use of org.wso2.carbon.user.mgt.common.FlaggedName in project product-is by wso2.
the class UserManagementClient method addRoleWithUser.
private void addRoleWithUser(String roleName, String userName, boolean isSharedRole) throws RemoteException, UserAdminUserAdminException {
userAdminStub.addRole(roleName, new String[] { userName }, null, isSharedRole);
FlaggedName[] roles = userAdminStub.getAllRolesNames(roleName, 100);
for (FlaggedName role : roles) {
if (!role.getItemName().equals(roleName)) {
continue;
} else {
assert (role.getItemName().equals(roleName));
}
assert false : "Role: " + roleName + " was not added properly.";
}
}
use of org.wso2.carbon.user.mgt.common.FlaggedName in project carbon-identity-framework by wso2.
the class UserRealmProxy method listAllUsers.
public FlaggedName[] listAllUsers(String filter, int maxLimit) throws UserAdminException {
FlaggedName[] flaggedNames = null;
Map<String, Integer> userCount = new HashMap<String, Integer>();
try {
UserStoreManager userStoreManager = realm.getUserStoreManager();
String[] users = userStoreManager.listUsers(filter, maxLimit);
RealmConfiguration realmConfig = userStoreManager.getRealmConfiguration();
flaggedNames = new FlaggedName[users.length + 1];
int i = 0;
for (String user : users) {
flaggedNames[i] = new FlaggedName();
// check if display name present
int index = user.indexOf(UserCoreConstants.NAME_COMBINER);
if (index > 0) {
// if display name is appended
flaggedNames[i].setItemName(user.substring(0, index));
flaggedNames[i].setItemDisplayName(user.substring(index + UserCoreConstants.NAME_COMBINER.length()));
} else {
// if only user name is present
flaggedNames[i].setItemName(user);
// set Display name as the item name
flaggedNames[i].setItemDisplayName(user);
}
int index1 = flaggedNames[i].getItemName() != null ? flaggedNames[i].getItemName().indexOf(CarbonConstants.DOMAIN_SEPARATOR) : -1;
boolean domainProvided = index1 > 0;
String domain = domainProvided ? flaggedNames[i].getItemName().substring(0, index1) : null;
if (StringUtils.isBlank(domain)) {
domain = UserCoreUtil.getDomainName(realmConfig);
}
if (domain != null && !UserCoreConstants.INTERNAL_DOMAIN.equalsIgnoreCase(domain) && !UserMgtConstants.APPLICATION_DOMAIN.equalsIgnoreCase(domain)) {
UserStoreManager secondaryUM = realm.getUserStoreManager().getSecondaryUserStoreManager(domain);
if (secondaryUM != null && secondaryUM.isReadOnly()) {
flaggedNames[i].setEditable(false);
} else {
flaggedNames[i].setEditable(true);
}
} else {
if (realm.getUserStoreManager().isReadOnly()) {
flaggedNames[i].setEditable(false);
} else {
flaggedNames[i].setEditable(true);
}
}
if (domain != null) {
if (userCount.containsKey(domain)) {
userCount.put(domain, userCount.get(domain) + 1);
} else {
userCount.put(domain, 1);
}
} else {
if (userCount.containsKey(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME)) {
userCount.put(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME, userCount.get(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME) + 1);
} else {
userCount.put(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME, 1);
}
}
i++;
}
} catch (UserStoreException e) {
log.error(e.getMessage(), e);
throw new UserAdminException(e.getMessage(), e);
} catch (Exception e) {
log.error(e.getMessage(), e);
throw new UserAdminException(e.getMessage(), e);
}
Arrays.sort(flaggedNames, new Comparator<FlaggedName>() {
@Override
public int compare(FlaggedName o1, FlaggedName o2) {
if (o1 == null || o2 == null) {
return 0;
}
return o1.getItemName().toLowerCase().compareTo(o2.getItemName().toLowerCase());
}
});
String exceededDomains = "";
boolean isPrimaryExceeding = false;
try {
Map<String, Integer> maxUserListCount = ((AbstractUserStoreManager) realm.getUserStoreManager()).getMaxListCount(UserCoreConstants.RealmConfig.PROPERTY_MAX_USER_LIST);
String[] domains = userCount.keySet().toArray(new String[userCount.keySet().size()]);
for (int i = 0; i < domains.length; i++) {
if (UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equalsIgnoreCase(domains[i])) {
if (userCount.get(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME).intValue() == maxUserListCount.get(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME).intValue()) {
isPrimaryExceeding = true;
}
continue;
}
if (userCount.get(domains[i]).equals(maxUserListCount.get(domains[i].toUpperCase()))) {
exceededDomains += domains[i];
if (i != domains.length - 1) {
exceededDomains += ":";
}
}
}
FlaggedName flaggedName = new FlaggedName();
if (isPrimaryExceeding) {
flaggedName.setItemName("true");
} else {
flaggedName.setItemName(FALSE);
}
flaggedName.setItemDisplayName(exceededDomains);
flaggedNames[flaggedNames.length - 1] = flaggedName;
} catch (UserStoreException e) {
log.error(e.getMessage(), e);
throw new UserAdminException(e.getMessage(), e);
}
return flaggedNames;
}
use of org.wso2.carbon.user.mgt.common.FlaggedName in project carbon-identity-framework by wso2.
the class UserRealmProxy method getRolesOfUser.
public FlaggedName[] getRolesOfUser(String userName, String filter, int limit) throws UserAdminException {
try {
int index = userName != null ? userName.indexOf(CarbonConstants.DOMAIN_SEPARATOR) : -1;
boolean domainProvided = index > 0;
String domain = domainProvided ? userName.substring(0, index) : null;
if (filter == null) {
filter = "*";
}
UserStoreManager admin = realm.getUserStoreManager();
String[] userRoles = ((AbstractUserStoreManager) admin).getRoleListOfUser(userName);
Map<String, Integer> userCount = new HashMap<String, Integer>();
// Filter the internal system roles created to maintain the backward compatibility.
userRoles = filterInternalSystemRoles(userRoles);
if (limit == 0) {
// want to check whether role is internal of not
// no limit?
String modifiedFilter = filter;
if (filter.contains(CarbonConstants.DOMAIN_SEPARATOR)) {
modifiedFilter = filter.substring(filter.indexOf(CarbonConstants.DOMAIN_SEPARATOR) + 1);
}
String[] hybridRoles = ((AbstractUserStoreManager) admin).getHybridRoles(modifiedFilter);
// Filter the internal system roles created to maintain the backward compatibility.
hybridRoles = filterInternalSystemRoles(hybridRoles);
if (hybridRoles != null) {
Arrays.sort(hybridRoles);
}
// filter with regexp
modifiedFilter = modifiedFilter.replace("*", ".*");
Pattern pattern = Pattern.compile(modifiedFilter, Pattern.CASE_INSENSITIVE);
List<FlaggedName> flaggedNames = new ArrayList<>();
for (String role : userRoles) {
String matchingRole = role;
String roleDomain = null;
if (matchingRole.contains(CarbonConstants.DOMAIN_SEPARATOR)) {
matchingRole = matchingRole.substring(matchingRole.indexOf(CarbonConstants.DOMAIN_SEPARATOR) + 1);
if (filter.contains(CarbonConstants.DOMAIN_SEPARATOR)) {
roleDomain = role.substring(0, role.indexOf(CarbonConstants.DOMAIN_SEPARATOR) + 1);
}
}
if (hybridRoles != null && Arrays.binarySearch(hybridRoles, role) > -1) {
Matcher matcher = pattern.matcher(matchingRole);
if (!(matcher.matches() && (roleDomain == null || filter.toLowerCase().startsWith(roleDomain.toLowerCase())))) {
continue;
}
} else {
Matcher matcher = pattern.matcher(matchingRole);
if (!(matcher.matches() && (roleDomain == null || filter.toLowerCase().startsWith(roleDomain.toLowerCase())))) {
continue;
}
}
FlaggedName fName = new FlaggedName();
mapEntityName(role, fName, admin);
fName.setSelected(true);
if (domain != null && !UserCoreConstants.INTERNAL_DOMAIN.equalsIgnoreCase(domain) && !UserMgtConstants.APPLICATION_DOMAIN.equalsIgnoreCase(domain)) {
if ((admin.getSecondaryUserStoreManager(domain).isReadOnly() || (admin.getSecondaryUserStoreManager(domain).getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.WRITE_GROUPS_ENABLED) != null && admin.getSecondaryUserStoreManager(domain).getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.WRITE_GROUPS_ENABLED).equals(FALSE))) && hybridRoles != null && Arrays.binarySearch(hybridRoles, role) < 0) {
fName.setEditable(false);
} else {
fName.setEditable(true);
}
} else {
if ((admin.isReadOnly() || (admin.getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.WRITE_GROUPS_ENABLED) != null && FALSE.equals(admin.getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.WRITE_GROUPS_ENABLED)))) && hybridRoles != null && Arrays.binarySearch(hybridRoles, role) < 0) {
fName.setEditable(false);
} else {
fName.setEditable(true);
}
}
if (domain != null) {
if (userCount.containsKey(domain)) {
userCount.put(domain, userCount.get(domain) + 1);
} else {
userCount.put(domain, 1);
}
} else {
if (userCount.containsKey(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME)) {
userCount.put(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME, userCount.get(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME) + 1);
} else {
userCount.put(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME, 1);
}
}
flaggedNames.add(fName);
}
String exceededDomains = "";
boolean isPrimaryExceeding = false;
Map<String, Integer> maxUserListCount = ((AbstractUserStoreManager) realm.getUserStoreManager()).getMaxListCount(UserCoreConstants.RealmConfig.PROPERTY_MAX_ROLE_LIST);
String[] domains = userCount.keySet().toArray(new String[userCount.keySet().size()]);
for (int i = 0; i < domains.length; i++) {
if (UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equals(domains[i])) {
if (userCount.get(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME).equals(maxUserListCount.get(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME))) {
isPrimaryExceeding = true;
}
continue;
}
if (userCount.get(domains[i]).equals(maxUserListCount.get(domains[i].toUpperCase()))) {
exceededDomains += domains[i];
if (i != domains.length - 1) {
exceededDomains += ":";
}
}
}
FlaggedName flaggedName = new FlaggedName();
if (isPrimaryExceeding) {
flaggedName.setItemName("true");
} else {
flaggedName.setItemName(FALSE);
}
flaggedName.setItemDisplayName(exceededDomains);
flaggedNames.add(flaggedName);
return flaggedNames.toArray(new FlaggedName[flaggedNames.size()]);
}
String[] internalRoles = null;
String[] externalRoles = null;
// only internal roles are retrieved.
if (filter.toLowerCase().startsWith(UserCoreConstants.INTERNAL_DOMAIN.toLowerCase())) {
if (admin instanceof AbstractUserStoreManager) {
filter = filter.substring(filter.indexOf(CarbonConstants.DOMAIN_SEPARATOR) + 1);
internalRoles = ((AbstractUserStoreManager) admin).getHybridRoles(filter);
} else {
internalRoles = admin.getHybridRoles();
}
} else {
// filter has a domain value
if (domain != null && filter.toLowerCase().startsWith(domain.toLowerCase() + CarbonConstants.DOMAIN_SEPARATOR)) {
if (admin instanceof AbstractUserStoreManager) {
externalRoles = ((AbstractUserStoreManager) admin).getRoleNames(filter, limit, true, true, true);
} else {
externalRoles = admin.getRoleNames();
}
} else {
if (admin instanceof AbstractUserStoreManager) {
internalRoles = ((AbstractUserStoreManager) admin).getHybridRoles(filter);
} else {
internalRoles = admin.getHybridRoles();
}
if (domain == null) {
filter = CarbonConstants.DOMAIN_SEPARATOR + filter;
} else {
filter = domain + CarbonConstants.DOMAIN_SEPARATOR + filter;
}
if (admin instanceof AbstractUserStoreManager) {
externalRoles = ((AbstractUserStoreManager) admin).getRoleNames(filter, limit, true, true, true);
} else {
externalRoles = admin.getRoleNames();
}
}
}
// Filter the internal system roles created to maintain the backward compatibility.
internalRoles = filterInternalSystemRoles(internalRoles);
List<FlaggedName> flaggedNames = new ArrayList<FlaggedName>();
Arrays.sort(userRoles);
if (externalRoles != null) {
for (String externalRole : externalRoles) {
FlaggedName fname = new FlaggedName();
mapEntityName(externalRole, fname, admin);
fname.setDomainName(domain);
if (Arrays.binarySearch(userRoles, externalRole) > -1) {
fname.setSelected(true);
}
if (domain != null) {
UserStoreManager secManager = admin.getSecondaryUserStoreManager(domain);
if (secManager.isReadOnly() || FALSE.equals(secManager.getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.WRITE_GROUPS_ENABLED))) {
fname.setEditable(false);
} else {
fname.setEditable(true);
}
} else {
if (admin.isReadOnly() || FALSE.equals(admin.getRealmConfiguration().getUserStoreProperty(UserCoreConstants.RealmConfig.WRITE_GROUPS_ENABLED))) {
fname.setEditable(false);
} else {
fname.setEditable(true);
}
}
if (domain != null) {
if (userCount.containsKey(domain)) {
userCount.put(domain, userCount.get(domain) + 1);
} else {
userCount.put(domain, 1);
}
} else {
if (userCount.containsKey(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME)) {
userCount.put(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME, userCount.get(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME) + 1);
} else {
userCount.put(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME, 1);
}
}
flaggedNames.add(fname);
}
}
if (internalRoles != null) {
for (String internalRole : internalRoles) {
FlaggedName fname = new FlaggedName();
fname.setItemName(internalRole);
fname.setDomainName(UserCoreConstants.INTERNAL_DOMAIN);
if (Arrays.binarySearch(userRoles, internalRole) > -1) {
fname.setSelected(true);
}
fname.setEditable(true);
flaggedNames.add(fname);
}
}
// Sort the roles by role name.
Collections.sort(flaggedNames, new Comparator<FlaggedName>() {
@Override
public int compare(FlaggedName role1, FlaggedName role2) {
return role1.getItemName().compareToIgnoreCase(role2.getItemName());
}
});
String exceededDomains = "";
boolean isPrimaryExceeding = false;
Map<String, Integer> maxUserListCount = ((AbstractUserStoreManager) realm.getUserStoreManager()).getMaxListCount(UserCoreConstants.RealmConfig.PROPERTY_MAX_ROLE_LIST);
String[] domains = userCount.keySet().toArray(new String[userCount.keySet().size()]);
for (int i = 0; i < domains.length; i++) {
if (UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equals(domains[i])) {
if (userCount.get(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME).equals(maxUserListCount.get(UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME))) {
isPrimaryExceeding = true;
}
continue;
}
if (userCount.get(domains[i]).equals(maxUserListCount.get(domains[i].toUpperCase()))) {
exceededDomains += domains[i];
if (i != domains.length - 1) {
exceededDomains += ":";
}
}
}
FlaggedName flaggedName = new FlaggedName();
if (isPrimaryExceeding) {
flaggedName.setItemName("true");
} else {
flaggedName.setItemName(FALSE);
}
flaggedName.setItemDisplayName(exceededDomains);
flaggedNames.add(flaggedName);
return flaggedNames.toArray(new FlaggedName[flaggedNames.size()]);
} catch (Exception e) {
log.error(e);
throw new UserAdminException(e.getMessage(), e);
}
}
use of org.wso2.carbon.user.mgt.common.FlaggedName in project carbon-identity-framework by wso2.
the class UserRealmProxy method listUsers.
public FlaggedName[] listUsers(ClaimValue claimValue, String filter, int maxLimit) throws UserAdminException {
try {
String[] usersWithClaim = null;
if (claimValue.getClaimURI() != null && claimValue.getValue() != null) {
usersWithClaim = realm.getUserStoreManager().getUserList(claimValue.getClaimURI(), claimValue.getValue(), null);
}
int i = 0;
FlaggedName[] flaggedNames = new FlaggedName[0];
if (usersWithClaim != null) {
flaggedNames = new FlaggedName[usersWithClaim.length + 1];
Arrays.sort(usersWithClaim);
for (String user : usersWithClaim) {
flaggedNames[i] = new FlaggedName();
flaggedNames[i].setItemName(user);
// retrieving the displayName
// Check whether to use the display name claim when filtering users.
String showDisplayName = IdentityUtil.getProperty(IdentityConstants.SHOW_DISPLAY_NAME);
boolean isShowDisplayNameEnabled = Boolean.parseBoolean(showDisplayName);
if (isShowDisplayNameEnabled) {
String displayName = realm.getUserStoreManager().getUserClaimValue(user, DISAPLAY_NAME_CLAIM, null);
if (StringUtils.isNotBlank(displayName)) {
int index = user.indexOf(UserCoreConstants.DOMAIN_SEPARATOR);
if (index > 0) {
flaggedNames[i].setItemDisplayName(user.substring(0, index + 1) + displayName);
} else {
flaggedNames[i].setItemDisplayName(displayName);
}
} else {
flaggedNames[i].setItemDisplayName(user);
}
} else {
flaggedNames[i].setItemDisplayName(user);
}
int index1 = flaggedNames[i].getItemName() != null ? flaggedNames[i].getItemName().indexOf(CarbonConstants.DOMAIN_SEPARATOR) : -1;
boolean domainProvided = index1 > 0;
String domain = domainProvided ? flaggedNames[i].getItemName().substring(0, index1) : null;
if (domain != null && !UserCoreConstants.INTERNAL_DOMAIN.equalsIgnoreCase(domain) && !UserMgtConstants.APPLICATION_DOMAIN.equalsIgnoreCase(domain)) {
UserStoreManager secondaryUM = realm.getUserStoreManager().getSecondaryUserStoreManager(domain);
if (secondaryUM != null && secondaryUM.isReadOnly()) {
flaggedNames[i].setEditable(false);
} else {
flaggedNames[i].setEditable(true);
}
} else {
if (realm.getUserStoreManager().isReadOnly()) {
flaggedNames[i].setEditable(false);
} else {
flaggedNames[i].setEditable(true);
}
}
i++;
}
if (usersWithClaim.length > 0) {
// tail flagged name is added to handle pagination
FlaggedName flaggedName = new FlaggedName();
flaggedName.setItemName(FALSE);
flaggedName.setDomainName("");
flaggedNames[flaggedNames.length - 1] = flaggedName;
}
}
return flaggedNames;
} catch (UserStoreException e) {
log.error(e.getMessage(), e);
throw new UserAdminException(e.getMessage(), e);
} catch (Exception e) {
log.error(e.getMessage(), e);
throw new UserAdminException(e.getMessage(), e);
}
}
use of org.wso2.carbon.user.mgt.common.FlaggedName in project carbon-identity-framework by wso2.
the class UserAdmin method listUserByClaimWithPermission.
/**
* List users with given claim value and permission
*
* @param claimValue claim to check
* @param filter filter to check
* @param permission permission to check
* @param maxLimit
* @return
* @throws UserAdminException
*/
public FlaggedName[] listUserByClaimWithPermission(ClaimValue claimValue, String filter, String permission, int maxLimit) throws UserAdminException {
List<FlaggedName> permittedUsers = new ArrayList<>();
try {
org.wso2.carbon.user.api.UserRealm realm = UserMgtDSComponent.getRealmService().getTenantUserRealm(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
AuthorizationManager authorizationManager = realm.getAuthorizationManager();
FlaggedName[] users = getUserAdminProxy().listUsers(claimValue, filter, maxLimit);
for (int i = 0; i < users.length - 1; i++) {
if (authorizationManager.isUserAuthorized(users[i].getItemName(), permission, UserMgtConstants.EXECUTE_ACTION)) {
permittedUsers.add(users[i]);
}
}
} catch (org.wso2.carbon.user.api.UserStoreException e) {
throw new UserAdminException("Error while filtering authorized users.", e);
}
FlaggedName[] permittedUsersArray = new FlaggedName[permittedUsers.size()];
return permittedUsers.toArray(permittedUsersArray);
}
Aggregations