Grouping Improvements (#169)

Purpose

After deleting a role, delete relevant records from DM_ROLE_GROUP_MAP table
Related tickets: https://roadmap.entgra.net/issues/9528 and https://roadmap.entgra.net/issues/9529

Co-authored-by: ThilinaPremachandra <thilina@entgra.io>
Reviewed-on: community/device-mgt-core#169
Co-authored-by: Thilina Sandaruwan <thilina@entgra.io>
Co-committed-by: Thilina Sandaruwan <thilina@entgra.io>
remotes/1731000850486189418/master
Thilina Sandaruwan 1 year ago committed by pasindu
parent a1ae369fe5
commit b765c8ded3

@ -489,8 +489,8 @@ public class GroupManagementServiceImpl implements GroupManagementService {
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (GroupAlreadyExistException e) { } catch (GroupAlreadyExistException e) {
String msg = "Group already exists with name : " + groups.getName() + "."; String msg = "Group already exists with name : " + groups.getName() + " Try with another group name.";
log.warn(msg); log.error(msg, e);
return Response.status(Response.Status.CONFLICT).entity(msg).build(); return Response.status(Response.Status.CONFLICT).entity(msg).build();
} catch (RoleDoesNotExistException e) { } catch (RoleDoesNotExistException e) {
return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build(); return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();

@ -18,6 +18,7 @@
package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl; package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl;
import io.entgra.device.mgt.core.device.mgt.common.exceptions.MetadataManagementException; import io.entgra.device.mgt.core.device.mgt.common.exceptions.MetadataManagementException;
import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupManagementException;
import io.entgra.device.mgt.core.device.mgt.common.metadata.mgt.Metadata; import io.entgra.device.mgt.core.device.mgt.common.metadata.mgt.Metadata;
import org.apache.axis2.databinding.types.xsd._boolean; import org.apache.axis2.databinding.types.xsd._boolean;
import org.json.simple.JSONObject; import org.json.simple.JSONObject;
@ -638,6 +639,7 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@Consumes(MediaType.WILDCARD) @Consumes(MediaType.WILDCARD)
@Override @Override
public Response deleteRole(@PathParam("roleName") String roleName, @QueryParam("user-store") String userStoreName) { public Response deleteRole(@PathParam("roleName") String roleName, @QueryParam("user-store") String userStoreName) {
String roleToDelete = roleName;
if (userStoreName != null && !userStoreName.isEmpty()) { if (userStoreName != null && !userStoreName.isEmpty()) {
roleName = userStoreName + "/" + roleName; roleName = userStoreName + "/" + roleName;
} }
@ -645,6 +647,7 @@ public class RoleManagementServiceImpl implements RoleManagementService {
try { try {
final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm(); final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
final UserStoreManager userStoreManager = userRealm.getUserStoreManager(); final UserStoreManager userStoreManager = userRealm.getUserStoreManager();
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
if (!userStoreManager.isExistingRole(roleName)) { if (!userStoreManager.isExistingRole(roleName)) {
String msg = "No role exists with the name : " + roleName ; String msg = "No role exists with the name : " + roleName ;
return Response.status(404).entity(msg).build(); return Response.status(404).entity(msg).build();
@ -654,16 +657,18 @@ public class RoleManagementServiceImpl implements RoleManagementService {
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("Deleting the role in user store"); log.debug("Deleting the role in user store");
} }
userStoreManager.deleteRole(roleName); DeviceMgtAPIUtils.getGroupManagementProviderService().deleteRoleAndRoleGroupMapping(roleName, roleToDelete, tenantId, userStoreManager, authorizationManager);
// Delete all authorizations for the current role before deleting
authorizationManager.clearRoleAuthorization(roleName);
return Response.status(Response.Status.OK).build(); return Response.status(Response.Status.OK).build();
} catch (UserStoreException e) { } catch (UserStoreException e) {
String msg = "Error occurred while deleting the role '" + roleName + "'"; String msg = "Error occurred while deleting the role '" + roleName + "'";
log.error(msg, e); log.error(msg, e);
return Response.serverError().entity( return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} catch (GroupManagementException e) {
String msg = "Error occurred while deleting group-role mapping records";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} }
} }

@ -199,8 +199,8 @@ public class GroupManagementAdminServiceImpl implements GroupManagementAdminServ
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (GroupAlreadyExistException e) { } catch (GroupAlreadyExistException e) {
String msg = "Group already exists with name : " + group.getName() + "."; String msg = "Group already exists with name : " + group.getName() + " Try with another group name.";
log.warn(msg); log.error(msg, e);
return Response.status(Response.Status.CONFLICT).entity(msg).build(); return Response.status(Response.Status.CONFLICT).entity(msg).build();
} catch (RoleDoesNotExistException e) { } catch (RoleDoesNotExistException e) {
return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build(); return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();

@ -155,6 +155,15 @@ public interface GroupDAO {
*/ */
void deleteGroupsMapping(List<Integer> groupIds, int tenantId) throws GroupManagementDAOException; void deleteGroupsMapping(List<Integer> groupIds, int tenantId) throws GroupManagementDAOException;
/**
* Delete mappings of Device Groups.
*
* @param role of Device Groups.
* @param tenantId of the role.
* @throws GroupManagementDAOException on error during deletion of mappings of groups
*/
void deleteGroupsMapping(String role, int tenantId) throws GroupManagementDAOException;
/** /**
* Delete existing Device Groups. * Delete existing Device Groups.
* *

@ -541,6 +541,23 @@ public abstract class AbstractGroupDAOImpl implements GroupDAO {
} }
} }
@Override
public void deleteGroupsMapping(String role, int tenantId) throws GroupManagementDAOException {
try {
Connection conn = GroupManagementDAOFactory.getConnection();
String sql = "DELETE FROM DM_ROLE_GROUP_MAP WHERE ROLE = ? AND TENANT_ID = ?";
try (PreparedStatement stmt = conn.prepareStatement(sql)) {
stmt.setString(1, role);
stmt.setInt(2, tenantId);
stmt.executeUpdate();
}
} catch (SQLException e) {
String msg = "Error occurred while removing record from group-role mapping.";
log.error(msg);
throw new GroupManagementDAOException(msg, e);
}
}
@Override @Override
public void deleteGroups(List<Integer> groupIds, int tenantId) throws GroupManagementDAOException { public void deleteGroups(List<Integer> groupIds, int tenantId) throws GroupManagementDAOException {
try { try {

@ -31,6 +31,8 @@ import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupAlreadyExistEx
import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupManagementException; import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupManagementException;
import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupNotExistException; import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupNotExistException;
import io.entgra.device.mgt.core.device.mgt.common.group.mgt.RoleDoesNotExistException; import io.entgra.device.mgt.core.device.mgt.common.group.mgt.RoleDoesNotExistException;
import org.wso2.carbon.user.api.AuthorizationManager;
import org.wso2.carbon.user.api.UserStoreManager;
import java.util.List; import java.util.List;
@ -58,7 +60,7 @@ public interface GroupManagementProviderService {
* @param defaultPermissions of the default role * @param defaultPermissions of the default role
* @throws GroupManagementException * @throws GroupManagementException
*/ */
void createGroupWithRoles(DeviceGroupRoleWrapper groups, String defaultRole, String[] defaultPermissions) throws GroupManagementException, GroupAlreadyExistException, RoleDoesNotExistException; void createGroupWithRoles(DeviceGroupRoleWrapper groups, String defaultRole, String[] defaultPermissions) throws GroupAlreadyExistException,GroupManagementException, RoleDoesNotExistException;
/** /**
* Update existing device group. * Update existing device group.
@ -80,6 +82,18 @@ public interface GroupManagementProviderService {
*/ */
boolean deleteGroup(int groupId, boolean isDeleteChildren) throws GroupManagementException; boolean deleteGroup(int groupId, boolean isDeleteChildren) throws GroupManagementException;
/**
* Delete existing device group.
*
* @param role to be deleted with the userStore name.
* @param roleToDelete to delete the role.
* @param tenantId to belongs to roles.
* @param userStoreManager with details.
* @param authorizationManager with details.
* @throws GroupManagementException
*/
void deleteRoleAndRoleGroupMapping(String role, String roleToDelete, int tenantId, UserStoreManager userStoreManager, AuthorizationManager authorizationManager) throws GroupManagementException;
/** /**
* Get the device group provided the device group id. * Get the device group provided the device group id.
* *

@ -49,10 +49,12 @@ import io.entgra.device.mgt.core.device.mgt.core.util.DeviceManagerUtil;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.netbeans.lib.cvsclient.commandLine.command.status;
import org.wso2.carbon.CarbonConstants; import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext;
import io.entgra.device.mgt.core.device.mgt.common.GroupPaginationRequest;
import io.entgra.device.mgt.core.device.mgt.common.PaginationResult;
import org.wso2.carbon.user.api.AuthorizationManager;
import org.wso2.carbon.user.api.UserRealm; import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager; import org.wso2.carbon.user.api.UserStoreManager;
@ -148,7 +150,7 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
} }
} }
public void createGroupWithRoles(DeviceGroupRoleWrapper groups, String defaultRole, String[] defaultPermissions) throws GroupManagementException { public void createGroupWithRoles(DeviceGroupRoleWrapper groups, String defaultRole, String[] defaultPermissions) throws GroupAlreadyExistException, GroupManagementException {
if (groups == null) { if (groups == null) {
String msg = "Received incomplete data for createGroup"; String msg = "Received incomplete data for createGroup";
log.error(msg); log.error(msg);
@ -181,7 +183,7 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
} }
GroupManagementDAOFactory.commitTransaction(); GroupManagementDAOFactory.commitTransaction();
} else { } else {
throw new GroupManagementException("Group exist with name " + groups.getName()); throw new GroupAlreadyExistException("Group already exists with name : " + groups.getName() + " Try with another group name.");
} }
} catch (GroupManagementDAOException e) { } catch (GroupManagementDAOException e) {
GroupManagementDAOFactory.rollbackTransaction(); GroupManagementDAOFactory.rollbackTransaction();
@ -359,6 +361,40 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
} }
} }
/**
* {@inheritDoc}
*/
@Override
public void deleteRoleAndRoleGroupMapping(String roleName, String roleToDelete, int tenantId, UserStoreManager userStoreManager, AuthorizationManager authorizationManager) throws GroupManagementException {
if (log.isDebugEnabled()) {
log.debug("Delete roles");
}
try {
GroupManagementDAOFactory.beginTransaction();
groupDAO.deleteGroupsMapping(roleToDelete, tenantId);
userStoreManager.deleteRole(roleName);
// Delete all authorizations for the current role before deleting
authorizationManager.clearRoleAuthorization(roleName);
GroupManagementDAOFactory.commitTransaction();
} catch (UserStoreException e) {
GroupManagementDAOFactory.rollbackTransaction();
String msg = "Error occurred while deleting the role '" + roleName + "'";
log.error(msg, e);
throw new GroupManagementException(msg, e);
} catch (TransactionManagementException e) {
String msg = "Error occurred while initiating transaction.";
log.error(msg, e);
throw new GroupManagementException(msg, e);
} catch (GroupManagementDAOException e) {
GroupManagementDAOFactory.rollbackTransaction();
String msg = "Error occurred while deleting the role";
log.error(msg, e);
throw new GroupManagementException(msg, e);
} finally {
GroupManagementDAOFactory.closeConnection();
}
}
/** /**
* {@inheritDoc} * {@inheritDoc}
*/ */

Loading…
Cancel
Save