boolean exist = tenantGovReg.resourceExists(applicationNode); if (!exist) { Collection appRootNode = tenantGovReg.newCollection(); appRootNode.setProperty("name", applicationName); tenantGovReg.put(applicationNode, appRootNode); Collection appNodeCollec = (Collection) tenantGovReg.get(applicationNode); String[] childern = appNodeCollec.getChildren(); tenantGovReg.delete(applicationNode); List<ApplicationPermission> loadPermissions = loadPermissions(applicationName); for (ApplicationPermission applicationPermission : loadPermissions) { tenantGovReg.delete(applicationNode + PATH_CONSTANT + applicationPermission.getValue());
@Override public void persistConfig(String policyEditorType, String xmlConfig) throws PolicyEditorException { super.persistConfig(policyEditorType, xmlConfig); Registry registry = CarbonContext.getThreadLocalCarbonContext().getRegistry(RegistryType.SYSTEM_GOVERNANCE); try { Resource resource = registry.newResource(); resource.setContent(xmlConfig); String path = null; if (EntitlementConstants.PolicyEditor.BASIC.equals(policyEditorType)) { path = EntitlementConstants.ENTITLEMENT_POLICY_BASIC_EDITOR_CONFIG_FILE_REGISTRY_PATH; } else if (EntitlementConstants.PolicyEditor.STANDARD.equals(policyEditorType)) { path = EntitlementConstants.ENTITLEMENT_POLICY_STANDARD_EDITOR_CONFIG_FILE_REGISTRY_PATH; } else if (EntitlementConstants.PolicyEditor.RBAC.equals(policyEditorType)) { path = EntitlementConstants.ENTITLEMENT_POLICY_RBAC_EDITOR_CONFIG_FILE_REGISTRY_PATH; } else if (EntitlementConstants.PolicyEditor.SET.equals(policyEditorType)) { path = EntitlementConstants.ENTITLEMENT_POLICY_SET_EDITOR_CONFIG_FILE_REGISTRY_PATH; } else { //default path = EntitlementConstants.ENTITLEMENT_POLICY_BASIC_EDITOR_CONFIG_FILE_REGISTRY_PATH; } registry.put(path, resource); } catch (RegistryException e) { throw new PolicyEditorException("Error while persisting policy editor config"); } }
@Override public void deletePolicy(String policyId) throws EntitlementException { Registry registry = EntitlementServiceComponent. getGovernanceRegistry(CarbonContext.getThreadLocalCarbonContext().getTenantId()); try { if (registry.resourceExists(PDPConstants.ENTITLEMENT_POLICY_VERSION + policyId)) { registry.delete(PDPConstants.ENTITLEMENT_POLICY_VERSION + policyId); } } catch (RegistryException e) { log.error("Error while deleting all versions of policy", e); } }
private static void addPermission(ApplicationPermission[] permissions, Registry tenantGovReg) throws RegistryException { for (ApplicationPermission permission : permissions) { String permissionValue = permission.getValue(); if ("/".equals(permissionValue.substring(0, 1))) { //if permissions are starts with slash remove that permissionValue = permissionValue.substring(1); } String[] splitedPermission = permissionValue.split("/"); String permissinPath = applicationNode + PATH_CONSTANT; for (int i = 0; i < splitedPermission.length; i++) { permissinPath = permissinPath + splitedPermission[i] + PATH_CONSTANT; Collection permissionNode = tenantGovReg.newCollection(); permissionNode.setProperty("name", splitedPermission[i]); tenantGovReg.put(permissinPath, permissionNode); } } }
/** * * Populates the properties using the configuration file in the given registry location. * * @param configResourcePath * @param registry */ public void populate(String configResourcePath, Registry registry){ try{ if(registry.resourceExists(configResourcePath)) { Resource configurationsResource = registry.get(configResourcePath); StAXOMBuilder builder = new StAXOMBuilder(configurationsResource.getContentStream()); OMElement root = builder.getDocumentElement(); populate(root); } } catch (XMLStreamException e) { String errorMessage = "Can't load the tenant configuration for the tenant " + tenantID; log.error(errorMessage, e); } catch (RegistryException e) { String errorMessage = "Can't load the tenant configuration for the tenant " + tenantID; log.error(errorMessage, e); } }
Registry registry = UserMgtDSComponent.getRegistryService().getGovernanceSystemRegistry(); if (tenantId == MultitenantConstants.SUPER_TENANT_ID) { regRoot = (Collection) registry.get(UserMgtConstants.UI_PERMISSION_ROOT); String displayName = regRoot.getProperty(UserMgtConstants.DISPLAY_NAME); nodeRoot = new UIPermissionNode(UserMgtConstants.UI_PERMISSION_ROOT, displayName); } else { regRoot = (Collection) registry.get(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT); if (tenentRegistry.resourceExists(APPLICATIONS_PATH)) { appRoot = (Collection) tenentRegistry.get(APPLICATIONS_PATH); parent = (Collection) tenentRegistry.newCollection(); parent.setProperty(UserMgtConstants.DISPLAY_NAME, "All Permissions"); parent.setChildren(new String[]{regRoot.getPath(), appRoot.getPath()});
private static void permissionPath(Registry tenantGovReg, String permissionPath) throws RegistryException { Collection appCollection = (Collection) tenantGovReg.get(permissionPath); String[] childern = appCollection.getChildren(); if (childern == null || childern.length == 0) { paths.add(permissionPath.replace(applicationNode, "").substring(2)); } while (childern != null && childern.length != 0) { for (int i = 0; i < childern.length; i++) { permissionPath(tenantGovReg, childern[i]); } break; } }
if (!tenantGovReg.resourceExists(permissionResourcePath)) { boolean loggedInUserChanged = false; UserRealm realm = loggedInUserChanged = true; Collection appRootNode = tenantGovReg.newCollection(); appRootNode.setProperty("name", "Applications"); tenantGovReg.put(permissionResourcePath, appRootNode); if (loggedInUserChanged) { PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(username); Collection appNodeColl = tenantGovReg.newCollection(); tenantGovReg.put(appNode, appNodeColl); Resource permissionNode = tenantGovReg.newResource(); permissionNode.setProperty("name", permission.getValue()); tenantGovReg.put(permissinPath, permissionNode);
/** * Rename the registry path node name for a deleted Service provider role. * * @param oldName * @param newName * @throws IdentityApplicationManagementException */ public static void renameAppPermissionPathNode(String oldName, String newName) throws IdentityApplicationManagementException { List<ApplicationPermission> loadPermissions = loadPermissions(oldName); String newApplicationNode = ApplicationMgtUtil.getApplicationPermissionPath() + PATH_CONSTANT + oldName; Registry tenantGovReg = CarbonContext.getThreadLocalCarbonContext().getRegistry( RegistryType.USER_GOVERNANCE); //creating new application node try { for (ApplicationPermission applicationPermission : loadPermissions) { tenantGovReg.delete(newApplicationNode + PATH_CONSTANT + applicationPermission.getValue()); } tenantGovReg.delete(newApplicationNode); Collection permissionNode = tenantGovReg.newCollection(); permissionNode.setProperty("name", newName); newApplicationNode = ApplicationMgtUtil.getApplicationPermissionPath() + PATH_CONSTANT + newName; ApplicationMgtUtil.applicationNode = newApplicationNode; tenantGovReg.put(newApplicationNode, permissionNode); addPermission(loadPermissions.toArray(new ApplicationPermission[loadPermissions.size()]), tenantGovReg); } catch (RegistryException e) { throw new IdentityApplicationManagementException("Error while renaming permission node " + oldName + "to " + newName, e); } }
boolean exist = tenantGovReg.resourceExists(applicationNode);
throw new UserStoreException("Illegal access attempt"); regRoot = (Collection) registry.get(UserMgtConstants.UI_PERMISSION_ROOT); String displayName = regRoot.getProperty(UserMgtConstants.DISPLAY_NAME); nodeRoot = new UIPermissionNode(UserMgtConstants.UI_PERMISSION_ROOT, displayName); } else { regRoot = (Collection) registry.get(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT); if (tenentRegistry.resourceExists(APPLICATIONS_PATH)) { appRoot = (Collection) tenentRegistry.get(APPLICATIONS_PATH); parent = (Collection) tenentRegistry.newCollection(); parent.setProperty(UserMgtConstants.DISPLAY_NAME, "All Permissions"); parent.setChildren(new String[]{regRoot.getPath(), appRoot.getPath()});
private void buildUIPermissionNodeAllSelected(Collection parent, UIPermissionNode parentNode, Registry registry, Registry tenantRegistry) throws RegistryException, UserStoreException { String[] children = parent.getChildren(); UIPermissionNode[] childNodes = new UIPermissionNode[children.length]; for (int i = 0; i < children.length; i++) { String child = children[i]; Resource resource = null; if (registry.resourceExists(child)) { resource = registry.get(child); } else if (tenantRegistry != null) { resource = tenantRegistry.get(child); } else { throw new RegistryException("Permission resource not found in the registry."); } childNodes[i] = getUIPermissionNode(resource, true); if (resource instanceof Collection) { buildUIPermissionNodeAllSelected((Collection) resource, childNodes[i], registry, tenantRegistry); } } parentNode.setNodeList(childNodes); }
private static void permissionPath(Registry tenantGovReg, String permissionPath, List<String> paths, String applicationNode) throws RegistryException { Collection appCollection = (Collection) tenantGovReg.get(permissionPath); String[] childern = appCollection.getChildren(); if (childern == null || childern.length == 0) { paths.add(permissionPath.replace(applicationNode, "").substring(2)); } while (childern != null && childern.length != 0) { for (int i = 0; i < childern.length; i++) { permissionPath(tenantGovReg, childern[i], paths, applicationNode); } break; } }
@Override public void deletePolicy(String policyId) throws EntitlementException { Registry registry = EntitlementServiceComponent. getGovernanceRegistry(CarbonContext.getThreadLocalCarbonContext().getTenantId()); try { if (registry.resourceExists(PDPConstants.ENTITLEMENT_POLICY_VERSION + policyId)) { registry.delete(PDPConstants.ENTITLEMENT_POLICY_VERSION + policyId); } } catch (RegistryException e) { log.error("Error while deleting all versions of policy", e); } }
if (!tenantGovReg.resourceExists(permissionResourcePath)) { boolean loggedInUserChanged = false; UserRealm realm = loggedInUserChanged = true; Collection appRootNode = tenantGovReg.newCollection(); appRootNode.setProperty("name", "Applications"); tenantGovReg.put(permissionResourcePath, appRootNode); if (loggedInUserChanged) { PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(username); Collection appNodeColl = tenantGovReg.newCollection(); tenantGovReg.put(appNode, appNodeColl); Resource permissionNode = tenantGovReg.newResource(); permissionNode.setProperty("name", permission.getValue()); tenantGovReg.put(permissinPath, permissionNode);
tenantGovReg.delete(newApplicationNode + PATH_CONSTANT + applicationPermission.getValue()); tenantGovReg.delete(newApplicationNode); Collection permissionNode = tenantGovReg.newCollection(); permissionNode.setProperty("name", newName); newApplicationNode = ApplicationMgtUtil.getApplicationPermissionPath() + PATH_CONSTANT + newName; String applicationNode = newApplicationNode; tenantGovReg.put(newApplicationNode, permissionNode); addPermission(applicationNode, loadPermissions.toArray(new ApplicationPermission[loadPermissions.size()]), tenantGovReg);
private static void addPermission(String applicationNode, ApplicationPermission[] permissions, Registry tenantGovReg) throws RegistryException { for (ApplicationPermission permission : permissions) { String permissionValue = permission.getValue(); if ("/".equals(permissionValue.substring(0, 1))) { //if permissions are starts with slash remove that permissionValue = permissionValue.substring(1); } String[] splitedPermission = permissionValue.split("/"); String permissinPath = applicationNode + PATH_CONSTANT; for (int i = 0; i < splitedPermission.length; i++) { permissinPath = permissinPath + splitedPermission[i] + PATH_CONSTANT; Collection permissionNode = tenantGovReg.newCollection(); permissionNode.setProperty("name", splitedPermission[i]); tenantGovReg.put(permissinPath, permissionNode); } } }
boolean exist = tenantGovReg.resourceExists(applicationNode);
boolean exist = tenantGovReg.resourceExists(applicationNode); if (!exist) { Collection appRootNode = tenantGovReg.newCollection(); appRootNode.setProperty("name", applicationName); tenantGovReg.put(applicationNode, appRootNode); Collection appNodeCollec = (Collection) tenantGovReg.get(applicationNode); String[] childern = appNodeCollec.getChildren(); tenantGovReg.delete(applicationNode); List<ApplicationPermission> loadPermissions = loadPermissions(applicationName); for (ApplicationPermission applicationPermission : loadPermissions) { tenantGovReg.delete(applicationNode + PATH_CONSTANT + applicationPermission.getValue());
Registry registry = UserMgtDSComponent.getRegistryService().getGovernanceSystemRegistry(); if (tenantId == MultitenantConstants.SUPER_TENANT_ID) { regRoot = (Collection) registry.get(UserMgtConstants.UI_PERMISSION_ROOT); String displayName = regRoot.getProperty(UserMgtConstants.DISPLAY_NAME); nodeRoot = new UIPermissionNode(UserMgtConstants.UI_PERMISSION_ROOT, displayName); } else { regRoot = (Collection) registry.get(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT); if (tenentRegistry.resourceExists(APPLICATIONS_PATH)) { appRoot = (Collection) tenentRegistry.get(APPLICATIONS_PATH); parent = (Collection) tenentRegistry.newCollection(); parent.setProperty(UserMgtConstants.DISPLAY_NAME, "All Permissions"); parent.setChildren(new String[]{regRoot.getPath(), appRoot.getPath()});