Examples with SCIMGroupHandler org.wso2.carbon.identity.scim2.common.group.SCIMGroupHandler used on opensource projects

Example 11 with SCIMGroupHandler

use of org.wso2.carbon.identity.scim2.common.group.SCIMGroupHandler in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMUserManager method getGroupNamesFromDB.

/**
 * Return group names when search using meta data; list of groups.
 *
 * @param attributeName   Attribute name which is used to search.
 * @param filterOperation Operator value.
 * @param attributeValue  Search value.
 * @param domainName      Domain to be filtered.
 * @return list of groups
 * @throws org.wso2.carbon.user.core.UserStoreException
 * @throws IdentitySCIMException
 */
private List<String> getGroupNamesFromDB(String attributeName, String filterOperation, String attributeValue, String domainName) throws org.wso2.carbon.user.core.UserStoreException, IdentitySCIMException {
    String searchAttribute = getSearchAttribute(attributeName, filterOperation, attributeValue, SQL_FILTERING_DELIMITER);
    SCIMGroupHandler groupHandler = new SCIMGroupHandler(carbonUM.getTenantId());
    if (log.isDebugEnabled()) {
        log.debug(String.format("Filtering roleNames from DB from search attribute: %s", searchAttribute));
    }
    return Arrays.asList(groupHandler.getGroupListFromAttributeName(attributeName, searchAttribute, domainName));
}

Example 12 with SCIMGroupHandler

use of org.wso2.carbon.identity.scim2.common.group.SCIMGroupHandler in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMUserOperationListener method postAddRole.

private boolean postAddRole(String roleName, UserStoreManager userStoreManager) throws UserStoreException {
    try {
        SCIMGroupHandler scimGroupHandler = new SCIMGroupHandler(userStoreManager.getTenantId());
        String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
        if (domainName == null) {
            domainName = UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME;
        }
        String roleNameWithDomain = UserCoreUtil.addDomainToName(roleName, domainName);
        // UserCore Util functionality does not append primary.
        roleNameWithDomain = SCIMCommonUtils.getGroupNameWithDomain(roleNameWithDomain);
        // Query role name from identity table.
        try {
            if (!scimGroupHandler.isGroupExisting(roleNameWithDomain)) {
                // If no attributes - i.e: group added via mgt console, not via SCIM endpoint.
                // Add META.
                scimGroupHandler.addMandatoryAttributes(roleNameWithDomain);
            }
        } catch (IdentitySCIMException e) {
            throw new UserStoreException("Error retrieving group information from SCIM Tables.", e);
        }
        return true;
    } catch (org.wso2.carbon.user.api.UserStoreException e) {
        throw new UserStoreException(e);
    }
}

Example 13 with SCIMGroupHandler

use of org.wso2.carbon.identity.scim2.common.group.SCIMGroupHandler in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class AdminAttributeUtil method updateAdminGroup.

/**
 * Update admin group for given tenant.
 *
 * @param tenantId
 */
public static void updateAdminGroup(int tenantId) {
    try {
        UserStoreManager userStoreManager = (UserStoreManager) SCIMCommonComponentHolder.getRealmService().getTenantUserRealm(tenantId).getUserStoreManager();
        if (log.isDebugEnabled()) {
            log.debug("SCIM enable in Userstore level : " + userStoreManager.isSCIMEnabled() + ", for " + "Tenant ID : " + tenantId);
        }
        // User store level property to enable/disable SCIM
        if (userStoreManager.isSCIMEnabled()) {
            SCIMGroupHandler scimGroupHandler = new SCIMGroupHandler(userStoreManager.getTenantId());
            String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
            if (domainName == null) {
                if (log.isDebugEnabled()) {
                    log.debug("Domain name is null and setting default domain as " + IdentityUtil.getPrimaryDomainName());
                }
                domainName = IdentityUtil.getPrimaryDomainName();
            }
            String adminRoleName = userStoreManager.getRealmConfiguration().getAdminRoleName();
            String roleNameWithDomain = UserCoreUtil.addDomainToName(adminRoleName, domainName);
            // UserCore Util functionality does not append primary domain.
            roleNameWithDomain = SCIMCommonUtils.getGroupNameWithDomain(roleNameWithDomain);
            try {
                // Validate the SCIM IS is avaialble for Groups.
                if (!scimGroupHandler.isGroupExisting(roleNameWithDomain)) {
                    if (log.isDebugEnabled()) {
                        log.debug("Group does not exist, setting scim attribute group value: " + roleNameWithDomain);
                    }
                    scimGroupHandler.addMandatoryAttributes(roleNameWithDomain);
                }
                // Adding the SCIM attributes for admin group
                if (((AbstractUserStoreManager) userStoreManager).isRoleAndGroupSeparationEnabled()) {
                    String groupNameWithDomain = getAdminGroupName(adminRoleName, domainName);
                    // Validate the SCIM ID is available for groups.
                    if (userStoreManager.isExistingRole(groupNameWithDomain) && !scimGroupHandler.isGroupExisting(groupNameWithDomain)) {
                        if (log.isDebugEnabled()) {
                            log.debug("Group does not exist, setting scim attributes for group: " + groupNameWithDomain);
                        }
                        scimGroupHandler.addMandatoryAttributes(groupNameWithDomain);
                    }
                }
            } catch (IdentitySCIMException e) {
                throw new UserStoreException("Error retrieving group information from SCIM Tables for tenant ID: " + userStoreManager.getTenantId(), e);
            }
        }
    } catch (Exception e) {
        log.error("Error occurred while updating the admin groups's attributes in Tenant ID : " + tenantId + ", " + "Error : " + e.getMessage(), e);
    }
}

Example 14 with SCIMGroupHandler

use of org.wso2.carbon.identity.scim2.common.group.SCIMGroupHandler in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMGroupHandlerTest method testCreateSCIMAttributes.

@Test
public void testCreateSCIMAttributes() throws Exception {
    ResultSet resultSet = mock(ResultSet.class);
    mockStatic(IdentityDatabaseUtil.class);
    mockStatic(SCIMCommonUtils.class);
    Group group = new Group();
    Date date = new Date();
    group.setCreatedDate(date);
    group.setLastModified(date);
    group.setLocation("LOCATION_URI");
    when(IdentityDatabaseUtil.getDBConnection()).thenReturn(connection);
    when(connection.prepareStatement(anyString())).thenReturn(mockedPreparedStatement);
    when(mockedPreparedStatement.executeQuery()).thenReturn(resultSet);
    when(resultSet.next()).thenReturn(false);
    when(mockedGroupDAO.isExistingGroup(SCIMCommonUtils.getGroupNameWithDomain("NON_EXISTANT_GROUP_NAME"), 1)).thenReturn(false);
    SCIMGroupHandler scimGroupHandler = new SCIMGroupHandler(1);
    scimGroupHandler.createSCIMAttributes(group);
    assertNotNull(group);
}

Example 15 with SCIMGroupHandler

use of org.wso2.carbon.identity.scim2.common.group.SCIMGroupHandler in project identity-inbound-provisioning-scim2 by wso2-extensions.

the class SCIMGroupHandlerTest method testGetGroupWithAttributesSecondScenario.

@Test
public void testGetGroupWithAttributesSecondScenario() throws Exception {
    Group group = new Group();
    ResultSet resultSet = mock(ResultSet.class);
    mockStatic(IdentityDatabaseUtil.class);
    mockStatic(IdentityTenantUtil.class);
    mockStatic(SCIMCommonUtils.class);
    Date today = Calendar.getInstance().getTime();
    SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
    Map<String, String> attributes = new HashMap<String, String>();
    attributes.put("urn:ietf:params:scim:schemas:core:2.0:id", "100");
    attributes.put("urn:ietf:params:scim:schemas:core:2.0:meta.created", formatter.format(today));
    attributes.put("urn:ietf:params:scim:schemas:core:2.0:meta.lastModified", formatter.format(today));
    attributes.put("urn:ietf:params:scim:schemas:core:2.0:meta.location", "https://localhost:9443/t/TENANT_DOMAIN/Groups/100");
    when(IdentityDatabaseUtil.getDBConnection()).thenReturn(connection);
    when(connection.prepareStatement(anyString())).thenReturn(mockedPreparedStatement);
    when(resultSet.next()).thenReturn(true);
    when(mockedPreparedStatement.executeQuery()).thenReturn(resultSet);
    when(mockedGroupDAO.isExistingGroup("EXISTING_GROUP_NAME", 1)).thenReturn(true);
    whenNew(GroupDAO.class).withNoArguments().thenReturn(mockedGroupDAO);
    when(mockedGroupDAO.getSCIMGroupAttributes(anyInt(), anyString())).thenReturn(attributes);
    when(IdentityTenantUtil.getTenantDomain(1)).thenReturn("TENANT_DOMAIN");
    when(SCIMCommonUtils.getSCIMGroupURL()).thenReturn("https://localhost:9443/t/TENANT_DOMAIN/Groups");
    assertEquals(new SCIMGroupHandler(1).getGroupWithAttributes(group, "EXISTING_GROUP_NAME"), group);
}