Fixing issues related to mapping users and roles from different user stores

merge-requests/7/head
Megala 8 years ago
parent 87150f5074
commit a04f91cddb

@ -457,6 +457,11 @@ public interface UserManagementService {
value = "Provide a character or a few character in the user name",
required = true)
@QueryParam("filter") String filter,
@ApiParam(
name = "domain",
value = "The user store domain which the user names should be fetched from",
required = false)
@QueryParam("domain") String domain,
@ApiParam(
name = "If-Modified-Since",
value = "Checks if the requested variant was modified, since the specified date-time\n." +

@ -22,17 +22,13 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
import org.wso2.carbon.device.mgt.jaxrs.beans.Scope;
import org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.FilteringUtil;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.SetReferenceTransformer;
import org.wso2.carbon.user.api.*;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
@ -49,6 +45,8 @@ import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import static org.wso2.carbon.device.mgt.jaxrs.util.Constants.PRIMARY_USER_STORE;
@Path("/roles")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@ -56,7 +54,6 @@ public class RoleManagementServiceImpl implements RoleManagementService {
private static final String API_BASE_PATH = "/roles";
private static final Log log = LogFactory.getLog(RoleManagementServiceImpl.class);
private static final String PRIMARY_USER_STORE = "PRIMARY";
@GET
@Override
@ -93,7 +90,8 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@GET
@Path("/{roleName}/permissions")
@Override public Response getPermissionsOfRole(@PathParam("roleName") String roleName,
@Override
public Response getPermissionsOfRole(@PathParam("roleName") String roleName,
@QueryParam("user-store") String userStoreName, @HeaderParam("If-Modified-Since") String ifModifiedSince) {
if (userStoreName != null && !userStoreName.isEmpty()) {
roleName = userStoreName + "/" + roleName;

@ -21,6 +21,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.impl;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.opensaml.ws.wstrust.Primary;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
@ -353,28 +354,32 @@ public class UserManagementServiceImpl implements UserManagementService {
@GET
@Path("/search/usernames")
@Override
public Response getUserNames(@QueryParam("filter") String filter, @HeaderParam("If-Modified-Since") String timestamp,
public Response getUserNames(@QueryParam("filter") String filter, @QueryParam("domain") String domain,
@HeaderParam("If-Modified-Since") String timestamp,
@QueryParam("offset") int offset, @QueryParam("limit") int limit) {
if (log.isDebugEnabled()) {
log.debug("Getting the list of users with all user-related information using the filter : " + filter);
}
String userStoreDomain = Constants.PRIMARY_USER_STORE;
if (domain != null && !domain.isEmpty()) {
userStoreDomain = domain;
}
List<UserInfo> userList;
try {
UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
String[] users = userStoreManager.listUsers(filter + "*", -1);
userList = new ArrayList<>(users.length);
String[] users = userStoreManager.listUsers(userStoreDomain + "/*", -1);
userList = new ArrayList<>();
UserInfo user;
for (String username : users) {
user = new UserInfo();
user.setUsername(username);
user.setEmailAddress(getClaimValue(username, Constants.USER_CLAIM_EMAIL_ADDRESS));
user.setFirstname(getClaimValue(username, Constants.USER_CLAIM_FIRST_NAME));
user.setLastname(getClaimValue(username, Constants.USER_CLAIM_LAST_NAME));
userList.add(user);
if (username.contains(filter)) {
user = new UserInfo();
user.setUsername(username);
user.setEmailAddress(getClaimValue(username, Constants.USER_CLAIM_EMAIL_ADDRESS));
user.setFirstname(getClaimValue(username, Constants.USER_CLAIM_FIRST_NAME));
user.setLastname(getClaimValue(username, Constants.USER_CLAIM_LAST_NAME));
userList.add(user);
}
}
// if (userList.size() <= 0) {
// return Response.status(Response.Status.NOT_FOUND).entity("No user is available to be retrieved").build();
// }
return Response.status(Response.Status.OK).entity(userList).build();
} catch (UserStoreException e) {
String msg = "Error occurred while retrieving the list of users using the filter : " + filter;

@ -26,6 +26,7 @@ public class Constants {
public static final String USER_CLAIM_EMAIL_ADDRESS = "http://wso2.org/claims/emailaddress";
public static final String USER_CLAIM_FIRST_NAME = "http://wso2.org/claims/givenname";
public static final String USER_CLAIM_LAST_NAME = "http://wso2.org/claims/lastname";
public static final String PRIMARY_USER_STORE = "PRIMARY";
public final class ErrorMessages {
private ErrorMessages () { throw new AssertionError(); }

@ -32,6 +32,7 @@ var validateInline = {};
var clearInline = {};
var apiBasePath = "/api/device-mgt/v1.0";
var domain = $("#domain").val();
var enableInlineError = function (inputField, errorMsg, errorSign) {
var fieldIdentifier = "#" + inputField;
@ -113,6 +114,7 @@ function formatRepoSelection (user) {
$(document).ready(function () {
var appContext = $("#app-context").data("app-context");
$("#users").select2({
multiple:true,
tags: false,
@ -127,7 +129,8 @@ $(document).ready(function () {
data: function (params) {
var postData = {};
postData.requestMethod = "GET";
postData.requestURL = "/api/device-mgt/v1.0/users/search/usernames?filter=" + params.term;
postData.requestURL = "/api/device-mgt/v1.0/users/search/usernames?filter=" + params.term +
"&domain=" + domain;
postData.requestPayload = null;
return JSON.stringify(postData);
},
@ -222,4 +225,12 @@ $(document).ready(function () {
$(roleNameInputElement).blur(function() {
validateInline["role-name"]();
});
/* When the user store domain value is changed, the users who are assigned to that role should be removed, as
user and role can be mapped only if both are in same user store
*/
$("#domain").change(function () {
$("#users").select2("val", "");
domain = $("#domain").val();
});
});

@ -189,10 +189,10 @@ $("#userStore").change(
if (data.errorMessage) {
$(errorMsg).text("Selected user store prompted an error : " + data.errorMessage);
$(errorMsgWrapper).removeClass("hidden");
} else if (data["statusCode"] == 200) {
} else if (data.count > 0) {
$("#roles").empty();
for (var i = 0; i < data.responseContent.length; i++) {
var newOption = $('<option value="' + data.responseContent[i] + '">' + data.responseContent[i] + '</option>');
for (var i = 0; i < data.roles.length; i++) {
var newOption = $('<option value="' + data.roles[i] + '">' + data.roles[i] + '</option>');
$('#roles').append(newOption);
}
}

@ -1,3 +1,21 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
/**
* Checks if provided input is valid against RegEx input.
*
@ -12,6 +30,7 @@ function inputIsValid(regExp, inputString) {
var validateInline = {};
var clearInline = {};
var domain = $("#domain").val();
var apiBasePath = "/api/device-mgt/v1.0";
@ -112,7 +131,7 @@ $(document).ready(function () {
data: function (params) {
var postData = {};
postData.actionMethod = "GET";
postData.actionUrl = apiBasePath + "/users/search/usernames?filter=" + params.term;
postData.actionUrl = apiBasePath + "/users/search/usernames?filter=" + params.term + "&domain=" + domain;
postData.actionPayload = null;
return JSON.stringify(postData);
},
@ -196,4 +215,12 @@ $(document).ready(function () {
$("#rolename").blur(function() {
validateInline["role-name"]();
});
/* When the user store domain value is changed, the users who are assigned to that role should be removed, as
user and role can be mapped only if both are in same user store
*/
$("#domain").change(function () {
$("#users").select2("val", "");
domain = $("#domain").val();
});
});
Loading…
Cancel
Save