Examples with ExpressionNode org.wso2.carbon.identity.core.model.ExpressionNode used on opensource projects

Example 56 with ExpressionNode

use of org.wso2.carbon.identity.core.model.ExpressionNode in project carbon-identity-framework by wso2.

the class IdentityProviderManager method getIdPs.

/**
 * Get basic information of identity providers along with additionally requested information.
 *
 * @param limit              The limit per page.
 * @param offset             The offset value.
 * @param sortOrder          The order of IdP ASC/DESC.
 * @param sortBy             The column value need to sort.
 * @param tenantDomain       The tenant domain of the user.
 * @param requiredAttributes The required attributes which needs to be returned.
 * @param expressionNodes    The list of filters.
 * @return The basic information of identity providers along with requested attributes.
 * @throws IdentityProviderManagementException Server/client related errors when getting list of identity providers.
 */
@Override
public IdpSearchResult getIdPs(Integer limit, Integer offset, String sortOrder, String sortBy, String tenantDomain, List<String> requiredAttributes, List<ExpressionNode> expressionNodes) throws IdentityProviderManagementException {
    IdpSearchResult result = new IdpSearchResult();
    setParameters(limit, offset, null, sortBy, sortBy, result);
    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    result.setTotalIDPCount(dao.getTotalIdPCount(tenantId, expressionNodes));
    result.setIdpList(dao.getPaginatedIdPsSearch(tenantId, expressionNodes, result.getLimit(), result.getOffSet(), result.getSortOrder(), result.getSortBy(), requiredAttributes));
    return result;
}

Example 57 with ExpressionNode

use of org.wso2.carbon.identity.core.model.ExpressionNode in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMRoleManagerTest method generateNodeBasedOnNodeType.

private Node generateNodeBasedOnNodeType(String nodeType, String attributes, String operation) {
    Node rootNode = null;
    if (nodeType != null && nodeType.equals("Expression")) {
        rootNode = new ExpressionNode();
        ((ExpressionNode) rootNode).setOperation(operation);
        ((ExpressionNode) rootNode).setAttributeValue("attributeValue");
        ((ExpressionNode) rootNode).setValue(attributes);
    } else if (nodeType != null && nodeType.equals("Operation")) {
        rootNode = new OperationNode("operation");
    }
    return rootNode;
}

Example 58 with ExpressionNode

use of org.wso2.carbon.identity.core.model.ExpressionNode in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMRoleManager method filterRolesBySingleAttribute.

/**
 * Get the list of roles based on the filter.
 *
 * @param node       Expression node.
 * @param startIndex Starting index.
 * @param count      Number of results required.
 * @param sortBy     SortBy.
 * @param sortOrder  Sorting order.
 * @return Filtered roles.
 * @throws CharonException Error filtering the roles.
 */
private List<Object> filterRolesBySingleAttribute(ExpressionNode node, Integer count, Integer startIndex, String sortBy, String sortOrder) throws CharonException, BadRequestException {
    String attributeName = node.getAttributeValue();
    String filterOperation = node.getOperation();
    String attributeValue = node.getValue();
    if (log.isDebugEnabled()) {
        log.debug("Filtering roles with filter: " + attributeName + " + " + filterOperation + " + " + attributeValue);
    }
    // Check whether the filter operation is supported for filtering in roles.
    if (isFilteringNotSupported(filterOperation)) {
        String errorMessage = "Filter operation: " + filterOperation + " is not supported for role filtering.";
        throw new BadRequestException(errorMessage);
    }
    List<Object> filteredRoles = new ArrayList<>();
    // 0th index is to store total number of results.
    filteredRoles.add(0);
    String searchFilter = getSearchFilter(filterOperation, attributeValue);
    if (log.isDebugEnabled()) {
        log.debug(String.format("Filtering roleNames from search filter: %s", searchFilter));
    }
    List<RoleBasicInfo> roles;
    try {
        roles = roleManagementService.getRoles(searchFilter, count, startIndex, sortBy, sortOrder, tenantDomain);
    } catch (IdentityRoleManagementException e) {
        throw new CharonException(String.format("Error occurred while listing roles based on the search filter: %s", searchFilter), e);
    }
    List<Object> scimRoles = getScimRolesList(roles);
    // Set total number of results to 0th index.
    filteredRoles.set(0, scimRoles.size());
    // Add the results list.
    filteredRoles.addAll(scimRoles);
    return filteredRoles;
}

Example 59 with ExpressionNode

use of org.wso2.carbon.identity.core.model.ExpressionNode in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMUserManager method getCondition.

/**
 * Generate condition tree for given filters.
 *
 * @param node       Filter condition tree.
 * @param attributes User attributes.
 * @return Validated filter condition tree.
 * @throws CharonException
 */
private Condition getCondition(Node node, Map<String, String> attributes) throws CharonException {
    if (node instanceof ExpressionNode) {
        String operation = ((ExpressionNode) node).getOperation();
        String attributeName = ((ExpressionNode) node).getAttributeValue();
        String attributeValue = ((ExpressionNode) node).getValue();
        try {
            /* If primary login identifier feature is enabled, the username uri should be replaced with
                appropriate scim attribute of the primary login identifier claim. */
            if (SCIMConstants.UserSchemaConstants.USER_NAME_URI.equals(attributeName) && isLoginIdentifiersEnabled() && StringUtils.isNotBlank(getPrimaryLoginIdentifierClaim())) {
                attributeName = getScimUriForPrimaryLoginIdentifier(node);
            }
        } catch (org.wso2.carbon.user.core.UserStoreException e) {
            throw new CharonException("Error in retrieving scim to local mappings.", e);
        }
        String conditionOperation;
        String conditionAttributeName;
        if (SCIMCommonConstants.EQ.equals(operation)) {
            conditionOperation = ExpressionOperation.EQ.toString();
        } else if (SCIMCommonConstants.SW.equals(operation)) {
            conditionOperation = ExpressionOperation.SW.toString();
        } else if (SCIMCommonConstants.EW.equals(operation)) {
            conditionOperation = ExpressionOperation.EW.toString();
        } else if (SCIMCommonConstants.CO.equals(operation)) {
            conditionOperation = ExpressionOperation.CO.toString();
        } else if (SCIMCommonConstants.GE.equals(operation)) {
            conditionOperation = ExpressionOperation.GE.toString();
        } else if (SCIMCommonConstants.LE.equals(operation)) {
            conditionOperation = ExpressionOperation.LE.toString();
        } else {
            conditionOperation = operation;
        }
        if (SCIMConstants.UserSchemaConstants.GROUP_URI.equals(attributeName)) {
            conditionAttributeName = ExpressionAttribute.ROLE.toString();
        } else if (SCIMConstants.UserSchemaConstants.USER_NAME_URI.equals(attributeName)) {
            conditionAttributeName = ExpressionAttribute.USERNAME.toString();
        } else if (attributes != null && attributes.get(attributeName) != null) {
            conditionAttributeName = attributes.get(attributeName);
        } else {
            throw new CharonException("Unsupported attribute: " + attributeName);
        }
        return new ExpressionCondition(conditionOperation, conditionAttributeName, attributeValue);
    } else if (node instanceof OperationNode) {
        Condition leftCondition = getCondition(node.getLeftNode(), attributes);
        Condition rightCondition = getCondition(node.getRightNode(), attributes);
        String operation = ((OperationNode) node).getOperation();
        if (OperationalOperation.AND.toString().equalsIgnoreCase(operation)) {
            return new OperationalCondition(OperationalOperation.AND.toString(), leftCondition, rightCondition);
        } else {
            throw new CharonException("Unsupported Operation: " + operation);
        }
    } else {
        throw new CharonException("Unsupported Operation");
    }
}

Example 60 with ExpressionNode

use of org.wso2.carbon.identity.core.model.ExpressionNode in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMUserManager method filterGroupsBySingleAttribute.

/**
 * Filter groups with a single attribute.
 *
 * @param node               Expression node
 * @param startIndex         Starting index
 * @param count              Number of results required
 * @param sortBy             SortBy
 * @param sortOrder          Sorting order
 * @param domainName         Domain to be filtered
 * @param requiredAttributes Required attributes
 * @return Filtered groups
 * @throws CharonException Error in Filtering
 */
private List<Object> filterGroupsBySingleAttribute(ExpressionNode node, int startIndex, int count, String sortBy, String sortOrder, String domainName, Map<String, Boolean> requiredAttributes) throws CharonException, BadRequestException {
    String attributeName = node.getAttributeValue();
    String filterOperation = node.getOperation();
    String attributeValue = node.getValue();
    if (log.isDebugEnabled()) {
        log.debug("Filtering groups with filter: " + attributeName + " + " + filterOperation + " + " + attributeValue);
    }
    // Check whether the filter operation is supported for filtering in groups.
    if (isFilteringNotSupported(filterOperation)) {
        String errorMessage = "Filter operation: " + filterOperation + " is not supported for groups filtering.";
        throw new CharonException(errorMessage);
    }
    // Resolve the domain name in request according to 'FilterUsersAndGroupsOnlyFromPrimaryDomain' or
    // EnableFilteringEnhancements' properties in identity.xml or domain name embedded in the filter attribute
    // value.
    domainName = resolveDomain(domainName, node);
    List<Object> filteredGroups = new ArrayList<>();
    // 0th index is to store total number of results.
    filteredGroups.add(0);
    try {
        List<String> groupsList = new ArrayList<>(getGroupList(node, domainName));
        // Remove roles, if the role and group separation feature is enabled.
        if (carbonUM.isRoleAndGroupSeparationEnabled()) {
            groupsList.removeIf(SCIMCommonUtils::isHybridRole);
        }
        if (groupsList != null) {
            for (String groupName : groupsList) {
                if (groupName != null && carbonUM.isExistingRole(groupName, false)) {
                    // Skip internal roles.
                    if (CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME.equals(groupName) || UserCoreUtil.isEveryoneRole(groupName, carbonUM.getRealmConfiguration())) {
                        continue;
                    }
                    Group group = getRoleWithDefaultAttributes(groupName, requiredAttributes);
                    if (group != null && group.getId() != null) {
                        filteredGroups.add(group);
                    }
                } else {
                    // Returning null will send a resource not found error to client by Charon.
                    filteredGroups.clear();
                    filteredGroups.add(0);
                    return filteredGroups;
                }
            }
        }
    } catch (org.wso2.carbon.user.core.UserStoreException e) {
        String errorMsg = "Error in filtering groups by attribute name : " + attributeName + ", " + "attribute value : " + attributeValue + " and filter operation : " + filterOperation;
        throw resolveError(e, errorMsg);
    } catch (org.wso2.carbon.user.api.UserStoreException e) {
        throw resolveError(e, "Error in filtering group with filter: " + attributeName + " + " + filterOperation + " + " + attributeValue);
    }
    // Set the totalResults value in index 0.
    filteredGroups.set(0, filteredGroups.size() - 1);
    return filteredGroups;
}