Example 16 with IdentityRoleManagementException
use of org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException in project carbon-identity-framework by wso2.
the class RoleManagementServiceImpl method getGroupListOfRole.
@Override
public List<GroupBasicInfo> getGroupListOfRole(String roleID, String tenantDomain) throws IdentityRoleManagementException {
RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
roleManagementEventPublisherProxy.publishPreGetUserListOfRole(roleID, tenantDomain);
List<GroupBasicInfo> groupBasicInfoList = roleDAO.getGroupListOfRole(roleID, tenantDomain);
roleManagementEventPublisherProxy.publishPostGetUserListOfRole(roleID, tenantDomain);
if (log.isDebugEnabled()) {
log.debug(String.format("%s get list of groups of role of id : %s successfully.", getUser(tenantDomain), roleID));
}
return groupBasicInfoList;
}
Also used :
GroupBasicInfo(org.wso2.carbon.identity.role.mgt.core.GroupBasicInfo)
RoleManagementEventPublisherProxy(org.wso2.carbon.identity.role.mgt.core.RoleManagementEventPublisherProxy)
Example 17 with IdentityRoleManagementException
use of org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException in project carbon-identity-framework by wso2.
the class RoleManagementServiceImpl method addRole.
@Override
public RoleBasicInfo addRole(String roleName, List<String> userList, List<String> groupList, List<String> permissions, String tenantDomain) throws IdentityRoleManagementException {
/* Block the role names with the prefix 'system_' as it is used for the special roles created by the system in
order to maintain the backward compatibility. */
if (StringUtils.startsWithIgnoreCase(roleName, UserCoreConstants.INTERNAL_SYSTEM_ROLE_PREFIX)) {
String errorMessage = String.format("Invalid role name: %s. Role names with the prefix: %s, is not allowed" + " to be created from externally in the system.", roleName, UserCoreConstants.INTERNAL_SYSTEM_ROLE_PREFIX);
throw new IdentityRoleManagementClientException(INVALID_REQUEST.getCode(), errorMessage);
}
RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
roleManagementEventPublisherProxy.publishPreAddRole(roleName, userList, groupList, permissions, tenantDomain);
RoleBasicInfo roleBasicInfo = roleDAO.addRole(roleName, userList, groupList, permissions, tenantDomain);
roleManagementEventPublisherProxy.publishPostAddRole(roleName, userList, groupList, permissions, tenantDomain);
if (log.isDebugEnabled()) {
log.debug(String.format("%s add role of name : %s successfully.", getUser(tenantDomain), roleName));
}
audit.info(String.format(auditMessage, getUser(tenantDomain), "Add Role", roleName, getAuditData(tenantDomain), success));
return roleBasicInfo;
}
Also used :
RoleManagementEventPublisherProxy(org.wso2.carbon.identity.role.mgt.core.RoleManagementEventPublisherProxy)
IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)
RoleBasicInfo(org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo)
Example 18 with IdentityRoleManagementException
use of org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException in project carbon-identity-framework by wso2.
the class GroupDAOImpl method getGroupIDByName.
@Override
public String getGroupIDByName(String name, String tenantDomain) throws IdentityRoleManagementException {
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
String groupID = null;
try (Connection connection = IdentityDatabaseUtil.getDBConnection(false)) {
try (NamedPreparedStatement statement = new NamedPreparedStatement(connection, GET_GROUP_ID_BY_NAME_SQL)) {
statement.setInt(RoleConstants.RoleTableColumns.TENANT_ID, tenantId);
statement.setString(RoleConstants.RoleTableColumns.ROLE_NAME, name);
statement.setString(RoleConstants.RoleTableColumns.ATTR_NAME, RoleConstants.ID_URI);
int count = 0;
try (ResultSet resultSet = statement.executeQuery()) {
while (resultSet.next()) {
// Handle multiple matching groups.
count++;
if (count > 1) {
String errorMessage = "Invalid scenario. Multiple groups found for the given group name: " + name + " " + "and tenantDomain: " + tenantDomain;
throw new IdentityRoleManagementClientException(INVALID_REQUEST.getCode(), errorMessage);
}
groupID = resultSet.getString(1);
}
}
}
} catch (SQLException e) {
String errorMessage = "Error while resolving the group ID for the given group name: " + name + " and tenantDomain: " + tenantDomain;
throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), errorMessage, e);
}
return groupID;
}
Also used :
NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)
SQLException(java.sql.SQLException)
IdentityRoleManagementServerException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementServerException)
Connection(java.sql.Connection)
ResultSet(java.sql.ResultSet)
IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)
Example 19 with IdentityRoleManagementException
use of org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException in project carbon-identity-framework by wso2.
the class GroupDAOImpl method batchProcessGroupNames.
private Map<String, String> batchProcessGroupNames(List<String> names, String tenantDomain, Connection connection) throws SQLException, IdentityRoleManagementException {
Map<String, String> groupNamesToIDs = new HashMap<>();
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
String groupID;
for (String name : names) {
try (NamedPreparedStatement statement = new NamedPreparedStatement(connection, GET_GROUP_ID_BY_NAME_SQL)) {
statement.setInt(RoleConstants.RoleTableColumns.TENANT_ID, tenantId);
statement.setString(RoleConstants.RoleTableColumns.ROLE_NAME, name);
statement.setString(RoleConstants.RoleTableColumns.ATTR_NAME, RoleConstants.ID_URI);
int count = 0;
try (ResultSet resultSet = statement.executeQuery()) {
while (resultSet.next()) {
// Handle multiple matching groups.
count++;
if (count > 1) {
String errorMessage = "Invalid scenario. Multiple groups found for the given group name: " + name + " " + "and tenantDomain: " + tenantDomain;
throw new IdentityRoleManagementClientException(INVALID_REQUEST.getCode(), errorMessage);
}
groupID = resultSet.getString(1);
groupNamesToIDs.put(name, groupID);
}
}
}
}
return groupNamesToIDs;
}
Also used :
NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)
HashMap(java.util.HashMap)
ResultSet(java.sql.ResultSet)
IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)
Example 20 with IdentityRoleManagementException
use of org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException in project carbon-identity-framework by wso2.
the class RoleDAOImpl method addRole.
@Override
public RoleBasicInfo addRole(String roleName, List<String> userList, List<String> groupList, List<String> permissions, String tenantDomain) throws IdentityRoleManagementException {
int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
if (log.isDebugEnabled()) {
log.debug("Creating the role: " + roleName + " in the tenantDomain: " + tenantDomain);
}
String primaryDomainName = IdentityUtil.getPrimaryDomainName();
if (primaryDomainName != null) {
primaryDomainName = primaryDomainName.toUpperCase(Locale.ENGLISH);
}
// Remove internal domain before persisting in order to maintain the backward compatibility.
roleName = removeInternalDomain(roleName);
String roleID;
if (!isExistingRoleName(roleName, tenantDomain)) {
try (Connection connection = IdentityDatabaseUtil.getUserDBConnection(true)) {
try {
try (NamedPreparedStatement statement = new NamedPreparedStatement(connection, ADD_ROLE_SQL, RoleTableColumns.UM_ID)) {
statement.setString(RoleTableColumns.UM_ROLE_NAME, roleName);
statement.setInt(RoleTableColumns.UM_TENANT_ID, tenantId);
statement.executeUpdate();
}
String databaseProductName = connection.getMetaData().getDatabaseProductName();
// Add users to the created role.
if (CollectionUtils.isNotEmpty(userList)) {
List<String> userNamesList = getUserNamesByIDs(userList, tenantDomain);
String addUsersSQL = ADD_USER_TO_ROLE_SQL;
if (MICROSOFT.equals(databaseProductName)) {
addUsersSQL = ADD_USER_TO_ROLE_SQL_MSSQL;
}
processBatchUpdateForUsers(roleName, userNamesList, tenantId, primaryDomainName, connection, addUsersSQL);
for (String username : userNamesList) {
clearUserRolesCache(username, tenantId);
}
}
// Add groups to the created role.
if (CollectionUtils.isNotEmpty(groupList)) {
Map<String, String> groupIdsToNames = getGroupNamesByIDs(groupList, tenantDomain);
List<String> groupNamesList = new ArrayList<>(groupIdsToNames.values());
String addGroupsSQL = ADD_GROUP_TO_ROLE_SQL;
if (MICROSOFT.equals(databaseProductName)) {
addGroupsSQL = ADD_GROUP_TO_ROLE_SQL_MSSQL;
}
processBatchUpdateForGroups(roleName, groupNamesList, tenantId, primaryDomainName, connection, addGroupsSQL);
}
// Add role ID.
roleID = addRoleID(roleName, tenantDomain);
// Add role permissions.
if (CollectionUtils.isNotEmpty(permissions)) {
setPermissions(roleID, permissions, tenantDomain, roleName);
}
IdentityDatabaseUtil.commitUserDBTransaction(connection);
} catch (SQLException | IdentityRoleManagementException e) {
IdentityDatabaseUtil.rollbackTransaction(connection);
String errorMessage = "Error while creating the role: %s in the tenantDomain: %s";
throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), String.format(errorMessage, roleName, tenantDomain), e);
}
} catch (SQLException e) {
String errorMessage = "Error while creating the role: %s in the tenantDomain: %s";
throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), String.format(errorMessage, roleName, tenantDomain), e);
}
} else {
throw new IdentityRoleManagementClientException(ROLE_ALREADY_EXISTS.getCode(), "Role already exist for the role name: " + roleName);
}
return new RoleBasicInfo(roleID, roleName);
}
Also used :
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
ArrayList(java.util.ArrayList)
NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)
IdentityRoleManagementServerException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementServerException)
IdentityRoleManagementException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException)
IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)
RoleBasicInfo(org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo)
Aggregations
IdentityRoleManagementClientException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)29
IdentityRoleManagementServerException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementServerException)23
RoleBasicInfo (org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo)22
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)20
Test (org.testng.annotations.Test)20
NamedPreparedStatement (org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)20
Connection (java.sql.Connection)19
SQLException (java.sql.SQLException)19
Matchers.anyString (org.mockito.Matchers.anyString)14
IdentityRoleManagementException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException)14
Role (org.wso2.charon3.core.objects.Role)13
ResultSet (java.sql.ResultSet)12
RoleManagementEventPublisherProxy (org.wso2.carbon.identity.role.mgt.core.RoleManagementEventPublisherProxy)11
ArrayList (java.util.ArrayList)9
CharonException (org.wso2.charon3.core.exceptions.CharonException)8
ExpressionNode (org.wso2.charon3.core.utils.codeutils.ExpressionNode)8
Node (org.wso2.charon3.core.utils.codeutils.Node)8
OperationNode (org.wso2.charon3.core.utils.codeutils.OperationNode)8
UserStoreException (org.wso2.carbon.user.api.UserStoreException)6
BadRequestException (org.wso2.charon3.core.exceptions.BadRequestException)6
