use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.
the class AbstractJWTGenerator method getMultiAttributeSeparator.
protected String getMultiAttributeSeparator(int tenantId) {
try {
RealmConfiguration realmConfiguration = null;
RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
if (realmService != null && tenantId != MultitenantConstants.INVALID_TENANT_ID) {
UserStoreManager userStoreManager = (UserStoreManager) realmService.getTenantUserRealm(tenantId).getUserStoreManager();
realmConfiguration = userStoreManager.getRealmConfiguration();
}
if (realmConfiguration != null) {
String claimSeparator = realmConfiguration.getUserStoreProperty(APIConstants.MULTI_ATTRIBUTE_SEPARATOR);
if (claimSeparator != null && !claimSeparator.trim().isEmpty()) {
return claimSeparator;
}
}
} catch (UserStoreException e) {
log.error("Error occurred while getting the realm configuration, User store properties might not be " + "returned", e);
}
return null;
}
use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.
the class APIConsumerImpl method updateApplicationOwner.
public boolean updateApplicationOwner(String userId, String organization, Application application) throws APIManagementException {
boolean isAppUpdated;
String consumerKey;
String oldUserName = application.getSubscriber().getName();
String oldTenantDomain = MultitenantUtils.getTenantDomain(oldUserName);
String newTenantDomain = MultitenantUtils.getTenantDomain(userId);
if (oldTenantDomain.equals(newTenantDomain)) {
if (!isSubscriberValid(userId)) {
RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
try {
int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(newTenantDomain);
UserStoreManager userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
if (userStoreManager.isExistingUser(userId)) {
if (apiMgtDAO.getSubscriber(userId) == null) {
addSubscriber(userId, "");
}
} else {
throw new APIManagementException("User " + userId + " doesn't exist in user store");
}
} catch (UserStoreException e) {
throw new APIManagementException("Error while adding user " + userId + " as a subscriber");
}
}
String applicationName = application.getName();
if (!APIUtil.isApplicationOwnedBySubscriber(userId, applicationName, organization)) {
for (APIKey apiKey : application.getKeys()) {
KeyManager keyManager = KeyManagerHolder.getKeyManagerInstance(tenantDomain, apiKey.getKeyManager());
/* retrieving OAuth application information for specific consumer key */
consumerKey = apiKey.getConsumerKey();
OAuthApplicationInfo oAuthApplicationInfo = keyManager.retrieveApplication(consumerKey);
if (oAuthApplicationInfo.getParameter(ApplicationConstants.OAUTH_CLIENT_NAME) != null) {
OAuthAppRequest oauthAppRequest = ApplicationUtils.createOauthAppRequest(oAuthApplicationInfo.getParameter(ApplicationConstants.OAUTH_CLIENT_NAME).toString(), null, oAuthApplicationInfo.getCallBackURL(), null, null, application.getTokenType(), this.tenantDomain, apiKey.getKeyManager());
oauthAppRequest.getOAuthApplicationInfo().setAppOwner(userId);
oauthAppRequest.getOAuthApplicationInfo().setClientId(consumerKey);
/* updating the owner of the OAuth application with userId */
OAuthApplicationInfo updatedAppInfo = keyManager.updateApplicationOwner(oauthAppRequest, userId);
isAppUpdated = true;
audit.info("Successfully updated the owner of application " + application.getName() + " from " + oldUserName + " to " + userId + ".");
} else {
throw new APIManagementException("Unable to retrieve OAuth application information.");
}
}
} else {
throw new APIManagementException("Unable to update application owner to " + userId + " as this user has an application with the same name. Update owner to another user.");
}
} else {
throw new APIManagementException("Unable to update application owner to " + userId + " as this user does not belong to " + oldTenantDomain + " domain.");
}
isAppUpdated = apiMgtDAO.updateApplicationOwner(userId, application);
return isAppUpdated;
}
use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.
the class APIUtil method isRoleNameExist.
/**
* check whether given role is exist
*
* @param userName logged user
* @param roleName role name need to check
* @return true if exist and false if not
* @throws APIManagementException If an error occurs
*/
public static boolean isRoleNameExist(String userName, String roleName) throws APIManagementException {
if (roleName == null || StringUtils.isEmpty(roleName.trim())) {
return true;
}
// disable role validation if "disableRoleValidationAtScopeCreation" system property is set
String disableRoleValidation = System.getProperty(DISABLE_ROLE_VALIDATION_AT_SCOPE_CREATION);
if (Boolean.parseBoolean(disableRoleValidation)) {
return true;
}
org.wso2.carbon.user.api.UserStoreManager userStoreManager;
try {
RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(MultitenantUtils.getTenantDomain(userName));
userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
String[] roles = roleName.split(",");
for (String role : roles) {
if (!userStoreManager.isExistingRole(role.trim())) {
return false;
}
}
} catch (org.wso2.carbon.user.api.UserStoreException e) {
log.error("Error when getting the list of roles", e);
return false;
}
return true;
}
use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.
the class APIUtil method setupSelfRegistration.
public void setupSelfRegistration(APIManagerConfiguration config, int tenantId) throws APIManagementException {
boolean enabled = Boolean.parseBoolean(config.getFirstProperty(APIConstants.SELF_SIGN_UP_ENABLED));
if (!enabled) {
return;
}
// Create the subscriber role as an internal role
String role = UserCoreConstants.INTERNAL_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR + config.getFirstProperty(APIConstants.SELF_SIGN_UP_ROLE);
if ((UserCoreConstants.INTERNAL_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR).equals(role)) {
// Required parameter missing - Throw an exception and interrupt startup
throw new APIManagementException("Required subscriber role parameter missing " + "in the self sign up configuration");
}
try {
RealmService realmService = ServiceReferenceHolder.getInstance().getRealmService();
UserRealm realm;
org.wso2.carbon.user.api.UserRealm tenantRealm;
UserStoreManager manager;
if (tenantId < 0) {
realm = realmService.getBootstrapRealm();
manager = realm.getUserStoreManager();
} else {
tenantRealm = realmService.getTenantUserRealm(tenantId);
manager = tenantRealm.getUserStoreManager();
}
if (!manager.isExistingRole(role)) {
if (log.isDebugEnabled()) {
log.debug("Creating subscriber role: " + role);
}
Permission[] subscriberPermissions = new Permission[] { new Permission("/permission/admin/login", UserMgtConstants.EXECUTE_ACTION), new Permission(APIConstants.Permissions.API_SUBSCRIBE, UserMgtConstants.EXECUTE_ACTION) };
String tenantAdminName = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getRealmConfiguration().getAdminUserName();
String[] userList = new String[] { tenantAdminName };
manager.addRole(role, userList, subscriberPermissions);
}
} catch (UserStoreException e) {
throw new APIManagementException("Error while creating subscriber role: " + role + " - " + "Self registration might not function properly.", e);
}
}
use of org.wso2.carbon.user.core.UserStoreManager in project carbon-apimgt by wso2.
the class APIUtil method getRoleNames.
/**
* Retrieves the role list of system
*
* @throws APIManagementException If an error occurs
*/
public static String[] getRoleNames(String username) throws APIManagementException {
String tenantDomain = MultitenantUtils.getTenantDomain(username);
try {
if (!org.wso2.carbon.utils.multitenancy.MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
int tenantId = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain);
UserStoreManager manager = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getUserStoreManager();
return manager.getRoleNames();
} else {
return AuthorizationManager.getInstance().getRoleNames();
}
} catch (UserStoreException e) {
log.error("Error while getting all the roles", e);
return new String[0];
}
}
Aggregations