From 0de768cee03ef45065baab487b40c1001aef0a18 Mon Sep 17 00:00:00 2001 From: "amalka.subasinghe" Date: Mon, 24 Jun 2024 12:04:41 +0530 Subject: [PATCH] scopes and related permissions added when scope is not attached to an api (cherry picked from commit b7848fd0c315819f9082f60a4a833501305b2688) --- .../pom.xml | 4 +++- .../webapp/publisher/APIPublisherServiceImpl.java | 15 +++++++++++++-- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/pom.xml b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/pom.xml index 10bfbf4145..a668025519 100644 --- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/pom.xml +++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/pom.xml @@ -205,7 +205,9 @@ org.wso2.carbon.utils;version="4.6", org.wso2.carbon.utils.multitenancy;version="4.6", org.apache.commons.lang, - org.json + org.json, + io.entgra.device.mgt.core.device.mgt.common.permission.mgt, + io.entgra.device.mgt.core.device.mgt.core.permission.mgt jsr311-api;scope=compile|runtime;inline=false diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/APIPublisherServiceImpl.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/APIPublisherServiceImpl.java index e9a58e556c..cab16f8482 100644 --- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/APIPublisherServiceImpl.java +++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/APIPublisherServiceImpl.java @@ -46,6 +46,7 @@ import io.entgra.device.mgt.core.device.mgt.core.config.DeviceManagementConfig; import io.entgra.device.mgt.core.device.mgt.core.config.permission.DefaultPermission; import io.entgra.device.mgt.core.device.mgt.core.config.permission.DefaultPermissions; import io.entgra.device.mgt.core.device.mgt.core.config.permission.ScopeMapping; +import io.entgra.device.mgt.core.device.mgt.core.permission.mgt.PermissionUtils; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -68,6 +69,8 @@ import org.wso2.carbon.user.core.tenant.TenantSearchResult; import org.wso2.carbon.utils.CarbonUtils; import org.wso2.carbon.utils.multitenancy.MultitenantConstants; import org.wso2.carbon.utils.multitenancy.MultitenantUtils; +import io.entgra.device.mgt.core.device.mgt.core.permission.mgt.PermissionUtils; +import io.entgra.device.mgt.core.device.mgt.common.permission.mgt.PermissionManagementException; import java.io.BufferedReader; import java.io.File; @@ -610,9 +613,17 @@ public class APIPublisherServiceImpl implements APIPublisherService { if (publisherRESTAPIServices.isSharedScopeNameExists(apiApplicationKey, accessTokenInfo, scope.getName())) { publisherRESTAPIServices.updateSharedScope(apiApplicationKey, accessTokenInfo, scope); + // todo: permission changed in update path, is not handled yet. } else { - // todo: come to this level means, that scope is removed from API, but haven't removed from the scope-role-permission-mappings list - log.warn(scope.getName() + " not available as shared scope"); + // This scope doesn't have an api attached. + log.warn(scope.getName() + " not available as shared, add as new scope"); + publisherRESTAPIServices.addNewSharedScope(apiApplicationKey, accessTokenInfo, scope); + // add permission if not exist + try { + PermissionUtils.putPermission(permission); + } catch(PermissionManagementException e) { + log.error("Error when adding permission ", e); + } } } for (String role : rolePermissions.keySet()) {