Examples with Permission org.wso2.carbon.user.api.Permission used on opensource projects

Search in sources :

Example 21 with Permission

use of org.wso2.carbon.user.api.Permission in project carbon-apimgt by wso2.

the class APIStoreImplTestCase method testAddApplicationWorkflowReject.

@Test(description = "Test Application workflow rejection")
public void testAddApplicationWorkflowReject() throws APIManagementException {
    ApplicationDAO applicationDAO = Mockito.mock(ApplicationDAO.class);
    PolicyDAO policyDAO = Mockito.mock(PolicyDAO.class);
    WorkflowDAO workflowDAO = Mockito.mock(WorkflowDAO.class);
    Policy policy = Mockito.mock(Policy.class);
    APIGateway apiGateway = Mockito.mock(APIGateway.class);
    APIStore apiStore = getApiStoreImpl(applicationDAO, policyDAO, workflowDAO, apiGateway);
    Application application = new Application(APP_NAME, USER_NAME);
    application.setPolicy(new ApplicationPolicy(TIER));
    application.setPermissionString("[{\"groupId\": \"testGroup\",\"permission\":[\"READ\",\"UPDATE\",\"DELETE\",\"SUBSCRIPTION\"]}]");
    Mockito.when(applicationDAO.isApplicationNameExists(APP_NAME)).thenReturn(false);
    Mockito.when(policyDAO.getSimplifiedPolicyByLevelAndName(APIMgtAdminService.PolicyLevel.application, TIER)).thenReturn(policy);
    apiStore.addApplication(application);
    DefaultWorkflowExecutor executor = Mockito.mock(DefaultWorkflowExecutor.class);
    Workflow workflow = new ApplicationCreationWorkflow(applicationDAO, workflowDAO, apiGateway);
    workflow.setWorkflowReference(application.getId());
    WorkflowResponse response = new GeneralWorkflowResponse();
    response.setWorkflowStatus(WorkflowStatus.REJECTED);
    Mockito.when(executor.complete(workflow)).thenReturn(response);
    apiStore.completeWorkflow(executor, workflow);
    Mockito.verify(applicationDAO, Mockito.times(1)).updateApplicationState(application.getId(), "REJECTED");
}
Also used : ApplicationPolicy(org.wso2.carbon.apimgt.core.models.policy.ApplicationPolicy) SubscriptionPolicy(org.wso2.carbon.apimgt.core.models.policy.SubscriptionPolicy) Policy(org.wso2.carbon.apimgt.core.models.policy.Policy) GeneralWorkflowResponse(org.wso2.carbon.apimgt.core.workflow.GeneralWorkflowResponse) Workflow(org.wso2.carbon.apimgt.core.workflow.Workflow) ApplicationCreationWorkflow(org.wso2.carbon.apimgt.core.workflow.ApplicationCreationWorkflow) ApplicationUpdateWorkflow(org.wso2.carbon.apimgt.core.workflow.ApplicationUpdateWorkflow) SubscriptionCreationWorkflow(org.wso2.carbon.apimgt.core.workflow.SubscriptionCreationWorkflow) ApplicationDAO(org.wso2.carbon.apimgt.core.dao.ApplicationDAO) DefaultWorkflowExecutor(org.wso2.carbon.apimgt.core.workflow.DefaultWorkflowExecutor) WorkflowDAO(org.wso2.carbon.apimgt.core.dao.WorkflowDAO) ApplicationPolicy(org.wso2.carbon.apimgt.core.models.policy.ApplicationPolicy) ApplicationCreationWorkflow(org.wso2.carbon.apimgt.core.workflow.ApplicationCreationWorkflow) WorkflowResponse(org.wso2.carbon.apimgt.core.api.WorkflowResponse) GeneralWorkflowResponse(org.wso2.carbon.apimgt.core.workflow.GeneralWorkflowResponse) APIGateway(org.wso2.carbon.apimgt.core.api.APIGateway) Application(org.wso2.carbon.apimgt.core.models.Application) PolicyDAO(org.wso2.carbon.apimgt.core.dao.PolicyDAO) APIStore(org.wso2.carbon.apimgt.core.api.APIStore) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 22 with Permission

use of org.wso2.carbon.user.api.Permission in project carbon-apimgt by wso2.

the class APIStoreImplTestCase method testAddApplicationPermissionStringNull.

@Test(description = "Add an application with null permission String")
public void testAddApplicationPermissionStringNull() throws APIManagementException {
    ApplicationDAO applicationDAO = Mockito.mock(ApplicationDAO.class);
    PolicyDAO policyDAO = Mockito.mock(PolicyDAO.class);
    Policy policy = Mockito.mock(Policy.class);
    WorkflowDAO workflowDAO = Mockito.mock(WorkflowDAO.class);
    APIGateway apiGateway = Mockito.mock(APIGateway.class);
    APIStore apiStore = getApiStoreImpl(applicationDAO, policyDAO, workflowDAO, apiGateway);
    Application application = new Application(APP_NAME, USER_NAME);
    application.setPolicy(new ApplicationPolicy(TIER));
    application.setPermissionString(null);
    Mockito.when(applicationDAO.isApplicationNameExists(APP_NAME)).thenReturn(false);
    Mockito.when(policyDAO.getSimplifiedPolicyByLevelAndName(APIMgtAdminService.PolicyLevel.application, TIER)).thenReturn(policy);
    ApplicationCreationResponse applicationResponse = apiStore.addApplication(application);
    String applicationUuid = applicationResponse.getApplicationUUID();
    Assert.assertNotNull(applicationUuid);
    Mockito.verify(applicationDAO, Mockito.times(1)).addApplication(application);
}
Also used : ApplicationPolicy(org.wso2.carbon.apimgt.core.models.policy.ApplicationPolicy) SubscriptionPolicy(org.wso2.carbon.apimgt.core.models.policy.SubscriptionPolicy) Policy(org.wso2.carbon.apimgt.core.models.policy.Policy) WorkflowDAO(org.wso2.carbon.apimgt.core.dao.WorkflowDAO) ApplicationCreationResponse(org.wso2.carbon.apimgt.core.workflow.ApplicationCreationResponse) ApplicationPolicy(org.wso2.carbon.apimgt.core.models.policy.ApplicationPolicy) APIGateway(org.wso2.carbon.apimgt.core.api.APIGateway) ApplicationDAO(org.wso2.carbon.apimgt.core.dao.ApplicationDAO) Application(org.wso2.carbon.apimgt.core.models.Application) PolicyDAO(org.wso2.carbon.apimgt.core.dao.PolicyDAO) APIStore(org.wso2.carbon.apimgt.core.api.APIStore) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 23 with Permission

use of org.wso2.carbon.user.api.Permission in project core-util by WSO2Telco.

the class WSO2PermissionBuilder method build.

/**
 * This will build the permision tree using given users name
 */
public Map<String, Object> build(final String userName) throws BusinessException {
    Map<String, Object> permisionTree = Collections.emptyMap();
    RetunEntitiy retunItem = new RetunEntitiy();
    try {
        UserRoleProsser userRoleRetriever = new UserRoleProsser();
        UIPermissionNode uiPermissionTree = null;
        List<String> currentUserRoleList = userRoleRetriever.getRolesByUserName(userName);
        /**
         * None of the roles are assign for the user
         */
        if (currentUserRoleList.isEmpty()) {
            throw new BusinessException("No roles assigned for user :" + userName);
        }
        for (Iterator<String> iterator = currentUserRoleList.iterator(); iterator.hasNext(); ) {
            String roleName = iterator.next();
            UIPermissionNode rolePermissions = userAdminStub.getRolePermissions(roleName);
            /**
             * if the permission node is empty
             */
            if (rolePermissions == null || rolePermissions.getNodeList() == null) {
                continue;
            }
            /**
             * filter out ui permission only
             */
            Optional<UIPermissionNode> optNode = Arrays.stream(rolePermissions.getNodeList()).filter(rowItem -> rowItem.getDisplayName().equalsIgnoreCase(UserRolePermissionType.UI_PERMISSION.getTObject())).findFirst();
            /**
             * check for existence of node
             */
            if (optNode.isPresent()) {
                uiPermissionTree = optNode.get();
                if (uiPermissionTree.getNodeList() != null && uiPermissionTree.getNodeList().length > 0) {
                    retunItem = popUserRolePermissions(uiPermissionTree.getNodeList());
                    if (retunItem.atLeastOneSelected) {
                        break;
                    }
                } else {
                    /**
                     * if the current role does not contain Ui permission then continue
                     */
                    continue;
                }
            }
        }
        if (retunItem.returnMap.isEmpty()) {
            throw new BusinessException(UserRolePermissionType.UI_PERMISSION.getTObject() + " not assigned for the user :" + userName + " , assigned roles :[ " + StringUtils.join(currentUserRoleList, ",") + "]");
        }
    } catch (RemoteException | UserAdminUserAdminException e) {
        log.error("UIPermission.build", e);
        throw new BusinessException(GenaralError.INTERNAL_SERVER_ERROR);
    }
    if (retunItem.returnMap.isEmpty()) {
        log.warn(" No ui permission tree found for " + userName);
        return Collections.emptyMap();
    } else {
        return retunItem.returnMap;
    }
}
Also used : Arrays(java.util.Arrays) StringUtils(org.apache.commons.lang.StringUtils) UserRolePermissionType(com.wso2telco.core.userprofile.util.UserRolePermissionType) APIManagerConfiguration(org.wso2.carbon.apimgt.impl.APIManagerConfiguration) UserAdminStub(org.wso2.carbon.user.mgt.stub.UserAdminStub) HashMap(java.util.HashMap) UserRoleProsser(com.wso2telco.core.userprofile.prosser.UserRoleProsser) APIConstants(org.wso2.carbon.apimgt.impl.APIConstants) HashSet(java.util.HashSet) CarbonUtils(org.wso2.carbon.utils.CarbonUtils) UIPermissionNode(org.wso2.carbon.user.mgt.stub.types.carbon.UIPermissionNode) Map(java.util.Map) UserAdminUserAdminException(org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException) AdminServicePath(com.wso2telco.core.userprofile.util.AdminServicePath) Iterator(java.util.Iterator) Set(java.util.Set) GenaralError(com.wso2telco.core.dbutils.exception.GenaralError) HTTPConstants(org.apache.axis2.transport.http.HTTPConstants) RemoteException(java.rmi.RemoteException) List(java.util.List) HostObjectComponent(org.wso2.carbon.apimgt.hostobjects.internal.HostObjectComponent) BusinessException(com.wso2telco.core.dbutils.exception.BusinessException) Optional(java.util.Optional) Log(org.apache.commons.logging.Log) AxisFault(org.apache.axis2.AxisFault) LogFactory(org.apache.commons.logging.LogFactory) Collections(java.util.Collections) UIPermissionNode(org.wso2.carbon.user.mgt.stub.types.carbon.UIPermissionNode) BusinessException(com.wso2telco.core.dbutils.exception.BusinessException) UserAdminUserAdminException(org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException) UserRoleProsser(com.wso2telco.core.userprofile.prosser.UserRoleProsser) RemoteException(java.rmi.RemoteException)

Example 24 with Permission

use of org.wso2.carbon.user.api.Permission in project carbon-business-process by wso2.

the class UserSubstitutionService method getRequestedAssignee.

/**
 * Validate and get the assignee for a substitute request
 * @param user
 * @return actual assignee of the substitute request
 * @throws UserStoreException
 */
private String getRequestedAssignee(final String user) throws UserStoreException {
    String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
    UserRealm userRealm = BPMNOSGIService.getUserRealm();
    String assignee = getTenantAwareUser(user);
    // validate the assignee
    if (assignee != null && !assignee.trim().isEmpty() && !assignee.equals(loggedInUser)) {
        // setting another users
        boolean isAuthorized = isUserAuthorizedForSubstitute(loggedInUser);
        if (!isAuthorized) {
            throw new BPMNForbiddenException("Action requires BPMN substitution permission");
        }
        if (!userRealm.getUserStoreManager().isExistingUser(assignee)) {
            throw new ActivitiIllegalArgumentException("Non existing user for argument assignee : " + assignee);
        }
    } else {
        // assignee is the logged in user
        assignee = loggedInUser;
    }
    return assignee;
}
Also used : UserRealm(org.wso2.carbon.user.api.UserRealm) ActivitiIllegalArgumentException(org.activiti.engine.ActivitiIllegalArgumentException) BPMNForbiddenException(org.wso2.carbon.bpmn.rest.common.exception.BPMNForbiddenException)

Example 25 with Permission

use of org.wso2.carbon.user.api.Permission in project carbon-business-process by wso2.

the class UserSubstitutionService method querySubstitutes.

/**
 * Query the substitution records based on substitute, assignee and enabled or disabled.
 * Pagination parameters, start, size, sort, order are allowed.
 * @return paginated list of substitution info records
 */
@GET
@Path("/")
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
public Response querySubstitutes() {
    if (!subsFeatureEnabled) {
        return Response.status(405).build();
    }
    Map<String, String> queryMap = new HashedMap();
    for (Map.Entry<String, String> entry : propertiesMap.entrySet()) {
        String value = uriInfo.getQueryParameters().getFirst(entry.getKey());
        if (value != null) {
            queryMap.put(entry.getValue(), value);
        }
    }
    // validate the parameters
    try {
        // replace with tenant aware user names
        String tenantAwareUser = getTenantAwareUser(queryMap.get(SubstitutionQueryProperties.USER));
        queryMap.put(SubstitutionQueryProperties.USER, tenantAwareUser);
        String tenantAwareSub = getTenantAwareUser(queryMap.get(SubstitutionQueryProperties.SUBSTITUTE));
        queryMap.put(SubstitutionQueryProperties.SUBSTITUTE, tenantAwareSub);
        if (!isUserAuthorizedForSubstitute(PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername())) {
            String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
            if (!((queryMap.get(SubstitutionQueryProperties.USER) != null && queryMap.get(SubstitutionQueryProperties.USER).equals(loggedInUser)) || (queryMap.get(SubstitutionQueryProperties.SUBSTITUTE) != null && queryMap.get(SubstitutionQueryProperties.SUBSTITUTE).equals(loggedInUser)))) {
                throw new BPMNForbiddenException("Not allowed to view others substitution details. No sufficient permission");
            }
        }
    } catch (UserStoreException e) {
        throw new ActivitiException("Error accessing User Store for input validations", e);
    }
    // validate pagination parameters
    validatePaginationParams(queryMap);
    int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
    List<SubstitutesDataModel> dataModelList = UserSubstitutionUtils.querySubstitutions(queryMap, tenantId);
    int totalResultCount = UserSubstitutionUtils.getQueryResultCount(queryMap, tenantId);
    SubstituteInfoCollectionResponse collectionResponse = new SubstituteInfoCollectionResponse();
    collectionResponse.setTotal(totalResultCount);
    List<SubstituteInfoResponse> responseList = new ArrayList<>();
    for (SubstitutesDataModel subsData : dataModelList) {
        SubstituteInfoResponse response = new SubstituteInfoResponse();
        response.setEnabled(subsData.isEnabled());
        response.setEndTime(subsData.getSubstitutionEnd());
        response.setStartTime(subsData.getSubstitutionStart());
        response.setSubstitute(subsData.getSubstitute());
        response.setAssignee(subsData.getUser());
        responseList.add(response);
    }
    collectionResponse.setSubstituteInfoList(responseList);
    collectionResponse.setSize(responseList.size());
    String sortType = getSortType(queryMap.get(SubstitutionQueryProperties.SORT));
    collectionResponse.setSort(sortType);
    collectionResponse.setStart(Integer.parseInt(queryMap.get(SubstitutionQueryProperties.START)));
    collectionResponse.setOrder(queryMap.get(SubstitutionQueryProperties.ORDER));
    return Response.ok(collectionResponse).build();
}
Also used : ActivitiException(org.activiti.engine.ActivitiException) SubstitutesDataModel(org.wso2.carbon.bpmn.core.mgt.model.SubstitutesDataModel) BPMNForbiddenException(org.wso2.carbon.bpmn.rest.common.exception.BPMNForbiddenException) UserStoreException(org.wso2.carbon.user.api.UserStoreException) HashedMap(org.apache.commons.collections.map.HashedMap) HashedMap(org.apache.commons.collections.map.HashedMap)

Aggregations

APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)29 HashSet (java.util.HashSet)18 HashMap (java.util.HashMap)17 ArrayList (java.util.ArrayList)16 Test (org.testng.annotations.Test)16 Policy (org.wso2.carbon.apimgt.core.models.policy.Policy)16 Test (org.junit.Test)15 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)15 API (org.wso2.carbon.apimgt.core.models.API)15 ApplicationPolicy (org.wso2.carbon.apimgt.core.models.policy.ApplicationPolicy)15 SubscriptionPolicy (org.wso2.carbon.apimgt.core.models.policy.SubscriptionPolicy)15 UserStoreException (org.wso2.carbon.user.api.UserStoreException)13 Map (java.util.Map)12 Resource (org.wso2.carbon.registry.core.Resource)12 UserRegistry (org.wso2.carbon.registry.core.session.UserRegistry)12 API (org.wso2.carbon.apimgt.api.model.API)11 APIManagementException (org.wso2.carbon.apimgt.core.exception.APIManagementException)10 APIPolicy (org.wso2.carbon.apimgt.core.models.policy.APIPolicy)9 RegistryException (org.wso2.carbon.registry.core.exceptions.RegistryException)9 BusinessInformation (org.wso2.carbon.apimgt.core.models.BusinessInformation)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial