Fixing issues related with roles of secondary user store

4.x.x
Megala 8 years ago
parent 959e3a63af
commit d8555c34ab

@ -172,6 +172,11 @@ public interface RoleManagementService {
required = true, required = true,
defaultValue = "Engineer") defaultValue = "Engineer")
@PathParam("roleName") String roleName, @PathParam("roleName") String roleName,
@ApiParam(
name = "user-store",
value = "The name of the UserStore you wish to get the list of roles.",
required = false)
@QueryParam("user-store") String userStoreName,
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",
value = "Checks if the requested variant was modified, since the specified date-time." + value = "Checks if the requested variant was modified, since the specified date-time." +
@ -237,6 +242,11 @@ public interface RoleManagementService {
required = true, required = true,
defaultValue = "admin") defaultValue = "admin")
@PathParam("roleName") String roleName, @PathParam("roleName") String roleName,
@ApiParam(
name = "user-store",
value = "The name of the UserStore you wish to get the list of roles.",
required = false)
@QueryParam("user-store") String userStoreName,
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",
value = "Checks if the requested variant was modified, since the specified date-time." + value = "Checks if the requested variant was modified, since the specified date-time." +
@ -355,7 +365,12 @@ public interface RoleManagementService {
value = "The properties required to update a role.\n" + value = "The properties required to update a role.\n" +
"NOTE: Don't change the role and the permissions of the admin user. " + "NOTE: Don't change the role and the permissions of the admin user. " +
"If you want to try out this API by updating all the properties, create a new role and update the properties accordingly.", "If you want to try out this API by updating all the properties, create a new role and update the properties accordingly.",
required = true) RoleInfo role); required = true) RoleInfo role,
@ApiParam(
name = "user-store",
value = "The name of the UserStore you wish to get the list of roles.",
required = false)
@QueryParam("user-store") String userStoreName);
@DELETE @DELETE
@Path("/{roleName}") @Path("/{roleName}")

@ -95,8 +95,11 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@Path("/{roleName}/permissions") @Path("/{roleName}/permissions")
@Override @Override
public Response getPermissionsOfRole( public Response getPermissionsOfRole(
@PathParam("roleName") String roleName, @PathParam("roleName") String roleName, @QueryParam("user-store") String userStoreName,
@HeaderParam("If-Modified-Since") String ifModifiedSince) { @HeaderParam("If-Modified-Since") String ifModifiedSince) {
if (userStoreName != null && !userStoreName.isEmpty()) {
roleName = userStoreName + '/' + roleName;
}
RequestValidationUtil.validateRoleName(roleName); RequestValidationUtil.validateRoleName(roleName);
try { try {
final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm(); final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
@ -164,11 +167,14 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@GET @GET
@Path("/{roleName}") @Path("/{roleName}")
@Override @Override
public Response getRole(@PathParam("roleName") String roleName, public Response getRole(@PathParam("roleName") String roleName, @QueryParam("user-store") String userStoreName,
@HeaderParam("If-Modified-Since") String ifModifiedSince) { @HeaderParam("If-Modified-Since") String ifModifiedSince) {
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("Getting the list of user roles"); log.debug("Getting the list of user roles");
} }
if (userStoreName != null && !userStoreName.isEmpty()) {
roleName = userStoreName + '/' + roleName;
}
RequestValidationUtil.validateRoleName(roleName); RequestValidationUtil.validateRoleName(roleName);
RoleInfo roleInfo = new RoleInfo(); RoleInfo roleInfo = new RoleInfo();
try { try {
@ -248,8 +254,11 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@PUT @PUT
@Path("/{roleName}") @Path("/{roleName}")
@Override @Override public Response updateRole(@PathParam("roleName") String roleName, RoleInfo roleInfo,
public Response updateRole(@PathParam("roleName") String roleName, RoleInfo roleInfo) { @QueryParam("user-store") String userStoreName) {
if (userStoreName != null && !userStoreName.isEmpty()) {
roleName = userStoreName + '/' + roleName;
}
RequestValidationUtil.validateRoleName(roleName); RequestValidationUtil.validateRoleName(roleName);
RequestValidationUtil.validateRoleDetails(roleInfo); RequestValidationUtil.validateRoleDetails(roleInfo);
try { try {
@ -372,7 +381,11 @@ public class RoleManagementServiceImpl implements RoleManagementService {
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("Getting the list of user roles"); log.debug("Getting the list of user roles");
} }
roles = userStoreManager.getRoleNames(userStore+"/*", -1, false, true, true); if (userStore.equals("all")) {
roles = userStoreManager.getRoleNames("*", -1, false, true, true);
} else {
roles = userStoreManager.getRoleNames(userStore + "/*", -1, false, true, true);
}
// removing all internal roles, roles created for Service-providers and application related roles. // removing all internal roles, roles created for Service-providers and application related roles.
List<String> filteredRoles = new ArrayList<>(); List<String> filteredRoles = new ArrayList<>();
for (String role : roles) { for (String role : roles) {

@ -374,14 +374,22 @@ var userModule = function () {
publicMethods.getRole = function (roleName) { publicMethods.getRole = function (roleName) {
var carbonUser = session.get(constants["USER_SESSION_KEY"]); var carbonUser = session.get(constants["USER_SESSION_KEY"]);
var utility = require("/app/modules/utility.js")["utility"]; var utility = require("/app/modules/utility.js")["utility"];
var userStore;
if (!carbonUser) { if (!carbonUser) {
log.error("User object was not found in the session"); log.error("User object was not found in the session");
throw constants["ERRORS"]["USER_NOT_FOUND"]; throw constants["ERRORS"]["USER_NOT_FOUND"];
} }
try { try {
utility.startTenantFlow(carbonUser); utility.startTenantFlow(carbonUser);
if (roleName.indexOf('/') > 0) {
userStore = roleName.substr(0, roleName.indexOf('/'));
roleName = roleName.substr(roleName.indexOf('/') + 1);
}
var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] + var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] +
"/roles/" + encodeURIComponent(roleName); "/roles/" + encodeURIComponent(roleName);
if (userStore) {
url += "?user-store=" + userStore;
}
var response = privateMethods.callBackend(url, constants["HTTP_GET"]); var response = privateMethods.callBackend(url, constants["HTTP_GET"]);
if (response.status == "success") { if (response.status == "success") {
response.content = parse(response.content); response.content = parse(response.content);

@ -188,7 +188,7 @@ function loadRoles() {
"sorting": false "sorting": false
}; };
$('#role-grid').datatables_extended_serverside_paging(settings, '/api/device-mgt/v1.0/roles', dataFilter, columns, fnCreatedRow, null, options); $('#role-grid').datatables_extended_serverside_paging(settings, '/api/device-mgt/v1.0/roles?user-store=all', dataFilter, columns, fnCreatedRow, null, options);
loadingContent.hide(); loadingContent.hide();
} }

@ -27,11 +27,19 @@ function onRequest(context) {
var uri = request.getRequestURI(); var uri = request.getRequestURI();
var uriMatcher = new URIMatcher(String(uri)); var uriMatcher = new URIMatcher(String(uri));
var isMatched = uriMatcher.match("/{context}/role/edit-permission/{rolename}"); var isMatched = uriMatcher.match("/{context}/role/edit-permission/{rolename}");
var matchedElements;
var roleName;
var userStore;
if (isMatched) { if (isMatched) {
var matchedElements = uriMatcher.elements(); matchedElements = uriMatcher.elements();
var roleName = matchedElements.rolename; roleName = matchedElements.rolename;
context["roleName"] = roleName; context["roleName"] = roleName;
} else if (uriMatcher.match("/{context}/role/edit-permission/{userStore}/{rolename}")) {
matchedElements = uriMatcher.elements();
userStore = matchedElements.userStore;
roleName = matchedElements.rolename;
context["roleName"] = userStore + '/' + roleName;
} }
return context; return context;
} }

@ -102,7 +102,15 @@ $(document).ready(function () {
var listPartialSrc = $("#list-partial").attr("src"); var listPartialSrc = $("#list-partial").attr("src");
var treeTemplateSrc = $("#tree-template").attr("src"); var treeTemplateSrc = $("#tree-template").attr("src");
var roleName = $("#permissionList").data("currentrole"); var roleName = $("#permissionList").data("currentrole");
var userStore;
if (roleName.indexOf('/') > 0) {
userStore = roleName.substr(0, roleName.indexOf('/'));
roleName = roleName.substr(roleName.indexOf('/') + 1);
}
var serviceUrl = apiBasePath + "/roles/" +encodeURIComponent(roleName)+"/permissions"; var serviceUrl = apiBasePath + "/roles/" +encodeURIComponent(roleName)+"/permissions";
if (userStore) {
serviceUrl += "?user-store=" + userStore;
}
$.registerPartial("list", listPartialSrc, function(){ $.registerPartial("list", listPartialSrc, function(){
$.template("treeTemplate", treeTemplateSrc, function (template) { $.template("treeTemplate", treeTemplateSrc, function (template) {
invokerUtil.get(serviceUrl, invokerUtil.get(serviceUrl,
@ -145,13 +153,25 @@ $(document).ready(function () {
*/ */
$("button#update-permissions-btn").click(function() { $("button#update-permissions-btn").click(function() {
var roleName = $("#permissionList").data("currentrole"); var roleName = $("#permissionList").data("currentrole");
var userStore;
if (roleName.indexOf('/') > 0) {
userStore = roleName.substr(0, roleName.indexOf('/'));
roleName = roleName.substr(roleName.indexOf('/') + 1);
}
var updateRolePermissionAPI = apiBasePath + "/roles/" + roleName; var updateRolePermissionAPI = apiBasePath + "/roles/" + roleName;
if (userStore) {
updateRolePermissionAPI += "?user-store=" + userStore;
}
var updateRolePermissionData = {}; var updateRolePermissionData = {};
var perms = []; var perms = [];
$("#permissionList li input:checked").each(function(){ $("#permissionList li input:checked").each(function(){
perms.push($(this).data("resourcepath")); perms.push($(this).data("resourcepath"));
}); });
if (userStore) {
updateRolePermissionData.roleName = userStore + roleName;
} else {
updateRolePermissionData.roleName = roleName; updateRolePermissionData.roleName = roleName;
}
updateRolePermissionData.permissions = perms; updateRolePermissionData.permissions = perms;
invokerUtil.put( invokerUtil.put(
updateRolePermissionAPI, updateRolePermissionAPI,

@ -25,23 +25,32 @@
function onRequest(context) { function onRequest(context) {
var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var deviceMgtProps = require("/app/modules/conf-reader/main.js")["conf"]; var deviceMgtProps = require("/app/modules/conf-reader/main.js")["conf"];
var uri = request.getRequestURI(); var uri = request.getRequestURI();
var uriMatcher = new URIMatcher(String(uri)); var uriMatcher = new URIMatcher(String(uri));
var isMatched = uriMatcher.match("/{context}/role/edit/{roleName}"); var isMatched = uriMatcher.match("/{context}/role/edit/{roleName}") ||
uriMatcher.match("/{context}/role/edit/{userStoreName}/{roleName}");
var matchedElements;
var roleName;
var response;
var userStore;
if (isMatched) { if (isMatched) {
var matchedElements = uriMatcher.elements(); if (uriMatcher.match( uriMatcher.match("/{context}/role/edit/{roleName}"))) {
var roleName = matchedElements["roleName"]; matchedElements = uriMatcher.elements();
var response = userModule.getRole(roleName); roleName = matchedElements["roleName"];
response = userModule.getRole(roleName);
if (response["status"] == "success") { if (response["status"] == "success") {
context["role"] = response["content"]; context["role"] = response["content"];
} }
var userStore;
if (roleName.indexOf("/") > -1) {
userStore = roleName.substring(0, roleName.indexOf("/"));
} else {
userStore = "PRIMARY"; userStore = "PRIMARY";
} else if (uriMatcher.match( uriMatcher.match("/{context}/role/edit/{userStoreName}/{roleName}"))) {
matchedElements = uriMatcher.elements();
roleName = matchedElements["userStoreName"] + "/" + matchedElements["roleName"];
response = userModule.getRole(roleName);
if (response["status"] == "success") {
context["role"] = response["content"];
}
userStore = matchedElements["userStoreName"];
} }
context["userStore"] = userStore; context["userStore"] = userStore;
context["roleNameJSRegEx"] = deviceMgtProps["roleValidationConfig"]["roleNameJSRegEx"]; context["roleNameJSRegEx"] = deviceMgtProps["roleValidationConfig"]["roleNameJSRegEx"];

Loading…
Cancel
Save