Example 21 with IdentityRoleManagementClientException
use of org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException in project carbon-identity-framework by wso2.
the class RoleDAOImpl method getRoleNameByID.
@Override
public String getRoleNameByID(String roleID, String tenantDomain) throws IdentityRoleManagementException {
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
String roleName = null;
try (Connection connection = IdentityDatabaseUtil.getDBConnection(false)) {
try (NamedPreparedStatement statement = new NamedPreparedStatement(connection, GET_ROLE_NAME_BY_ID_SQL)) {
statement.setInt(RoleConstants.RoleTableColumns.TENANT_ID, tenantId);
statement.setString(RoleConstants.RoleTableColumns.ATTR_NAME, RoleConstants.ID_URI);
statement.setString(RoleConstants.RoleTableColumns.ATTR_VALUE, roleID);
int count = 0;
try (ResultSet resultSet = statement.executeQuery()) {
while (resultSet.next()) {
// Handle multiple matching roles.
count++;
if (count > 1) {
String message = "Invalid scenario. Multiple roles found for the given role ID: " + roleID + " and " + "tenantDomain: " + tenantDomain;
log.warn(message);
}
roleName = resultSet.getString(1);
}
}
}
} catch (SQLException e) {
String errorMessage = "Error while resolving the role name for the given role ID: " + roleID + " and tenantDomain: " + tenantDomain;
throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), errorMessage, e);
}
if (roleName == null) {
String errorMessage = "A role doesn't exist with id: " + roleID + " in the tenantDomain: " + tenantDomain;
throw new IdentityRoleManagementClientException(ROLE_NOT_FOUND.getCode(), errorMessage);
}
return removeInternalDomain(roleName);
}
Also used :
NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)
SQLException(java.sql.SQLException)
IdentityRoleManagementServerException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementServerException)
Connection(java.sql.Connection)
ResultSet(java.sql.ResultSet)
IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)
Example 22 with IdentityRoleManagementClientException
use of org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException in project carbon-identity-framework by wso2.
the class RoleDAOImpl method updateRoleName.
@Override
public RoleBasicInfo updateRoleName(String roleID, String newRoleName, String tenantDomain) throws IdentityRoleManagementException {
String roleName = getRoleNameByID(roleID, tenantDomain);
if (systemRoles.contains(roleName)) {
throw new IdentityRoleManagementClientException(OPERATION_FORBIDDEN.getCode(), "Invalid operation. Role: " + roleName + " Cannot be renamed since it's a read only system role.");
}
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
if (!isExistingRoleID(roleID, tenantDomain)) {
throw new IdentityRoleManagementClientException(ROLE_NOT_FOUND.getCode(), "Role id: " + roleID + " does not exist in the system.");
}
if (!StringUtils.equalsIgnoreCase(roleName, newRoleName) && isExistingRoleName(newRoleName, tenantDomain)) {
throw new IdentityRoleManagementClientException(ROLE_ALREADY_EXISTS.getCode(), "Role name: " + newRoleName + " is already there in the system. Please pick another role name.");
}
if (log.isDebugEnabled()) {
log.debug("Updating the roleName: " + roleName + " to :" + newRoleName + " in the tenantDomain: " + tenantDomain);
}
try (Connection connection = IdentityDatabaseUtil.getUserDBConnection(true)) {
try {
try (NamedPreparedStatement statement = new NamedPreparedStatement(connection, UPDATE_ROLE_NAME_SQL, RoleTableColumns.UM_ID)) {
statement.setString(RoleTableColumns.NEW_UM_ROLE_NAME, newRoleName);
statement.setString(RoleTableColumns.UM_ROLE_NAME, roleName);
statement.setInt(RoleTableColumns.UM_TENANT_ID, tenantId);
statement.executeUpdate();
}
// Update the role name in IDN_SCIM_GROUP table.
updateSCIMRoleName(roleName, newRoleName, tenantDomain);
/* UM_ROLE_PERMISSION Table, roles are associated with Domain ID.
At this moment Role name doesn't contain the Domain prefix.
resetPermissionOnUpdateRole() expects domain qualified name.
Hence we add the "Internal" Domain name explicitly here. */
if (!roleName.contains(UserCoreConstants.DOMAIN_SEPARATOR)) {
roleName = UserCoreUtil.addDomainToName(roleName, UserCoreConstants.INTERNAL_DOMAIN);
}
if (!newRoleName.contains(UserCoreConstants.DOMAIN_SEPARATOR)) {
newRoleName = UserCoreUtil.addDomainToName(newRoleName, UserCoreConstants.INTERNAL_DOMAIN);
}
// Reset role authorization.
try {
UserRealm userRealm = CarbonContext.getThreadLocalCarbonContext().getUserRealm();
userRealm.getAuthorizationManager().resetPermissionOnUpdateRole(roleName, newRoleName);
} catch (UserStoreException e) {
throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), "Error while getting the authorizationManager.", e);
}
IdentityDatabaseUtil.commitUserDBTransaction(connection);
} catch (SQLException | IdentityRoleManagementException e) {
IdentityDatabaseUtil.rollbackUserDBTransaction(connection);
String message = "Error while updating the role name: %s in the tenantDomain: %s";
throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), String.format(message, roleName, tenantDomain), e);
}
} catch (SQLException e) {
String message = "Error while updating the role name: %s in the tenantDomain: %s";
throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), String.format(message, roleName, tenantDomain), e);
}
clearUserRolesCacheByTenant(tenantId);
return new RoleBasicInfo(roleID, newRoleName);
}
Also used :
NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)
UserRealm(org.wso2.carbon.user.api.UserRealm)
SQLException(java.sql.SQLException)
IdentityRoleManagementServerException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementServerException)
Connection(java.sql.Connection)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)
IdentityRoleManagementException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException)
RoleBasicInfo(org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo)
Example 23 with IdentityRoleManagementClientException
use of org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException in project carbon-identity-framework by wso2.
the class GroupDAOImpl method getGroupNameByID.
@Override
public String getGroupNameByID(String id, String tenantDomain) throws IdentityRoleManagementException {
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
String groupName = null;
try (Connection connection = IdentityDatabaseUtil.getDBConnection(false)) {
try (NamedPreparedStatement statement = new NamedPreparedStatement(connection, GET_GROUP_NAME_BY_ID_SQL)) {
statement.setInt(RoleConstants.RoleTableColumns.TENANT_ID, tenantId);
statement.setString(RoleConstants.RoleTableColumns.ATTR_NAME, RoleConstants.ID_URI);
statement.setString(RoleConstants.RoleTableColumns.ATTR_VALUE, id);
int count = 0;
try (ResultSet resultSet = statement.executeQuery()) {
while (resultSet.next()) {
// Handle multiple matching groups.
count++;
if (count > 1) {
String errorMessage = "Invalid scenario. Multiple groups found for the given group ID: " + id + " and " + "tenantDomain: " + tenantDomain;
throw new IdentityRoleManagementClientException(INVALID_REQUEST.getCode(), errorMessage);
}
groupName = resultSet.getString(1);
}
}
}
} catch (SQLException e) {
String errorMessage = "Error while resolving the group name for the given group ID: " + id + " and tenantDomain: " + tenantDomain;
throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), errorMessage, e);
}
return groupName;
}
Also used :
NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)
SQLException(java.sql.SQLException)
IdentityRoleManagementServerException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementServerException)
Connection(java.sql.Connection)
ResultSet(java.sql.ResultSet)
IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)
Example 24 with IdentityRoleManagementClientException
use of org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException in project carbon-identity-framework by wso2.
the class GroupDAOImpl method batchProcessGroupIDs.
private Map<String, String> batchProcessGroupIDs(List<String> ids, String tenantDomain, Connection connection) throws SQLException, IdentityRoleManagementException {
Map<String, String> groupIdsToNames = new HashMap<>();
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
String groupName;
for (String id : ids) {
try (NamedPreparedStatement statement = new NamedPreparedStatement(connection, GET_GROUP_NAME_BY_ID_SQL)) {
statement.setInt(RoleConstants.RoleTableColumns.TENANT_ID, tenantId);
statement.setString(RoleConstants.RoleTableColumns.ATTR_NAME, RoleConstants.ID_URI);
statement.setString(RoleConstants.RoleTableColumns.ATTR_VALUE, id);
int count = 0;
try (ResultSet resultSet = statement.executeQuery()) {
while (resultSet.next()) {
// Handle multiple matching groups.
count++;
if (count > 1) {
String errorMessage = "Invalid scenario. Multiple groups found for the given group ID: " + id + " and " + "tenantDomain: " + tenantDomain;
throw new IdentityRoleManagementClientException(INVALID_REQUEST.getCode(), errorMessage);
}
groupName = resultSet.getString(1);
groupIdsToNames.put(id, groupName);
}
}
}
}
return groupIdsToNames;
}
Also used :
NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)
HashMap(java.util.HashMap)
ResultSet(java.sql.ResultSet)
IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)
Example 25 with IdentityRoleManagementClientException
use of org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException in project carbon-identity-framework by wso2.
the class GroupIDResolver method getNameByID.
@Override
public String getNameByID(String id, String tenantDomain) throws IdentityRoleManagementException {
GroupDAO groupDAO = RoleMgtDAOFactory.getInstance().getGroupDAO();
String groupName = groupDAO.getGroupNameByID(id, tenantDomain);
if (groupName == null) {
String errorMessage = "A group doesn't exist with id: " + id + " in the tenantDomain: " + tenantDomain;
throw new IdentityRoleManagementClientException(INVALID_REQUEST.getCode(), errorMessage);
}
return groupName;
}
Also used :
GroupDAO(org.wso2.carbon.identity.role.mgt.core.dao.GroupDAO)
IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)
Aggregations
IdentityRoleManagementClientException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)29
IdentityRoleManagementServerException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementServerException)13
NamedPreparedStatement (org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)12
Connection (java.sql.Connection)11
SQLException (java.sql.SQLException)11
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)10
Test (org.testng.annotations.Test)10
ResultSet (java.sql.ResultSet)9
Matchers.anyString (org.mockito.Matchers.anyString)9
RoleBasicInfo (org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo)8
UserRealm (org.wso2.carbon.user.api.UserRealm)5
UserStoreException (org.wso2.carbon.user.api.UserStoreException)5
Role (org.wso2.charon3.core.objects.Role)5
ArrayList (java.util.ArrayList)4
ExpressionNode (org.wso2.charon3.core.utils.codeutils.ExpressionNode)4
Node (org.wso2.charon3.core.utils.codeutils.Node)4
OperationNode (org.wso2.charon3.core.utils.codeutils.OperationNode)4
HashMap (java.util.HashMap)3
IdentityRoleManagementException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException)3
AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)3
