Search in sources :

Example 21 with RoleBasicInfo

use of org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo in project carbon-identity-framework by wso2.

the class RoleDAOTest method testDeleteGroup.

@Test
public void testDeleteGroup() throws Exception {
    try (Connection connection1 = DAOUtils.getConnection(DB_NAME);
        Connection connection2 = DAOUtils.getConnection(DB_NAME);
        Connection connection3 = DAOUtils.getConnection(DB_NAME);
        Connection connection4 = DAOUtils.getConnection(DB_NAME);
        Connection connection5 = DAOUtils.getConnection(DB_NAME);
        Connection connection6 = DAOUtils.getConnection(DB_NAME);
        Connection connection7 = DAOUtils.getConnection(DB_NAME)) {
        roleDAO = spy(RoleMgtDAOFactory.getInstance().getRoleDAO());
        mockCacheClearing();
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection1);
        when(IdentityDatabaseUtil.getDBConnection(anyBoolean())).thenReturn(connection2);
        RoleBasicInfo role = addRole("role1");
        doReturn(true).when(roleDAO, "isExistingRoleName", anyString(), anyString());
        doCallRealMethod().when(roleDAO, "updateGroupListOfRole", anyString(), anyCollection(), anyCollection(), anyString());
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection3);
        when(IdentityDatabaseUtil.getDBConnection(anyBoolean())).thenReturn(connection4);
        mockStatic(IdentityUtil.class);
        when(IdentityUtil.getPrimaryDomainName()).thenReturn("PRIMARY");
        doReturn(groupNamesMap).when(roleDAO, "getGroupNamesByIDs", eq(groupIDsList), anyString());
        roleDAO.updateGroupListOfRole(role.getId(), groupIDsList, null, SAMPLE_TENANT_DOMAIN);
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection5);
        doReturn("group1").when(roleDAO, "getGroupNameByID", anyString(), anyString());
        roleDAO.deleteGroup("groupID1", SAMPLE_TENANT_DOMAIN);
        groupNamesMap.remove("group1");
        mockRealmConfiguration();
        mockStatic(UserCoreUtil.class);
        when(UserCoreUtil.isEveryoneRole(anyString(), any(RealmConfiguration.class))).thenReturn(false);
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection6);
        when(IdentityDatabaseUtil.getDBConnection(anyBoolean())).thenReturn(connection7);
        doCallRealMethod().when(UserCoreUtil.class, "addDomainToName", anyString(), anyString());
        List<GroupBasicInfo> groups = roleDAO.getGroupListOfRole(role.getId(), SAMPLE_TENANT_DOMAIN);
        assertEquals(getGroupNamesList(groups), groupNamesList);
    }
}
Also used : RealmConfiguration(org.wso2.carbon.user.api.RealmConfiguration) GroupBasicInfo(org.wso2.carbon.identity.role.mgt.core.GroupBasicInfo) Connection(java.sql.Connection) RoleBasicInfo(org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 22 with RoleBasicInfo

use of org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo in project carbon-identity-framework by wso2.

the class RoleDAOTest method testGetRoles1.

@Test
public void testGetRoles1() throws Exception {
    try (Connection connection1 = DAOUtils.getConnection(DB_NAME);
        Connection connection2 = DAOUtils.getConnection(DB_NAME);
        Connection connection3 = DAOUtils.getConnection(DB_NAME);
        Connection connection4 = DAOUtils.getConnection(DB_NAME);
        Connection connection5 = DAOUtils.getConnection(DB_NAME);
        Connection connection6 = DAOUtils.getConnection(DB_NAME);
        Connection connection7 = DAOUtils.getConnection(DB_NAME);
        Connection connection8 = DAOUtils.getConnection(DB_NAME)) {
        roleDAO = spy(RoleMgtDAOFactory.getInstance().getRoleDAO());
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection1);
        when(IdentityDatabaseUtil.getDBConnection(anyBoolean())).thenReturn(connection2);
        addRole("role1");
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection3);
        when(IdentityDatabaseUtil.getDBConnection(anyBoolean())).thenReturn(connection4);
        addRole("role2");
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection5);
        when(IdentityDatabaseUtil.getDBConnection(anyBoolean())).thenReturn(connection6);
        addRole("role3");
        List<String> expectedRoles = new ArrayList<>();
        expectedRoles.add("role2");
        expectedRoles.add("role3");
        mockRealmConfiguration();
        mockStatic(UserCoreUtil.class);
        when(UserCoreUtil.isEveryoneRole(anyString(), any(RealmConfiguration.class))).thenReturn(false);
        when(IdentityUtil.getDefaultItemsPerPage()).thenReturn(IdentityCoreConstants.DEFAULT_ITEMS_PRE_PAGE);
        when(IdentityUtil.getMaximumItemPerPage()).thenReturn(IdentityCoreConstants.DEFAULT_MAXIMUM_ITEMS_PRE_PAGE);
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection7);
        when(IdentityDatabaseUtil.getDBConnection(anyBoolean())).thenReturn(connection8);
        doCallRealMethod().when(IdentityUtil.class, "extractDomainFromName", anyString());
        doCallRealMethod().when(UserCoreUtil.class, "removeDomainFromName", anyString());
        List<RoleBasicInfo> roles = roleDAO.getRoles(2, 1, null, null, SAMPLE_TENANT_DOMAIN);
        assertEquals(getRoleNamesList(roles), expectedRoles);
    }
}
Also used : RealmConfiguration(org.wso2.carbon.user.api.RealmConfiguration) Connection(java.sql.Connection) ArrayList(java.util.ArrayList) Matchers.anyString(org.mockito.Matchers.anyString) RoleBasicInfo(org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 23 with RoleBasicInfo

use of org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo in project carbon-identity-framework by wso2.

the class RoleDAOTest method testDeleteRole.

@Test
public void testDeleteRole() throws Exception {
    try (Connection connection1 = DAOUtils.getConnection(DB_NAME);
        Connection connection2 = DAOUtils.getConnection(DB_NAME);
        Connection connection3 = DAOUtils.getConnection(DB_NAME);
        Connection connection4 = DAOUtils.getConnection(DB_NAME);
        Connection connection5 = DAOUtils.getConnection(DB_NAME);
        Connection connection6 = DAOUtils.getConnection(DB_NAME)) {
        roleDAO = spy(RoleMgtDAOFactory.getInstance().getRoleDAO());
        mockCacheClearing();
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection1);
        when(IdentityDatabaseUtil.getDBConnection(anyBoolean())).thenReturn(connection2);
        RoleBasicInfo role = addRole("role1");
        mockRealmConfiguration();
        mockStatic(UserCoreUtil.class);
        when(UserCoreUtil.isEveryoneRole(anyString(), any(RealmConfiguration.class))).thenReturn(false);
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection3);
        when(IdentityDatabaseUtil.getDBConnection(anyBoolean())).thenReturn(connection4);
        AuthorizationManager authorizationManager = mock(JDBCAuthorizationManager.class);
        when(mockUserRealm.getAuthorizationManager()).thenReturn(authorizationManager);
        doNothing().when(authorizationManager).clearRoleAuthorization(anyString());
        roleDAO.deleteRole(role.getId(), SAMPLE_TENANT_DOMAIN);
        when(IdentityDatabaseUtil.getUserDBConnection(anyBoolean())).thenReturn(connection5);
        doCallRealMethod().when(roleDAO, "isExistingRoleName", anyString(), anyString());
        assertFalse(roleDAO.isExistingRoleName("role1", SAMPLE_TENANT_DOMAIN));
        when(IdentityDatabaseUtil.getDBConnection(anyBoolean())).thenReturn(connection6);
        doCallRealMethod().when(roleDAO, "isExistingRoleID", anyString(), anyString());
        assertFalse(roleDAO.isExistingRoleID(role.getId(), SAMPLE_TENANT_DOMAIN));
    }
}
Also used : RealmConfiguration(org.wso2.carbon.user.api.RealmConfiguration) Connection(java.sql.Connection) AuthorizationManager(org.wso2.carbon.user.api.AuthorizationManager) JDBCAuthorizationManager(org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager) RoleBasicInfo(org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 24 with RoleBasicInfo

use of org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo in project carbon-identity-framework by wso2.

the class RoleDAOImpl method updateGroupListOfRole.

@Override
public RoleBasicInfo updateGroupListOfRole(String roleID, List<String> newGroupIDList, List<String> deletedGroupIDList, String tenantDomain) throws IdentityRoleManagementException {
    if (!isExistingRoleID(roleID, tenantDomain)) {
        throw new IdentityRoleManagementClientException(ROLE_NOT_FOUND.getCode(), "Role id: " + roleID + " does not exist in the system.");
    }
    String roleName = getRoleNameByID(roleID, tenantDomain);
    // Validate the group removal operation based on the default system roles.
    validateGroupRemovalFromRole(deletedGroupIDList, roleName, tenantDomain);
    if (CollectionUtils.isEmpty(newGroupIDList) && CollectionUtils.isEmpty(deletedGroupIDList)) {
        if (log.isDebugEnabled()) {
            log.debug("Group lists are empty.");
        }
        return new RoleBasicInfo(roleID, roleName);
    }
    String primaryDomainName = IdentityUtil.getPrimaryDomainName();
    if (primaryDomainName != null) {
        primaryDomainName = primaryDomainName.toUpperCase(Locale.ENGLISH);
    }
    // Resolve group names from group IDs.
    Map<String, String> newGroupIdsToNames = getGroupNamesByIDs(newGroupIDList, tenantDomain);
    List<String> newGroupNamesList = new ArrayList<>(newGroupIdsToNames.values());
    Map<String, String> deletedGroupIdsToNames = getGroupNamesByIDs(deletedGroupIDList, tenantDomain);
    List<String> deletedGroupNamesList = new ArrayList<>(deletedGroupIdsToNames.values());
    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    try (Connection connection = IdentityDatabaseUtil.getUserDBConnection(true)) {
        try {
            // Add new groups to the role.
            String addGroupsSQL = ADD_GROUP_TO_ROLE_SQL;
            String databaseProductName = connection.getMetaData().getDatabaseProductName();
            if (MICROSOFT.equals(databaseProductName)) {
                addGroupsSQL = ADD_GROUP_TO_ROLE_SQL_MSSQL;
            }
            processBatchUpdateForGroups(roleName, newGroupNamesList, tenantId, primaryDomainName, connection, addGroupsSQL);
            // Delete existing groups from the role.
            processBatchUpdateForGroups(roleName, deletedGroupNamesList, tenantId, primaryDomainName, connection, REMOVE_GROUP_FROM_ROLE_SQL);
            IdentityDatabaseUtil.commitUserDBTransaction(connection);
        } catch (SQLException e) {
            IdentityDatabaseUtil.rollbackUserDBTransaction(connection);
            String errorMessage = "Error while updating groups to the role: %s in the tenantDomain: %s";
            throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), String.format(errorMessage, roleName, tenantDomain), e);
        }
    } catch (SQLException e) {
        String errorMessage = "Error while updating groups to the role: %s in the tenantDomain: %s";
        throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), String.format(errorMessage, roleName, tenantDomain), e);
    }
    clearUserRolesCacheByTenant(tenantId);
    return new RoleBasicInfo(roleID, roleName);
}
Also used : SQLException(java.sql.SQLException) IdentityRoleManagementServerException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementServerException) ArrayList(java.util.ArrayList) Connection(java.sql.Connection) IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException) RoleBasicInfo(org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo)

Example 25 with RoleBasicInfo

use of org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo in project carbon-identity-framework by wso2.

the class RoleDAOImpl method updateRoleName.

@Override
public RoleBasicInfo updateRoleName(String roleID, String newRoleName, String tenantDomain) throws IdentityRoleManagementException {
    String roleName = getRoleNameByID(roleID, tenantDomain);
    if (systemRoles.contains(roleName)) {
        throw new IdentityRoleManagementClientException(OPERATION_FORBIDDEN.getCode(), "Invalid operation. Role: " + roleName + " Cannot be renamed since it's a read only system role.");
    }
    int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
    if (!isExistingRoleID(roleID, tenantDomain)) {
        throw new IdentityRoleManagementClientException(ROLE_NOT_FOUND.getCode(), "Role id: " + roleID + " does not exist in the system.");
    }
    if (!StringUtils.equalsIgnoreCase(roleName, newRoleName) && isExistingRoleName(newRoleName, tenantDomain)) {
        throw new IdentityRoleManagementClientException(ROLE_ALREADY_EXISTS.getCode(), "Role name: " + newRoleName + " is already there in the system. Please pick another role name.");
    }
    if (log.isDebugEnabled()) {
        log.debug("Updating the roleName: " + roleName + " to :" + newRoleName + " in the tenantDomain: " + tenantDomain);
    }
    try (Connection connection = IdentityDatabaseUtil.getUserDBConnection(true)) {
        try {
            try (NamedPreparedStatement statement = new NamedPreparedStatement(connection, UPDATE_ROLE_NAME_SQL, RoleTableColumns.UM_ID)) {
                statement.setString(RoleTableColumns.NEW_UM_ROLE_NAME, newRoleName);
                statement.setString(RoleTableColumns.UM_ROLE_NAME, roleName);
                statement.setInt(RoleTableColumns.UM_TENANT_ID, tenantId);
                statement.executeUpdate();
            }
            // Update the role name in IDN_SCIM_GROUP table.
            updateSCIMRoleName(roleName, newRoleName, tenantDomain);
            /* UM_ROLE_PERMISSION Table, roles are associated with Domain ID.
                   At this moment Role name doesn't contain the Domain prefix.
                   resetPermissionOnUpdateRole() expects domain qualified name.
                   Hence we add the "Internal" Domain name explicitly here. */
            if (!roleName.contains(UserCoreConstants.DOMAIN_SEPARATOR)) {
                roleName = UserCoreUtil.addDomainToName(roleName, UserCoreConstants.INTERNAL_DOMAIN);
            }
            if (!newRoleName.contains(UserCoreConstants.DOMAIN_SEPARATOR)) {
                newRoleName = UserCoreUtil.addDomainToName(newRoleName, UserCoreConstants.INTERNAL_DOMAIN);
            }
            // Reset role authorization.
            try {
                UserRealm userRealm = CarbonContext.getThreadLocalCarbonContext().getUserRealm();
                userRealm.getAuthorizationManager().resetPermissionOnUpdateRole(roleName, newRoleName);
            } catch (UserStoreException e) {
                throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), "Error while getting the authorizationManager.", e);
            }
            IdentityDatabaseUtil.commitUserDBTransaction(connection);
        } catch (SQLException | IdentityRoleManagementException e) {
            IdentityDatabaseUtil.rollbackUserDBTransaction(connection);
            String message = "Error while updating the role name: %s in the tenantDomain: %s";
            throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), String.format(message, roleName, tenantDomain), e);
        }
    } catch (SQLException e) {
        String message = "Error while updating the role name: %s in the tenantDomain: %s";
        throw new IdentityRoleManagementServerException(UNEXPECTED_SERVER_ERROR.getCode(), String.format(message, roleName, tenantDomain), e);
    }
    clearUserRolesCacheByTenant(tenantId);
    return new RoleBasicInfo(roleID, newRoleName);
}
Also used : NamedPreparedStatement(org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement) UserRealm(org.wso2.carbon.user.api.UserRealm) SQLException(java.sql.SQLException) IdentityRoleManagementServerException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementServerException) Connection(java.sql.Connection) UserStoreException(org.wso2.carbon.user.api.UserStoreException) IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException) IdentityRoleManagementException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException) RoleBasicInfo(org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo)

Aggregations

RoleBasicInfo (org.wso2.carbon.identity.role.mgt.core.RoleBasicInfo)34 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)17 Test (org.testng.annotations.Test)17 Connection (java.sql.Connection)15 ArrayList (java.util.ArrayList)8 IdentityRoleManagementClientException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)8 Matchers.anyString (org.mockito.Matchers.anyString)7 RealmConfiguration (org.wso2.carbon.user.api.RealmConfiguration)7 Role (org.wso2.charon3.core.objects.Role)7 IdentityRoleManagementServerException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementServerException)6 RoleManagementEventPublisherProxy (org.wso2.carbon.identity.role.mgt.core.RoleManagementEventPublisherProxy)6 SQLException (java.sql.SQLException)5 IdentityRoleManagementException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException)5 NamedPreparedStatement (org.wso2.carbon.database.utils.jdbc.NamedPreparedStatement)3 CharonException (org.wso2.charon3.core.exceptions.CharonException)3 GroupBasicInfo (org.wso2.carbon.identity.role.mgt.core.GroupBasicInfo)2 UserBasicInfo (org.wso2.carbon.identity.role.mgt.core.UserBasicInfo)2 AuthorizationManager (org.wso2.carbon.user.api.AuthorizationManager)2 JDBCAuthorizationManager (org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager)2 BadRequestException (org.wso2.charon3.core.exceptions.BadRequestException)2