Fixing issues related to mapping users and roles from different user stores

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java

@@ -457,6 +457,11 @@ public interface UserManagementService {
                     value = "Provide a character or a few character in the user name",
                     required = true)
             @QueryParam("filter") String filter,
+            @ApiParam(
+                    name = "domain",
+                    value = "The user store domain which the user names should be fetched from",
+                    required = false)
+            @QueryParam("domain") String domain,
             @ApiParam(
                     name = "If-Modified-Since",
                     value = "Checks if the requested variant was modified, since the specified date-time\n." +

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java

@@ -22,17 +22,13 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.CarbonConstants;
 import org.wso2.carbon.base.MultitenantConstants;
-import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException;
-import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
 import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
 import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo;
 import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
-import org.wso2.carbon.device.mgt.jaxrs.beans.Scope;
 import org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService;
 import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.FilteringUtil;
 import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
 import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
-import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtUtil;
 import org.wso2.carbon.device.mgt.jaxrs.util.SetReferenceTransformer;
 import org.wso2.carbon.user.api.*;
 import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
@@ -49,6 +45,8 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 
+import static org.wso2.carbon.device.mgt.jaxrs.util.Constants.PRIMARY_USER_STORE;
+
 @Path("/roles")
 @Produces(MediaType.APPLICATION_JSON)
 @Consumes(MediaType.APPLICATION_JSON)
@@ -56,7 +54,6 @@ public class RoleManagementServiceImpl implements RoleManagementService {
 
     private static final String API_BASE_PATH = "/roles";
     private static final Log log = LogFactory.getLog(RoleManagementServiceImpl.class);
-    private static final String PRIMARY_USER_STORE = "PRIMARY";
 
     @GET
     @Override
@@ -93,7 +90,8 @@ public class RoleManagementServiceImpl implements RoleManagementService {
 
     @GET
     @Path("/{roleName}/permissions")
-    @Override public Response getPermissionsOfRole(@PathParam("roleName") String roleName,
+    @Override
+    public Response getPermissionsOfRole(@PathParam("roleName") String roleName,
             @QueryParam("user-store") String userStoreName, @HeaderParam("If-Modified-Since") String ifModifiedSince) {
         if (userStoreName != null && !userStoreName.isEmpty()) {
             roleName = userStoreName + "/" + roleName;

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java

@@ -21,6 +21,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.impl;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.opensaml.ws.wstrust.Primary;
 import org.wso2.carbon.device.mgt.common.DeviceManagementException;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
@@ -353,28 +354,32 @@ public class UserManagementServiceImpl implements UserManagementService {
     @GET
     @Path("/search/usernames")
     @Override
-    public Response getUserNames(@QueryParam("filter") String filter, @HeaderParam("If-Modified-Since") String timestamp,
+    public Response getUserNames(@QueryParam("filter") String filter, @QueryParam("domain") String domain,
+            @HeaderParam("If-Modified-Since") String timestamp,
                                  @QueryParam("offset") int offset, @QueryParam("limit") int limit) {
         if (log.isDebugEnabled()) {
             log.debug("Getting the list of users with all user-related information using the filter : " + filter);
         }
+        String userStoreDomain = Constants.PRIMARY_USER_STORE;
+        if (domain != null && !domain.isEmpty()) {
+            userStoreDomain = domain;
+        }
         List<UserInfo> userList;
         try {
             UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
-            String[] users = userStoreManager.listUsers(filter + "*", -1);
-            userList = new ArrayList<>(users.length);
+            String[] users = userStoreManager.listUsers(userStoreDomain + "/*", -1);
+            userList = new ArrayList<>();
             UserInfo user;
             for (String username : users) {
-                user = new UserInfo();
-                user.setUsername(username);
-                user.setEmailAddress(getClaimValue(username, Constants.USER_CLAIM_EMAIL_ADDRESS));
-                user.setFirstname(getClaimValue(username, Constants.USER_CLAIM_FIRST_NAME));
-                user.setLastname(getClaimValue(username, Constants.USER_CLAIM_LAST_NAME));
-                userList.add(user);
+                if (username.contains(filter)) {
+                    user = new UserInfo();
+                    user.setUsername(username);
+                    user.setEmailAddress(getClaimValue(username, Constants.USER_CLAIM_EMAIL_ADDRESS));
+                    user.setFirstname(getClaimValue(username, Constants.USER_CLAIM_FIRST_NAME));
+                    user.setLastname(getClaimValue(username, Constants.USER_CLAIM_LAST_NAME));
+                    userList.add(user);
+                }
             }
-//            if (userList.size() <= 0) {
-//                return Response.status(Response.Status.NOT_FOUND).entity("No user is available to be retrieved").build();
-//            }
             return Response.status(Response.Status.OK).entity(userList).build();
         } catch (UserStoreException e) {
             String msg = "Error occurred while retrieving the list of users using the filter : " + filter;

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java

@@ -26,6 +26,7 @@ public class Constants {
 	public static final String USER_CLAIM_EMAIL_ADDRESS = "http://wso2.org/claims/emailaddress";
 	public static final String USER_CLAIM_FIRST_NAME = "http://wso2.org/claims/givenname";
 	public static final String USER_CLAIM_LAST_NAME = "http://wso2.org/claims/lastname";
+	public static final String PRIMARY_USER_STORE = "PRIMARY";
 
 	public final class ErrorMessages {
 		private ErrorMessages () { throw new AssertionError(); }

components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/public/js/bottomJs.js

@@ -32,6 +32,7 @@ var validateInline = {};
 var clearInline = {};
 
 var apiBasePath = "/api/device-mgt/v1.0";
+var domain = $("#domain").val();
 
 var enableInlineError = function (inputField, errorMsg, errorSign) {
     var fieldIdentifier = "#" + inputField;
@@ -113,6 +114,7 @@ function formatRepoSelection (user) {
 
 $(document).ready(function () {
     var appContext = $("#app-context").data("app-context");
+
     $("#users").select2({
         multiple:true,
         tags: false,
@@ -127,7 +129,8 @@ $(document).ready(function () {
             data: function (params) {
                 var postData = {};
                 postData.requestMethod = "GET";
-                postData.requestURL = "/api/device-mgt/v1.0/users/search/usernames?filter=" + params.term;
+                postData.requestURL = "/api/device-mgt/v1.0/users/search/usernames?filter=" + params.term +
+                    "&domain=" + domain;
                 postData.requestPayload = null;
                 return JSON.stringify(postData);
             },
@@ -222,4 +225,12 @@ $(document).ready(function () {
     $(roleNameInputElement).blur(function() {
         validateInline["role-name"]();
     });
+
+    /* When the user store domain value is changed, the users who are assigned to that role should be removed, as
+       user and role can be mapped only if both are in same user store
+     */
+    $("#domain").change(function () {
+        $("#users").select2("val", "");
+        domain = $("#domain").val();
+    });
 });

components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/public/js/bottomJs.js

@@ -189,10 +189,10 @@ $("#userStore").change(
                     if (data.errorMessage) {
                         $(errorMsg).text("Selected user store prompted an error : " + data.errorMessage);
                         $(errorMsgWrapper).removeClass("hidden");
-                    } else if (data["statusCode"] == 200) {
+                    } else if (data.count > 0) {
                         $("#roles").empty();
-                        for (var i = 0; i < data.responseContent.length; i++) {
-                            var newOption = $('<option value="' + data.responseContent[i] + '">' + data.responseContent[i] + '</option>');
+                        for (var i = 0; i < data.roles.length; i++) {
+                            var newOption = $('<option value="' + data.roles[i] + '">' + data.roles[i] + '</option>');
                             $('#roles').append(newOption);
                         }
                     }

components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/public/js/bottomJs.js

@@ -1,3 +1,21 @@
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
 /**
  * Checks if provided input is valid against RegEx input.
  *
@@ -12,6 +30,7 @@ function inputIsValid(regExp, inputString) {
 
 var validateInline = {};
 var clearInline = {};
+var domain = $("#domain").val();
 
 var apiBasePath = "/api/device-mgt/v1.0";
 
@@ -112,7 +131,7 @@ $(document).ready(function () {
             data: function (params) {
                 var postData = {};
                 postData.actionMethod = "GET";
-                postData.actionUrl = apiBasePath + "/users/search/usernames?filter=" + params.term;
+                postData.actionUrl = apiBasePath + "/users/search/usernames?filter=" + params.term + "&domain=" + domain;
                 postData.actionPayload = null;
                 return JSON.stringify(postData);
             },
@@ -196,4 +215,12 @@ $(document).ready(function () {
     $("#rolename").blur(function() {
         validateInline["role-name"]();
     });
+
+    /* When the user store domain value is changed, the users who are assigned to that role should be removed, as
+     user and role can be mapped only if both are in same user store
+     */
+    $("#domain").change(function () {
+        $("#users").select2("val", "");
+        domain = $("#domain").val();
+    });
 });