|
|
|
@ -626,7 +626,7 @@ public class APIPublisherServiceImpl implements APIPublisherService {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public void updateScopeRoleMapping(String roleName, String[] permissions) throws APIManagerPublisherException {
|
|
|
|
|
public void updateScopeRoleMapping(String roleName, String[] permissions, String[] removedPermissions) throws APIManagerPublisherException {
|
|
|
|
|
APIApplicationServices apiApplicationServices = new APIApplicationServicesImpl();
|
|
|
|
|
APIApplicationKey apiApplicationKey;
|
|
|
|
|
AccessTokenInfo accessTokenInfo;
|
|
|
|
@ -643,8 +643,53 @@ public class APIPublisherServiceImpl implements APIPublisherService {
|
|
|
|
|
try {
|
|
|
|
|
PublisherRESTAPIServices publisherRESTAPIServices = new PublisherRESTAPIServicesImpl();
|
|
|
|
|
JSONObject scopeObject = publisherRESTAPIServices.getScopes(apiApplicationKey, accessTokenInfo);
|
|
|
|
|
|
|
|
|
|
Map<String, String> permScopeMap = APIPublisherDataHolder.getInstance().getPermScopeMapping();
|
|
|
|
|
if (permissions.length != 0) {
|
|
|
|
|
updateScopes(roleName, publisherRESTAPIServices, apiApplicationKey, accessTokenInfo, scopeObject, permissions, permScopeMap, false);
|
|
|
|
|
}
|
|
|
|
|
if (removedPermissions.length != 0) {
|
|
|
|
|
updateScopes(roleName, publisherRESTAPIServices, apiApplicationKey, accessTokenInfo, scopeObject, removedPermissions, permScopeMap, true);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
updatePermissions(roleName, Arrays.asList(permissions));
|
|
|
|
|
} catch (UserStoreException e) {
|
|
|
|
|
String errorMsg = "Error occurred when adding permissions to role: " + roleName;
|
|
|
|
|
log.error(errorMsg, e);
|
|
|
|
|
throw new APIManagerPublisherException(errorMsg, e);
|
|
|
|
|
}
|
|
|
|
|
} catch (APIServicesException e) {
|
|
|
|
|
String errorMsg = "Error while processing Publisher REST API response";
|
|
|
|
|
log.error(errorMsg, e);
|
|
|
|
|
throw new APIManagerPublisherException(errorMsg, e);
|
|
|
|
|
} catch (BadRequestException e) {
|
|
|
|
|
String errorMsg = "Error while calling Publisher REST APIs";
|
|
|
|
|
log.error(errorMsg, e);
|
|
|
|
|
throw new APIManagerPublisherException(errorMsg, e);
|
|
|
|
|
} catch (UnexpectedResponseException e) {
|
|
|
|
|
String errorMsg = "Unexpected response from the server";
|
|
|
|
|
log.error(errorMsg, e);
|
|
|
|
|
throw new APIManagerPublisherException(errorMsg, e);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Update Scopes
|
|
|
|
|
*
|
|
|
|
|
* @param roleName Role Name
|
|
|
|
|
* @param publisherRESTAPIServices {@link PublisherRESTAPIServices}
|
|
|
|
|
* @param apiApplicationKey {@link APIApplicationKey}
|
|
|
|
|
* @param accessTokenInfo {@link AccessTokenInfo}
|
|
|
|
|
* @param scopeObject scope object returning from APIM
|
|
|
|
|
* @param permissions List of permissions
|
|
|
|
|
* @param permScopeMap Permission Scope map
|
|
|
|
|
* @param removingPermissions if list of permissions has to be removed from the role send true, otherwise sends false.
|
|
|
|
|
* @throws APIManagerPublisherException If the method receives invalid permission to update.
|
|
|
|
|
*/
|
|
|
|
|
private void updateScopes (String roleName, PublisherRESTAPIServices publisherRESTAPIServices,
|
|
|
|
|
APIApplicationKey apiApplicationKey, AccessTokenInfo accessTokenInfo,
|
|
|
|
|
JSONObject scopeObject, String[] permissions, Map<String, String> permScopeMap, boolean removingPermissions )
|
|
|
|
|
throws APIManagerPublisherException {
|
|
|
|
|
for (String permission : permissions) {
|
|
|
|
|
String scopeValue = permScopeMap.get(permission);
|
|
|
|
|
if (scopeValue == null) {
|
|
|
|
@ -671,40 +716,29 @@ public class APIPublisherServiceImpl implements APIPublisherService {
|
|
|
|
|
for (int j = 0; j < existingRolesArray.length(); j++) {
|
|
|
|
|
existingRoleList.add((String) existingRolesArray.get(j));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (removingPermissions) {
|
|
|
|
|
existingRoleList.remove(roleName);
|
|
|
|
|
} else {
|
|
|
|
|
if (!existingRoleList.contains(roleName)) {
|
|
|
|
|
existingRoleList.add(roleName);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
scope.setRoles(String.join(",", existingRoleList));
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
if (publisherRESTAPIServices.isSharedScopeNameExists(apiApplicationKey, accessTokenInfo, scope.getKey())) {
|
|
|
|
|
publisherRESTAPIServices.updateSharedScope(apiApplicationKey, accessTokenInfo, scope);
|
|
|
|
|
} else {
|
|
|
|
|
// todo: come to this level means, that scope is removed from API, but haven't removed from the scope-role-permission-mappings list
|
|
|
|
|
log.warn(scope.getKey() + " not available as shared scope");
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
} catch (APIServicesException | BadRequestException | UnexpectedResponseException e) {
|
|
|
|
|
log.error("Error occurred while updating role scope mapping via APIM REST endpoint.", e);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
try {
|
|
|
|
|
updatePermissions(roleName, Arrays.asList(permissions));
|
|
|
|
|
} catch (UserStoreException e) {
|
|
|
|
|
String errorMsg = "Error occurred when adding permissions to role: " + roleName;
|
|
|
|
|
log.error(errorMsg, e);
|
|
|
|
|
throw new APIManagerPublisherException(errorMsg, e);
|
|
|
|
|
}
|
|
|
|
|
} catch (APIServicesException e) {
|
|
|
|
|
String errorMsg = "Error while processing Publisher REST API response";
|
|
|
|
|
log.error(errorMsg, e);
|
|
|
|
|
throw new APIManagerPublisherException(errorMsg, e);
|
|
|
|
|
} catch (BadRequestException e) {
|
|
|
|
|
String errorMsg = "Error while calling Publisher REST APIs";
|
|
|
|
|
log.error(errorMsg, e);
|
|
|
|
|
throw new APIManagerPublisherException(errorMsg, e);
|
|
|
|
|
} catch (UnexpectedResponseException e) {
|
|
|
|
|
String errorMsg = "Unexpected response from the server";
|
|
|
|
|
log.error(errorMsg, e);
|
|
|
|
|
throw new APIManagerPublisherException(errorMsg, e);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|