Examples with UserIdentityDataStore org.wso2.carbon.identity.mgt.store.UserIdentityDataStore used on opensource projects

Example 6 with UserIdentityDataStore

use of org.wso2.carbon.identity.mgt.store.UserIdentityDataStore in project identity-governance by wso2-extensions.

the class IdentityStoreEventListenerTest method testDoPreGetUserList.

@Test(dataProvider = "getuserlistHandler")
public void testDoPreGetUserList(String claimUri, String claimValue, final List<String> userList, String userStore) throws Exception {
    userStoreManager = mock(UserStoreManager.class);
    realmConfiguration = mock(RealmConfiguration.class);
    userIdentityDataStore = mock(UserIdentityDataStore.class);
    Field fieldIdentityStore = IdentityStoreEventListener.class.getDeclaredField("identityDataStore");
    fieldIdentityStore.setAccessible(true);
    fieldIdentityStore.set(identityStoreEventListener, userIdentityDataStore);
    final List<String> userIds = new ArrayList<>();
    userIds.add("PRIMARY/user1@carbon.super");
    userIds.add("PRIMARY/user2@abc.com");
    doAnswer(new Answer() {

        @Override
        public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
            return userIds;
        }
    }).when(userIdentityDataStore).list(claimUri, claimValue, userStoreManager);
    Mockito.when(userStoreManager.getRealmConfiguration()).thenReturn(realmConfiguration);
    Mockito.when(UserCoreUtil.getDomainName(realmConfiguration)).thenReturn(userStore);
    assertTrue(identityStoreEventListener.doPreGetUserList(claimUri, claimValue, userList, userStoreManager));
}

Example 7 with UserIdentityDataStore

use of org.wso2.carbon.identity.mgt.store.UserIdentityDataStore in project carbon-identity-framework by wso2.

the class IdentityMgtEventListener method doPreSetUserClaimValues.

/**
 * As in the above method the user account lock claim, primary challenges
 * claim will be separately handled. Identity claims will be removed from
 * the claim set before adding claims to the user store.
 */
@Override
public boolean doPreSetUserClaimValues(String userName, Map<String, String> claims, String profileName, UserStoreManager userStoreManager) throws UserStoreException {
    if (!isEnable()) {
        return true;
    }
    IdentityUtil.threadLocalProperties.get().remove(IdentityCoreConstants.USER_ACCOUNT_STATE);
    String accountLocked = claims.get(UserIdentityDataStore.ACCOUNT_LOCK);
    boolean isAccountLocked = false;
    // Following logic is to avoid null value been interpreted as false
    if (StringUtils.isNotEmpty(accountLocked)) {
        isAccountLocked = Boolean.parseBoolean(accountLocked);
    }
    // Top level try and finally blocks are used to unset thread local variables
    try {
        if (!IdentityUtil.threadLocalProperties.get().containsKey(DO_PRE_SET_USER_CLAIM_VALUES)) {
            IdentityUtil.threadLocalProperties.get().put(DO_PRE_SET_USER_CLAIM_VALUES, true);
            IdentityMgtConfig config = IdentityMgtConfig.getInstance();
            UserIdentityDataStore identityDataStore = IdentityMgtConfig.getInstance().getIdentityDataStore();
            UserIdentityClaimsDO identityDTO = identityDataStore.load(userName, userStoreManager);
            if (identityDTO == null) {
                identityDTO = new UserIdentityClaimsDO(userName);
                identityDTO.setTenantId(userStoreManager.getTenantId());
            }
            Boolean wasAccountDisabled = identityDTO.getIsAccountDisabled();
            String accountDisabled = claims.get(UserIdentityDataStore.ACCOUNT_DISABLED);
            boolean isAccountDisabled = false;
            if (StringUtils.isNotEmpty(accountDisabled)) {
                isAccountDisabled = Boolean.parseBoolean(accountDisabled);
            } else {
                isAccountDisabled = wasAccountDisabled;
            }
            if (isAccountLocked) {
                IdentityUtil.threadLocalProperties.get().put(IdentityCoreConstants.USER_ACCOUNT_STATE, UserCoreConstants.ErrorCode.USER_IS_LOCKED);
            } else if (isAccountDisabled) {
                IdentityUtil.threadLocalProperties.get().put(IdentityCoreConstants.USER_ACCOUNT_STATE, IdentityCoreConstants.USER_ACCOUNT_DISABLED_ERROR_CODE);
            } else {
            // do nothing
            }
            // account is already disabled and trying to update the claims without enabling it
            if (wasAccountDisabled && isAccountDisabled) {
                claims.clear();
                log.warn("Trying to update claims of a disabled user account. This is not permitted.");
                throw new UserStoreException("User account is disabled, can't update claims without enabling.");
            }
            Iterator<Entry<String, String>> it = claims.entrySet().iterator();
            while (it.hasNext()) {
                Entry<String, String> claim = it.next();
                if (claim.getKey().contains(UserCoreConstants.ClaimTypeURIs.CHALLENGE_QUESTION_URI) || claim.getKey().contains(UserCoreConstants.ClaimTypeURIs.IDENTITY_CLAIM_URI)) {
                    String key = claim.getKey();
                    String value = claim.getValue();
                    if (UserIdentityDataStore.ACCOUNT_LOCK.equals(key) && (Boolean.TRUE.toString()).equalsIgnoreCase(value)) {
                        identityDTO.getUserDataMap().put(UserIdentityDataStore.ACCOUNT_LOCKED_REASON, IdentityMgtConstants.LockedReason.ADMIN_INITIATED.toString());
                    }
                    identityDTO.setUserIdentityDataClaim(key, value);
                    it.remove();
                }
            }
            // storing the identity claims and security questions
            try {
                identityDataStore.store(identityDTO, userStoreManager);
                int tenantId = userStoreManager.getTenantId();
                String domainName = ((org.wso2.carbon.user.core.UserStoreManager) userStoreManager).getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
                String usernameWithDomain = IdentityUtil.addDomainToName(userName, domainName);
                // case of enabling a disabled user account
                if (wasAccountDisabled && !isAccountDisabled && IdentityMgtConfig.getInstance().isAccountEnableNotificationSending()) {
                    sendEmail(usernameWithDomain, tenantId, IdentityMgtConstants.Notification.ACCOUNT_ENABLE);
                // case of disabling an enabled account
                } else if (!wasAccountDisabled && isAccountDisabled && IdentityMgtConfig.getInstance().isAccountDisableNotificationSending()) {
                    sendEmail(usernameWithDomain, tenantId, IdentityMgtConstants.Notification.ACCOUNT_DISABLE);
                }
            } catch (IdentityException e) {
                throw new UserStoreException("Error while saving user store data for user : " + userName, e);
            }
        }
        return true;
    } finally {
        // Remove thread local variable
        IdentityUtil.threadLocalProperties.get().remove(DO_PRE_SET_USER_CLAIM_VALUES);
    }
}

Example 8 with UserIdentityDataStore

use of org.wso2.carbon.identity.mgt.store.UserIdentityDataStore in project carbon-identity-framework by wso2.

the class IdentityMgtEventListener method doPostGetUserClaimValues.

/**
 * Adding the user identity data to the claims set
 */
@Override
public boolean doPostGetUserClaimValues(String userName, String[] claims, String profileName, Map<String, String> claimMap, UserStoreManager storeManager) throws UserStoreException {
    if (!isEnable()) {
        return true;
    }
    if (claimMap == null) {
        claimMap = new HashMap<String, String>();
    }
    UserIdentityDataStore identityDataStore = IdentityMgtConfig.getInstance().getIdentityDataStore();
    // check if there are identity claims
    boolean containsIdentityClaims = false;
    for (String claim : claims) {
        if (claim.contains(UserCoreConstants.ClaimTypeURIs.CHALLENGE_QUESTION_URI) || claim.contains(UserCoreConstants.ClaimTypeURIs.IDENTITY_CLAIM_URI)) {
            containsIdentityClaims = true;
            break;
        }
    }
    // if there are no identity claims, let it go
    if (!containsIdentityClaims) {
        return true;
    }
    // there is/are identity claim/s . load the dto
    UserIdentityClaimsDO identityDTO = identityDataStore.load(userName, storeManager);
    // if no user identity data found, just continue
    if (identityDTO == null) {
        return true;
    }
    // data found, add the values for security questions and identity claims
    for (String claim : claims) {
        if (identityDTO.getUserDataMap().containsKey(claim)) {
            claimMap.put(claim, identityDTO.getUserDataMap().get(claim));
        }
    }
    return true;
}

Example 9 with UserIdentityDataStore

use of org.wso2.carbon.identity.mgt.store.UserIdentityDataStore in project carbon-identity-framework by wso2.

the class UserIdentityManagementUtil method enableUserAccount.

/**
 * Enable the user account
 *
 * @param userName
 * @param userStoreManager
 * @throws IdentityException
 */
public static void enableUserAccount(String userName, UserStoreManager userStoreManager) throws IdentityException {
    if (!isIdentityMgtListenerEnable()) {
        throw IdentityException.error("Cannot enable account, IdentityMgtEventListener is not enabled.");
    }
    String domainName = ((org.wso2.carbon.user.core.UserStoreManager) userStoreManager).getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_DOMAIN_NAME);
    userName = UserCoreUtil.addDomainToName(userName, domainName);
    try {
        if (!userStoreManager.isExistingUser(userName)) {
            log.error("User " + userName + " does not exist in tenant " + userStoreManager.getTenantId());
            throw IdentityException.error("No user account found for user " + userName + "to enable");
        }
    } catch (UserStoreException e) {
        log.error("Error while reading user identity data", e);
        throw IdentityException.error("Error while enabling user account " + userName);
    }
    UserIdentityDataStore store = IdentityMgtConfig.getInstance().getIdentityDataStore();
    UserIdentityClaimsDO userIdentityDO = store.load(UserCoreUtil.removeDomainFromName(userName), userStoreManager);
    if (userIdentityDO != null) {
        userIdentityDO.setAccountDisabled(false);
        store.store(userIdentityDO, userStoreManager);
    } else {
        throw IdentityException.error("No user account found for user " + userName);
    }
}

Example 10 with UserIdentityDataStore

use of org.wso2.carbon.identity.mgt.store.UserIdentityDataStore in project carbon-identity-framework by wso2.

the class UserIdentityManagementUtil method updateUserSecurityQuestions.

// ---- Util methods for authenticated users ----///
/**
 * Update security questions of the logged in user.
 *
 * @param securityQuestion
 * @param userStoreManager
 * @throws IdentityException
 */
public static void updateUserSecurityQuestions(String userName, UserIdentityClaimDTO[] securityQuestion, UserStoreManager userStoreManager) throws IdentityException {
    UserIdentityDataStore store = IdentityMgtConfig.getInstance().getIdentityDataStore();
    UserIdentityClaimsDO userIdentityDO = store.load(userName, userStoreManager);
    if (userIdentityDO != null) {
        userIdentityDO.updateUserSequeiryQuestions(securityQuestion);
        store.store(userIdentityDO, userStoreManager);
    } else {
        throw IdentityException.error("No user account found for user " + userName);
    }
}