Improving Role management API implementation

merge-requests/7/head
prabathabey 9 years ago
parent 3e21c6d50d
commit 00a16ea2bc

@ -0,0 +1,56 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.device.mgt.jaxrs.beans;
import com.fasterxml.jackson.annotation.JsonProperty;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import java.util.List;
@ApiModel(value = "Role List")
public class RoleList extends BasePaginatedResult {
private List<String> roles;
@ApiModelProperty(value = "List of roles returned")
@JsonProperty("roles")
public List<String> getList() {
return roles;
}
public void setList(List<String> roles) {
this.roles = roles;
}
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{\n");
sb.append(" count: ").append(getCount()).append(",\n");
sb.append(" next: ").append(getNext()).append(",\n");
sb.append(" previous: ").append(getPrevious()).append(",\n");
sb.append(" roles: [").append(roles).append("\n");
sb.append("]}\n");
return sb.toString();
}
}

@ -22,6 +22,8 @@ import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission; import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration; import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleWrapper;
import org.wso2.carbon.user.mgt.common.UIPermissionNode; import org.wso2.carbon.user.mgt.common.UIPermissionNode;
@ -43,18 +45,15 @@ public interface RoleManagementService {
produces = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON,
httpMethod = "GET", httpMethod = "GET",
value = "Get the list of roles.", value = "Get the list of roles.",
responseContainer = "List",
notes = "If you wish to get the details of all the roles in EMM, you can do so using this REST API. All " + notes = "If you wish to get the details of all the roles in EMM, you can do so using this REST API. All " +
"internal roles, roles created for Service-providers and application related roles are omitted.", "internal roles, roles created for Service-providers and application related roles are omitted.",
response = String.class,
tags = "Role Management") tags = "Role Management")
@ApiResponses( @ApiResponses(
value = { value = {
@ApiResponse( @ApiResponse(
code = 200, code = 200,
message = "OK. \n Successfully fetched the requested list of roles.", message = "OK. \n Successfully fetched the requested list of roles.",
response = String.class, response = RoleList.class,
responseContainer = "List",
responseHeaders = { responseHeaders = {
@ResponseHeader( @ResponseHeader(
name = "Content-Type", name = "Content-Type",
@ -76,7 +75,8 @@ public interface RoleManagementService {
message = "Not Acceptable.\n The requested media type is not supported"), message = "Not Acceptable.\n The requested media type is not supported"),
@ApiResponse( @ApiResponse(
code = 500, code = 500,
message = "Internal Server ErrorResponse. \n Server error occurred while fetching requested list of roles.") message = "Internal Server ErrorResponse. \n Server error occurred while fetching requested list of roles.",
response = ErrorResponse.class)
}) })
@Permission(scope = "roles-view", permissions = { @Permission(scope = "roles-view", permissions = {
"/permission/admin/device-mgt/admin/roles/list", "/permission/admin/device-mgt/admin/roles/list",
@ -155,7 +155,8 @@ public interface RoleManagementService {
message = "Not Acceptable.\n The requested media type is not supported"), message = "Not Acceptable.\n The requested media type is not supported"),
@ApiResponse( @ApiResponse(
code = 500, code = 500,
message = "Internal Server ErrorResponse. \n Server error occurred while fetching the permission list of the requested role.") message = "Internal Server ErrorResponse. \n Server error occurred while fetching the permission list of the requested role.",
response = ErrorResponse.class)
}) })
@Permission(scope = "roles-view", permissions = {"/permission/admin/device-mgt/admin/roles/list"}) @Permission(scope = "roles-view", permissions = {"/permission/admin/device-mgt/admin/roles/list"})
Response getPermissionsOfRole( Response getPermissionsOfRole(
@ -209,7 +210,8 @@ public interface RoleManagementService {
message = "Not Acceptable.\n The requested media type is not supported"), message = "Not Acceptable.\n The requested media type is not supported"),
@ApiResponse( @ApiResponse(
code = 500, code = 500,
message = "Internal Server ErrorResponse. \n Server error occurred while fetching the requested role.") message = "Internal Server ErrorResponse. \n Server error occurred while fetching the requested role.",
response = ErrorResponse.class)
}) })
@Permission(scope = "roles-view", permissions = {"/permission/admin/device-mgt/admin/roles/list"}) @Permission(scope = "roles-view", permissions = {"/permission/admin/device-mgt/admin/roles/list"})
Response getRole( Response getRole(
@ -260,14 +262,16 @@ public interface RoleManagementService {
description = "The Source URL of the document.")}), description = "The Source URL of the document.")}),
@ApiResponse( @ApiResponse(
code = 400, code = 400,
message = "Bad Request. \n Invalid request or validation error."), message = "Bad Request. \n Invalid request or validation error.",
response = ErrorResponse.class),
@ApiResponse( @ApiResponse(
code = 415, code = 415,
message = "Unsupported media type. \n The entity of the request was in a not supported format."), message = "Unsupported media type. \n The entity of the request was in a not supported format."),
@ApiResponse( @ApiResponse(
code = 500, code = 500,
message = "Internal Server ErrorResponse. \n " + message = "Internal Server ErrorResponse. \n " +
"Server error occurred while adding a new role.") "Server error occurred while adding a new role.",
response = ErrorResponse.class)
}) })
@Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/add"}) @Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/add"})
Response addRole( Response addRole(
@ -307,7 +311,8 @@ public interface RoleManagementService {
"Used by caches, or in conditional requests.")}), "Used by caches, or in conditional requests.")}),
@ApiResponse( @ApiResponse(
code = 400, code = 400,
message = "Bad Request. \n Invalid request or validation error."), message = "Bad Request. \n Invalid request or validation error.",
response = ErrorResponse.class),
@ApiResponse( @ApiResponse(
code = 404, code = 404,
message = "Not Found. \n Resource to be deleted does not exist."), message = "Not Found. \n Resource to be deleted does not exist."),
@ -317,7 +322,8 @@ public interface RoleManagementService {
@ApiResponse( @ApiResponse(
code = 500, code = 500,
message = "Internal Server ErrorResponse. \n " + message = "Internal Server ErrorResponse. \n " +
"Server error occurred while updating the role.") "Server error occurred while updating the role.",
response = ErrorResponse.class)
}) })
@Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/update"}) @Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/update"})
Response updateRole( Response updateRole(
@ -349,7 +355,8 @@ public interface RoleManagementService {
@ApiResponse( @ApiResponse(
code = 500, code = 500,
message = "Internal Server ErrorResponse. \n " + message = "Internal Server ErrorResponse. \n " +
"Server error occurred while removing the role.") "Server error occurred while removing the role.",
response = ErrorResponse.class)
}) })
@Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/remove"}) @Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/remove"})
Response deleteRole( Response deleteRole(
@ -395,7 +402,8 @@ public interface RoleManagementService {
"Used by caches, or in conditional requests.")}), "Used by caches, or in conditional requests.")}),
@ApiResponse( @ApiResponse(
code = 400, code = 400,
message = "Bad Request. \n Invalid request or validation error."), message = "Bad Request. \n Invalid request or validation error.",
response = ErrorResponse.class),
@ApiResponse( @ApiResponse(
code = 404, code = 404,
message = "Not Found. \n Resource to be deleted does not exist."), message = "Not Found. \n Resource to be deleted does not exist."),
@ -405,7 +413,8 @@ public interface RoleManagementService {
@ApiResponse( @ApiResponse(
code = 500, code = 500,
message = "Internal Server ErrorResponse. \n " + message = "Internal Server ErrorResponse. \n " +
"Server error occurred while updating the user list of the role.") "Server error occurred while updating the user list of the role.",
response = ErrorResponse.class)
}) })
@Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/update"}) @Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/update"})
Response updateUsersOfRole( Response updateUsersOfRole(

@ -62,7 +62,7 @@ public interface UserManagementAdminService {
"Server error occurred while updating credentials of the user.") "Server error occurred while updating credentials of the user.")
}) })
@Permission(scope = "user-modify", permissions = {"/permission/admin/login"}) @Permission(scope = "user-modify", permissions = {"/permission/admin/login"})
Response resetPassword( Response resetUserPassword(
@ApiParam( @ApiParam(
name = "username", name = "username",
value = "Username of the user.", value = "Username of the user.",

@ -22,7 +22,10 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants; import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.base.MultitenantConstants; import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
import org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService; import org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.UnexpectedServerErrorException;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils; import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleWrapper;
import org.wso2.carbon.device.mgt.jaxrs.util.SetReferenceTransformer; import org.wso2.carbon.device.mgt.jaxrs.util.SetReferenceTransformer;
@ -54,17 +57,22 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@HeaderParam("If-Modified-Since") String ifModifiedSince, @HeaderParam("If-Modified-Since") String ifModifiedSince,
@QueryParam("offset") int offset, @QueryParam("limit") int limit) { @QueryParam("offset") int offset, @QueryParam("limit") int limit) {
List<String> filteredRoles; List<String> filteredRoles;
RoleList targetRoles;
try { try {
filteredRoles = getRolesFromUserStore(); filteredRoles = getRolesFromUserStore();
if (filteredRoles == null || filteredRoles.size() == 0) { if (filteredRoles == null) {
return Response.status(Response.Status.NOT_FOUND).entity("No roles found.").build(); return Response.status(Response.Status.NOT_FOUND).entity("No roles found.").build();
} }
targetRoles = new RoleList();
targetRoles.setCount(filteredRoles.size());
targetRoles.setList(filteredRoles);
} catch (UserStoreException e) { } catch (UserStoreException e) {
String msg = "ErrorResponse occurred while retrieving roles from the underlying user stores"; String msg = "Error occurred while retrieving roles from the underlying user stores";
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); throw new UnexpectedServerErrorException(
new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build());
} }
return Response.status(Response.Status.OK).entity(filteredRoles).build(); return Response.status(Response.Status.OK).entity(targetRoles).build();
} }
@GET @GET
@ -88,14 +96,16 @@ public class RoleManagementServiceImpl implements RoleManagementService {
} }
return Response.status(Response.Status.OK).entity(rolePermissions).build(); return Response.status(Response.Status.OK).entity(rolePermissions).build();
} catch (UserAdminException e) { } catch (UserAdminException e) {
String msg = "ErrorResponse occurred while retrieving the permissions of role '" + roleName + "'"; String msg = "Error occurred while retrieving the permissions of role '" + roleName + "'";
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); throw new UnexpectedServerErrorException(
new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build());
} catch (UserStoreException e) { } catch (UserStoreException e) {
String msg = "ErrorResponse occurred while retrieving the underlying user realm attached to the " + String msg = "Error occurred while retrieving the underlying user realm attached to the " +
"current logged in user"; "current logged in user";
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); throw new UnexpectedServerErrorException(
new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build());
} }
} }
@ -150,9 +160,10 @@ public class RoleManagementServiceImpl implements RoleManagementService {
roleWrapper.setPermissions(permList.toArray(permListAr)); roleWrapper.setPermissions(permList.toArray(permListAr));
} }
} catch (UserStoreException | UserAdminException e) { } catch (UserStoreException | UserAdminException e) {
String msg = "ErrorResponse occurred while retrieving the user role '" + roleName + "'"; String msg = "Error occurred while retrieving the user role '" + roleName + "'";
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); throw new UnexpectedServerErrorException(
new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build());
} }
return Response.status(Response.Status.OK).entity(roleWrapper).build(); return Response.status(Response.Status.OK).entity(roleWrapper).build();
} }
@ -186,11 +197,13 @@ public class RoleManagementServiceImpl implements RoleManagementService {
} }
userStoreManager.addRole(roleWrapper.getRoleName(), roleWrapper.getUsers(), permissions); userStoreManager.addRole(roleWrapper.getRoleName(), roleWrapper.getUsers(), permissions);
} catch (UserStoreException e) { } catch (UserStoreException e) {
String msg = "ErrorResponse occurred while adding role '" + roleWrapper.getRoleName() + "'"; String msg = "Error occurred while adding role '" + roleWrapper.getRoleName() + "'";
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); throw new UnexpectedServerErrorException(
new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build());
} }
return Response.status(Response.Status.OK).build(); return Response.status(Response.Status.OK).entity("Role '" + roleWrapper.getRoleName() + "' has " +
"successfully been added").build();
} }
@PUT @PUT
@ -228,11 +241,13 @@ public class RoleManagementServiceImpl implements RoleManagementService {
} }
} }
} catch (UserStoreException e) { } catch (UserStoreException e) {
String msg = "ErrorResponse occurred while updating role '" + roleName + "'"; String msg = "Error occurred while updating role '" + roleName + "'";
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); throw new UnexpectedServerErrorException(
new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build());
} }
return Response.status(Response.Status.OK).build(); return Response.status(Response.Status.OK).entity("Role '" + roleWrapper.getRoleName() + "' has " +
"successfully been updated").build();
} }
@DELETE @DELETE
@ -249,11 +264,13 @@ public class RoleManagementServiceImpl implements RoleManagementService {
// Delete all authorizations for the current role before deleting // Delete all authorizations for the current role before deleting
authorizationManager.clearRoleAuthorization(roleName); authorizationManager.clearRoleAuthorization(roleName);
} catch (UserStoreException e) { } catch (UserStoreException e) {
String msg = "ErrorResponse occurred while deleting the role '" + roleName + "'"; String msg = "Error occurred while deleting the role '" + roleName + "'";
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); throw new UnexpectedServerErrorException(
new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build());
} }
return Response.status(Response.Status.OK).build(); return Response.status(Response.Status.OK).entity("Role '" + roleName + "' has " +
"successfully been deleted").build();
} }
@POST @POST
@ -275,11 +292,13 @@ public class RoleManagementServiceImpl implements RoleManagementService {
userStoreManager.updateUserListOfRole(roleName, usersToDelete, usersToAdd); userStoreManager.updateUserListOfRole(roleName, usersToDelete, usersToAdd);
} catch (UserStoreException e) { } catch (UserStoreException e) {
String msg = "ErrorResponse occurred while updating the users of the role '" + roleName + "'"; String msg = "Error occurred while updating the users of the role '" + roleName + "'";
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); throw new UnexpectedServerErrorException(
new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build());
} }
return Response.status(Response.Status.OK).build(); return Response.status(Response.Status.OK).entity("Role '" + roleName + "' has " +
"successfully been updated with the user list").build();
} }
private List<String> getRolesFromUserStore() throws UserStoreException { private List<String> getRolesFromUserStore() throws UserStoreException {

@ -34,7 +34,7 @@ public class UserManagementAdminServiceImpl implements UserManagementAdminServic
@POST @POST
@Path("/{username}/credentials") @Path("/{username}/credentials")
@Override @Override
public Response resetPassword(@PathParam("username") String user, PasswordResetWrapper credentials) { public Response resetUserPassword(@PathParam("username") String user, PasswordResetWrapper credentials) {
return CredentialManagementResponseBuilder.buildResetPasswordResponse(user, credentials); return CredentialManagementResponseBuilder.buildResetPasswordResponse(user, credentials);
} }

Loading…
Cancel
Save