fixed secondary user-store related issues & multi-tenancy issues

9 years ago · b4d17b888b
parent c1eea6894d
commit b4d17b888b
4 changed files with 15 additions and 10 deletions
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java
@ -31,6 +31,7 @@ import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
 import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionUtils;
 import org.wso2.carbon.user.api.UserRealm;
 import org.wso2.carbon.user.api.UserStoreException;
+import org.wso2.carbon.user.api.UserStoreManager;

 import java.util.HashMap;
 import java.util.List;
@ -215,7 +216,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
        UserRealm userRealm = DeviceManagementDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId);
        if (userRealm != null && userRealm.getAuthorizationManager() != null) {
            return userRealm.getAuthorizationManager()
-                            .isUserAuthorized(username, PermissionUtils.getAbsolutePermissionPath(EMM_ADMIN_PERMISSION),
+                            .isUserAuthorized(removeTenantDomain(username), PermissionUtils.getAbsolutePermissionPath(EMM_ADMIN_PERMISSION),
                                              PermissionMethod.UI_EXECUTE);
        }
        return false;
@ -224,15 +225,19 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
    private String getUserName() {
        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
        if (username != null && !username.isEmpty()) {
-            String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
-            if (username.endsWith(tenantDomain)) {
-                return username.substring(0, username.lastIndexOf("@"));
-            }
-            return username;
+            return removeTenantDomain(username);
        }
        return null;
    }

+    private String removeTenantDomain(String username) {
+        String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
+        if (username.endsWith(tenantDomain)) {
+            return username.substring(0, username.lastIndexOf("@"));
+        }
+        return username;
+    }
+
    private int getTenantId() {
        return CarbonContext.getThreadLocalCarbonContext().getTenantId();
    }
--- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/util/PolicyManagerUtil.java
+++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/util/PolicyManagerUtil.java
@ -207,7 +207,7 @@ public class PolicyManagerUtil {
            if (configuration != null && !configuration.isEmpty()) {
                for (ConfigurationEntry cEntry : configuration) {
                    if (cEntry.getName().equalsIgnoreCase(MONITORING_FREQUENCY)) {
-                        monitoringFrequency = (int) cEntry.getValue();
+                        monitoringFrequency = Integer.parseInt((String)cEntry.getValue());
                    }
                }
            }
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java
@ -139,7 +139,7 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
                    msg = authenticationInfo.getMessage();
                    response.setHeader("WWW-Authenticate", msg);
                }
-                log.error(msg);
+                log.error(msg + " , API : " + request.getRequestURI());
                AuthenticationFrameworkUtil
                        .handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED,
                                        msg);
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
@ -112,9 +112,9 @@ public class OAuthAuthenticator implements WebappAuthenticator {
                if (oAuth2TokenValidationResponseDTO.isValid()) {
                    String username = oAuth2TokenValidationResponseDTO.getAuthorizedUser();
                    //Remove the userstore domain from username
-                    if (username.contains("/")) {
+                    /*if (username.contains("/")) {
                        username = username.substring(username.indexOf('/') + 1);
-                    }
+                    }*/
                    authenticationInfo.setUsername(username);
                    authenticationInfo.setTenantDomain(MultitenantUtils.getTenantDomain(username));
                    authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username));