|
|
@ -17,7 +17,13 @@
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl;
|
|
|
|
package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
import io.entgra.device.mgt.core.device.mgt.common.exceptions.MetadataManagementException;
|
|
|
|
|
|
|
|
import io.entgra.device.mgt.core.device.mgt.common.metadata.mgt.Metadata;
|
|
|
|
|
|
|
|
import org.apache.axis2.databinding.types.xsd._boolean;
|
|
|
|
import org.apache.commons.logging.Log;
|
|
|
|
import org.apache.commons.logging.Log;
|
|
|
|
|
|
|
|
import org.json.simple.JSONObject;
|
|
|
|
|
|
|
|
import org.json.simple.parser.JSONParser;
|
|
|
|
|
|
|
|
import org.json.simple.parser.ParseException;
|
|
|
|
import org.apache.commons.logging.LogFactory;
|
|
|
|
import org.apache.commons.logging.LogFactory;
|
|
|
|
import org.wso2.carbon.CarbonConstants;
|
|
|
|
import org.wso2.carbon.CarbonConstants;
|
|
|
|
import org.wso2.carbon.base.MultitenantConstants;
|
|
|
|
import org.wso2.carbon.base.MultitenantConstants;
|
|
|
@ -97,6 +103,91 @@ public class RoleManagementServiceImpl implements RoleManagementService {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@GET
|
|
|
|
|
|
|
|
@Path("/visible/{metaKey}")
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
|
|
|
public Response getVisibleRole(
|
|
|
|
|
|
|
|
@QueryParam("filter") String filter,
|
|
|
|
|
|
|
|
@QueryParam("user-store") String userStore,
|
|
|
|
|
|
|
|
@HeaderParam("If-Modified-Since") String ifModifiedSince,
|
|
|
|
|
|
|
|
@QueryParam("offset") int offset, @QueryParam("limit") int limit,
|
|
|
|
|
|
|
|
@QueryParam("username") String username, @QueryParam("domain") String domain,
|
|
|
|
|
|
|
|
@PathParam("metaKey") String metaKey) {
|
|
|
|
|
|
|
|
RequestValidationUtil.validatePaginationParameters(offset, limit);
|
|
|
|
|
|
|
|
if (limit == 0){
|
|
|
|
|
|
|
|
limit = Constants.DEFAULT_PAGE_LIMIT;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if (domain != null && !domain.isEmpty()) {
|
|
|
|
|
|
|
|
username = domain + '/' + username;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
Metadata metadata;
|
|
|
|
|
|
|
|
List<String> visibleRoles;
|
|
|
|
|
|
|
|
RoleList visibleRoleList = new RoleList();
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
|
|
|
metadata = DeviceMgtAPIUtils.getMetadataManagementService().retrieveMetadata(metaKey);
|
|
|
|
|
|
|
|
String metaValue = metadata.getMetaValue();
|
|
|
|
|
|
|
|
JSONParser parser = new JSONParser();
|
|
|
|
|
|
|
|
JSONObject jsonObject = (JSONObject) parser.parse(metaValue);
|
|
|
|
|
|
|
|
boolean decision = (boolean) jsonObject.get("isUserAbleToViewAllRoles");
|
|
|
|
|
|
|
|
if (decision) {
|
|
|
|
|
|
|
|
if(userStore == null || "".equals(userStore)){
|
|
|
|
|
|
|
|
userStore = PRIMARY_USER_STORE;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
try{
|
|
|
|
|
|
|
|
visibleRoles =getRolesFromUserStore(filter, userStore);
|
|
|
|
|
|
|
|
visibleRoleList.setList(visibleRoles);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
visibleRoles = FilteringUtil.getFilteredList(getRolesFromUserStore(filter, userStore), offset, limit);
|
|
|
|
|
|
|
|
visibleRoleList.setList(visibleRoles);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return Response.status(Response.Status.OK).entity(visibleRoleList).build();
|
|
|
|
|
|
|
|
} catch (UserStoreException e) {
|
|
|
|
|
|
|
|
String msg = "Error occurred while retrieving roles from the underlying user stores";
|
|
|
|
|
|
|
|
log.error(msg, e);
|
|
|
|
|
|
|
|
return Response.serverError().entity(
|
|
|
|
|
|
|
|
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
try{UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
|
|
|
|
|
|
|
|
if (!userStoreManager.isExistingUser(username)) {
|
|
|
|
|
|
|
|
if (log.isDebugEnabled()) {
|
|
|
|
|
|
|
|
log.debug("User by username: " + username + " does not exist for role retrieval.");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
String msg = "User by username: " + username + " does not exist for role retrieval.";
|
|
|
|
|
|
|
|
return Response.status(Response.Status.NOT_FOUND).entity(msg).build();
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
visibleRoleList.setList(getFilteredVisibleRoles(userStoreManager, username));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return Response.status(Response.Status.OK).entity(visibleRoleList).build();
|
|
|
|
|
|
|
|
}catch (UserStoreException e) {
|
|
|
|
|
|
|
|
String msg = "Error occurred while trying to retrieve roles of the user '" + username + "'";
|
|
|
|
|
|
|
|
log.error(msg, e);
|
|
|
|
|
|
|
|
return Response.serverError().entity(
|
|
|
|
|
|
|
|
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
} catch (MetadataManagementException e) {
|
|
|
|
|
|
|
|
String msg = "Error occurred while getting the metadata entry for metaKey:" + metaKey;
|
|
|
|
|
|
|
|
log.error(msg, e);
|
|
|
|
|
|
|
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
|
|
|
|
|
|
|
} catch (ParseException e) {
|
|
|
|
|
|
|
|
throw new RuntimeException(e);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private List<String> getFilteredVisibleRoles(UserStoreManager userStoreManager, String username)
|
|
|
|
|
|
|
|
throws UserStoreException {
|
|
|
|
|
|
|
|
String[] roleListOfUser;
|
|
|
|
|
|
|
|
roleListOfUser = userStoreManager.getRoleListOfUser(username);
|
|
|
|
|
|
|
|
List<String> filteredRoles = new ArrayList<>();
|
|
|
|
|
|
|
|
for (String role : roleListOfUser) {
|
|
|
|
|
|
|
|
if (!(role.startsWith("Internal/") || role.startsWith("Authentication/"))) {
|
|
|
|
|
|
|
|
filteredRoles.add(role);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
return filteredRoles;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@GET
|
|
|
|
@GET
|
|
|
|
@Path("/filter/{prefix}")
|
|
|
|
@Path("/filter/{prefix}")
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|