forked from community/device-mgt-core
Merge pull request #327 from milanperera/scope-impl
Merging scope based authorization implementationrevert-70aa11f8
Chatura Dilan
8 years ago
committed by
GitHub
commit
72d84ebfbe
@ -1,45 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.apimgt.webapp.publisher.config;
|
||||
|
||||
/**
|
||||
* This class represents the information related to permissions.
|
||||
*/
|
||||
public class PermissionConfiguration {
|
||||
|
||||
private String scopeName;
|
||||
private String[] permissions;
|
||||
|
||||
public String getScopeName() {
|
||||
return scopeName;
|
||||
}
|
||||
|
||||
public void setScopeName(String scope) {
|
||||
this.scopeName = scope;
|
||||
}
|
||||
|
||||
public String[] getPermissions() {
|
||||
return permissions;
|
||||
}
|
||||
|
||||
public void setPermissions(String[] permissions) {
|
||||
this.permissions = permissions;
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,60 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.apimgt.webapp.publisher.config;
|
||||
|
||||
/**
|
||||
* Custom exception class of Permission related operations.
|
||||
*/
|
||||
public class PermissionManagementException extends Exception {
|
||||
|
||||
private static final long serialVersionUID = -3151279311929070298L;
|
||||
|
||||
private String errorMessage;
|
||||
|
||||
public String getErrorMessage() {
|
||||
return errorMessage;
|
||||
}
|
||||
|
||||
public void setErrorMessage(String errorMessage) {
|
||||
this.errorMessage = errorMessage;
|
||||
}
|
||||
|
||||
public PermissionManagementException(String msg, Exception nestedEx) {
|
||||
super(msg, nestedEx);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public PermissionManagementException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
setErrorMessage(message);
|
||||
}
|
||||
|
||||
public PermissionManagementException(String msg) {
|
||||
super(msg);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public PermissionManagementException() {
|
||||
super();
|
||||
}
|
||||
|
||||
public PermissionManagementException(Throwable cause) {
|
||||
super(cause);
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,91 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util;
|
||||
|
||||
import org.wso2.carbon.apimgt.webapp.publisher.config.PermissionManagementException;
|
||||
import org.wso2.carbon.apimgt.webapp.publisher.internal.APIPublisherDataHolder;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.registry.api.RegistryException;
|
||||
import org.wso2.carbon.registry.api.Resource;
|
||||
import org.wso2.carbon.registry.core.Registry;
|
||||
|
||||
import java.util.StringTokenizer;
|
||||
|
||||
/**
|
||||
* Utility class which holds necessary utility methods required for persisting permissions in
|
||||
* registry.
|
||||
*/
|
||||
public class PermissionUtils {
|
||||
|
||||
public static final String ADMIN_PERMISSION_REGISTRY_PATH = "/permission/admin";
|
||||
public static final String PERMISSION_PROPERTY_NAME = "name";
|
||||
|
||||
public static Registry getGovernanceRegistry() throws PermissionManagementException {
|
||||
try {
|
||||
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
|
||||
return APIPublisherDataHolder.getInstance().getRegistryService()
|
||||
.getGovernanceSystemRegistry(
|
||||
tenantId);
|
||||
} catch (RegistryException e) {
|
||||
throw new PermissionManagementException(
|
||||
"Error in retrieving governance registry instance: " +
|
||||
e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
|
||||
public static void addPermission(String permission) throws PermissionManagementException {
|
||||
String resourcePermission = getAbsolutePermissionPath(permission);
|
||||
try {
|
||||
StringTokenizer tokenizer = new StringTokenizer(resourcePermission, "/");
|
||||
String lastToken = "", currentToken, tempPath;
|
||||
while (tokenizer.hasMoreTokens()) {
|
||||
currentToken = tokenizer.nextToken();
|
||||
tempPath = lastToken + "/" + currentToken;
|
||||
if (!checkResourceExists(tempPath)) {
|
||||
createRegistryCollection(tempPath, currentToken);
|
||||
}
|
||||
lastToken = tempPath;
|
||||
}
|
||||
} catch (RegistryException e) {
|
||||
throw new PermissionManagementException("Error occurred while persisting permission : " +
|
||||
resourcePermission, e);
|
||||
}
|
||||
}
|
||||
|
||||
public static void createRegistryCollection(String path, String resourceName)
|
||||
throws PermissionManagementException,
|
||||
RegistryException {
|
||||
Resource resource = PermissionUtils.getGovernanceRegistry().newCollection();
|
||||
resource.addProperty(PERMISSION_PROPERTY_NAME, resourceName);
|
||||
PermissionUtils.getGovernanceRegistry().beginTransaction();
|
||||
PermissionUtils.getGovernanceRegistry().put(path, resource);
|
||||
PermissionUtils.getGovernanceRegistry().commitTransaction();
|
||||
}
|
||||
|
||||
public static boolean checkResourceExists(String path)
|
||||
throws PermissionManagementException,
|
||||
org.wso2.carbon.registry.core.exceptions.RegistryException {
|
||||
return PermissionUtils.getGovernanceRegistry().resourceExists(path);
|
||||
}
|
||||
|
||||
private static String getAbsolutePermissionPath(String permissionPath) {
|
||||
return PermissionUtils.ADMIN_PERMISSION_REGISTRY_PATH + permissionPath;
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,71 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.jaxrs.beans;
|
||||
|
||||
import io.swagger.annotations.ApiModel;
|
||||
import io.swagger.annotations.ApiModelProperty;
|
||||
|
||||
@ApiModel(value = "Scope", description = "Template of the authorization scope")
|
||||
public class Scope {
|
||||
|
||||
@ApiModelProperty(name = "scope key", value = "An unique string as a key.", required = true)
|
||||
private String key;
|
||||
|
||||
@ApiModelProperty(name = "scope name", value = "Scope name.", required = true)
|
||||
private String name;
|
||||
|
||||
@ApiModelProperty(name = "roles", value = "List of roles to be associated with the scope", required = true)
|
||||
private String roles;
|
||||
|
||||
@ApiModelProperty(name = "scope description", value = "A description of the scope", required = true)
|
||||
private String description;
|
||||
|
||||
public Scope() {
|
||||
}
|
||||
|
||||
public String getKey() {
|
||||
return this.key;
|
||||
}
|
||||
|
||||
public void setKey(String key) {
|
||||
this.key = key;
|
||||
}
|
||||
|
||||
public String getName() {
|
||||
return this.name;
|
||||
}
|
||||
|
||||
public void setName(String name) {
|
||||
this.name = name;
|
||||
}
|
||||
|
||||
public String getRoles() {
|
||||
return this.roles;
|
||||
}
|
||||
|
||||
public void setRoles(String roles) {
|
||||
this.roles = roles;
|
||||
}
|
||||
|
||||
public String getDescription() {
|
||||
return this.description;
|
||||
}
|
||||
|
||||
public void setDescription(String description) {
|
||||
this.description = description;
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,57 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.common.scope.mgt;
|
||||
|
||||
/**
|
||||
* This exception is used to throw when there is an issue in scope management service.
|
||||
*/
|
||||
public class ScopeManagementException extends Exception {
|
||||
|
||||
private static final long serialVersionUID = -315127931137779899L;
|
||||
|
||||
private String errorMessage;
|
||||
|
||||
public String getErrorMessage() {
|
||||
return errorMessage;
|
||||
}
|
||||
|
||||
public void setErrorMessage(String errorMessage) {
|
||||
this.errorMessage = errorMessage;
|
||||
}
|
||||
|
||||
public ScopeManagementException(String msg, Exception nestedEx) {
|
||||
super(msg, nestedEx);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public ScopeManagementException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
setErrorMessage(message);
|
||||
}
|
||||
|
||||
public ScopeManagementException(String msg) {
|
||||
super(msg);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public ScopeManagementException() {
|
||||
super();
|
||||
}
|
||||
|
||||
public ScopeManagementException(Throwable cause) {
|
||||
super(cause);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,53 @@
|
||||
/*
|
||||
* Copyright (c) 2016 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.common.scope.mgt;
|
||||
|
||||
import java.util.List;
|
||||
import org.wso2.carbon.apimgt.api.model.Scope;
|
||||
|
||||
/**
|
||||
* This interface contains the basic operations related to scope management.
|
||||
*/
|
||||
public interface ScopeManagementService {
|
||||
|
||||
/**
|
||||
* This method is used to update the given list of scopes.
|
||||
*
|
||||
* @param scopes List of scopes to be updated.
|
||||
* @throws ScopeManagementException
|
||||
*/
|
||||
void updateScopes(List<Scope> scopes) throws ScopeManagementException;
|
||||
|
||||
/**
|
||||
* This method is used to retrieve all the scopes.
|
||||
*
|
||||
* @return List of scopes.
|
||||
* @throws ScopeManagementException
|
||||
*/
|
||||
List<Scope> getAllScopes() throws ScopeManagementException;
|
||||
|
||||
/**
|
||||
* This method is to retrieve the roles of the given scope
|
||||
* @param scopeKey key of the scope
|
||||
* @return List of roles
|
||||
* @throws ScopeManagementException
|
||||
*/
|
||||
String getRolesOfScope(String scopeKey) throws ScopeManagementException;
|
||||
|
||||
}
|
||||
@ -0,0 +1,332 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.core.config.permission;
|
||||
|
||||
import org.apache.catalina.core.StandardContext;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.scannotation.AnnotationDB;
|
||||
import org.wso2.carbon.apimgt.annotations.api.API;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.ws.rs.*;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.lang.annotation.Annotation;
|
||||
import java.lang.reflect.InvocationHandler;
|
||||
import java.lang.reflect.Method;
|
||||
import java.lang.reflect.Proxy;
|
||||
import java.net.MalformedURLException;
|
||||
import java.net.URI;
|
||||
import java.net.URL;
|
||||
import java.security.AccessController;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.StringTokenizer;
|
||||
|
||||
public class AnnotationProcessor {
|
||||
|
||||
private static final Log log = LogFactory.getLog(AnnotationProcessor.class);
|
||||
|
||||
private static final String PACKAGE_ORG_APACHE = "org.apache";
|
||||
private static final String PACKAGE_ORG_CODEHAUS = "org.codehaus";
|
||||
private static final String PACKAGE_ORG_SPRINGFRAMEWORK = "org.springframework";
|
||||
private static final String WILD_CARD = "/*";
|
||||
private static final String URL_SEPARATOR = "/";
|
||||
|
||||
private static final String STRING_ARR = "string_arr";
|
||||
private static final String STRING = "string";
|
||||
|
||||
private Method[] pathClazzMethods;
|
||||
private Class<Path> pathClazz;
|
||||
Class<API> apiClazz;
|
||||
private ClassLoader classLoader;
|
||||
private ServletContext servletContext;
|
||||
|
||||
|
||||
public AnnotationProcessor(final StandardContext context) {
|
||||
servletContext = context.getServletContext();
|
||||
classLoader = servletContext.getClassLoader();
|
||||
}
|
||||
|
||||
/**
|
||||
* Scan the context for classes with annotations
|
||||
*
|
||||
* @return
|
||||
* @throws IOException
|
||||
*/
|
||||
public Set<String> scanStandardContext(String className) throws IOException {
|
||||
ExtendedAnnotationDB db = new ExtendedAnnotationDB();
|
||||
db.addIgnoredPackages(PACKAGE_ORG_APACHE);
|
||||
db.addIgnoredPackages(PACKAGE_ORG_CODEHAUS);
|
||||
db.addIgnoredPackages(PACKAGE_ORG_SPRINGFRAMEWORK);
|
||||
URL classPath = findWebInfClassesPath(servletContext);
|
||||
db.scanArchives(classPath);
|
||||
|
||||
//Returns a list of classes with given Annotation
|
||||
return db.getAnnotationIndex().get(className);
|
||||
}
|
||||
|
||||
/**
|
||||
* Method identifies the URL templates and context by reading the annotations of a class
|
||||
*
|
||||
* @param entityClasses
|
||||
* @return
|
||||
*/
|
||||
public List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission>
|
||||
extractPermissions(Set<String> entityClasses) {
|
||||
|
||||
List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> permissions = new ArrayList<>();
|
||||
|
||||
if (entityClasses != null && !entityClasses.isEmpty()) {
|
||||
|
||||
for (final String className : entityClasses) {
|
||||
|
||||
List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> resourcePermissions =
|
||||
AccessController.doPrivileged(new PrivilegedAction<List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission>>() {
|
||||
public List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> run() {
|
||||
Class<?> clazz;
|
||||
List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> apiPermissions =
|
||||
new ArrayList<>();
|
||||
try {
|
||||
clazz = classLoader.loadClass(className);
|
||||
|
||||
apiClazz = (Class<API>)
|
||||
classLoader.loadClass(org.wso2.carbon.apimgt.annotations.api.API
|
||||
.class.getName());
|
||||
|
||||
Annotation apiAnno = clazz.getAnnotation(apiClazz);
|
||||
List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> resourceList;
|
||||
|
||||
if (apiAnno != null) {
|
||||
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Application Context root = " + servletContext.getContextPath());
|
||||
}
|
||||
|
||||
try {
|
||||
String rootContext = servletContext.getContextPath();
|
||||
pathClazz = (Class<Path>) classLoader.loadClass(Path.class.getName());
|
||||
pathClazzMethods = pathClazz.getMethods();
|
||||
|
||||
Annotation rootContectAnno = clazz.getAnnotation(pathClazz);
|
||||
String subContext = "";
|
||||
if (rootContectAnno != null) {
|
||||
subContext = invokeMethod(pathClazzMethods[0], rootContectAnno, STRING);
|
||||
if (subContext != null && !subContext.isEmpty()) {
|
||||
if (subContext.trim().startsWith("/")) {
|
||||
rootContext = rootContext + subContext;
|
||||
} else {
|
||||
rootContext = rootContext + "/" + subContext;
|
||||
}
|
||||
}
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("API Root Context = " + rootContext);
|
||||
}
|
||||
}
|
||||
|
||||
Method[] annotatedMethods = clazz.getDeclaredMethods();
|
||||
apiPermissions = getApiResources(rootContext, annotatedMethods);
|
||||
} catch (Throwable throwable) {
|
||||
log.error("Error encountered while scanning for annotations", throwable);
|
||||
}
|
||||
}
|
||||
} catch (ClassNotFoundException e) {
|
||||
log.error("Error when passing the api annotation for device type apis.");
|
||||
}
|
||||
return apiPermissions;
|
||||
}
|
||||
});
|
||||
permissions.addAll(resourcePermissions);
|
||||
}
|
||||
}
|
||||
return permissions;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Get Resources for each API
|
||||
*
|
||||
* @param resourceRootContext
|
||||
* @param annotatedMethods
|
||||
* @return
|
||||
* @throws Throwable
|
||||
*/
|
||||
private List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission>
|
||||
getApiResources(String resourceRootContext, Method[] annotatedMethods) throws Throwable {
|
||||
|
||||
List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> permissions = new ArrayList<>();
|
||||
String subCtx;
|
||||
for (Method method : annotatedMethods) {
|
||||
Annotation[] annotations = method.getDeclaredAnnotations();
|
||||
org.wso2.carbon.device.mgt.common.permission.mgt.Permission permission =
|
||||
new org.wso2.carbon.device.mgt.common.permission.mgt.Permission();
|
||||
|
||||
if (isHttpMethodAvailable(annotations)) {
|
||||
Annotation methodContextAnno = method.getAnnotation(pathClazz);
|
||||
if (methodContextAnno != null) {
|
||||
subCtx = invokeMethod(pathClazzMethods[0], methodContextAnno, STRING);
|
||||
} else {
|
||||
subCtx = WILD_CARD;
|
||||
}
|
||||
permission.setContext(makeContextURLReady(resourceRootContext));
|
||||
permission.setUrlTemplate(makeContextURLReady(subCtx));
|
||||
|
||||
// this check is added to avoid url resolving conflict which happens due
|
||||
// to adding of '*' notation for dynamic path variables.
|
||||
if (WILD_CARD.equals(subCtx)) {
|
||||
subCtx = makeContextURLReady(resourceRootContext);
|
||||
} else {
|
||||
subCtx = makeContextURLReady(resourceRootContext) + makeContextURLReady(subCtx);
|
||||
}
|
||||
permission.setUrl(replaceDynamicPathVariables(subCtx));
|
||||
String httpMethod;
|
||||
for (int i = 0; i < annotations.length; i++) {
|
||||
httpMethod = getHTTPMethodAnnotation(annotations[i]);
|
||||
if (httpMethod != null) {
|
||||
permission.setMethod(httpMethod);
|
||||
break;
|
||||
}
|
||||
}
|
||||
permissions.add(permission);
|
||||
}
|
||||
}
|
||||
return permissions;
|
||||
}
|
||||
|
||||
/**
|
||||
* Read Method annotations indicating HTTP Methods
|
||||
* @param annotation
|
||||
*/
|
||||
private String getHTTPMethodAnnotation(Annotation annotation) {
|
||||
if (annotation.annotationType().getName().equals(GET.class.getName())) {
|
||||
return HttpMethod.GET;
|
||||
} else if (annotation.annotationType().getName().equals(POST.class.getName())) {
|
||||
return HttpMethod.POST;
|
||||
} else if (annotation.annotationType().getName().equals(OPTIONS.class.getName())) {
|
||||
return HttpMethod.OPTIONS;
|
||||
} else if (annotation.annotationType().getName().equals(DELETE.class.getName())) {
|
||||
return HttpMethod.DELETE;
|
||||
} else if (annotation.annotationType().getName().equals(PUT.class.getName())) {
|
||||
return HttpMethod.PUT;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
private boolean isHttpMethodAvailable(Annotation[] annotations) {
|
||||
for (Annotation annotation : annotations) {
|
||||
if (annotation.annotationType().getName().equals(GET.class.getName())) {
|
||||
return true;
|
||||
} else if (annotation.annotationType().getName().equals(POST.class.getName())) {
|
||||
return true;
|
||||
} else if (annotation.annotationType().getName().equals(OPTIONS.class.getName())) {
|
||||
return true;
|
||||
} else if (annotation.annotationType().getName().equals(DELETE.class.getName())) {
|
||||
return true;
|
||||
} else if (annotation.annotationType().getName().equals(PUT.class.getName())) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Append '/' to the context and make it URL ready
|
||||
*
|
||||
* @param context
|
||||
* @return
|
||||
*/
|
||||
private String makeContextURLReady(String context) {
|
||||
if (context != null && ! context.isEmpty()) {
|
||||
if (context.startsWith("/")) {
|
||||
return context;
|
||||
} else {
|
||||
return "/" + context;
|
||||
}
|
||||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
/**
|
||||
* When an annotation and method is passed, this method invokes that executes said method against the annotation
|
||||
*
|
||||
* @param method
|
||||
* @param annotation
|
||||
* @param returnType
|
||||
* @return
|
||||
* @throws Throwable
|
||||
*/
|
||||
private String invokeMethod(Method method, Annotation annotation, String returnType) throws Throwable {
|
||||
InvocationHandler methodHandler = Proxy.getInvocationHandler(annotation);
|
||||
switch (returnType) {
|
||||
case STRING:
|
||||
return (String) methodHandler.invoke(annotation, method, null);
|
||||
case STRING_ARR:
|
||||
return ((String[]) methodHandler.invoke(annotation, method, null))[0];
|
||||
default:
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Find the URL pointing to "/WEB-INF/classes" This method may not work in conjunction with IteratorFactory
|
||||
* if your servlet container does not extract the /WEB-INF/classes into a real file-based directory
|
||||
*
|
||||
* @param servletContext
|
||||
* @return null if cannot determin /WEB-INF/classes
|
||||
*/
|
||||
public static URL findWebInfClassesPath(ServletContext servletContext)
|
||||
{
|
||||
String path = servletContext.getRealPath("/WEB-INF/classes");
|
||||
if (path == null) return null;
|
||||
File fp = new File(path);
|
||||
if (fp.exists() == false) return null;
|
||||
try
|
||||
{
|
||||
URI uri = fp.toURI();
|
||||
return uri.toURL();
|
||||
}
|
||||
catch (MalformedURLException e)
|
||||
{
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
private String replaceDynamicPathVariables(String path) {
|
||||
StringBuilder replacedPath = new StringBuilder();
|
||||
StringTokenizer st = new StringTokenizer(path, URL_SEPARATOR);
|
||||
String currentToken;
|
||||
while (st.hasMoreTokens()) {
|
||||
currentToken = st.nextToken();
|
||||
if (currentToken.charAt(0) == '{') {
|
||||
if (currentToken.charAt(currentToken.length() - 1) == '}') {
|
||||
replacedPath.append(WILD_CARD);
|
||||
}
|
||||
} else {
|
||||
replacedPath.append(URL_SEPARATOR);
|
||||
replacedPath.append(currentToken);
|
||||
}
|
||||
}
|
||||
return replacedPath.toString();
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,92 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.core.config.permission;
|
||||
|
||||
import org.scannotation.AnnotationDB;
|
||||
import org.scannotation.archiveiterator.Filter;
|
||||
import org.scannotation.archiveiterator.StreamIterator;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.net.URL;
|
||||
|
||||
public class ExtendedAnnotationDB extends AnnotationDB {
|
||||
|
||||
public ExtendedAnnotationDB() {
|
||||
super();
|
||||
}
|
||||
|
||||
public void scanArchives(URL... urls) throws IOException {
|
||||
URL[] arr$ = urls;
|
||||
int len$ = urls.length;
|
||||
|
||||
for(int i$ = 0; i$ < len$; ++i$) {
|
||||
URL url = arr$[i$];
|
||||
Filter filter = new Filter() {
|
||||
public boolean accepts(String filename) {
|
||||
if(filename.endsWith(".class")) {
|
||||
if(filename.startsWith("/") || filename.startsWith("\\")) {
|
||||
filename = filename.substring(1);
|
||||
}
|
||||
|
||||
if(!ExtendedAnnotationDB.this.ignoreScan(filename.replace('/', '.'))) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
};
|
||||
StreamIterator it = ExtendedIteratorFactory.create(url, filter);
|
||||
|
||||
InputStream stream;
|
||||
while((stream = it.next()) != null) {
|
||||
this.scanClass(stream);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private boolean ignoreScan(String intf) {
|
||||
String[] arr$;
|
||||
int len$;
|
||||
int i$;
|
||||
String ignored;
|
||||
if(this.scanPackages != null) {
|
||||
arr$ = this.scanPackages;
|
||||
len$ = arr$.length;
|
||||
|
||||
for(i$ = 0; i$ < len$; ++i$) {
|
||||
ignored = arr$[i$];
|
||||
if(intf.startsWith(ignored + ".")) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
} else {
|
||||
arr$ = this.ignoredPackages;
|
||||
len$ = arr$.length;
|
||||
|
||||
for(i$ = 0; i$ < len$; ++i$) {
|
||||
ignored = arr$[i$];
|
||||
if(intf.startsWith(ignored + ".")) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,32 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.core.config.permission;
|
||||
|
||||
import org.scannotation.archiveiterator.*;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.net.URL;
|
||||
|
||||
public class ExtendedFileProtocolIteratorFactory implements DirectoryIteratorFactory {
|
||||
|
||||
@Override
|
||||
public StreamIterator create(URL url, Filter filter) throws IOException {
|
||||
File f = new File(java.net.URLDecoder.decode(url.getPath(), "UTF-8"));
|
||||
return f.isDirectory()?new FileIterator(f, filter):new JarIterator(url.openStream(), filter);
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,54 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.core.config.permission;
|
||||
|
||||
import org.scannotation.archiveiterator.DirectoryIteratorFactory;
|
||||
import org.scannotation.archiveiterator.Filter;
|
||||
import org.scannotation.archiveiterator.JarIterator;
|
||||
import org.scannotation.archiveiterator.StreamIterator;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.URL;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
public class ExtendedIteratorFactory {
|
||||
|
||||
private static final ConcurrentHashMap<String, DirectoryIteratorFactory> registry = new ConcurrentHashMap();
|
||||
|
||||
public static StreamIterator create(URL url, Filter filter) throws IOException {
|
||||
String urlString = url.toString();
|
||||
if(urlString.endsWith("!/")) {
|
||||
urlString = urlString.substring(4);
|
||||
urlString = urlString.substring(0, urlString.length() - 2);
|
||||
url = new URL(urlString);
|
||||
}
|
||||
|
||||
if(!urlString.endsWith("/")) {
|
||||
return new JarIterator(url.openStream(), filter);
|
||||
} else {
|
||||
DirectoryIteratorFactory factory = registry.get(url.getProtocol());
|
||||
if(factory == null) {
|
||||
throw new IOException("Unable to scan directory of protocol: " + url.getProtocol());
|
||||
} else {
|
||||
return factory.create(url, filter);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static {
|
||||
registry.put("file", new ExtendedFileProtocolIteratorFactory());
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,97 @@
|
||||
/*
|
||||
* Copyright (c) 2016 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.core.scope.mgt;
|
||||
|
||||
import org.wso2.carbon.apimgt.api.model.Scope;
|
||||
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
|
||||
import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAO;
|
||||
import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOException;
|
||||
import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOFactory;
|
||||
|
||||
import java.lang.annotation.Inherited;
|
||||
import java.sql.SQLException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This is an implementation of a Scope Management Service.
|
||||
*/
|
||||
public class ScopeManagementServiceImpl implements ScopeManagementService {
|
||||
|
||||
private ScopeManagementDAO scopeManagementDAO;
|
||||
|
||||
public ScopeManagementServiceImpl() {
|
||||
this.scopeManagementDAO = ScopeManagementDAOFactory.getScopeManagementDAO();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateScopes(List<Scope> scopes) throws ScopeManagementException {
|
||||
try{
|
||||
ScopeManagementDAOFactory.beginTransaction();
|
||||
scopeManagementDAO.updateScopes(scopes);
|
||||
ScopeManagementDAOFactory.commitTransaction();
|
||||
} catch (TransactionManagementException e) {
|
||||
ScopeManagementDAOFactory.rollbackTransaction();
|
||||
throw new ScopeManagementException("Transactional error occurred while adding the scopes.", e);
|
||||
} catch (ScopeManagementDAOException e) {
|
||||
ScopeManagementDAOFactory.rollbackTransaction();
|
||||
throw new ScopeManagementException("Error occurred while adding the scopes to database.", e);
|
||||
} finally {
|
||||
ScopeManagementDAOFactory.closeConnection();
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<Scope> getAllScopes() throws ScopeManagementException {
|
||||
List<Scope> scopes = new ArrayList<>();
|
||||
try{
|
||||
ScopeManagementDAOFactory.openConnection();
|
||||
scopes = scopeManagementDAO.getAllScopes();
|
||||
} catch (SQLException e) {
|
||||
throw new ScopeManagementException("SQL error occurred while retrieving scopes from database.", e);
|
||||
} catch (ScopeManagementDAOException e) {
|
||||
throw new ScopeManagementException("Error occurred while retrieving scopes from database.", e);
|
||||
} finally {
|
||||
ScopeManagementDAOFactory.closeConnection();
|
||||
}
|
||||
return scopes;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getRolesOfScope(String scopeKey) throws ScopeManagementException {
|
||||
String roles;
|
||||
if (scopeKey == null || scopeKey.isEmpty()) {
|
||||
throw new ScopeManagementException("Scope key is null or empty");
|
||||
}
|
||||
try {
|
||||
ScopeManagementDAOFactory.openConnection();
|
||||
roles = scopeManagementDAO.getRolesOfScope(scopeKey);
|
||||
} catch (SQLException e) {
|
||||
throw new ScopeManagementException("SQL error occurred while retrieving roles of scope from database.", e);
|
||||
} catch (ScopeManagementDAOException e) {
|
||||
throw new ScopeManagementException("Error occurred while retrieving roles of scope from database.", e);
|
||||
} finally {
|
||||
ScopeManagementDAOFactory.closeConnection();
|
||||
}
|
||||
return roles;
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,54 @@
|
||||
/*
|
||||
* Copyright (c) 2016 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.core.scope.mgt.dao;
|
||||
|
||||
import org.wso2.carbon.apimgt.api.model.Scope;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This interface contains the basic database operations related to scope management.
|
||||
*/
|
||||
public interface ScopeManagementDAO {
|
||||
|
||||
/**
|
||||
* This method is used to update the list of scopes.
|
||||
*
|
||||
* @param scopes List of scopes to be updated.
|
||||
* @throws ScopeManagementDAOException
|
||||
*/
|
||||
void updateScopes(List<Scope> scopes) throws ScopeManagementDAOException;
|
||||
|
||||
/**
|
||||
* This method is used to retrieve all the scopes.
|
||||
*
|
||||
* @return List of scopes.
|
||||
* @throws ScopeManagementDAOException
|
||||
*/
|
||||
List<Scope> getAllScopes() throws ScopeManagementDAOException;
|
||||
|
||||
/**
|
||||
* This method is to retrieve the roles of the given scope
|
||||
* @param scopeKey key of the scope
|
||||
* @return List of roles
|
||||
* @throws ScopeManagementDAOException
|
||||
*/
|
||||
String getRolesOfScope(String scopeKey) throws ScopeManagementDAOException;
|
||||
|
||||
}
|
||||
@ -0,0 +1,57 @@
|
||||
/*
|
||||
* Copyright (c) 2016 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.core.scope.mgt.dao;
|
||||
|
||||
public class ScopeManagementDAOException extends Exception {
|
||||
|
||||
private static final long serialVersionUID = -315127931137771199L;
|
||||
|
||||
private String errorMessage;
|
||||
|
||||
public String getErrorMessage() {
|
||||
return errorMessage;
|
||||
}
|
||||
|
||||
public void setErrorMessage(String errorMessage) {
|
||||
this.errorMessage = errorMessage;
|
||||
}
|
||||
|
||||
public ScopeManagementDAOException(String msg, Exception nestedEx) {
|
||||
super(msg, nestedEx);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public ScopeManagementDAOException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
setErrorMessage(message);
|
||||
}
|
||||
|
||||
public ScopeManagementDAOException(String msg) {
|
||||
super(msg);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public ScopeManagementDAOException() {
|
||||
super();
|
||||
}
|
||||
|
||||
public ScopeManagementDAOException(Throwable cause) {
|
||||
super(cause);
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,139 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.core.scope.mgt.dao;
|
||||
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.device.mgt.common.IllegalTransactionStateException;
|
||||
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
|
||||
import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil;
|
||||
import org.wso2.carbon.device.mgt.core.scope.mgt.dao.impl.ScopeManagementDAOImpl;
|
||||
|
||||
import javax.sql.DataSource;
|
||||
import java.sql.Connection;
|
||||
import java.sql.SQLException;
|
||||
|
||||
public class ScopeManagementDAOFactory {
|
||||
|
||||
private static final Log log = LogFactory.getLog(ScopeManagementDAOFactory.class);
|
||||
private static DataSource dataSource;
|
||||
private static String databaseEngine;
|
||||
private static ThreadLocal<Connection> currentConnection = new ThreadLocal<Connection>();
|
||||
|
||||
public static ScopeManagementDAO getScopeManagementDAO() {
|
||||
return new ScopeManagementDAOImpl();
|
||||
}
|
||||
|
||||
public static void init(String dataSourceName) {
|
||||
dataSource = resolveDataSource(dataSourceName);
|
||||
try {
|
||||
databaseEngine = dataSource.getConnection().getMetaData().getDatabaseProductName();
|
||||
} catch (SQLException e) {
|
||||
log.error("Error occurred while retrieving config.datasource connection", e);
|
||||
}
|
||||
}
|
||||
|
||||
public static void beginTransaction() throws TransactionManagementException {
|
||||
try {
|
||||
Connection conn = dataSource.getConnection();
|
||||
conn.setAutoCommit(false);
|
||||
currentConnection.set(conn);
|
||||
} catch (SQLException e) {
|
||||
throw new TransactionManagementException(
|
||||
"Error occurred while retrieving config.datasource connection", e);
|
||||
}
|
||||
}
|
||||
|
||||
public static void openConnection() throws SQLException {
|
||||
currentConnection.set(dataSource.getConnection());
|
||||
}
|
||||
|
||||
public static Connection getConnection() throws SQLException {
|
||||
if (currentConnection.get() == null) {
|
||||
throw new IllegalTransactionStateException("No connection is associated with the current transaction. " +
|
||||
"This might have ideally caused by not properly initiating the transaction via " +
|
||||
"'beginTransaction'/'openConnection' methods");
|
||||
}
|
||||
return currentConnection.get();
|
||||
}
|
||||
|
||||
public static void closeConnection() {
|
||||
Connection con = currentConnection.get();
|
||||
if (con != null) {
|
||||
try {
|
||||
con.close();
|
||||
} catch (SQLException e) {
|
||||
log.error("Error occurred while close the connection");
|
||||
}
|
||||
currentConnection.remove();
|
||||
}
|
||||
}
|
||||
|
||||
public static void commitTransaction() {
|
||||
try {
|
||||
Connection conn = currentConnection.get();
|
||||
if (conn != null) {
|
||||
conn.commit();
|
||||
} else {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Datasource connection associated with the current thread is null, hence commit " +
|
||||
"has not been attempted");
|
||||
}
|
||||
}
|
||||
} catch (SQLException e) {
|
||||
log.error("Error occurred while committing the transaction", e);
|
||||
}
|
||||
}
|
||||
|
||||
public static void rollbackTransaction() {
|
||||
try {
|
||||
Connection conn = currentConnection.get();
|
||||
if (conn != null) {
|
||||
conn.rollback();
|
||||
} else {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Datasource connection associated with the current thread is null, hence rollback " +
|
||||
"has not been attempted");
|
||||
}
|
||||
}
|
||||
} catch (SQLException e) {
|
||||
log.error("Error occurred while roll-backing the transaction", e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Resolve data source from the data source name.
|
||||
*
|
||||
* @param dataSourceName data source name
|
||||
* @return data source resolved from the data source definition
|
||||
*/
|
||||
private static DataSource resolveDataSource(String dataSourceName) {
|
||||
DataSource dataSource;
|
||||
if (dataSourceName == null || dataSourceName.isEmpty()) {
|
||||
throw new RuntimeException("Scope Management Repository data source configuration is null and " +
|
||||
"thus, is not initialized");
|
||||
}
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Initializing Scope Management Repository data source using the JNDI Lookup Definition");
|
||||
}
|
||||
dataSource = DeviceManagementDAOUtil.lookupDataSource(dataSourceName, null);
|
||||
return dataSource;
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,57 @@
|
||||
/*
|
||||
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.core.scope.mgt.dao;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
import java.sql.Statement;
|
||||
|
||||
public class ScopeManagementDAOUtil {
|
||||
|
||||
private static final Log log = LogFactory.getLog(ScopeManagementDAOUtil.class);
|
||||
|
||||
public static void cleanupResources(Statement stmt, ResultSet rs) {
|
||||
if (rs != null) {
|
||||
try {
|
||||
rs.close();
|
||||
} catch (SQLException e) {
|
||||
log.warn("Error occurred while closing the result set", e);
|
||||
}
|
||||
}
|
||||
if (stmt != null) {
|
||||
try {
|
||||
stmt.close();
|
||||
} catch (SQLException e) {
|
||||
log.warn("Error occurred while closing the statement", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
public static void cleanupResources(Statement stmt) {
|
||||
if (stmt != null) {
|
||||
try {
|
||||
stmt.close();
|
||||
} catch (SQLException e) {
|
||||
log.warn("Error occurred while closing the statement", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,121 @@
|
||||
/*
|
||||
* Copyright (c) 2016 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.device.mgt.core.scope.mgt.dao.impl;
|
||||
|
||||
import org.wso2.carbon.apimgt.api.model.Scope;
|
||||
import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAO;
|
||||
import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOException;
|
||||
import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOFactory;
|
||||
import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOUtil;
|
||||
|
||||
import java.sql.Connection;
|
||||
import java.sql.PreparedStatement;
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
public class ScopeManagementDAOImpl implements ScopeManagementDAO {
|
||||
|
||||
@Override
|
||||
public void updateScopes(List<Scope> scopes) throws ScopeManagementDAOException {
|
||||
Connection conn;
|
||||
PreparedStatement stmt = null;
|
||||
ResultSet rs = null;
|
||||
|
||||
try {
|
||||
conn = this.getConnection();
|
||||
String sql = "UPDATE IDN_OAUTH2_SCOPE SET ROLES=? WHERE SCOPE_KEY=?";
|
||||
stmt = conn.prepareStatement(sql);
|
||||
|
||||
// creating a batch request
|
||||
for (Scope scope : scopes) {
|
||||
stmt.setString(1, scope.getRoles());
|
||||
stmt.setString(2, scope.getKey());
|
||||
stmt.addBatch();
|
||||
}
|
||||
stmt.executeBatch();
|
||||
} catch (SQLException e) {
|
||||
throw new ScopeManagementDAOException("Error occurred while updating the details of the scopes.", e);
|
||||
} finally {
|
||||
ScopeManagementDAOUtil.cleanupResources(stmt, rs);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
public List<Scope> getAllScopes() throws ScopeManagementDAOException {
|
||||
Connection conn;
|
||||
PreparedStatement stmt = null;
|
||||
ResultSet rs = null;
|
||||
List<Scope> scopes = new ArrayList<>();
|
||||
Scope scope;
|
||||
|
||||
try {
|
||||
conn = this.getConnection();
|
||||
String sql = "SELECT * FROM IDN_OAUTH2_SCOPE";
|
||||
stmt = conn.prepareStatement(sql);
|
||||
rs = stmt.executeQuery();
|
||||
|
||||
while (rs.next()) {
|
||||
scope = new Scope();
|
||||
scope.setKey(rs.getString("SCOPE_KEY"));
|
||||
scope.setName(rs.getString("NAME"));
|
||||
scope.setDescription(rs.getString("DESCRIPTION"));
|
||||
scope.setRoles(rs.getString("ROLES"));
|
||||
scopes.add(scope);
|
||||
}
|
||||
return scopes;
|
||||
} catch (SQLException e) {
|
||||
throw new ScopeManagementDAOException("Error occurred while fetching the details of the scopes.", e);
|
||||
} finally {
|
||||
ScopeManagementDAOUtil.cleanupResources(stmt, rs);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getRolesOfScope(String scopeKey) throws ScopeManagementDAOException {
|
||||
Connection conn;
|
||||
PreparedStatement stmt = null;
|
||||
ResultSet rs = null;
|
||||
String roles = null;
|
||||
|
||||
try {
|
||||
conn = this.getConnection();
|
||||
String sql = "SELECT ROLES FROM IDN_OAUTH2_SCOPE WHERE SCOPE_KEY = ?";
|
||||
stmt = conn.prepareStatement(sql);
|
||||
stmt.setString(1, scopeKey);
|
||||
rs = stmt.executeQuery();
|
||||
|
||||
if (rs.next()) {
|
||||
roles = rs.getString("ROLES");
|
||||
}
|
||||
return roles;
|
||||
} catch (SQLException e) {
|
||||
throw new ScopeManagementDAOException("Error occurred while fetching the details of the scopes.", e);
|
||||
} finally {
|
||||
ScopeManagementDAOUtil.cleanupResources(stmt, rs);
|
||||
}
|
||||
}
|
||||
|
||||
private Connection getConnection() throws SQLException {
|
||||
return ScopeManagementDAOFactory.getConnection();
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,241 @@
|
||||
################################################################################
|
||||
# Copyright 2015 WSO2, Inc. (http://wso2.com)
|
||||
#
|
||||
# WSO2 Inc. Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
################################################################################
|
||||
|
||||
providerName=WSO2 Inc.
|
||||
|
||||
########################## license properties ##################################
|
||||
licenseURL=http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
license=\
|
||||
Apache License\n\
|
||||
Version 2.0, January 2004\n\
|
||||
http://www.apache.org/licenses/\n\
|
||||
\n\
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\
|
||||
\n\
|
||||
1. Definitions.\n\
|
||||
\n\
|
||||
"License" shall mean the terms and conditions for use, reproduction,\n\
|
||||
and distribution as defined by Sections 1 through 9 of this document.\n\
|
||||
\n\
|
||||
"Licensor" shall mean the copyright owner or entity authorized by\n\
|
||||
the copyright owner that is granting the License.\n\
|
||||
\n\
|
||||
"Legal Entity" shall mean the union of the acting entity and all\n\
|
||||
other entities that control, are controlled by, or are under common\n\
|
||||
control with that entity. For the purposes of this definition,\n\
|
||||
"control" means (i) the power, direct or indirect, to cause the\n\
|
||||
direction or management of such entity, whether by contract or\n\
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the\n\
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.\n\
|
||||
\n\
|
||||
"You" (or "Your") shall mean an individual or Legal Entity\n\
|
||||
exercising permissions granted by this License.\n\
|
||||
\n\
|
||||
"Source" form shall mean the preferred form for making modifications,\n\
|
||||
including but not limited to software source code, documentation\n\
|
||||
source, and configuration files.\n\
|
||||
\n\
|
||||
"Object" form shall mean any form resulting from mechanical\n\
|
||||
transformation or translation of a Source form, including but\n\
|
||||
not limited to compiled object code, generated documentation,\n\
|
||||
and conversions to other media types.\n\
|
||||
\n\
|
||||
"Work" shall mean the work of authorship, whether in Source or\n\
|
||||
Object form, made available under the License, as indicated by a\n\
|
||||
copyright notice that is included in or attached to the work\n\
|
||||
(an example is provided in the Appendix below).\n\
|
||||
\n\
|
||||
"Derivative Works" shall mean any work, whether in Source or Object\n\
|
||||
form, that is based on (or derived from) the Work and for which the\n\
|
||||
editorial revisions, annotations, elaborations, or other modifications\n\
|
||||
represent, as a whole, an original work of authorship. For the purposes\n\
|
||||
of this License, Derivative Works shall not include works that remain\n\
|
||||
separable from, or merely link (or bind by name) to the interfaces of,\n\
|
||||
the Work and Derivative Works thereof.\n\
|
||||
\n\
|
||||
"Contribution" shall mean any work of authorship, including\n\
|
||||
the original version of the Work and any modifications or additions\n\
|
||||
to that Work or Derivative Works thereof, that is intentionally\n\
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner\n\
|
||||
or by an individual or Legal Entity authorized to submit on behalf of\n\
|
||||
the copyright owner. For the purposes of this definition, "submitted"\n\
|
||||
means any form of electronic, verbal, or written communication sent\n\
|
||||
to the Licensor or its representatives, including but not limited to\n\
|
||||
communication on electronic mailing lists, source code control systems,\n\
|
||||
and issue tracking systems that are managed by, or on behalf of, the\n\
|
||||
Licensor for the purpose of discussing and improving the Work, but\n\
|
||||
excluding communication that is conspicuously marked or otherwise\n\
|
||||
designated in writing by the copyright owner as "Not a Contribution."\n\
|
||||
\n\
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity\n\
|
||||
on behalf of whom a Contribution has been received by Licensor and\n\
|
||||
subsequently incorporated within the Work.\n\
|
||||
\n\
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of\n\
|
||||
this License, each Contributor hereby grants to You a perpetual,\n\
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n\
|
||||
copyright license to reproduce, prepare Derivative Works of,\n\
|
||||
publicly display, publicly perform, sublicense, and distribute the\n\
|
||||
Work and such Derivative Works in Source or Object form.\n\
|
||||
\n\
|
||||
3. Grant of Patent License. Subject to the terms and conditions of\n\
|
||||
this License, each Contributor hereby grants to You a perpetual,\n\
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n\
|
||||
(except as stated in this section) patent license to make, have made,\n\
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,\n\
|
||||
where such license applies only to those patent claims licensable\n\
|
||||
by such Contributor that are necessarily infringed by their\n\
|
||||
Contribution(s) alone or by combination of their Contribution(s)\n\
|
||||
with the Work to which such Contribution(s) was submitted. If You\n\
|
||||
institute patent litigation against any entity (including a\n\
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work\n\
|
||||
or a Contribution incorporated within the Work constitutes direct\n\
|
||||
or contributory patent infringement, then any patent licenses\n\
|
||||
granted to You under this License for that Work shall terminate\n\
|
||||
as of the date such litigation is filed.\n\
|
||||
\n\
|
||||
4. Redistribution. You may reproduce and distribute copies of the\n\
|
||||
Work or Derivative Works thereof in any medium, with or without\n\
|
||||
modifications, and in Source or Object form, provided that You\n\
|
||||
meet the following conditions:\n\
|
||||
\n\
|
||||
(a) You must give any other recipients of the Work or\n\
|
||||
Derivative Works a copy of this License; and\n\
|
||||
\n\
|
||||
(b) You must cause any modified files to carry prominent notices\n\
|
||||
stating that You changed the files; and\n\
|
||||
\n\
|
||||
(c) You must retain, in the Source form of any Derivative Works\n\
|
||||
that You distribute, all copyright, patent, trademark, and\n\
|
||||
attribution notices from the Source form of the Work,\n\
|
||||
excluding those notices that do not pertain to any part of\n\
|
||||
the Derivative Works; and\n\
|
||||
\n\
|
||||
(d) If the Work includes a "NOTICE" text file as part of its\n\
|
||||
distribution, then any Derivative Works that You distribute must\n\
|
||||
include a readable copy of the attribution notices contained\n\
|
||||
within such NOTICE file, excluding those notices that do not\n\
|
||||
pertain to any part of the Derivative Works, in at least one\n\
|
||||
of the following places: within a NOTICE text file distributed\n\
|
||||
as part of the Derivative Works; within the Source form or\n\
|
||||
documentation, if provided along with the Derivative Works; or,\n\
|
||||
within a display generated by the Derivative Works, if and\n\
|
||||
wherever such third-party notices normally appear. The contents\n\
|
||||
of the NOTICE file are for informational purposes only and\n\
|
||||
do not modify the License. You may add Your own attribution\n\
|
||||
notices within Derivative Works that You distribute, alongside\n\
|
||||
or as an addendum to the NOTICE text from the Work, provided\n\
|
||||
that such additional attribution notices cannot be construed\n\
|
||||
as modifying the License.\n\
|
||||
\n\
|
||||
You may add Your own copyright statement to Your modifications and\n\
|
||||
may provide additional or different license terms and conditions\n\
|
||||
for use, reproduction, or distribution of Your modifications, or\n\
|
||||
for any such Derivative Works as a whole, provided Your use,\n\
|
||||
reproduction, and distribution of the Work otherwise complies with\n\
|
||||
the conditions stated in this License.\n\
|
||||
\n\
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,\n\
|
||||
any Contribution intentionally submitted for inclusion in the Work\n\
|
||||
by You to the Licensor shall be under the terms and conditions of\n\
|
||||
this License, without any additional terms or conditions.\n\
|
||||
Notwithstanding the above, nothing herein shall supersede or modify\n\
|
||||
the terms of any separate license agreement you may have executed\n\
|
||||
with Licensor regarding such Contributions.\n\
|
||||
\n\
|
||||
6. Trademarks. This License does not grant permission to use the trade\n\
|
||||
names, trademarks, service marks, or product names of the Licensor,\n\
|
||||
except as required for reasonable and customary use in describing the\n\
|
||||
origin of the Work and reproducing the content of the NOTICE file.\n\
|
||||
\n\
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or\n\
|
||||
agreed to in writing, Licensor provides the Work (and each\n\
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,\n\
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n\
|
||||
implied, including, without limitation, any warranties or conditions\n\
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n\
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the\n\
|
||||
appropriateness of using or redistributing the Work and assume any\n\
|
||||
risks associated with Your exercise of permissions under this License.\n\
|
||||
\n\
|
||||
8. Limitation of Liability. In no event and under no legal theory,\n\
|
||||
whether in tort (including negligence), contract, or otherwise,\n\
|
||||
unless required by applicable law (such as deliberate and grossly\n\
|
||||
negligent acts) or agreed to in writing, shall any Contributor be\n\
|
||||
liable to You for damages, including any direct, indirect, special,\n\
|
||||
incidental, or consequential damages of any character arising as a\n\
|
||||
result of this License or out of the use or inability to use the\n\
|
||||
Work (including but not limited to damages for loss of goodwill,\n\
|
||||
work stoppage, computer failure or malfunction, or any and all\n\
|
||||
other commercial damages or losses), even if such Contributor\n\
|
||||
has been advised of the possibility of such damages.\n\
|
||||
\n\
|
||||
9. Accepting Warranty or Additional Liability. While redistributing\n\
|
||||
the Work or Derivative Works thereof, You may choose to offer,\n\
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,\n\
|
||||
or other liability obligations and/or rights consistent with this\n\
|
||||
License. However, in accepting such obligations, You may act only\n\
|
||||
on Your own behalf and on Your sole responsibility, not on behalf\n\
|
||||
of any other Contributor, and only if You agree to indemnify,\n\
|
||||
defend, and hold each Contributor harmless for any liability\n\
|
||||
incurred by, or claims asserted against, such Contributor by reason\n\
|
||||
of your accepting any such warranty or additional liability.\n\
|
||||
\n\
|
||||
END OF TERMS AND CONDITIONS\n\
|
||||
\n\
|
||||
APPENDIX: How to apply the Apache License to your work.\n\
|
||||
\n\
|
||||
To apply the Apache License to your work, attach the following\n\
|
||||
boilerplate notice, with the fields enclosed by brackets "[]"\n\
|
||||
replaced with your own identifying information. (Don't include\n\
|
||||
the brackets!) The text should be enclosed in the appropriate\n\
|
||||
comment syntax for the file format. We also recommend that a\n\
|
||||
file or class name and description of purpose be included on the\n\
|
||||
same "printed page" as the copyright notice for easier\n\
|
||||
identification within third-party archives.\n\
|
||||
\n\
|
||||
Copyright [yyyy] [name of copyright owner]\n\
|
||||
\n\
|
||||
Licensed under the Apache License, Version 2.0 (the "License");\n\
|
||||
you may not use this file except in compliance with the License.\n\
|
||||
You may obtain a copy of the License at\n\
|
||||
\n\
|
||||
http://www.apache.org/licenses/LICENSE-2.0\n\
|
||||
\n\
|
||||
Unless required by applicable law or agreed to in writing, software\n\
|
||||
distributed under the License is distributed on an "AS IS" BASIS,\n\
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n\
|
||||
See the License for the specific language governing permissions and\n\
|
||||
limitations under the License.\n
|
||||
|
||||
######################### copyright properties #################################
|
||||
copyrightURL=TODO
|
||||
|
||||
copyright=\
|
||||
Copyright (c) WSO2 Inc. (http://wso2.com)\n\
|
||||
\n\
|
||||
WSO2 Inc. Licensed under the Apache License, Version 2.0 (the "License");\n\
|
||||
you may not use this file except in compliance with the License.\n\
|
||||
You may obtain a copy of the License at\n\
|
||||
\n\
|
||||
http://www.apache.org/licenses/LICENSE-2.0\n\
|
||||
\n\
|
||||
Unless required by applicable law or agreed to in writing, software\n\
|
||||
distributed under the License is distributed on an "AS IS" BASIS,\n\
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n\
|
||||
See the License for the specific language governing permissions and\n\
|
||||
limitations under the License.\n
|
||||
Loading…
Reference in new issue