Fixing issues related with roles of secondary user store

4.x.x
Megala 8 years ago
parent 959e3a63af
commit d8555c34ab

@ -172,6 +172,11 @@ public interface RoleManagementService {
required = true,
defaultValue = "Engineer")
@PathParam("roleName") String roleName,
@ApiParam(
name = "user-store",
value = "The name of the UserStore you wish to get the list of roles.",
required = false)
@QueryParam("user-store") String userStoreName,
@ApiParam(
name = "If-Modified-Since",
value = "Checks if the requested variant was modified, since the specified date-time." +
@ -237,6 +242,11 @@ public interface RoleManagementService {
required = true,
defaultValue = "admin")
@PathParam("roleName") String roleName,
@ApiParam(
name = "user-store",
value = "The name of the UserStore you wish to get the list of roles.",
required = false)
@QueryParam("user-store") String userStoreName,
@ApiParam(
name = "If-Modified-Since",
value = "Checks if the requested variant was modified, since the specified date-time." +
@ -355,7 +365,12 @@ public interface RoleManagementService {
value = "The properties required to update a role.\n" +
"NOTE: Don't change the role and the permissions of the admin user. " +
"If you want to try out this API by updating all the properties, create a new role and update the properties accordingly.",
required = true) RoleInfo role);
required = true) RoleInfo role,
@ApiParam(
name = "user-store",
value = "The name of the UserStore you wish to get the list of roles.",
required = false)
@QueryParam("user-store") String userStoreName);
@DELETE
@Path("/{roleName}")

@ -95,8 +95,11 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@Path("/{roleName}/permissions")
@Override
public Response getPermissionsOfRole(
@PathParam("roleName") String roleName,
@PathParam("roleName") String roleName, @QueryParam("user-store") String userStoreName,
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
if (userStoreName != null && !userStoreName.isEmpty()) {
roleName = userStoreName + '/' + roleName;
}
RequestValidationUtil.validateRoleName(roleName);
try {
final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
@ -164,11 +167,14 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@GET
@Path("/{roleName}")
@Override
public Response getRole(@PathParam("roleName") String roleName,
public Response getRole(@PathParam("roleName") String roleName, @QueryParam("user-store") String userStoreName,
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
if (log.isDebugEnabled()) {
log.debug("Getting the list of user roles");
}
if (userStoreName != null && !userStoreName.isEmpty()) {
roleName = userStoreName + '/' + roleName;
}
RequestValidationUtil.validateRoleName(roleName);
RoleInfo roleInfo = new RoleInfo();
try {
@ -248,8 +254,11 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@PUT
@Path("/{roleName}")
@Override
public Response updateRole(@PathParam("roleName") String roleName, RoleInfo roleInfo) {
@Override public Response updateRole(@PathParam("roleName") String roleName, RoleInfo roleInfo,
@QueryParam("user-store") String userStoreName) {
if (userStoreName != null && !userStoreName.isEmpty()) {
roleName = userStoreName + '/' + roleName;
}
RequestValidationUtil.validateRoleName(roleName);
RequestValidationUtil.validateRoleDetails(roleInfo);
try {
@ -372,7 +381,11 @@ public class RoleManagementServiceImpl implements RoleManagementService {
if (log.isDebugEnabled()) {
log.debug("Getting the list of user roles");
}
roles = userStoreManager.getRoleNames(userStore+"/*", -1, false, true, true);
if (userStore.equals("all")) {
roles = userStoreManager.getRoleNames("*", -1, false, true, true);
} else {
roles = userStoreManager.getRoleNames(userStore + "/*", -1, false, true, true);
}
// removing all internal roles, roles created for Service-providers and application related roles.
List<String> filteredRoles = new ArrayList<>();
for (String role : roles) {

@ -374,14 +374,22 @@ var userModule = function () {
publicMethods.getRole = function (roleName) {
var carbonUser = session.get(constants["USER_SESSION_KEY"]);
var utility = require("/app/modules/utility.js")["utility"];
var userStore;
if (!carbonUser) {
log.error("User object was not found in the session");
throw constants["ERRORS"]["USER_NOT_FOUND"];
}
try {
utility.startTenantFlow(carbonUser);
if (roleName.indexOf('/') > 0) {
userStore = roleName.substr(0, roleName.indexOf('/'));
roleName = roleName.substr(roleName.indexOf('/') + 1);
}
var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] +
"/roles/" + encodeURIComponent(roleName);
if (userStore) {
url += "?user-store=" + userStore;
}
var response = privateMethods.callBackend(url, constants["HTTP_GET"]);
if (response.status == "success") {
response.content = parse(response.content);

@ -188,7 +188,7 @@ function loadRoles() {
"sorting": false
};
$('#role-grid').datatables_extended_serverside_paging(settings, '/api/device-mgt/v1.0/roles', dataFilter, columns, fnCreatedRow, null, options);
$('#role-grid').datatables_extended_serverside_paging(settings, '/api/device-mgt/v1.0/roles?user-store=all', dataFilter, columns, fnCreatedRow, null, options);
loadingContent.hide();
}

@ -27,11 +27,19 @@ function onRequest(context) {
var uri = request.getRequestURI();
var uriMatcher = new URIMatcher(String(uri));
var isMatched = uriMatcher.match("/{context}/role/edit-permission/{rolename}");
var matchedElements;
var roleName;
var userStore;
if (isMatched) {
var matchedElements = uriMatcher.elements();
var roleName = matchedElements.rolename;
matchedElements = uriMatcher.elements();
roleName = matchedElements.rolename;
context["roleName"] = roleName;
} else if (uriMatcher.match("/{context}/role/edit-permission/{userStore}/{rolename}")) {
matchedElements = uriMatcher.elements();
userStore = matchedElements.userStore;
roleName = matchedElements.rolename;
context["roleName"] = userStore + '/' + roleName;
}
return context;
}

@ -102,7 +102,15 @@ $(document).ready(function () {
var listPartialSrc = $("#list-partial").attr("src");
var treeTemplateSrc = $("#tree-template").attr("src");
var roleName = $("#permissionList").data("currentrole");
var userStore;
if (roleName.indexOf('/') > 0) {
userStore = roleName.substr(0, roleName.indexOf('/'));
roleName = roleName.substr(roleName.indexOf('/') + 1);
}
var serviceUrl = apiBasePath + "/roles/" +encodeURIComponent(roleName)+"/permissions";
if (userStore) {
serviceUrl += "?user-store=" + userStore;
}
$.registerPartial("list", listPartialSrc, function(){
$.template("treeTemplate", treeTemplateSrc, function (template) {
invokerUtil.get(serviceUrl,
@ -145,13 +153,25 @@ $(document).ready(function () {
*/
$("button#update-permissions-btn").click(function() {
var roleName = $("#permissionList").data("currentrole");
var userStore;
if (roleName.indexOf('/') > 0) {
userStore = roleName.substr(0, roleName.indexOf('/'));
roleName = roleName.substr(roleName.indexOf('/') + 1);
}
var updateRolePermissionAPI = apiBasePath + "/roles/" + roleName;
if (userStore) {
updateRolePermissionAPI += "?user-store=" + userStore;
}
var updateRolePermissionData = {};
var perms = [];
$("#permissionList li input:checked").each(function(){
perms.push($(this).data("resourcepath"));
});
if (userStore) {
updateRolePermissionData.roleName = userStore + roleName;
} else {
updateRolePermissionData.roleName = roleName;
}
updateRolePermissionData.permissions = perms;
invokerUtil.put(
updateRolePermissionAPI,

@ -25,23 +25,32 @@
function onRequest(context) {
var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var deviceMgtProps = require("/app/modules/conf-reader/main.js")["conf"];
var uri = request.getRequestURI();
var uriMatcher = new URIMatcher(String(uri));
var isMatched = uriMatcher.match("/{context}/role/edit/{roleName}");
var isMatched = uriMatcher.match("/{context}/role/edit/{roleName}") ||
uriMatcher.match("/{context}/role/edit/{userStoreName}/{roleName}");
var matchedElements;
var roleName;
var response;
var userStore;
if (isMatched) {
var matchedElements = uriMatcher.elements();
var roleName = matchedElements["roleName"];
var response = userModule.getRole(roleName);
if (uriMatcher.match( uriMatcher.match("/{context}/role/edit/{roleName}"))) {
matchedElements = uriMatcher.elements();
roleName = matchedElements["roleName"];
response = userModule.getRole(roleName);
if (response["status"] == "success") {
context["role"] = response["content"];
}
var userStore;
if (roleName.indexOf("/") > -1) {
userStore = roleName.substring(0, roleName.indexOf("/"));
} else {
userStore = "PRIMARY";
} else if (uriMatcher.match( uriMatcher.match("/{context}/role/edit/{userStoreName}/{roleName}"))) {
matchedElements = uriMatcher.elements();
roleName = matchedElements["userStoreName"] + "/" + matchedElements["roleName"];
response = userModule.getRole(roleName);
if (response["status"] == "success") {
context["role"] = response["content"];
}
userStore = matchedElements["userStoreName"];
}
context["userStore"] = userStore;
context["roleNameJSRegEx"] = deviceMgtProps["roleValidationConfig"]["roleNameJSRegEx"];

Loading…
Cancel
Save