Search in sources :

Example 6 with GroupDAO

use of org.wso2.carbon.identity.role.mgt.core.dao.GroupDAO in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMGroupHandler method createSCIMAttributes.

/**
 * When adding group through SCIM Resource endpoint, add the group attributes to the
 * Identity_SCIM_GROUP table, in addition to the ones added in UserStore (i.e display name, users)
 *
 * @param group
 */
public void createSCIMAttributes(Group group) throws IdentitySCIMException {
    try {
        Map<String, String> attributes = new HashMap<>();
        attributes.put(SCIMConstants.CommonSchemaConstants.ID_URI, group.getId());
        attributes.put(SCIMConstants.CommonSchemaConstants.CREATED_URI, AttributeUtil.formatDateTime(group.getCreatedDate().toInstant()));
        attributes.put(SCIMConstants.CommonSchemaConstants.LAST_MODIFIED_URI, AttributeUtil.formatDateTime(group.getLastModified().toInstant()));
        attributes.put(SCIMConstants.CommonSchemaConstants.LOCATION_URI, group.getLocation());
        GroupDAO groupDAO = new GroupDAO();
        groupDAO.addSCIMGroupAttributes(tenantId, group.getDisplayName(), attributes);
    } catch (CharonException e) {
        throw new IdentitySCIMException("Error getting group name from SCIM Group.", e);
    }
}
Also used : HashMap(java.util.HashMap) GroupDAO(org.wso2.carbon.identity.scim2.common.DAO.GroupDAO) CharonException(org.wso2.charon3.core.exceptions.CharonException) IdentitySCIMException(org.wso2.carbon.identity.scim2.common.exceptions.IdentitySCIMException)

Example 7 with GroupDAO

use of org.wso2.carbon.identity.role.mgt.core.dao.GroupDAO in project carbon-identity-framework by wso2.

the class GroupIDResolver method getNameByID.

@Override
public String getNameByID(String id, String tenantDomain) throws IdentityRoleManagementException {
    GroupDAO groupDAO = RoleMgtDAOFactory.getInstance().getGroupDAO();
    String groupName = groupDAO.getGroupNameByID(id, tenantDomain);
    if (groupName == null) {
        String errorMessage = "A group doesn't exist with id: " + id + " in the tenantDomain: " + tenantDomain;
        throw new IdentityRoleManagementClientException(INVALID_REQUEST.getCode(), errorMessage);
    }
    return groupName;
}
Also used : GroupDAO(org.wso2.carbon.identity.role.mgt.core.dao.GroupDAO) IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)

Example 8 with GroupDAO

use of org.wso2.carbon.identity.role.mgt.core.dao.GroupDAO in project carbon-identity-framework by wso2.

the class GroupIDResolver method getIDByName.

@Override
public String getIDByName(String name, String tenantDomain) throws IdentityRoleManagementException {
    GroupDAO groupDAO = RoleMgtDAOFactory.getInstance().getGroupDAO();
    String groupName = groupDAO.getGroupIDByName(name, tenantDomain);
    if (groupName == null) {
        String errorMessage = "A group doesn't exist with name: " + name + " in the tenantDomain: " + tenantDomain;
        throw new IdentityRoleManagementClientException(INVALID_REQUEST.getCode(), errorMessage);
    }
    return groupName;
}
Also used : GroupDAO(org.wso2.carbon.identity.role.mgt.core.dao.GroupDAO) IdentityRoleManagementClientException(org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)

Example 9 with GroupDAO

use of org.wso2.carbon.identity.role.mgt.core.dao.GroupDAO in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMGroupResolver method getGroupByName.

@Override
public boolean getGroupByName(String groupName, List<String> requestedClaims, Group group, UserStoreManager userStoreManager) throws UserStoreException {
    int tenantId = userStoreManager.getTenantId();
    AbstractUserStoreManager abstractUserStoreManager = ((AbstractUserStoreManager) userStoreManager);
    boolean isGroupIdEnabled = abstractUserStoreManager.isUniqueGroupIdEnabled();
    /*
         * isGroupIdEnabled equal to false indicates that the given userstore only support the legacy behaviour. In
         * that case we need to support getting group details from IDN_SCIM_GROUP table.
         */
    if (isGroupIdEnabled) {
        if (log.isDebugEnabled()) {
            log.debug(String.format("SCIMGroupResolver will not be executed for userstore: %s in " + "tenant %s since group id support is available in the userstore manager", abstractUserStoreManager.getRealmConfiguration().getRealmProperty(PROPERTY_DOMAIN_NAME), tenantId));
        }
        return true;
    }
    if (log.isDebugEnabled()) {
        log.debug(String.format("Retrieving group with name: %s from tenant: %s", groupName, tenantId));
    }
    Map<String, String> attributes;
    GroupDAO groupDAO = new GroupDAO();
    try {
        // If the group name as the domain separator ( / ), that means, domain is in the name.
        if (!groupName.contains(CarbonConstants.DOMAIN_SEPARATOR)) {
            String domainName = abstractUserStoreManager.getRealmConfiguration().getUserStoreProperty(UserStoreConfigConstants.DOMAIN_NAME);
            groupName = UserCoreUtil.addDomainToName(groupName, domainName);
        }
        attributes = groupDAO.getSCIMGroupAttributes(tenantId, groupName);
    } catch (IdentitySCIMException e) {
        throw new UserStoreException(String.format("Error occurred while getting the group attributes of " + "group: %s in tenant: %s", groupName, tenantId), e);
    }
    if (MapUtils.isEmpty(attributes)) {
        if (log.isDebugEnabled()) {
            log.debug(String.format("No group found with name: %s in tenant: %s", groupName, tenantId));
        }
        return true;
    }
    String groupId = attributes.get(SCIMConstants.CommonSchemaConstants.ID_URI);
    String domainName = UserCoreUtil.extractDomainFromName(groupName);
    if (group == null) {
        group = new Group(groupId, resolveGroupName(groupName, domainName));
    } else {
        group.setGroupName(groupName);
    }
    // Set mandatory attributes.
    for (Map.Entry<String, String> entry : attributes.entrySet()) {
        if (SCIMConstants.CommonSchemaConstants.ID_URI.equals(entry.getKey())) {
            group.setGroupID(groupId);
        } else if (SCIMConstants.CommonSchemaConstants.CREATED_URI.equals(entry.getKey())) {
            group.setCreatedDate(entry.getValue());
        } else if (SCIMConstants.CommonSchemaConstants.LAST_MODIFIED_URI.equals(entry.getKey())) {
            group.setLastModifiedDate(entry.getValue());
        } else if (SCIMConstants.CommonSchemaConstants.LOCATION_URI.equals(entry.getKey())) {
            group.setLocation(SCIMCommonUtils.getSCIMGroupURL(groupId));
        }
    }
    group.setDisplayName(UserCoreUtil.removeDomainFromName(groupName));
    group.setUserStoreDomain(domainName);
    return true;
}
Also used : Group(org.wso2.carbon.user.core.common.Group) UserStoreException(org.wso2.carbon.user.core.UserStoreException) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) GroupDAO(org.wso2.carbon.identity.scim2.common.DAO.GroupDAO) Map(java.util.Map) IdentitySCIMException(org.wso2.carbon.identity.scim2.common.exceptions.IdentitySCIMException)

Example 10 with GroupDAO

use of org.wso2.carbon.identity.role.mgt.core.dao.GroupDAO in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMGroupResolver method getGroupById.

@Override
public boolean getGroupById(String groupID, List<String> requestedClaims, Group group, UserStoreManager userStoreManager) throws UserStoreException {
    int tenantId = userStoreManager.getTenantId();
    AbstractUserStoreManager abstractUserStoreManager = ((AbstractUserStoreManager) userStoreManager);
    boolean isGroupIdEnabled = abstractUserStoreManager.isUniqueGroupIdEnabled();
    /*
         * isGroupIdEnabled equal to false indicates that the given userstore only support the legacy behaviour. In
         * that case we need to support getting group details from IDN_SCIM_GROUP table.
         */
    if (isGroupIdEnabled) {
        if (log.isDebugEnabled()) {
            log.debug(String.format("SCIMGroupResolver will not be executed for userstore: %s in " + "tenant %s since group id support is available in the userstore manager", abstractUserStoreManager.getRealmConfiguration().getRealmProperty(PROPERTY_DOMAIN_NAME), tenantId));
        }
        return true;
    }
    if (log.isDebugEnabled()) {
        log.debug(String.format("Retrieving group with id: %s from tenant: %s", groupID, tenantId));
    }
    String groupName;
    Map<String, String> attributes;
    GroupDAO groupDAO = new GroupDAO();
    try {
        groupName = groupDAO.getGroupNameById(tenantId, groupID);
        if (StringUtils.isBlank(groupName)) {
            log.error(String.format("No group found with id: %s in tenant: %s", groupID, tenantId));
            return true;
        }
        attributes = groupDAO.getSCIMGroupAttributes(tenantId, groupName);
    } catch (IdentitySCIMException e) {
        throw new UserStoreException(String.format("Error occurred while getting the group attributes of " + "group: %s in tenant: %s", groupID, tenantId), e);
    }
    // At this point there is definitely a matching group for the given id.
    String domainName = UserCoreUtil.extractDomainFromName(groupName);
    if (group == null) {
        group = new Group(groupID, resolveGroupName(groupName, domainName));
    } else {
        group.setGroupID(groupID);
        group.setGroupName(resolveGroupName(groupName, domainName));
    }
    // Removing the userstore domain name from the display name and setting it as the userstore domain of the group.
    group.setDisplayName(UserCoreUtil.removeDomainFromName(groupName));
    group.setUserStoreDomain(domainName);
    // Set mandatory attributes.
    for (Map.Entry<String, String> entry : attributes.entrySet()) {
        if (SCIMConstants.CommonSchemaConstants.ID_URI.equals(entry.getKey())) {
            group.setGroupID(entry.getValue());
        } else if (SCIMConstants.CommonSchemaConstants.CREATED_URI.equals(entry.getKey())) {
            group.setCreatedDate(entry.getValue());
        } else if (SCIMConstants.CommonSchemaConstants.LAST_MODIFIED_URI.equals(entry.getKey())) {
            group.setLastModifiedDate(entry.getValue());
        } else if (SCIMConstants.CommonSchemaConstants.LOCATION_URI.equals(entry.getKey())) {
            group.setLocation(SCIMCommonUtils.getSCIMGroupURL(groupID));
        }
    }
    return true;
}
Also used : Group(org.wso2.carbon.user.core.common.Group) UserStoreException(org.wso2.carbon.user.core.UserStoreException) AbstractUserStoreManager(org.wso2.carbon.user.core.common.AbstractUserStoreManager) GroupDAO(org.wso2.carbon.identity.scim2.common.DAO.GroupDAO) Map(java.util.Map) IdentitySCIMException(org.wso2.carbon.identity.scim2.common.exceptions.IdentitySCIMException)

Aggregations

GroupDAO (org.wso2.carbon.identity.scim2.common.DAO.GroupDAO)12 IdentitySCIMException (org.wso2.carbon.identity.scim2.common.exceptions.IdentitySCIMException)8 UserStoreException (org.wso2.carbon.user.core.UserStoreException)7 AbstractUserStoreManager (org.wso2.carbon.user.core.common.AbstractUserStoreManager)6 Group (org.wso2.carbon.user.core.common.Group)6 Map (java.util.Map)5 HashMap (java.util.HashMap)4 IdentityRoleManagementClientException (org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementClientException)2 GroupDAO (org.wso2.carbon.identity.role.mgt.core.dao.GroupDAO)2 AbstractMap (java.util.AbstractMap)1 ExpressionCondition (org.wso2.carbon.user.core.model.ExpressionCondition)1 OperationalCondition (org.wso2.carbon.user.core.model.OperationalCondition)1 CharonException (org.wso2.charon3.core.exceptions.CharonException)1