use of org.wso2.carbon.user.api.UserStoreException in project carbon-business-process by wso2.
the class UserSubstitutionService method isUserAuthorizedForSubstitute.
/**
* Check the logged in user has permission for viewing other substitutions.
* @return true if the permission sufficient
* @throws UserStoreException
*/
private boolean isUserAuthorizedForSubstitute(String username) throws UserStoreException {
UserRealm userRealm = BPMNOSGIService.getUserRealm();
// check with bpmn permission path
String[] permissionArray = userRealm.getAuthorizationManager().getAllowedUIResourcesForUser(username, BPMNConstants.BPMN_PERMISSION_PATH);
if (permissionArray != null && permissionArray.length > 0) {
if (permissionArray[0].equals(BPMNConstants.BPMN_PERMISSION_PATH) || isPermissionExist(permissionArray, BPMNConstants.SUBSTITUTION_PERMISSION_PATH)) {
return true;
}
}
// check for admin permission
String[] adminPermissionArray = userRealm.getAuthorizationManager().getAllowedUIResourcesForUser(username, BPMNConstants.ROOT_PERMISSION_PATH);
if (adminPermissionArray != null && adminPermissionArray.length > 0) {
if (adminPermissionArray[0].equals(BPMNConstants.ROOT_PERMISSION_PATH) || adminPermissionArray[0].equals(BPMNConstants.ADMIN_PERMISSION_PATH)) {
return true;
}
}
return false;
}
use of org.wso2.carbon.user.api.UserStoreException in project carbon-business-process by wso2.
the class BPSGroupIdentityManager method findGroupsByUser.
@Override
public List<Group> findGroupsByUser(String userId) {
List<Group> groups = new ArrayList<Group>();
try {
String[] roles = userStoreManager.getRoleListOfUser(userId);
for (String role : roles) {
Group group = new GroupEntity(role);
groups.add(group);
}
} catch (UserStoreException e) {
String msg = "Failed to get roles of the user: " + userId + ". Returning an empty roles list.";
log.error(msg, e);
}
return groups;
}
use of org.wso2.carbon.user.api.UserStoreException in project carbon-business-process by wso2.
the class BPSUserIdentityManager method findGroupsByUser.
@Override
public List<Group> findGroupsByUser(String userId) {
List<Group> groups = new ArrayList<Group>();
try {
String[] userNameTokens = userId.split("@");
int tenantId = BPMNConstants.SUPER_TENANT_ID;
if (userNameTokens.length > 1) {
TenantInfoBean tenantInfoBean = tenantMgtAdminService.getTenant(userNameTokens[userNameTokens.length - 1]);
if (tenantInfoBean != null) {
tenantId = tenantInfoBean.getTenantId();
} else {
log.error("Could not retrieve tenant ID for tenant domain : " + userNameTokens[userNameTokens.length - 1]);
return new ArrayList<Group>();
}
}
String[] roles = registryService.getUserRealm(tenantId).getUserStoreManager().getRoleListOfUser(userId);
for (String role : roles) {
Group group = new GroupEntity(role);
groups.add(group);
}
} catch (UserStoreException e) {
String msg = "Failed to get roles of the user: " + userId + ". Returning an empty roles list.";
log.error(msg, e);
} catch (Exception e) {
log.error("error retrieving user tenant info", e);
}
return groups;
}
use of org.wso2.carbon.user.api.UserStoreException in project carbon-business-process by wso2.
the class CommonTaskUtil method getAssignableUserNameList.
/**
* Returns the list of assignable user name list.
*
* @param task : The task object.
* @param excludeActualOwner : Whether to exclude the actual owner from the returned list.
* @return : the list of assignable user name list.
*/
public static List<String> getAssignableUserNameList(TaskDAO task, boolean excludeActualOwner) {
List<String> allPotentialOwners = new ArrayList<String>();
GenericHumanRoleDAO ghr = task.getGenericHumanRole(GenericHumanRole.GenericHumanRoleType.POTENTIAL_OWNERS);
RegistryService registryService = HumanTaskServiceComponent.getRegistryService();
for (OrganizationalEntityDAO orgEntity : ghr.getOrgEntities()) {
if (OrganizationalEntityDAO.OrganizationalEntityType.GROUP.equals(orgEntity.getOrgEntityType())) {
String roleName = orgEntity.getName();
UserRealm userRealm;
try {
userRealm = registryService.getUserRealm(task.getTenantId());
String[] assignableUsersArray = userRealm.getUserStoreManager().getUserListOfRole(roleName);
allPotentialOwners.addAll(Arrays.asList(assignableUsersArray));
} catch (RegistryException e) {
throw new HumanTaskRuntimeException("Cannot locate user realm for tenant id " + task.getTenantId());
} catch (UserStoreException e) {
throw new HumanTaskRuntimeException("Error retrieving the UserStoreManager " + task.getTenantId(), e);
}
} else if (OrganizationalEntityDAO.OrganizationalEntityType.USER.equals(orgEntity.getOrgEntityType())) {
allPotentialOwners.add(orgEntity.getName());
}
}
OrganizationalEntityDAO actualOwner = getActualOwner(task);
if (excludeActualOwner && actualOwner != null) {
allPotentialOwners.remove(actualOwner.getName());
}
return allPotentialOwners;
}
use of org.wso2.carbon.user.api.UserStoreException in project carbon-business-process by wso2.
the class CarbonUserManagerBasedPeopleQueryEvaluator method getUserNameListForRole.
public List<String> getUserNameListForRole(String roleName) {
if (isExistingRole(roleName)) {
if (cachingEnabled) {
Cache<String, List<String>> userNameListForRoleCache = getUserNameListForRoleCache();
if (userNameListForRoleCache != null && userNameListForRoleCache.containsKey(roleName)) {
return getUserNameListForRoleCache().get(roleName);
}
}
try {
ArrayList<String> usernameList = new ArrayList<String>(Arrays.asList(getUserRealm().getUserStoreManager().getUserListOfRole(roleName)));
if (cachingEnabled) {
Cache<String, List<String>> userNameListForRoleCache = getUserNameListForRoleCache();
if (userNameListForRoleCache != null) {
getUserNameListForRoleCache().put(roleName, usernameList);
}
Cache<String, Boolean> userNameListCache = getUserNameListCache();
if (userNameListCache != null) {
for (String userName : usernameList) {
userNameListCache.put(userName, true);
}
}
}
return usernameList;
} catch (UserStoreException e) {
throw new HumanTaskRuntimeException("Error occurred while calling" + " to realm service for operation isExistingRole", e);
}
} else {
throw new HumanTaskRuntimeException(String.format("The role name[%s] does not exist.", roleName));
}
}
Aggregations