Example 1 with Roles
use of org.wso2.carbon.identity.api.server.idp.v1.model.Roles in project carbon-apimgt by wso2.
the class ApiDAOImpl method updateAPI.
/**
* Update an existing API
*
* @param apiID The {@link String} of the API that needs to be updated
* @param substituteAPI Substitute {@link API} object that will replace the existing API
* @throws APIMgtDAOException if error occurs while accessing data layer
*/
@Override
public void updateAPI(String apiID, API substituteAPI) throws APIMgtDAOException {
final String query = "UPDATE AM_API SET CONTEXT = ?, IS_DEFAULT_VERSION = ?, DESCRIPTION = ?, VISIBILITY = ?, " + "IS_RESPONSE_CACHED = ?, CACHE_TIMEOUT = ?, TECHNICAL_OWNER = ?, TECHNICAL_EMAIL = ?, " + "BUSINESS_OWNER = ?, BUSINESS_EMAIL = ?, CORS_ENABLED = ?, CORS_ALLOW_ORIGINS = ?, " + "CORS_ALLOW_CREDENTIALS = ?, CORS_ALLOW_HEADERS = ?, CORS_ALLOW_METHODS = ?, LAST_UPDATED_TIME = ?," + "UPDATED_BY = ?, LC_WORKFLOW_STATUS = ?, SECURITY_SCHEME = ? WHERE UUID = ?";
try (Connection connection = DAOUtil.getConnection();
PreparedStatement statement = connection.prepareStatement(query)) {
try {
connection.setAutoCommit(false);
statement.setString(1, substituteAPI.getContext());
statement.setBoolean(2, substituteAPI.isDefaultVersion());
statement.setString(3, substituteAPI.getDescription());
statement.setString(4, substituteAPI.getVisibility().toString());
statement.setBoolean(5, substituteAPI.isResponseCachingEnabled());
statement.setInt(6, substituteAPI.getCacheTimeout());
BusinessInformation businessInformation = substituteAPI.getBusinessInformation();
statement.setString(7, businessInformation.getTechnicalOwner());
statement.setString(8, businessInformation.getTechnicalOwnerEmail());
statement.setString(9, businessInformation.getBusinessOwner());
statement.setString(10, businessInformation.getBusinessOwnerEmail());
CorsConfiguration corsConfiguration = substituteAPI.getCorsConfiguration();
statement.setBoolean(11, corsConfiguration.isEnabled());
statement.setString(12, String.join(",", corsConfiguration.getAllowOrigins()));
statement.setBoolean(13, corsConfiguration.isAllowCredentials());
statement.setString(14, String.join(",", corsConfiguration.getAllowHeaders()));
statement.setString(15, String.join(",", corsConfiguration.getAllowMethods()));
statement.setTimestamp(16, Timestamp.valueOf(LocalDateTime.now()));
statement.setString(17, substituteAPI.getUpdatedBy());
statement.setString(18, substituteAPI.getWorkflowStatus());
statement.setInt(19, substituteAPI.getSecurityScheme());
statement.setString(20, apiID);
statement.execute();
// Delete current visible roles if they exist
deleteVisibleRoles(connection, apiID);
if (API.Visibility.RESTRICTED == substituteAPI.getVisibility()) {
addVisibleRole(connection, apiID, substituteAPI.getVisibleRoles());
}
deleteAPIPermission(connection, apiID);
updateApiPermission(connection, substituteAPI.getPermissionMap(), apiID);
deleteTransports(connection, apiID);
addTransports(connection, apiID, substituteAPI.getTransport());
deleteThreatProtectionPolicies(connection, apiID);
if (substituteAPI.getThreatProtectionPolicies() != null) {
addThreatProtectionPolicies(connection, apiID, substituteAPI.getThreatProtectionPolicies());
}
// Delete current tag mappings if they exist
deleteTagsMapping(connection, apiID);
addTagsMapping(connection, apiID, substituteAPI.getTags());
deleteLabelsMapping(connection, apiID);
addLabelMapping(connection, apiID, substituteAPI.getLabels());
deleteSubscriptionPolicies(connection, apiID);
addSubscriptionPolicies(connection, substituteAPI.getPolicies(), apiID);
deleteEndPointsForApi(connection, apiID);
addEndPointsForApi(connection, apiID, substituteAPI.getEndpoint());
deleteEndPointsForOperation(connection, apiID);
deleteUrlMappings(connection, apiID);
addUrlMappings(connection, substituteAPI.getUriTemplates().values(), apiID);
deleteApiPolicy(connection, apiID);
if (substituteAPI.getApiPolicy() != null) {
addApiPolicy(connection, substituteAPI.getApiPolicy().getUuid(), apiID);
}
connection.commit();
} catch (SQLException | IOException e) {
connection.rollback();
throw new APIMgtDAOException(DAOUtil.DAO_ERROR_PREFIX + "updating API: " + substituteAPI.getProvider() + " - " + substituteAPI.getName() + " - " + substituteAPI.getVersion(), e);
} finally {
connection.setAutoCommit(DAOUtil.isAutoCommit());
}
} catch (SQLException e) {
throw new APIMgtDAOException(DAOUtil.DAO_ERROR_PREFIX + "updating API: " + substituteAPI.getProvider() + " - " + substituteAPI.getName() + " - " + substituteAPI.getVersion(), e);
}
}
Also used :
BusinessInformation(org.wso2.carbon.apimgt.core.models.BusinessInformation)
APIMgtDAOException(org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)
CorsConfiguration(org.wso2.carbon.apimgt.core.models.CorsConfiguration)
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
IOException(java.io.IOException)
Example 2 with Roles
use of org.wso2.carbon.identity.api.server.idp.v1.model.Roles in project carbon-apimgt by wso2.
the class ApiDAOImpl method getCompositeAPIs.
@Override
@SuppressFBWarnings("SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING")
public List<CompositeAPI> getCompositeAPIs(Set<String> roles, String user, int offset, int limit) throws APIMgtDAOException {
// TODO: 6/5/17 Implement pagination support when implementing pagination support for
// other list operations.
final String query = COMPOSITE_API_SUMMARY_SELECT + " WHERE API_TYPE_ID = " + "(SELECT TYPE_ID FROM AM_API_TYPES WHERE TYPE_NAME = ?) AND PROVIDER = ?";
try (Connection connection = DAOUtil.getConnection();
PreparedStatement statement = connection.prepareStatement(query)) {
statement.setString(1, ApiType.COMPOSITE.toString());
statement.setString(2, user);
return getCompositeAPISummaryList(connection, statement);
} catch (SQLException e) {
throw new APIMgtDAOException(DAOUtil.DAO_ERROR_PREFIX + "getting Composite APIs", e);
}
}
Also used :
APIMgtDAOException(org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)
Example 3 with Roles
use of org.wso2.carbon.identity.api.server.idp.v1.model.Roles in project carbon-apimgt by wso2.
the class ApiDAOImpl method getAPIsByStatus.
/**
* @see ApiDAO#getAPIsByStatus(Set, List, List)
*/
@Override
@SuppressFBWarnings("SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING")
public List<API> getAPIsByStatus(Set<String> roles, List<String> statuses, List<String> labels) throws APIMgtDAOException {
// check for null at the beginning before constructing the query to retrieve APIs from database
if (roles == null || statuses == null) {
String errorMessage = "Role list or API status list should not be null to retrieve APIs.";
log.error(errorMessage);
throw new APIMgtDAOException(errorMessage);
}
// the below query will be used to retrieve the union of,
// published/prototyped APIs (statuses) with public visibility and
// published/prototyped APIs with restricted visibility where APIs are restricted based on roles of the user
String labelQuery = null;
if (labels.isEmpty()) {
labelQuery = "SELECT LABEL_ID FROM AM_LABELS WHERE TYPE_NAME='STORE'";
} else {
labelQuery = "SELECT LABEL_ID FROM AM_LABELS WHERE NAME IN ( " + DAOUtil.getParameterString(labels.size()) + ") AND TYPE_NAME='STORE'";
}
final String query = "Select UUID, PROVIDER, NAME, CONTEXT, VERSION, DESCRIPTION, CURRENT_LC_STATUS, " + "LIFECYCLE_INSTANCE_ID, LC_WORKFLOW_STATUS, SECURITY_SCHEME FROM (" + API_SUMMARY_SELECT + " WHERE " + "VISIBILITY = '" + API.Visibility.PUBLIC + "' " + "AND " + "CURRENT_LC_STATUS IN (" + DAOUtil.getParameterString(statuses.size()) + ") AND " + "API_TYPE_ID = (SELECT TYPE_ID FROM AM_API_TYPES WHERE TYPE_NAME = ?)" + "UNION " + API_SUMMARY_SELECT + " WHERE " + "VISIBILITY = '" + API.Visibility.RESTRICTED + "' " + "AND " + "UUID IN (SELECT API_ID FROM AM_API_VISIBLE_ROLES WHERE ROLE IN " + "(" + DAOUtil.getParameterString(roles.size()) + ")) " + " AND CURRENT_LC_STATUS IN (" + DAOUtil.getParameterString(statuses.size()) + ") AND " + " API_TYPE_ID = (SELECT TYPE_ID FROM AM_API_TYPES WHERE TYPE_NAME = ?)) A" + " JOIN AM_API_LABEL_MAPPING LM ON A.UUID=LM.API_ID WHERE LM.LABEL_ID IN (" + labelQuery + ")";
try (Connection connection = DAOUtil.getConnection();
PreparedStatement statement = connection.prepareStatement(query)) {
int i = 0;
// put desired API status into the query (to get APIs with public visibility)
for (String status : statuses) {
statement.setString(++i, status);
}
statement.setString(++i, ApiType.STANDARD.toString());
// put desired roles into the query
for (String role : roles) {
statement.setString(++i, role);
}
// put desired API status into the query (to get APIs with restricted visibility)
for (String status : statuses) {
statement.setString(++i, status);
}
statement.setString(++i, ApiType.STANDARD.toString());
// Set the label names in the query
for (String label : labels) {
statement.setString(++i, label);
}
return constructAPISummaryList(connection, statement);
} catch (SQLException e) {
String errorMessage = "Error while retrieving API list in store.";
throw new APIMgtDAOException(errorMessage, e);
}
}
Also used :
APIMgtDAOException(org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
Endpoint(org.wso2.carbon.apimgt.core.models.Endpoint)
SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)
Example 4 with Roles
use of org.wso2.carbon.identity.api.server.idp.v1.model.Roles in project carbon-apimgt by wso2.
the class ApiDAOImpl method searchAPIsByAttributeInStore.
/**
* @see ApiDAO#searchAPIsByAttributeInStore(List roles, List labels, Map attributeMap, int offset, int limit)
*/
@Override
@SuppressFBWarnings("SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING")
public List<API> searchAPIsByAttributeInStore(List<String> roles, List<String> labels, Map<String, String> attributeMap, int offset, int limit) throws APIMgtDAOException {
try (Connection connection = DAOUtil.getConnection();
PreparedStatement statement = sqlStatements.prepareAttributeSearchStatementForStore(connection, roles, labels, attributeMap, offset, limit)) {
DatabaseMetaData md = connection.getMetaData();
Iterator<Map.Entry<String, String>> entries = attributeMap.entrySet().iterator();
while (entries.hasNext()) {
Map.Entry<String, String> entry = entries.next();
String tableName = null, columnName = null;
if (APIMgtConstants.TAG_SEARCH_TYPE_PREFIX.equalsIgnoreCase(entry.getKey())) {
// if the search is related to tags, need to check NAME column in AM_TAGS table
tableName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? AM_TAGS_TABLE_NAME.toLowerCase(Locale.ENGLISH) : AM_TAGS_TABLE_NAME;
columnName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? APIMgtConstants.TAG_NAME_COLUMN.toLowerCase(Locale.ENGLISH) : APIMgtConstants.TAG_NAME_COLUMN.toUpperCase(Locale.ENGLISH);
} else if (APIMgtConstants.SUBCONTEXT_SEARCH_TYPE_PREFIX.equalsIgnoreCase(entry.getKey())) {
// if the search is related to subcontext, need to check URL_PATTERN column in
// AM_API_OPERATION_MAPPING table
tableName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? AM_API_OPERATION_MAPPING_TABLE_NAME.toLowerCase(Locale.ENGLISH) : AM_API_OPERATION_MAPPING_TABLE_NAME;
columnName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? APIMgtConstants.URL_PATTERN_COLUMN.toLowerCase(Locale.ENGLISH) : APIMgtConstants.URL_PATTERN_COLUMN.toUpperCase(Locale.ENGLISH);
} else {
// if the search is related to any other attribute, need to check that attribute
// in AM_API table
tableName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? AM_API_TABLE_NAME.toLowerCase(Locale.ENGLISH) : AM_API_TABLE_NAME;
columnName = connection.getMetaData().getDriverName().contains("PostgreSQL") ? entry.getKey().toLowerCase(Locale.ENGLISH) : entry.getKey().toUpperCase(Locale.ENGLISH);
}
if (!checkTableColumnExists(md, tableName, columnName)) {
throw new APIMgtDAOException("Attribute does not exist with name: " + entry.getKey(), ExceptionCodes.API_ATTRIBUTE_NOT_FOUND);
}
}
return constructAPISummaryList(connection, statement);
} catch (SQLException e) {
throw new APIMgtDAOException(DAOUtil.DAO_ERROR_PREFIX + "searching APIs by attribute", e);
}
}
Also used :
APIMgtDAOException(org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
DatabaseMetaData(java.sql.DatabaseMetaData)
Map(java.util.Map)
HashMap(java.util.HashMap)
SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)
Example 5 with Roles
use of org.wso2.carbon.identity.api.server.idp.v1.model.Roles in project carbon-apimgt by wso2.
the class ApiFileDAOImpl method getAPIs.
/**
* @see ApiDAO#getAPIs(Set, String)
*/
@Override
public List<API> getAPIs(Set<String> roles, String user) throws APIMgtDAOException {
File[] files = new File(storagePath).listFiles();
List<API> apiList = new ArrayList<>();
final FilenameFilter filenameFilter = (dir, name) -> (name.endsWith(APIMgtConstants.APIFileUtilConstants.JSON_EXTENSION) && name.contains(APIMgtConstants.APIFileUtilConstants.API_DEFINITION_FILE_PREFIX) && !dir.isHidden());
if (files != null) {
for (File file : files) {
apiList.add((API) fetchObject(file, FileApi.class, filenameFilter));
}
}
apiList.removeIf(Objects::isNull);
return apiList;
}
Also used :
FilenameFilter(java.io.FilenameFilter)
DedicatedGateway(org.wso2.carbon.apimgt.core.models.DedicatedGateway)
LoggerFactory(org.slf4j.LoggerFactory)
Rating(org.wso2.carbon.apimgt.core.models.Rating)
JsonReader(com.google.gson.stream.JsonReader)
APIFileUtils(org.wso2.carbon.apimgt.core.util.APIFileUtils)
ArrayList(java.util.ArrayList)
Gson(com.google.gson.Gson)
ApiDAO(org.wso2.carbon.apimgt.core.dao.ApiDAO)
Map(java.util.Map)
CompositeAPI(org.wso2.carbon.apimgt.core.models.CompositeAPI)
Endpoint(org.wso2.carbon.apimgt.core.models.Endpoint)
APIMgtConstants(org.wso2.carbon.apimgt.core.util.APIMgtConstants)
Logger(org.slf4j.Logger)
API(org.wso2.carbon.apimgt.core.models.API)
Set(java.util.Set)
ExceptionCodes(org.wso2.carbon.apimgt.core.exception.ExceptionCodes)
IOException(java.io.IOException)
FileInputStream(java.io.FileInputStream)
InputStreamReader(java.io.InputStreamReader)
File(java.io.File)
StandardCharsets(java.nio.charset.StandardCharsets)
Comment(org.wso2.carbon.apimgt.core.models.Comment)
Objects(java.util.Objects)
List(java.util.List)
APIMgtDAOException(org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)
FileApi(org.wso2.carbon.apimgt.core.models.FileApi)
DocumentInfo(org.wso2.carbon.apimgt.core.models.DocumentInfo)
UriTemplate(org.wso2.carbon.apimgt.core.models.UriTemplate)
InputStream(java.io.InputStream)
FilenameFilter(java.io.FilenameFilter)
ArrayList(java.util.ArrayList)
Objects(java.util.Objects)
CompositeAPI(org.wso2.carbon.apimgt.core.models.CompositeAPI)
API(org.wso2.carbon.apimgt.core.models.API)
File(java.io.File)
Aggregations
ArrayList (java.util.ArrayList)72
HashMap (java.util.HashMap)60
Test (org.testng.annotations.Test)36
UserStoreException (org.wso2.carbon.user.api.UserStoreException)36
SQLException (java.sql.SQLException)27
HashSet (java.util.HashSet)26
Map (java.util.Map)25
Connection (java.sql.Connection)23
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)23
PreparedStatement (java.sql.PreparedStatement)21
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)20
APIMgtDAOException (org.wso2.carbon.apimgt.core.exception.APIMgtDAOException)18
JSONObject (org.json.simple.JSONObject)17
RoleBasicInfo (org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo)16
UserStoreManager (org.wso2.carbon.user.api.UserStoreManager)16
RealmService (org.wso2.carbon.user.core.service.RealmService)15
API (org.wso2.carbon.apimgt.core.models.API)14
RoleMapping (org.wso2.carbon.identity.application.common.model.RoleMapping)14
ApiDAO (org.wso2.carbon.apimgt.core.dao.ApiDAO)13
UserStoreException (org.wso2.carbon.user.core.UserStoreException)13
