/** * @param applicationName * @param username * @return * @throws IdentityApplicationManagementException */ public static boolean isUserAuthorized(String applicationName, String username) throws IdentityApplicationManagementException { String applicationRoleName = getAppRoleName(applicationName); try { if (log.isDebugEnabled()) { log.debug("Checking whether user has role : " + applicationRoleName + " by retrieving role list of " + "user : " + username); } String[] userRoles = CarbonContext.getThreadLocalCarbonContext().getUserRealm() .getUserStoreManager().getRoleListOfUser(username); for (String userRole : userRoles) { if (applicationRoleName.equals(userRole)) { return true; } } } catch (UserStoreException e) { throw new IdentityApplicationManagementException("Error while checking authorization for user: " + username + " for application: " + applicationName, e); } return false; }
userName = CarbonConstants.REGISTRY_ANONNYMOUS_USERNAME; String[] userRoles = realm.getUserStoreManager().getRoleListOfUser(userName); StringBuilder rolesQuery = new StringBuilder(); for (String userRole : userRoles) {
private void assignApplicationRole(String applicationName, String username) throws IdentityApplicationManagementException { String roleName = getAppRoleName(applicationName); String[] newRoles = {roleName}; try { // assign new application role to the user. UserRealm realm = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm(); if (realm != null) { String[] roleListOfUser = realm.getUserStoreManager().getRoleListOfUser(username); if (ArrayUtils.contains(roleListOfUser, roleName)) { if (log.isDebugEnabled()) { log.debug("The user: " + username + " is already having the role: " + roleName); } } else { realm.getUserStoreManager().updateRoleListOfUser(username, null, newRoles); if (log.isDebugEnabled()) { log.debug("Assigning application role : " + roleName + " to the user : " + username); } } } } catch (UserStoreException e) { throw new IdentityApplicationManagementException("Error while assigning application role: " + roleName + " to the user: " + username, e); } }
.getRoleListOfUser(subjectId); if (roles != null && roles.length > 0) { for (String role : roles) {
.getRoleListOfUser(subjectId); if (roles != null && roles.length > 0) { for (String role : roles) {
.getRoleListOfUser(subjectId); if (roles != null && roles.length > 0) { for (String role : roles) {
String[] userRoles = userStoreManager.getRoleListOfUser(username); for (String userRole : userRoles) { if (applicationRoleName.equals(userRole)) {
private String[] getRoleOfDevice(Device device) throws PolicyManagementException { try { UserRealm userRealm = CarbonContext.getThreadLocalCarbonContext().getUserRealm(); if (userRealm != null) { return userRealm.getUserStoreManager().getRoleListOfUser(device.getEnrolmentInfo().getOwner()); } else { return null; } } catch (UserStoreException e) { throw new PolicyManagementException("Error occurred when retrieving roles related to user name.", e); } }
userRoles = userStoreManager.getRoleListOfUser( MultitenantUtils.getTenantAwareUsername(authzUser.getUserName())); } finally {
userRoles = userStoreManager.getRoleListOfUser( MultitenantUtils.getTenantAwareUsername(user.toFullQualifiedUsername())); } finally {
getRoleListOfUser((baseUserNameWithoutTenant)));
userRoles = getRolesFromAssertion(assertion); } else { userRoles = userStoreManager.getRoleListOfUser(endUsernameWithDomain);
userRoles = userStoreManager.getRoleListOfUser( MultitenantUtils.getTenantAwareUsername(authzUser.getUserName())); } finally {
private String[] getLocalRoles() { if (idp == null || FrameworkConstants.LOCAL.equals(idp)) { RealmService realmService = FrameworkServiceDataHolder.getInstance().getRealmService(); int usersTenantId = IdentityTenantUtil.getTenantId(getWrapped().getTenantDomain()); try { String usernameWithDomain = UserCoreUtil.addDomainToName(getWrapped().getUserName(), getWrapped() .getUserStoreDomain()); UserRealm userRealm = realmService.getTenantUserRealm(usersTenantId); return userRealm.getUserStoreManager().getRoleListOfUser(usernameWithDomain); } catch (UserStoreException e) { LOG.error("Error when getting role list of user: " + getWrapped(), e); } } return ArrayUtils.EMPTY_STRING_ARRAY; } }
private String[] getLocalRoles() { if (idp == null || FrameworkConstants.LOCAL.equals(idp)) { RealmService realmService = FrameworkServiceDataHolder.getInstance().getRealmService(); int usersTenantId = IdentityTenantUtil.getTenantId(getWrapped().getTenantDomain()); try { String usernameWithDomain = UserCoreUtil.addDomainToName(getWrapped().getUserName(), getWrapped() .getUserStoreDomain()); UserRealm userRealm = realmService.getTenantUserRealm(usersTenantId); return userRealm.getUserStoreManager().getRoleListOfUser(usernameWithDomain); } catch (UserStoreException e) { LOG.error("Error when getting role list of user: " + getWrapped(), e); } } return ArrayUtils.EMPTY_STRING_ARRAY; } }
UserRealm realm = realmService.getBootstrapRealm(); UserStoreManager manager = realm.getUserStoreManager(); String[] userList = manager.getRoleListOfUser(publisherName); String publisherRole = null; for (String roleName : userList) {
/** * Check if the given user has the admin role privileges * * @param username - the user to be checked for permissions * @return - true if given user is a admin role owned user, false otherwise * @throws EventBrokerException - if fails to get list of user roles */ public static boolean isAdmin(String username) throws EventBrokerException { boolean isAdmin = false; try { String[] userRoles = EventBrokerHolder.getInstance().getRealmService(). getTenantUserRealm(CarbonContext.getThreadLocalCarbonContext().getTenantId()). getUserStoreManager().getRoleListOfUser(username); String adminRole = EventBrokerHolder.getInstance().getRealmService(). getBootstrapRealmConfiguration().getAdminRoleName(); for (String userRole : userRoles) { if (adminRole.equals(userRole)) { isAdmin = true; break; } } } catch (UserStoreException e) { throw new EventBrokerException("Failed to get list of user roles", e); } return isAdmin; }