Examples with RoleBasicInfo org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo used on opensource projects

Example 1 with RoleBasicInfo

use of org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo in project carbon-identity-framework by wso2.

the class RoleDAOImpl method updateUserListOfRole.

@Override
public RoleBasicInfo updateUserListOfRole(String roleID, List<String> newUserIDList, List<String> deletedUserIDList, String tenantDomain) throws IdentityRoleManagementException {
    if (!isExistingRoleID(roleID, tenantDomain)) {
        throw new IdentityRoleManagementClientException(ROLE_NOT_FOUND.getCode(), "Role id: " + roleID + " does not exist in the system.");
    }
    String roleName = getRoleNameByID(roleID, tenantDomain);
    if (CollectionUtils.isEmpty(newUserIDList) && CollectionUtils.isEmpty(deletedUserIDList)) {
        if (log.isDebugEnabled()) {
            log.debug("User lists are empty.");
        }
        return new RoleBasicInfo(roleID, roleName);
    }
    String primaryDomainName = IdentityUtil.getPrimaryDomainName();
    if (primaryDomainName != null) {
        primaryDomainName = primaryDomainName.toUpperCase(Locale.ENGLISH);
    }
    List<String> newUserNamesList = getUserNamesByIDs(newUserIDList, tenantDomain);
    List<String> deletedUserNamesList = getUserNamesByIDs(deletedUserIDList, tenantDomain);
    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    // Validate the user removal operation based on the default system roles.
    validateUserRemovalFromRole(deletedUserNamesList, roleName, tenantDomain);
    try (Connection connection = IdentityDatabaseUtil.getUserDBConnection(true)) {
        try {
            // Add new users to the role.
            String addUsersSQL = ADD_USER_TO_ROLE_SQL;
            String databaseProductName = connection.getMetaData().getDatabaseProductName();
            if (MICROSOFT.equals(databaseProductName)) {
                addUsersSQL = ADD_USER_TO_ROLE_SQL_MSSQL;
            }
            processBatchUpdateForUsers(roleName, newUserNamesList, tenantId, primaryDomainName, connection, addUsersSQL);
            // Delete existing users from the role.
            processBatchUpdateForUsers(roleName, deletedUserNamesList, tenantId, primaryDomainName, connection, REMOVE_USER_FROM_ROLE_SQL);
            IdentityDatabaseUtil.commitUserDBTransaction(connection);
        } catch (SQLException e) {
            IdentityDatabaseUtil.rollbackUserDBTransaction(connection);
            String errorMessage = "Error while updating users to the role: %s in the tenantDomain: %s";
            throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), String.format(errorMessage, roleName, tenantDomain), e);
        }
    } catch (SQLException e) {
        String errorMessage = "Error while updating users to the role: %s in the tenantDomain: %s";
        throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), String.format(errorMessage, roleName, tenantDomain), e);
    }
    if (CollectionUtils.isNotEmpty(deletedUserNamesList)) {
        for (String username : deletedUserNamesList) {
            clearUserRolesCache(username, tenantId);
        }
    }
    if (CollectionUtils.isNotEmpty(newUserNamesList)) {
        for (String username : newUserNamesList) {
            clearUserRolesCache(username, tenantId);
        }
    }
    return new RoleBasicInfo(roleID, roleName);
}

Example 2 with RoleBasicInfo

use of org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo in project carbon-identity-framework by wso2.

the class RoleDAOImpl method buildRolesList.

private List<RoleBasicInfo> buildRolesList(NamedPreparedStatement statement, String tenantDomain) throws SQLException, IdentityRoleManagementException {
    List<RoleBasicInfo> roles = new ArrayList<>();
    List<String> roleNames = new ArrayList<>();
    try (ResultSet resultSet = statement.executeQuery()) {
        while (resultSet.next()) {
            String roleName = resultSet.getString(1);
            roleNames.add(appendInternalDomain(roleName));
        }
    }
    Map<String, String> roleNamesToIDs = getRoleIDsByNames(roleNames, tenantDomain);
    // Filter scim disabled roles.
    roleNames.removeAll(new ArrayList<>(roleNamesToIDs.keySet()));
    // Add roleIDs for scim disabled roles.
    for (String roleName : roleNames) {
        roleNamesToIDs.put(roleName, addRoleID(roleName, tenantDomain));
    }
    roleNamesToIDs.forEach((roleName, roleID) -> roles.add(new RoleBasicInfo(roleID, removeInternalDomain(roleName))));
    return roles;
}

Example 3 with RoleBasicInfo

use of org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo in project carbon-identity-framework by wso2.

the class RoleManagementServiceImpl method updateRoleName.

@Override
public RoleBasicInfo updateRoleName(String roleID, String newRoleName, String tenantDomain) throws IdentityRoleManagementException {
    RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
    roleManagementEventPublisherProxy.publishPreUpdateRoleName(roleID, newRoleName, tenantDomain);
    RoleBasicInfo roleBasicInfo = roleDAO.updateRoleName(roleID, newRoleName, tenantDomain);
    roleManagementEventPublisherProxy.publishPostUpdateRoleName(roleID, newRoleName, tenantDomain);
    if (log.isDebugEnabled()) {
        log.debug(String.format("%s updated role name of role id : %s successfully.", getUser(tenantDomain), roleID));
    }
    audit.info(String.format(auditMessage, getUser(tenantDomain), "Update role name by ID", roleID, getAuditData(tenantDomain, newRoleName), success));
    return roleBasicInfo;
}

Example 4 with RoleBasicInfo

use of org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo in project carbon-identity-framework by wso2.

the class RoleManagementServiceImpl method updateGroupListOfRole.

@Override
public RoleBasicInfo updateGroupListOfRole(String roleID, List<String> newGroupIDList, List<String> deletedGroupIDList, String tenantDomain) throws IdentityRoleManagementException {
    RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
    roleManagementEventPublisherProxy.publishPreUpdateGroupListOfRole(roleID, newGroupIDList, deletedGroupIDList, tenantDomain);
    RoleBasicInfo roleBasicInfo = roleDAO.updateGroupListOfRole(roleID, newGroupIDList, deletedGroupIDList, tenantDomain);
    roleManagementEventPublisherProxy.publishPostUpdateGroupListOfRole(roleID, newGroupIDList, deletedGroupIDList, tenantDomain);
    if (log.isDebugEnabled()) {
        log.debug(String.format("%s updated list of groups of role of id : %s successfully.", getUser(tenantDomain), roleID));
    }
    audit.info(String.format(auditMessage, getUser(tenantDomain), "Update group list of role by id", roleID, getAuditData(tenantDomain), success));
    return roleBasicInfo;
}

Example 5 with RoleBasicInfo

use of org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo in project carbon-identity-framework by wso2.

the class RoleManagementServiceImpl method addRole.

@Override
public RoleBasicInfo addRole(String roleName, List<String> userList, List<String> groupList, List<String> permissions, String tenantDomain) throws IdentityRoleManagementException {
    /* Block the role names with the prefix 'system_' as it is used for the special roles created by the system in
        order to maintain the backward compatibility. */
    if (StringUtils.startsWithIgnoreCase(roleName, UserCoreConstants.INTERNAL_SYSTEM_ROLE_PREFIX)) {
        String errorMessage = String.format("Invalid role name: %s. Role names with the prefix: %s, is not allowed" + " to be created from externally in the system.", roleName, UserCoreConstants.INTERNAL_SYSTEM_ROLE_PREFIX);
        throw new IdentityRoleManagementClientException(INVALID_REQUEST.getCode(), errorMessage);
    }
    RoleManagementEventPublisherProxy roleManagementEventPublisherProxy = RoleManagementEventPublisherProxy.getInstance();
    roleManagementEventPublisherProxy.publishPreAddRole(roleName, userList, groupList, permissions, tenantDomain);
    RoleBasicInfo roleBasicInfo = roleDAO.addRole(roleName, userList, groupList, permissions, tenantDomain);
    roleManagementEventPublisherProxy.publishPostAddRole(roleName, userList, groupList, permissions, tenantDomain);
    if (log.isDebugEnabled()) {
        log.debug(String.format("%s add role of name : %s successfully.", getUser(tenantDomain), roleName));
    }
    audit.info(String.format(auditMessage, getUser(tenantDomain), "Add Role", roleName, getAuditData(tenantDomain), success));
    return roleBasicInfo;
}