Examples with IdentityMgtServiceException org.wso2.carbon.identity.mgt.IdentityMgtServiceException used on opensource projects

Example 36 with IdentityMgtServiceException

use of org.wso2.carbon.identity.mgt.IdentityMgtServiceException in project carbon-identity-framework by wso2.

the class UserIdentityManagementAdminService method enableUserAccount.

/**
 * Admin enables the user account.
 *
 * @param userName
 * @throws IdentityMgtServiceException
 */
public void enableUserAccount(String userName, String notificationType) throws IdentityMgtServiceException {
    try {
        UserStoreManager userStoreManager = getUserStore(userName);
        String userNameWithoutDomain = UserCoreUtil.removeDomainFromName(userName);
        UserIdentityManagementUtil.enableUserAccount(userNameWithoutDomain, userStoreManager);
        audit.info(String.format(AUDIT_MESSAGE, getUser(), "Enable user account", userName, "Notification type :" + notificationType, SUCCESS));
        int tenantID = userStoreManager.getTenantId();
        String tenantDomain = IdentityMgtServiceComponent.getRealmService().getTenantManager().getDomain(tenantID);
        boolean isNotificationSending = IdentityMgtConfig.getInstance().isAccountEnableNotificationSending();
        if (notificationType != null && isNotificationSending) {
            UserRecoveryDTO dto;
            if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
                dto = new UserRecoveryDTO(userName);
            } else {
                UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(userName, tenantDomain));
                userDTO.setTenantId(tenantID);
                dto = new UserRecoveryDTO(userDTO);
            }
            dto.setNotification(IdentityMgtConstants.Notification.ACCOUNT_ENABLE);
            dto.setNotificationType(notificationType);
            IdentityMgtServiceComponent.getRecoveryProcessor().recoverWithNotification(dto);
            if (log.isDebugEnabled()) {
                log.debug("Account enabled notification is sent in " + notificationType);
            }
        }
    } catch (UserStoreException | IdentityException e) {
        String message = "Error occurred while enabling account for: " + userName;
        log.error(message, e);
        throw new IdentityMgtServiceException(message, e);
    }
}

Example 37 with IdentityMgtServiceException

use of org.wso2.carbon.identity.mgt.IdentityMgtServiceException in project carbon-identity-framework by wso2.

the class UserIdentityManagementAdminService method validateSecurityQuestionDuplicate.

private void validateSecurityQuestionDuplicate(UserChallengesDTO[] challengesDTOs) throws IdentityMgtServiceException {
    Set<String> tmpMap = new HashSet<String>();
    for (int i = 0; i < challengesDTOs.length; i++) {
        UserChallengesDTO userChallengesDTO = challengesDTOs[i];
        if (tmpMap.contains(userChallengesDTO.getId())) {
            String errMsg = "Error while validating user challenges, because these can't be more than one security challenges for one claim uri";
            log.error(errMsg);
            throw new IdentityMgtServiceException(errMsg);
        }
        tmpMap.add(userChallengesDTO.getId());
    }
}

Example 38 with IdentityMgtServiceException

use of org.wso2.carbon.identity.mgt.IdentityMgtServiceException in project carbon-identity-framework by wso2.

the class UserIdentityManagementAdminService method updateUserIdentityClaims.

/**
 * User updates/add account recovery data such as the email address or the
 * phone number etc.
 *
 * @param userIdentityClaims
 * @throws IdentityMgtServiceException
 */
public void updateUserIdentityClaims(UserIdentityClaimDTO[] userIdentityClaims) throws IdentityMgtServiceException {
    String userName = CarbonContext.getThreadLocalCarbonContext().getUsername();
    try {
        UserStoreManager userStoreManager = IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(CarbonContext.getThreadLocalCarbonContext().getTenantId()).getUserStoreManager();
        Map<String, String> claims = new HashMap<String, String>();
        for (UserIdentityClaimDTO dto : userIdentityClaims) {
            if (dto.getClaimUri().contains(UserCoreConstants.ClaimTypeURIs.IDENTITY_CLAIM_URI)) {
                log.warn("WARNING! User " + userName + " tried to alter " + dto.getClaimUri());
                throw IdentityException.error("Updates to the claim " + dto.getClaimUri() + " are not allowed");
            }
            claims.put(dto.getClaimUri(), dto.getClaimValue());
        }
        userStoreManager.setUserClaimValues(userName, claims, null);
    } catch (UserStoreException | IdentityException e) {
        String errorMessage = "Error while updating identity recovery data for : " + userName;
        log.error(errorMessage, e);
        throw new IdentityMgtServiceException(errorMessage, e);
    }
}

Example 39 with IdentityMgtServiceException

use of org.wso2.carbon.identity.mgt.IdentityMgtServiceException in project carbon-identity-framework by wso2.

the class UserIdentityManagementAdminService method lockUserAccount.

/**
 * Admin locks the user account. Only the admin can unlock the account using
 * the {@literal unlockUserAccount} method.
 *
 * @param userName
 * @throws IdentityMgtServiceException
 */
public void lockUserAccount(String userName) throws IdentityMgtServiceException {
    try {
        UserStoreManager userStoreManager = getUserStore(userName);
        String userNameWithoutDomain = UserCoreUtil.removeDomainFromName(userName);
        UserIdentityManagementUtil.lockUserAccount(userNameWithoutDomain, userStoreManager);
        log.info("User account locked: " + userName);
    } catch (UserStoreException | IdentityException e) {
        log.error("Error occurred while trying to lock the account " + userName, e);
        throw new IdentityMgtServiceException("Error occurred while trying to lock the account " + userName, e);
    }
}

Example 40 with IdentityMgtServiceException

use of org.wso2.carbon.identity.mgt.IdentityMgtServiceException in project carbon-identity-framework by wso2.

the class UserIdentityManagementAdminService method getChallengeQuestionsOfUser.

/**
 * get challenges of user
 *
 * @param userName bean class that contains user and tenant Information
 * @return array of challenges  if null, return empty array
 * @throws org.wso2.carbon.identity.mgt.IdentityMgtServiceException if fails
 */
public UserChallengesDTO[] getChallengeQuestionsOfUser(String userName) throws IdentityMgtServiceException {
    int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
    String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    String loggedInName = CarbonContext.getThreadLocalCarbonContext().getUsername();
    if (userName != null && !userName.equals(loggedInName)) {
        AuthorizationManager authzManager = null;
        try {
            authzManager = IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(tenantId).getAuthorizationManager();
        } catch (UserStoreException e) {
            throw new IdentityMgtServiceException("Error occurred while retrieving AuthorizationManager for tenant " + tenantDomain, e);
        }
        boolean isAuthorized = false;
        try {
            isAuthorized = authzManager.isUserAuthorized(loggedInName, "/permission/admin/manage/identity/identitymgt/view", CarbonConstants.UI_PERMISSION_ACTION);
        } catch (UserStoreException e) {
            throw new IdentityMgtServiceException("Error occurred while checking access level for " + "user " + userName + " in tenant " + tenantDomain, e);
        }
        if (!isAuthorized) {
            throw new IdentityMgtServiceException("Unauthorized access!! Possible violation of confidentiality. " + "User " + loggedInName + " trying to get challenge questions for user " + userName);
        }
    } else if (userName == null) {
        userName = loggedInName;
    }
    ChallengeQuestionProcessor processor = IdentityMgtServiceComponent.getRecoveryProcessor().getQuestionProcessor();
    return processor.getChallengeQuestionsOfUser(userName, tenantId, true);
}