegion(piiController.getAddress().getAddressRegion());
addressDTO.setPostalCode(piiController.getAddress().getPostalCode());
addressDTO.setPostOfficeBoxNumber(piiController.getAddress().getPostOfficeBoxNumber());
addressDTO.setStreetAddress(piiController.getAddress().getStreetAddress());
piiControllerDTO.setAddress(addressDTO);
piiControllerDTO.setContact(piiController.getContact());
piiControllerDTO.setEmail(piiController.getEmail());
piiControllerDTO.setPhone(piiController.getPhone());
piiControllerDTO.setPiiController(piiController.getPiiController());
piiControllerDTO.setPiiControllerUrl(piiController.getPiiControllerUrl());
piiControllerDTO.setOnBehalf(piiController.isOnBehalf());
return piiControllerDTO;
}).collect(Collectors.toList()));
return consentReceiptDTO;
}
Aggregations