@ -33,23 +33,18 @@ import org.wso2.carbon.device.mgt.common.TransactionManagementException;
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup ;
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup ;
import org.wso2.carbon.device.mgt.common.group.mgt.GroupAlreadyExistException ;
import org.wso2.carbon.device.mgt.common.group.mgt.GroupAlreadyExistException ;
import org.wso2.carbon.device.mgt.common.group.mgt.GroupManagementException ;
import org.wso2.carbon.device.mgt.common.group.mgt.GroupManagementException ;
import org.wso2.carbon.device.mgt.common.group.mgt.GroupUser ;
import org.wso2.carbon.device.mgt.common.group.mgt.RoleDoesNotExistException ;
import org.wso2.carbon.device.mgt.common.group.mgt.RoleDoesNotExistException ;
import org.wso2.carbon.device.mgt.core.dao.GroupDAO ;
import org.wso2.carbon.device.mgt.core.dao.GroupDAO ;
import org.wso2.carbon.device.mgt.core.dao.GroupManagementDAOException ;
import org.wso2.carbon.device.mgt.core.dao.GroupManagementDAOException ;
import org.wso2.carbon.device.mgt.core.dao.GroupManagementDAOFactory ;
import org.wso2.carbon.device.mgt.core.dao.GroupManagementDAOFactory ;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder ;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder ;
import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil ;
import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil ;
import org.wso2.carbon.user.api.Permission ;
import org.wso2.carbon.user.api.UserRealm ;
import org.wso2.carbon.user.api.UserRealm ;
import org.wso2.carbon.user.api.UserStoreException ;
import org.wso2.carbon.user.api.UserStoreException ;
import org.wso2.carbon.user.api.UserStoreManager ;
import org.wso2.carbon.user.api.UserStoreManager ;
import org.wso2.carbon.user.core.multiplecredentials.UserDoesNotExistException ;
import org.wso2.carbon.user.core.util.UserCoreUtil ;
import java.sql.SQLException ;
import java.sql.SQLException ;
import java.util.ArrayList ;
import java.util.ArrayList ;
import java.util.Date ;
import java.util.HashMap ;
import java.util.HashMap ;
import java.util.List ;
import java.util.List ;
import java.util.Map ;
import java.util.Map ;
@ -77,12 +72,11 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
throw new GroupManagementException ( "DeviceGroup cannot be null." , new NullPointerException ( ) ) ;
throw new GroupManagementException ( "DeviceGroup cannot be null." , new NullPointerException ( ) ) ;
}
}
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
int groupId = - 1 ;
try {
try {
GroupManagementDAOFactory . beginTransaction ( ) ;
GroupManagementDAOFactory . beginTransaction ( ) ;
DeviceGroup existingGroup = this . groupDAO . getGroup ( deviceGroup . getName ( ) , tenantId ) ;
DeviceGroup existingGroup = this . groupDAO . getGroup ( deviceGroup . getName ( ) , tenantId ) ;
if ( existingGroup = = null ) {
if ( existingGroup = = null ) {
groupId = this . groupDAO . addGroup ( deviceGroup , tenantId ) ;
this . groupDAO . addGroup ( deviceGroup , tenantId ) ;
GroupManagementDAOFactory . commitTransaction ( ) ;
GroupManagementDAOFactory . commitTransaction ( ) ;
} else {
} else {
throw new GroupAlreadyExistException ( "Group exist with name " + deviceGroup . getName ( ) ) ;
throw new GroupAlreadyExistException ( "Group exist with name " + deviceGroup . getName ( ) ) ;
@ -97,7 +91,6 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
GroupManagementDAOFactory . closeConnection ( ) ;
GroupManagementDAOFactory . closeConnection ( ) ;
}
}
addGroupSharingRole ( deviceGroup . getOwner ( ) , groupId , defaultRole , defaultPermissions ) ;
if ( log . isDebugEnabled ( ) ) {
if ( log . isDebugEnabled ( ) ) {
log . debug ( "DeviceGroup added: " + deviceGroup . getName ( ) ) ;
log . debug ( "DeviceGroup added: " + deviceGroup . getName ( ) ) ;
}
}
@ -117,7 +110,6 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
GroupManagementDAOFactory . beginTransaction ( ) ;
GroupManagementDAOFactory . beginTransaction ( ) ;
DeviceGroup existingGroup = this . groupDAO . getGroup ( deviceGroup . getName ( ) , tenantId ) ;
DeviceGroup existingGroup = this . groupDAO . getGroup ( deviceGroup . getName ( ) , tenantId ) ;
if ( existingGroup = = null | | existingGroup . getGroupId ( ) = = groupId ) {
if ( existingGroup = = null | | existingGroup . getGroupId ( ) = = groupId ) {
deviceGroup . setDateOfLastUpdate ( new Date ( ) . getTime ( ) ) ;
this . groupDAO . updateGroup ( deviceGroup , groupId , tenantId ) ;
this . groupDAO . updateGroup ( deviceGroup , groupId , tenantId ) ;
GroupManagementDAOFactory . commitTransaction ( ) ;
GroupManagementDAOFactory . commitTransaction ( ) ;
} else {
} else {
@ -139,18 +131,10 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
* /
* /
@Override
@Override
public boolean deleteGroup ( int groupId ) throws GroupManagementException {
public boolean deleteGroup ( int groupId ) throws GroupManagementException {
String roleName ;
DeviceGroup deviceGroup = getGroup ( groupId ) ;
DeviceGroup deviceGroup = getGroup ( groupId ) ;
if ( deviceGroup = = null ) {
if ( deviceGroup = = null ) {
return false ;
return false ;
}
}
List < String > groupRoles = getRoles ( groupId ) ;
for ( String role : groupRoles ) {
if ( role ! = null ) {
roleName = role . replace ( "Internal/group-" + deviceGroup . getGroupId ( ) + "-" , "" ) ;
removeGroupSharingRole ( deviceGroup . getGroupId ( ) , roleName ) ;
}
}
try {
try {
GroupManagementDAOFactory . beginTransaction ( ) ;
GroupManagementDAOFactory . beginTransaction ( ) ;
this . groupDAO . deleteGroup ( groupId , CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ) ;
this . groupDAO . deleteGroup ( groupId , CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ) ;
@ -227,14 +211,6 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
@Override
@Override
public PaginationResult getGroups ( GroupPaginationRequest request ) throws GroupManagementException {
public PaginationResult getGroups ( GroupPaginationRequest request ) throws GroupManagementException {
request = DeviceManagerUtil . validateGroupListPageSize ( request ) ;
request = DeviceManagerUtil . validateGroupListPageSize ( request ) ;
List < DeviceGroup > deviceGroups = getPlainDeviceGroups ( request ) ;
PaginationResult groupResult = new PaginationResult ( ) ;
groupResult . setData ( deviceGroups ) ;
groupResult . setRecordsTotal ( getGroupCount ( request ) ) ;
return groupResult ;
}
private List < DeviceGroup > getPlainDeviceGroups ( GroupPaginationRequest request ) throws GroupManagementException {
List < DeviceGroup > deviceGroups = new ArrayList < > ( ) ;
List < DeviceGroup > deviceGroups = new ArrayList < > ( ) ;
try {
try {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
@ -247,7 +223,10 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
} finally {
} finally {
GroupManagementDAOFactory . closeConnection ( ) ;
GroupManagementDAOFactory . closeConnection ( ) ;
}
}
return deviceGroups ;
PaginationResult groupResult = new PaginationResult ( ) ;
groupResult . setData ( deviceGroups ) ;
groupResult . setRecordsTotal ( getGroupCount ( request ) ) ;
return groupResult ;
}
}
@Override
@Override
@ -259,57 +238,70 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
. getUserStoreManager ( ) ;
. getUserStoreManager ( ) ;
String [ ] roleList = userStoreManager . getRoleListOfUser ( username ) ;
String [ ] roleList = userStoreManager . getRoleListOfUser ( username ) ;
for ( String role : roleList ) {
GroupManagementDAOFactory . openConnection ( ) ;
if ( role ! = null & & role . contains ( "Internal/group-" ) ) {
List < DeviceGroup > deviceGroups = this . groupDAO . getOwnGroups ( username , tenantId ) ;
DeviceGroup deviceGroup = checkAndExtractNonExistingGroup ( groups , role ) ;
for ( DeviceGroup deviceGroup : deviceGroups ) {
if ( deviceGroup ! = null ) {
groups . put ( deviceGroup . getGroupId ( ) , deviceGroup ) ;
groups . put ( deviceGroup . getGroupId ( ) , deviceGroup ) ;
}
}
}
deviceGroups = this . groupDAO . getGroups ( roleList , tenantId ) ;
for ( DeviceGroup deviceGroup : deviceGroups ) {
groups . put ( deviceGroup . getGroupId ( ) , deviceGroup ) ;
}
}
} catch ( UserStoreException e ) {
} catch ( UserStoreException e ) {
throw new GroupManagementException ( "Error occurred while getting user store manager." , e ) ;
throw new GroupManagementException ( "Error occurred while getting user store manager." , e ) ;
} catch ( SQLException e ) {
throw new GroupManagementException ( "Error occurred while retrieving all groups accessible to user." , e ) ;
} catch ( GroupManagementDAOException e ) {
throw new GroupManagementException ( e ) ;
} finally {
GroupManagementDAOFactory . closeConnection ( ) ;
}
}
return new ArrayList < > ( groups . values ( ) ) ;
return new ArrayList < > ( groups . values ( ) ) ;
}
}
public PaginationResult getGroups ( String currentUser , GroupPaginationRequest request ) throws GroupManagementException {
private List < Integer > getGroupIds ( String username ) throws GroupManagementException {
request = DeviceManagerUtil . validateGroupListPageSize ( request ) ;
UserStoreManager userStoreManager ;
int startIndex = request . getStartIndex ( ) ;
List < Integer > deviceGroupIds = new ArrayList < > ( ) ;
int count = request . getRowCount ( ) ;
int index = 0 ;
request . setRowCount ( 0 ) ;
List < DeviceGroup > allMatchingGroups = this . getPlainDeviceGroups ( request ) ;
List < DeviceGroup > deviceGroups = new ArrayList < > ( ) ;
try {
try {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
UserStoreManager userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
. getUserStoreManager ( ) ;
. getUserStoreManager ( ) ;
String [ ] roleList = userStoreManager . getRoleListOfUser ( currentUser ) ;
String [ ] roleList = userStoreManager . getRoleListOfUser ( username ) ;
List < Integer > groupIds = new ArrayList < > ( ) ;
GroupManagementDAOFactory . openConnection ( ) ;
for ( String role : roleList ) {
deviceGroupIds = this . groupDAO . getOwnGroupIds ( username , tenantId ) ;
if ( role ! = null & & role . contains ( "Internal/group-" ) ) {
deviceGroupIds . addAll ( this . groupDAO . getGroupIds ( roleList , tenantId ) ) ;
int groupId = Integer . parseInt ( role . split ( "-" ) [ 1 ] ) ;
if ( ! groupIds . contains ( groupId ) ) {
groupIds . add ( groupId ) ;
}
}
}
for ( DeviceGroup group : allMatchingGroups ) {
int groupId = group . getGroupId ( ) ;
if ( groupIds . contains ( groupId ) ) {
if ( startIndex < = index & & index < count ) {
deviceGroups . add ( group ) ;
}
index + + ;
}
}
} catch ( UserStoreException e ) {
} catch ( UserStoreException e ) {
throw new GroupManagementException ( "Error occurred while getting user store manager." , e ) ;
throw new GroupManagementException ( "Error occurred while getting user store manager." , e ) ;
} catch ( SQLException e ) {
throw new GroupManagementException ( "Error occurred while retrieving all groups accessible to user." , e ) ;
} catch ( GroupManagementDAOException e ) {
throw new GroupManagementException ( e ) ;
} finally {
GroupManagementDAOFactory . closeConnection ( ) ;
}
return deviceGroupIds ;
}
@Override
public PaginationResult getGroups ( String currentUser , GroupPaginationRequest request )
throws GroupManagementException {
request = DeviceManagerUtil . validateGroupListPageSize ( request ) ;
List < Integer > allDeviceGroupIdsOfUser = getGroupIds ( currentUser ) ;
List < DeviceGroup > allMatchingGroups = new ArrayList < > ( ) ;
try {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
GroupManagementDAOFactory . openConnection ( ) ;
allMatchingGroups = this . groupDAO . getGroups ( request , allDeviceGroupIdsOfUser , tenantId ) ;
} catch ( GroupManagementDAOException e ) {
throw new GroupManagementException ( "Error occurred while retrieving all groups in tenant" , e ) ;
} catch ( SQLException e ) {
throw new GroupManagementException ( "Error occurred while opening a connection to the data source." , e ) ;
} finally {
GroupManagementDAOFactory . closeConnection ( ) ;
}
}
PaginationResult groupResult = new PaginationResult ( ) ;
PaginationResult groupResult = new PaginationResult ( ) ;
groupResult . setData ( deviceGroups ) ;
groupResult . setData ( allMatching Groups) ;
groupResult . setRecordsTotal ( index ) ;
groupResult . setRecordsTotal ( getGroupCount( currentUser ) ) ;
return groupResult ;
return groupResult ;
}
}
@ -348,25 +340,24 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
@Override
@Override
public int getGroupCount ( String username ) throws GroupManagementException {
public int getGroupCount ( String username ) throws GroupManagementException {
UserStoreManager userStoreManager ;
UserStoreManager userStoreManager ;
int count = 0 ;
int count ;
try {
try {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
. getUserStoreManager ( ) ;
. getUserStoreManager ( ) ;
String [ ] roleList = userStoreManager . getRoleListOfUser ( username ) ;
String [ ] roleList = userStoreManager . getRoleListOfUser ( username ) ;
List < Integer > groupIds = new ArrayList < > ( ) ;
GroupManagementDAOFactory . openConnection ( ) ;
for ( String role : roleList ) {
count = groupDAO . getOwnGroupsCount ( username , tenantId ) ;
if ( role ! = null & & role . contains ( "Internal/group-" ) ) {
count + = groupDAO . getGroupsCount ( roleList , tenantId ) ;
int groupId = Integer . parseInt ( role . split ( "-" ) [ 1 ] ) ;
if ( ! groupIds . contains ( groupId ) ) {
groupIds . add ( groupId ) ;
count + + ;
}
}
}
return count ;
return count ;
} catch ( UserStoreException e ) {
} catch ( UserStoreException e ) {
throw new GroupManagementException ( "Error occurred while getting user store manager." , e ) ;
throw new GroupManagementException ( "Error occurred while getting user store manager." , e ) ;
} catch ( GroupManagementDAOException e ) {
throw new GroupManagementException ( "Error occurred while retrieving group count of user '" + username + "'" , e ) ;
} catch ( SQLException e ) {
throw new GroupManagementException ( "Error occurred while opening a connection to the data source." , e ) ;
} finally {
GroupManagementDAOFactory . closeConnection ( ) ;
}
}
}
}
@ -374,103 +365,41 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
* { @inheritDoc }
* { @inheritDoc }
* /
* /
@Override
@Override
@SuppressWarnings ( "Duplicates" )
public void manageGroupSharing ( int groupId , List < String > newRoles )
public void manageGroupSharing ( int groupId , String username , List < String > newRoles )
throws GroupManagementException , RoleDoesNotExistException {
throws GroupManagementException , UserDoesNotExistException , RoleDoesNotExistException {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
UserStoreManager userStoreManager ;
UserStoreManager userStoreManager ;
try {
try {
userStoreManager =
userStoreManager =
DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm (
DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm (
tenantId ) . getUserStoreManager ( ) ;
tenantId ) . getUserStoreManager ( ) ;
if ( ! userStoreManager . isExistingUser ( username ) ) {
List < String > currentUserRoles = getRoles ( groupId ) ;
throw new UserDoesNotExistException ( "User not exists with name " + username ) ;
GroupManagementDAOFactory . beginTransaction ( ) ;
}
List < String > currentGroupRoles = getRoles ( groupId ) ;
List < String > currentUserRoles = getRoles ( username , groupId ) ;
List < String > rolesToAdd = new ArrayList < > ( ) ;
List < String > rolesToRemove = new ArrayList < > ( ) ;
String roleNamePrefix = "Internal/group-" + groupId + "-" ;
for ( String role : newRoles ) {
for ( String role : newRoles ) {
if ( currentGroupRoles . contains ( role ) ) {
if ( ! userStoreManager . isExistingRole ( role ) ) {
if ( ! currentUserRoles . contains ( role ) ) {
throw new RoleDoesNotExistException ( "Role '" + role + "' does not exists in the user store." ) ;
rolesToAdd . add ( roleNamePrefix + role ) ;
}
}
} else {
// Removing role from current user roles of the group will return true if role exist.
throw new RoleDoesNotExistException ( "Role '" + role + "' is not exists in requested group." ) ;
// So we don't need to add it to the db again.
if ( ! currentUserRoles . remove ( role ) ) {
// If group doesn't have the role, it is adding to the db.
groupDAO . addRole ( groupId , role , tenantId ) ;
}
}
}
}
for ( String role : currentUserRoles ) {
for ( String role : currentUserRoles ) {
if ( currentGroupRoles . contains ( role ) ) {
// Removing old roles from db which are not available in the new roles list.
if ( ! newRoles . contains ( role ) ) {
groupDAO . removeRole ( groupId , role , tenantId ) ;
rolesToRemove . add ( roleNamePrefix + role ) ;
}
}
} else {
GroupManagementDAOFactory . commitTransaction ( ) ;
throw new RoleDoesNotExistException ( "Role '" + role + "' is not exists in requested group." ) ;
} catch ( GroupManagementDAOException e ) {
}
GroupManagementDAOFactory . rollbackTransaction ( ) ;
}
throw new GroupManagementException ( e ) ;
userStoreManager . updateRoleListOfUser ( username ,
rolesToRemove . toArray ( new String [ rolesToRemove . size ( ) ] ) ,
rolesToAdd . toArray ( new String [ rolesToAdd . size ( ) ] ) ) ;
} catch ( UserStoreException e ) {
} catch ( UserStoreException e ) {
if ( e instanceof UserDoesNotExistException ) {
throw ( UserDoesNotExistException ) e ;
}
throw new GroupManagementException ( "User store error in updating sharing roles." , e ) ;
throw new GroupManagementException ( "User store error in updating sharing roles." , e ) ;
}
} catch ( TransactionManagementException e ) {
}
throw new GroupManagementException ( e ) ;
} finally {
/ * *
GroupManagementDAOFactory . closeConnection ( ) ;
* { @inheritDoc }
* /
@Override
public boolean addGroupSharingRole ( String username , int groupId , String roleName , String [ ] permissions )
throws GroupManagementException {
if ( groupId = = - 1 ) {
return false ;
}
UserStoreManager userStoreManager ;
String role ;
String [ ] userNames = new String [ 1 ] ;
try {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
. getUserStoreManager ( ) ;
role = "Internal/group-" + groupId + "-" + roleName ;
userNames [ 0 ] = username ;
Permission [ ] carbonPermissions = new Permission [ permissions . length ] ;
for ( int i = 0 ; i < permissions . length ; i + + ) {
carbonPermissions [ i ] = new Permission ( permissions [ i ] , CarbonConstants . UI_PERMISSION_ACTION ) ;
}
userStoreManager . addRole ( role , userNames , carbonPermissions ) ;
return true ;
} catch ( UserStoreException e ) {
String errorMsg = "User store error in adding role to group id:" + groupId ;
throw new GroupManagementException ( errorMsg , e ) ;
}
}
/ * *
* { @inheritDoc }
* /
@Override
public boolean removeGroupSharingRole ( int groupId , String roleName ) throws GroupManagementException {
if ( groupId = = - 1 ) {
return false ;
}
UserStoreManager userStoreManager ;
String role ;
try {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
. getUserStoreManager ( ) ;
role = "Internal/group-" + groupId + "-" + roleName ;
userStoreManager . deleteRole ( role ) ;
return true ;
} catch ( UserStoreException userStoreEx ) {
String errorMsg = "User store error in adding role to group id:" + groupId ;
log . error ( errorMsg , userStoreEx ) ;
throw new GroupManagementException ( errorMsg , userStoreEx ) ;
}
}
}
}
@ -479,92 +408,16 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
* /
* /
@Override
@Override
public List < String > getRoles ( int groupId ) throws GroupManagementException {
public List < String > getRoles ( int groupId ) throws GroupManagementException {
UserStoreManager userStoreManager ;
String [ ] roles ;
List < String > groupRoles ;
try {
try {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
GroupManagementDAOFactory . openConnection ( ) ;
. getUserStoreManager ( ) ;
return groupDAO . getRoles ( groupId , tenantId ) ;
roles = userStoreManager . getRoleNames ( ) ;
} catch ( GroupManagementDAOException e ) {
groupRoles = new ArrayList < > ( ) ;
throw new GroupManagementException ( "Error occurred while retrieving all groups in tenant" , e ) ;
for ( String r : roles ) {
} catch ( SQLException e ) {
if ( r ! = null & & r . contains ( "Internal/group-" + groupId + "-" ) ) {
throw new GroupManagementException ( "Error occurred while opening a connection to the data source." , e ) ;
groupRoles . add ( r . replace ( "Internal/group-" + groupId + "-" , "" ) ) ;
} finally {
}
GroupManagementDAOFactory . closeConnection ( ) ;
}
return groupRoles ;
} catch ( UserStoreException userStoreEx ) {
String errorMsg = "User store error in adding role to group id:" + groupId ;
log . error ( errorMsg , userStoreEx ) ;
throw new GroupManagementException ( errorMsg , userStoreEx ) ;
}
}
/ * *
* { @inheritDoc }
* /
@Override
public List < String > getRoles ( String username , int groupId )
throws GroupManagementException , UserDoesNotExistException {
UserStoreManager userStoreManager ;
List < String > groupRoleList = new ArrayList < > ( ) ;
try {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
. getUserStoreManager ( ) ;
if ( ! userStoreManager . isExistingUser ( username ) ) {
throw new UserDoesNotExistException ( "User not exists with name " + username ) ;
}
String [ ] roleList = userStoreManager . getRoleListOfUser ( username ) ;
for ( String role : roleList ) {
if ( role ! = null & & role . contains ( "Internal/group-" + groupId ) ) {
String roleName = role . replace ( "Internal/group-" + groupId + "-" , "" ) ;
groupRoleList . add ( roleName ) ;
}
}
return groupRoleList ;
} catch ( UserStoreException e ) {
if ( e instanceof UserDoesNotExistException ) {
throw ( UserDoesNotExistException ) e ;
}
throw new GroupManagementException ( "Error occurred while getting user store manager." , e ) ;
}
}
/ * *
* { @inheritDoc }
* /
@Override
public List < GroupUser > getUsers ( int groupId ) throws GroupManagementException {
UserStoreManager userStoreManager ;
Map < String , GroupUser > groupUserHashMap = new HashMap < > ( ) ;
try {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
userStoreManager = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId )
. getUserStoreManager ( ) ;
List < String > rolesForGroup = this . getRoles ( groupId ) ;
for ( String role : rolesForGroup ) {
String [ ] users = userStoreManager . getUserListOfRole ( "Internal/group-" + groupId + "-" + role ) ;
for ( String user : users ) {
GroupUser groupUser ;
if ( groupUserHashMap . containsKey ( user ) ) {
groupUser = groupUserHashMap . get ( user ) ;
groupUser . getGroupRoles ( ) . add ( role ) ;
} else {
groupUser = new GroupUser ( ) ;
groupUser . setUsername ( user ) ;
groupUser . setGroupRoles ( new ArrayList < String > ( ) ) ;
groupUser . getGroupRoles ( ) . add ( role ) ;
groupUserHashMap . put ( user , groupUser ) ;
}
}
}
return new ArrayList < > ( groupUserHashMap . values ( ) ) ;
} catch ( UserStoreException e ) {
String errorMsg = "User store error in fetching user list for group id:" + groupId ;
log . error ( errorMsg , e ) ;
throw new GroupManagementException ( errorMsg , e ) ;
}
}
}
}
@ -606,36 +459,6 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
}
}
}
}
/ * *
* { @inheritDoc }
* /
@Override
public void addDevice ( int groupId , DeviceIdentifier deviceIdentifier )
throws DeviceNotFoundException , GroupManagementException {
Device device ;
try {
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
GroupManagementDAOFactory . beginTransaction ( ) ;
device = DeviceManagementDataHolder . getInstance ( ) . getDeviceManagementProvider ( ) . getDevice ( deviceIdentifier ) ;
if ( device = = null ) {
throw new DeviceNotFoundException ( "Device not found for id '" + deviceIdentifier . getId ( ) + "'" ) ;
}
if ( ! this . groupDAO . isDeviceMappedToGroup ( groupId , device . getId ( ) , tenantId ) ) {
this . groupDAO . addDevice ( groupId , device . getId ( ) , tenantId ) ;
}
GroupManagementDAOFactory . commitTransaction ( ) ;
} catch ( DeviceManagementException e ) {
throw new GroupManagementException ( "Error occurred while retrieving device." , e ) ;
} catch ( GroupManagementDAOException e ) {
GroupManagementDAOFactory . rollbackTransaction ( ) ;
throw new GroupManagementException ( "Error occurred while adding device to group." , e ) ;
} catch ( TransactionManagementException e ) {
throw new GroupManagementException ( "Error occurred while initiating transaction." , e ) ;
} finally {
GroupManagementDAOFactory . closeConnection ( ) ;
}
}
/ * *
/ * *
* { @inheritDoc }
* { @inheritDoc }
* /
* /
@ -702,58 +525,26 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
* { @inheritDoc }
* { @inheritDoc }
* /
* /
@Override
@Override
public String [ ] getPermissions ( String username , int groupId )
public List < DeviceGroup > getGroups ( String username , String permission ) throws GroupManagementException {
throws GroupManagementException , UserDoesNotExistException {
List < DeviceGroup > deviceGroups = getGroups ( username ) ;
Map < Integer , DeviceGroup > permittedDeviceGroups = new HashMap < > ( ) ;
UserRealm userRealm ;
UserRealm userRealm ;
List < String > roles = getRoles ( username , groupId ) ;
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
try {
try {
userRealm = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId ) ;
userRealm = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId ) ;
List < String > lstPermissions = new ArrayList < > ( ) ;
for ( DeviceGroup deviceGroup : deviceGroups ) {
String [ ] resourceIds = userRealm . getAuthorizationManager ( ) . getAllowedUIResourcesForUser ( username , "/" ) ;
List < String > roles = getRoles ( deviceGroup . getGroupId ( ) ) ;
if ( resourceIds ! = null ) {
for ( String resourceId : resourceIds ) {
for ( String roleName : roles ) {
for ( String roleName : roles ) {
if ( userRealm . getAuthorizationManager ( ) .
if ( userRealm . getAuthorizationManager ( ) .
isRoleAuthorized ( "Internal/group-" + groupId + "-" + roleName , resourceId ,
isRoleAuthorized ( roleName , permission , CarbonConstants . UI_PERMISSION_ACTION ) ) {
CarbonConstants . UI_PERMISSION_ACTION ) ) {
permittedDeviceGroups . put ( deviceGroup . getGroupId ( ) , deviceGroup ) ;
lstPermissions . add ( resourceId ) ;
}
}
}
}
}
}
}
String [ ] permissions = lstPermissions . toArray ( new String [ lstPermissions . size ( ) ] ) ;
return UserCoreUtil . optimizePermissions ( permissions ) ;
} catch ( UserStoreException e ) {
throw new GroupManagementException ( "Error occurred while getting user realm." , e ) ;
}
}
/ * *
* { @inheritDoc }
* /
@Override
public List < DeviceGroup > getGroups ( String username , String permission )
throws GroupManagementException {
UserRealm userRealm ;
int tenantId = CarbonContext . getThreadLocalCarbonContext ( ) . getTenantId ( ) ;
Map < Integer , DeviceGroup > groups = new HashMap < > ( ) ;
try {
userRealm = DeviceManagementDataHolder . getInstance ( ) . getRealmService ( ) . getTenantUserRealm ( tenantId ) ;
String [ ] roles = userRealm . getUserStoreManager ( ) . getRoleListOfUser ( username ) ;
for ( String role : roles ) {
if ( role ! = null & & role . contains ( "Internal/group-" ) & & userRealm . getAuthorizationManager ( )
. isRoleAuthorized ( role , permission , CarbonConstants . UI_PERMISSION_ACTION ) ) {
DeviceGroup group = checkAndExtractNonExistingGroup ( groups , role ) ;
if ( group ! = null ) {
groups . put ( group . getGroupId ( ) , group ) ;
}
}
}
return new ArrayList < > ( groups . values ( ) ) ;
} catch ( UserStoreException e ) {
} catch ( UserStoreException e ) {
throw new GroupManagementException ( "Error occurred while getting user realm." , e ) ;
throw new GroupManagementException ( "Error occurred while getting user realm." , e ) ;
}
}
return new ArrayList < > ( permittedDeviceGroups . values ( ) ) ;
}
}
@Override
@Override
@ -774,26 +565,4 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
GroupManagementDAOFactory . closeConnection ( ) ;
GroupManagementDAOFactory . closeConnection ( ) ;
}
}
}
}
/ * *
* This method returns group belongs to particular role , if it is not existed in groups map .
*
* @param groups existing groups map .
* @param role group related role which needs to evaluate .
* @return device group if it is not existing in the groups map .
* @throws GroupManagementException
* /
private DeviceGroup checkAndExtractNonExistingGroup ( Map < Integer , DeviceGroup > groups , String role )
throws GroupManagementException {
try {
int groupId = Integer . parseInt ( role . split ( "-" ) [ 1 ] ) ;
if ( ! groups . containsKey ( groupId ) ) {
return getGroup ( groupId ) ;
}
} catch ( NumberFormatException e ) {
log . error ( "Unable to extract groupId from role " + role , e ) ;
}
return null ;
}
}
}