use of org.wso2.carbon.user.api.Tenant in project carbon-apimgt by wso2.
the class RegistryPersistenceImplTestCase method testRegistrySelectionForTenantUserCrossTenatAccess.
@Test
public void testRegistrySelectionForTenantUserCrossTenatAccess() throws Exception {
RegistryService registryService = Mockito.mock(RegistryService.class);
TenantManager tenantManager = Mockito.mock(TenantManager.class);
Mockito.when(tenantManager.getTenantId(TENANT_DOMAIN)).thenReturn(TENANT_ID);
Mockito.when(tenantManager.getTenantId(SUPER_TENANT_DOMAIN)).thenReturn(SUPER_TENANT_ID);
PowerMockito.mockStatic(CarbonContext.class);
CarbonContext context = Mockito.mock(CarbonContext.class);
PowerMockito.when(CarbonContext.getThreadLocalCarbonContext()).thenReturn(context);
PowerMockito.mockStatic(PrivilegedCarbonContext.class);
PrivilegedCarbonContext privilegedContext = Mockito.mock(PrivilegedCarbonContext.class);
PowerMockito.when(PrivilegedCarbonContext.getThreadLocalCarbonContext()).thenReturn(privilegedContext);
PowerMockito.mockStatic(GovernanceUtils.class);
GovernanceArtifact artifact = Mockito.mock(GovernanceArtifact.class);
List<GovernanceArtifact> artifacts = new ArrayList<GovernanceArtifact>();
artifacts.add(artifact);
PowerMockito.when(GovernanceUtils.findGovernanceArtifacts(Mockito.any(String.class), Mockito.any(Registry.class), Mockito.any(String.class), Mockito.any(Boolean.class))).thenReturn(artifacts);
PowerMockito.mockStatic(RegistryPersistenceUtil.class);
ServiceReferenceHolder serviceRefHolder = Mockito.mock(ServiceReferenceHolder.class);
PowerMockito.mockStatic(ServiceReferenceHolder.class);
PowerMockito.when(ServiceReferenceHolder.getInstance()).thenReturn(serviceRefHolder);
RealmService realmService = Mockito.mock(RealmService.class);
PowerMockito.when(serviceRefHolder.getRealmService()).thenReturn(realmService);
UserRealm realm = Mockito.mock(UserRealm.class);
PowerMockito.when(realmService.getTenantUserRealm(TENANT_ID)).thenReturn(realm);
PowerMockito.doNothing().when(RegistryPersistenceUtil.class, "loadloadTenantAPIRXT", Mockito.any(String.class), Mockito.any(Integer.class));
Mockito.when(context.getTenantDomain()).thenReturn(TENANT_DOMAIN);
Mockito.when(context.getTenantId()).thenReturn(TENANT_ID);
APIPersistence apiPersistenceInstance = new RegistryPersistenceImplWrapper(tenantManager, registryService);
// return null artifact because we are not testing artifact related params. this is only to get the registry obj
GenericArtifactManager artifactManager = Mockito.mock(GenericArtifactManager.class);
PowerMockito.when(RegistryPersistenceUtil.getArtifactManager(Mockito.any(Registry.class), Mockito.any(String.class))).thenReturn(artifactManager);
Mockito.when(artifactManager.getGenericArtifact(Mockito.any(String.class))).thenReturn(null);
// trigger registry object creation. access super tenant api
UserContext ctx = new UserContext("user", new Organization(TENANT_DOMAIN), null, null);
apiPersistenceInstance.searchAPIsForDevPortal(new Organization(SUPER_TENANT_DOMAIN), "", 0, 10, ctx);
// check whether super tenant's system registy is accessed
Mockito.verify(registryService, times(1)).getGovernanceSystemRegistry((SUPER_TENANT_ID));
}
use of org.wso2.carbon.user.api.Tenant in project carbon-apimgt by wso2.
the class TenantThemeApiServiceImpl method exportTenantTheme.
/**
* Export a Tenant Theme of a particular tenant as an archive file.
*
* @param messageContext
* @return Theme export response
* @throws APIManagementException if an error occurs when importing a tenant theme
*/
@Override
public Response exportTenantTheme(MessageContext messageContext) throws APIManagementException {
String tenantDomain = RestApiCommonUtil.getLoggedInUserTenantDomain();
int tenantId = APIUtil.getTenantIdFromTenantDomain(tenantDomain);
APIAdminImpl apiAdmin = new APIAdminImpl();
if (!apiAdmin.isTenantThemeExist(tenantId)) {
RestApiUtil.handleResourceNotFoundError("Tenant Theme for tenant " + tenantDomain + " does not exist.", log);
}
InputStream tenantTheme = apiAdmin.getTenantTheme(tenantId);
String tempPath = System.getProperty(RestApiConstants.JAVA_IO_TMPDIR) + File.separator + TENANT_THEMES_EXPORT_DIR_PREFIX;
String tempFile = tenantDomain + APIConstants.ZIP_FILE_EXTENSION;
File tenantThemeArchive = new File(tempPath, tempFile);
try {
FileUtils.copyInputStreamToFile(tenantTheme, tenantThemeArchive);
return Response.ok(tenantThemeArchive, MediaType.APPLICATION_OCTET_STREAM).header(RestApiConstants.HEADER_CONTENT_DISPOSITION, "attachment; filename=\"" + tenantThemeArchive.getName() + "\"").build();
} catch (IOException e) {
throw new APIManagementException(e.getMessage(), e, ExceptionCodes.from(ExceptionCodes.TENANT_THEME_EXPORT_FAILED, tenantDomain, e.getMessage()));
}
}
use of org.wso2.carbon.user.api.Tenant in project carbon-apimgt by wso2.
the class TenantInfoApiServiceImpl method getTenantInfoByUsername.
@Override
public Response getTenantInfoByUsername(String username, MessageContext messageContext) {
TenantInfoDTO tenantInfoDTO = new TenantInfoDTO();
String decodedUserName;
try {
if (StringUtils.isEmpty(username)) {
RestApiUtil.handleBadRequest("User Name should not be empty", log);
}
try {
decodedUserName = new String(Base64.getDecoder().decode(username));
} catch (IllegalArgumentException e) {
log.warn("Could not decode the username. Using original username");
decodedUserName = username;
}
if (!APIUtil.isUserExist(decodedUserName)) {
RestApiUtil.handleBadRequest("Requested User " + decodedUserName + " does not exist", log);
}
String tenantDomain = MultitenantUtils.getTenantDomain(decodedUserName);
int tenantId = APIUtil.getTenantIdFromTenantDomain(tenantDomain);
tenantInfoDTO.setTenantDomain(tenantDomain);
tenantInfoDTO.setTenantId(tenantId);
tenantInfoDTO.setUsername(decodedUserName);
return Response.status(Response.Status.OK).entity(tenantInfoDTO).build();
} catch (APIManagementException e) {
RestApiUtil.handleInternalServerError("Internal Server Error occurred while retrieving tenant " + "information", e, log);
}
return null;
}
use of org.wso2.carbon.user.api.Tenant in project carbon-apimgt by wso2.
the class ThrottlingApiServiceImpl method throttlingPoliciesCustomRuleIdGet.
/**
* Get a specific custom rule by its name
*
* @param ruleId uuid of the policy
* @return Matched Global Throttle Policy by the given name
*/
@Override
public Response throttlingPoliciesCustomRuleIdGet(String ruleId, MessageContext messageContext) {
try {
APIProvider apiProvider = RestApiCommonUtil.getLoggedInUserProvider();
String username = RestApiCommonUtil.getLoggedInUsername();
// only super tenant is allowed to access global policies/custom rules
checkTenantDomainForCustomRules();
// This will give PolicyNotFoundException if there's no policy exists with UUID
GlobalPolicy globalPolicy = apiProvider.getGlobalPolicyByUUID(ruleId);
if (!RestApiAdminUtils.isPolicyAccessibleToUser(username, globalPolicy)) {
RestApiUtil.handleAuthorizationFailure(RestApiConstants.RESOURCE_CUSTOM_RULE, ruleId, log);
}
CustomRuleDTO policyDTO = GlobalThrottlePolicyMappingUtil.fromGlobalThrottlePolicyToDTO(globalPolicy);
return Response.ok().entity(policyDTO).build();
} catch (APIManagementException e) {
if (RestApiUtil.isDueToResourceNotFound(e)) {
RestApiUtil.handleResourceNotFoundError(RestApiConstants.RESOURCE_CUSTOM_RULE, ruleId, e, log);
} else {
String errorMessage = "Error while retrieving Custom Rule: " + ruleId;
RestApiUtil.handleInternalServerError(errorMessage, e, log);
}
}
return null;
}
use of org.wso2.carbon.user.api.Tenant in project carbon-apimgt by wso2.
the class ThrottlingApiServiceImpl method throttlingPoliciesCustomRuleIdPut.
/**
* Updates a given Global level policy/custom rule specified by uuid
*
* @param ruleId uuid of the policy
* @param body DTO of policy to be updated
* @param contentType Content-Type header
* @return Updated policy
*/
@Override
public Response throttlingPoliciesCustomRuleIdPut(String ruleId, String contentType, CustomRuleDTO body, MessageContext messageContext) throws APIManagementException {
RestApiAdminUtils.validateCustomRuleRequiredProperties(body, (String) messageContext.get(Message.HTTP_REQUEST_METHOD));
try {
APIProvider apiProvider = RestApiCommonUtil.getLoggedInUserProvider();
String username = RestApiCommonUtil.getLoggedInUsername();
// only super tenant is allowed to access global policies/custom rules
checkTenantDomainForCustomRules();
// will give PolicyNotFoundException if there's no policy exists with UUID
GlobalPolicy existingPolicy = apiProvider.getGlobalPolicyByUUID(ruleId);
if (!RestApiAdminUtils.isPolicyAccessibleToUser(username, existingPolicy)) {
RestApiUtil.handleAuthorizationFailure(RestApiConstants.RESOURCE_CUSTOM_RULE, ruleId, log);
}
// overridden properties
body.setPolicyId(ruleId);
body.setPolicyName(existingPolicy.getPolicyName());
// update the policy
GlobalPolicy globalPolicy = GlobalThrottlePolicyMappingUtil.fromGlobalThrottlePolicyDTOToModel(body);
apiProvider.updatePolicy(globalPolicy);
// retrieve the new policy and send back as the response
GlobalPolicy newGlobalPolicy = apiProvider.getGlobalPolicyByUUID(ruleId);
CustomRuleDTO policyDTO = GlobalThrottlePolicyMappingUtil.fromGlobalThrottlePolicyToDTO(newGlobalPolicy);
return Response.ok().entity(policyDTO).build();
} catch (APIManagementException e) {
if (RestApiUtil.isDueToResourceNotFound(e)) {
RestApiUtil.handleResourceNotFoundError(RestApiConstants.RESOURCE_CUSTOM_RULE, ruleId, e, log);
} else {
String errorMessage = "Error while updating custom rule: " + body.getPolicyName();
RestApiUtil.handleInternalServerError(errorMessage, e, log);
}
}
return null;
}
Aggregations