diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/RoleInfo.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/RoleInfo.java index 701d3411335..94658cd1323 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/RoleInfo.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/RoleInfo.java @@ -30,8 +30,8 @@ public class RoleInfo { @ApiModelProperty(name = "roleName", value = "The name of the role.", required = true) private String roleName; @ApiModelProperty(name = "scopes", value = "Lists out all the scopes associated with roles.", - required = true, dataType = "List[org.wso2.carbon.device.mgt.jaxrs.beans.Scope]") - private List scopes; + required = true, dataType = "List[java.lang.String]") + private List scopes; @ApiModelProperty(name = "users", value = "The list of users assigned to the selected role.", required = true, dataType = "List[java.lang.String]") private String[] users; @@ -44,11 +44,11 @@ public class RoleInfo { this.roleName = roleName; } - public List getScopes() { + public List getScopes() { return scopes; } - public void setScopes(List scopes) { + public void setScopes(List scopes) { this.scopes = scopes; } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java index 83b8e5851f6..b85b605ead0 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java @@ -166,55 +166,6 @@ public interface RoleManagementService { required = false) @HeaderParam("If-Modified-Since") String ifModifiedSince); - @PUT - @Path("/scopes") - @ApiOperation( - produces = MediaType.APPLICATION_JSON, - httpMethod = "PUT", - value = "Updating authorization scopes.", - notes = "This REST API can be used to update the associated roles of the scopes", - tags = "Role Management" - ) - @ApiResponses(value = { - @ApiResponse( - code = 200, - message = "OK. \n Scopes has been updated successfully", - responseHeaders = { - @ResponseHeader( - name = "Content-Type", - description = "Content type of the body"), - @ResponseHeader( - name = "ETag", - description = "Entity Tag of the response resource.\n" + - "Used by caches, or in conditional requests."), - @ResponseHeader( - name = "Last-Modified", - description = "Date and time the resource has been modified the last time.\n" + - "Used by caches, or in conditional requests.")}), - @ApiResponse( - code = 400, - message = "Bad Request. \n Invalid request or validation error.", - response = ErrorResponse.class), - @ApiResponse( - code = 404, - message = "Not Found. \n Scopes to be updated does not exist.", - response = ErrorResponse.class), - @ApiResponse( - code = 415, - message = "Unsupported media type. \n The entity of the request was in a not supported format.", - response = ErrorResponse.class), - @ApiResponse( - code = 500, - message = "Internal Server Error. \n Server error occurred while updating the scopes.", - response = ErrorResponse.class) - }) - @org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "") - Response updateScopes( - @ApiParam( - name = "Scopes", - value = "List of scopes to be updated", - required = true) List scopes); - @GET @Path("/{roleName}") @ApiOperation( @@ -418,11 +369,7 @@ public interface RoleManagementService { name = "roleName", value = "Name of the role to de deleted.", required = true) - @PathParam("roleName") String roleName, - @ApiParam( - name = "role", - value = "Details about the role to be added.", - required = true) RoleInfo role); + @PathParam("roleName") String roleName); @PUT @Path("/{roleName}/users") diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java index 37fe8b214e4..fa7560702cb 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java @@ -112,27 +112,6 @@ public class RoleManagementServiceImpl implements RoleManagementService { } } - @PUT - @Path("/scopes") - @Override - public Response updateScopes(List scopes) { - RequestValidationUtil.validateScopes(scopes); - try { - ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService(); - if (scopeManagementService == null) { - log.error("Scope management service initialization is failed, hence scopes will not be retrieved"); - } else { - scopeManagementService.updateScopes(DeviceMgtUtil.convertScopestoAPIScopes(scopes)); - } - return Response.status(Response.Status.OK).entity("Scopes has been successfully updated").build(); - } catch (ScopeManagementException e) { - String msg = "Error occurred while updating the scopes"; - log.error(msg, e); - return Response.serverError().entity( - new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); - } - } - @GET @Path("/{roleName}") @Override @@ -143,6 +122,7 @@ public class RoleManagementServiceImpl implements RoleManagementService { } RequestValidationUtil.validateRoleName(roleName); RoleInfo roleInfo = new RoleInfo(); + List scopes = new ArrayList<>(); try { final UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager(); if (!userStoreManager.isExistingRole(roleName)) { @@ -150,15 +130,26 @@ public class RoleManagementServiceImpl implements RoleManagementService { new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" + roleName + "'").build()).build(); } + ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService(); + if (scopeManagementService == null) { + log.error("Scope management service initialization is failed, hence scopes will not be retrieved"); + } else { + scopes = DeviceMgtUtil.convertAPIScopesToScopeKeys(scopeManagementService.getScopesOfRole(roleName)); + } roleInfo.setRoleName(roleName); roleInfo.setUsers(userStoreManager.getUserListOfRole(roleName)); - + roleInfo.setScopes(scopes); return Response.status(Response.Status.OK).entity(roleInfo).build(); } catch (UserStoreException e) { String msg = "Error occurred while retrieving the user role '" + roleName + "'"; log.error(msg, e); return Response.serverError().entity( new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); + } catch (ScopeManagementException e) { + String msg = "Error occurred while retrieving the scopes"; + log.error(msg, e); + return Response.serverError().entity( + new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); } } @@ -234,7 +225,7 @@ public class RoleManagementServiceImpl implements RoleManagementService { if (scopeManagementService == null) { log.error("Scope management service initialization is failed, hence scopes will not be updated"); } else { - scopeManagementService.updateScopes(DeviceMgtUtil.convertScopestoAPIScopes(roleInfo.getScopes())); + scopeManagementService.updateScopes(roleInfo.getScopes(), roleName); } } //TODO: Need to send the updated role information in the entity back to the client @@ -256,9 +247,8 @@ public class RoleManagementServiceImpl implements RoleManagementService { @DELETE @Path("/{roleName}") @Override - public Response deleteRole(@PathParam("roleName") String roleName, RoleInfo roleInfo) { + public Response deleteRole(@PathParam("roleName") String roleName) { RequestValidationUtil.validateRoleName(roleName); - RequestValidationUtil.validateScopes(roleInfo.getScopes()); try { final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm(); @@ -277,22 +267,23 @@ public class RoleManagementServiceImpl implements RoleManagementService { // Delete all authorizations for the current role before deleting authorizationManager.clearRoleAuthorization(roleName); - //updating scopes + //removing scopes ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService(); if (scopeManagementService == null) { log.error("Scope management service initialization is failed, hence scopes will not be updated"); } else { - scopeManagementService.updateScopes(DeviceMgtUtil.convertScopestoAPIScopes(roleInfo.getScopes())); + scopeManagementService.removeScopes(roleName); } - return Response.status(Response.Status.OK).build(); + return Response.status(Response.Status.OK).entity("Role '" + roleName + "' has " + + "successfully been deleted").build(); } catch (UserStoreException e) { String msg = "Error occurred while deleting the role '" + roleName + "'"; log.error(msg, e); return Response.serverError().entity( new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); } catch (ScopeManagementException e) { - String msg = "Error occurred while updating scopes of role '" + roleName + "'"; + String msg = "Error occurred while deleting scopes of role '" + roleName + "'"; log.error(msg, e); return Response.serverError().entity( new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtUtil.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtUtil.java index 0c198a15878..403f8369901 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtUtil.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtUtil.java @@ -65,15 +65,13 @@ public class DeviceMgtUtil { } - public static List convertScopestoAPIScopes(List scopes) { + public static List convertScopesListToAPIScopes(List scopes, String roleName) { List convertedScopes = new ArrayList<>(); Scope convertedScope; - for (org.wso2.carbon.device.mgt.jaxrs.beans.Scope scope : scopes) { + for (String scope : scopes) { convertedScope = new Scope(); - convertedScope.setKey(scope.getKey()); - convertedScope.setName(scope.getName()); - convertedScope.setDescription(scope.getDescription()); - convertedScope.setRoles(scope.getRoles()); + convertedScope.setKey(scope); + convertedScope.setRoles(roleName); convertedScopes.add(convertedScope); } return convertedScopes; @@ -87,12 +85,18 @@ public class DeviceMgtUtil { convertedScope.setKey(scope.getKey()); convertedScope.setName(scope.getName()); convertedScope.setDescription(scope.getDescription()); - convertedScope.setRoles(scope.getRoles()); convertedScopes.add(convertedScope); } return convertedScopes; } + public static List convertAPIScopesToScopeKeys(List scopes) { + List convertedScopes = new ArrayList<>(); + for (Scope scope : scopes) { + convertedScopes.add(scope.getKey()); + } + return convertedScopes; + } /** * Returns a new BadRequestException * diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementService.java index b90011aaf01..2d60dbd1f05 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementService.java @@ -34,6 +34,15 @@ public interface ScopeManagementService { */ void updateScopes(List scopes) throws ScopeManagementException; + /** + * This method is used to update the given list of scopes keys with the role name. + * + * @param scopeKeys List of scopes to be updated. + * @param roleName Role name + * @throws ScopeManagementException + */ + void updateScopes(List scopeKeys, String roleName) throws ScopeManagementException; + /** * This method is used to retrieve all the scopes. * @@ -50,4 +59,20 @@ public interface ScopeManagementService { */ String getRolesOfScope(String scopeKey) throws ScopeManagementException; + /** + * This method is to retrieve the scopes of the given role + * @param roleName key of the scope + * @return List of scopes + * @throws ScopeManagementException + */ + List getScopesOfRole(String roleName) throws ScopeManagementException; + + /** + * This method is used to remove the scopes of a given user role. + * + * @param roleName Role name + * @throws ScopeManagementException + */ + void removeScopes(String roleName) throws ScopeManagementException; + } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/ScopeManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/ScopeManagementServiceImpl.java index 59418e760fa..e476fc5cad0 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/ScopeManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/ScopeManagementServiceImpl.java @@ -18,6 +18,7 @@ package org.wso2.carbon.device.mgt.core.scope.mgt; +import org.apache.commons.lang.StringUtils; import org.wso2.carbon.apimgt.api.model.Scope; import org.wso2.carbon.device.mgt.common.TransactionManagementException; import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException; @@ -44,7 +45,34 @@ public class ScopeManagementServiceImpl implements ScopeManagementService { @Override public void updateScopes(List scopes) throws ScopeManagementException { - try{ + try { + ScopeManagementDAOFactory.beginTransaction(); + scopeManagementDAO.updateScopes(scopes); + ScopeManagementDAOFactory.commitTransaction(); + } catch (TransactionManagementException e) { + ScopeManagementDAOFactory.rollbackTransaction(); + throw new ScopeManagementException("Transactional error occurred while adding the scopes.", e); + } catch (ScopeManagementDAOException e) { + ScopeManagementDAOFactory.rollbackTransaction(); + throw new ScopeManagementException("Error occurred while adding the scopes to database.", e); + } finally { + ScopeManagementDAOFactory.closeConnection(); + } + } + + @Override + public void updateScopes(List scopeKeys, String roleName) throws ScopeManagementException { + List scopes = new ArrayList<>(); + try { + List allScopes = this.getAllScopes(); + for (Scope scope : allScopes) { + for (String key : scopeKeys) { + if (scope.getKey().equals(key)) { + scope.setRoles(scope.getRoles() + "," + roleName); + scopes.add(scope); + } + } + } ScopeManagementDAOFactory.beginTransaction(); scopeManagementDAO.updateScopes(scopes); ScopeManagementDAOFactory.commitTransaction(); @@ -62,7 +90,7 @@ public class ScopeManagementServiceImpl implements ScopeManagementService { @Override public List getAllScopes() throws ScopeManagementException { List scopes = new ArrayList<>(); - try{ + try { ScopeManagementDAOFactory.openConnection(); scopes = scopeManagementDAO.getAllScopes(); } catch (SQLException e) { @@ -94,4 +122,52 @@ public class ScopeManagementServiceImpl implements ScopeManagementService { return roles; } + @Override + public List getScopesOfRole(String roleName) throws ScopeManagementException { + if (roleName == null || roleName.isEmpty()) { + throw new ScopeManagementException("Role name is null or empty"); + } + List filteredScopes = new ArrayList<>(); + try { + ScopeManagementDAOFactory.openConnection(); + List allScopes = scopeManagementDAO.getScopesHavingRole(roleName); + + String roles[]; + for (Scope scope : allScopes) { + roles = scope.getRoles().split(","); + for (String role : roles) { + if (roleName.equals(role.trim())) { + filteredScopes.add(scope); + } + } + } + } catch (SQLException e) { + throw new ScopeManagementException("SQL error occurred while retrieving scopes of role from database.", e); + } catch (ScopeManagementDAOException e) { + throw new ScopeManagementException("Error occurred while retrieving scopes of role from database.", e); + } finally { + ScopeManagementDAOFactory.closeConnection(); + } + return filteredScopes; + } + + @Override + public void removeScopes(String roleName) throws ScopeManagementException { + + List scopes = this.getScopesOfRole(roleName); + String roles[]; + ArrayList filteredRoles = new ArrayList<>(); + for (Scope scope : scopes) { + roles = scope.getRoles().split(","); + for (String role : roles) { + if (!roleName.equals(role.trim())) { + filteredRoles.add(role); + } + } + scope.setRoles(StringUtils.join(filteredRoles, ",")); + filteredRoles.clear(); + } + this.updateScopes(scopes); + } + } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAO.java index 38517f6c4ef..b15efcc2e71 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAO.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAO.java @@ -51,4 +51,14 @@ public interface ScopeManagementDAO { */ String getRolesOfScope(String scopeKey) throws ScopeManagementDAOException; + /** + * This method is to retrieve all the scopes of the given role name. + * Thus it returns the scopes even if the part of the given name is matched. + * + * @param roleName Role name + * @return List of scopes + * @throws ScopeManagementDAOException + */ + List getScopesHavingRole(String roleName) throws ScopeManagementDAOException; + } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/impl/ScopeManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/impl/ScopeManagementDAOImpl.java index 7e463924466..676da007d3b 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/impl/ScopeManagementDAOImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/impl/ScopeManagementDAOImpl.java @@ -64,23 +64,14 @@ public class ScopeManagementDAOImpl implements ScopeManagementDAO { Connection conn; PreparedStatement stmt = null; ResultSet rs = null; - List scopes = new ArrayList<>(); - Scope scope; + List scopes; try { conn = this.getConnection(); String sql = "SELECT * FROM IDN_OAUTH2_SCOPE"; stmt = conn.prepareStatement(sql); rs = stmt.executeQuery(); - - while (rs.next()) { - scope = new Scope(); - scope.setKey(rs.getString("SCOPE_KEY")); - scope.setName(rs.getString("NAME")); - scope.setDescription(rs.getString("DESCRIPTION")); - scope.setRoles(rs.getString("ROLES")); - scopes.add(scope); - } + scopes = this.getScopesFromResultSet(rs); return scopes; } catch (SQLException e) { throw new ScopeManagementDAOException("Error occurred while fetching the details of the scopes.", e); @@ -114,8 +105,44 @@ public class ScopeManagementDAOImpl implements ScopeManagementDAO { } } + @Override + public List getScopesHavingRole(String roleName) throws ScopeManagementDAOException { + Connection conn; + PreparedStatement stmt = null; + ResultSet rs = null; + List scopes; + + try { + conn = this.getConnection(); + String sql = "SELECT * FROM IDN_OAUTH2_SCOPE WHERE ROLES LIKE ?"; + stmt = conn.prepareStatement(sql); + stmt.setString(1, "%" + roleName + "%"); + rs = stmt.executeQuery(); + scopes = this.getScopesFromResultSet(rs); + return scopes; + } catch (SQLException e) { + throw new ScopeManagementDAOException("Error occurred while fetching the details of the scopes.", e); + } finally { + ScopeManagementDAOUtil.cleanupResources(stmt, rs); + } + } + private Connection getConnection() throws SQLException { return ScopeManagementDAOFactory.getConnection(); } + private List getScopesFromResultSet(ResultSet rs) throws SQLException { + List scopes = new ArrayList<>(); + Scope scope; + while (rs.next()) { + scope = new Scope(); + scope.setKey(rs.getString("SCOPE_KEY")); + scope.setName(rs.getString("NAME")); + scope.setDescription(rs.getString("DESCRIPTION")); + scope.setRoles(rs.getString("ROLES")); + scopes.add(scope); + } + return scopes; + } + }