Java Code Examples for org.wso2.carbon.user.api.UserStoreManager#getRoleListOfUser()

The following examples show how to use org.wso2.carbon.user.api.UserStoreManager#getRoleListOfUser() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: APIUtil.java    From product-iots with Apache License 2.0 6 votes vote down vote up
public static void registerApiAccessRoles(String user) {
    UserStoreManager userStoreManager = null;
    try {
        userStoreManager = getUserStoreManager();
        String[] userList = new String[]{user};
        if (userStoreManager != null) {
            String rolesOfUser[] = userStoreManager.getRoleListOfUser(user);
            if (!userStoreManager.isExistingRole(Constants.DEFAULT_ROLE_NAME)) {
                userStoreManager.addRole(Constants.DEFAULT_ROLE_NAME, userList, Constants.DEFAULT_PERMISSION);
            } else if (rolesOfUser != null && Arrays.asList(rolesOfUser).contains(Constants.DEFAULT_ROLE_NAME)) {
                return;
            } else {
                userStoreManager.updateUserListOfRole(Constants.DEFAULT_ROLE_NAME, new String[0], userList);
            }
        }
    } catch (UserStoreException e) {
        log.error("Error while creating a role and adding a user for virtual_firealarm.", e);
    }
}
 
Example 2
Source File: APIKeyMgtRemoteUserStoreMgtService.java    From carbon-apimgt with Apache License 2.0 6 votes vote down vote up
/**
 * Get the role list of a user. Works for any tenant domain.
 * @param username username with tenant domain
 * @return list of roles
 * @throws APIManagementException
 */
public String[] getUserRoles(String username) throws APIManagementException {

    String userRoles[] = null;
    String tenantDomain = MultitenantUtils.getTenantDomain(username);

    PrivilegedCarbonContext.startTenantFlow();
    PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);

    UserStoreManager userStoreManager;
    try {
        userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
        userRoles = userStoreManager.getRoleListOfUser(MultitenantUtils.getTenantAwareUsername(username));
    } catch (UserStoreException e) {
        APIUtil.handleException("Error occurred retrieving roles of user " + username, e);
    } finally {
        PrivilegedCarbonContext.getThreadLocalCarbonContext().endTenantFlow();
    }
    return userRoles;
}
 
Example 3
Source File: StratosUserManagerUtils.java    From attic-stratos with Apache License 2.0 6 votes vote down vote up
/**
 * Get the List of userRoles except the Internal/everyone role
 *
 * @param userStoreManager UserStoreManager
 * @param username         Username of the user
 * @return String[]
 * @throws UserManagerException
 */
private static String[] getRefinedListOfRolesOfUser(UserStoreManager userStoreManager, String username)
        throws UserManagerException {

    ArrayList<String> rolesWithoutEveryoneRole = new ArrayList<String>();

    try {
        String[] allUserRoles = userStoreManager.getRoleListOfUser(username);

        for (String role : allUserRoles) {
            if (!role.equals(INTERNAL_EVERYONE_ROLE)) {
                rolesWithoutEveryoneRole.add(role);
            }
        }
        String[] rolesWithoutEveryoneRoleArray = new String[rolesWithoutEveryoneRole.size()];
        return rolesWithoutEveryoneRole.toArray(rolesWithoutEveryoneRoleArray);

    } catch (UserStoreException e) {
        String msg = "Error in listing the roles of user " + username + " in User Store";
        log.error(msg, e);
        throw new UserManagerException(msg, e);
    }
}
 
Example 4
Source File: ApplicationMgtUtil.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * @param applicationName
 * @param username
 * @return
 * @throws IdentityApplicationManagementException
 */
public static boolean isUserAuthorized(String applicationName, String username)
        throws IdentityApplicationManagementException {

    String applicationRoleName = getAppRoleName(applicationName);
    try {
        if (log.isDebugEnabled()) {
            log.debug("Checking whether user has role : " + applicationRoleName + " by retrieving role list of " +
                    "user : " + username);
        }

        UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm()
                .getUserStoreManager();
        if (userStoreManager instanceof AbstractUserStoreManager) {
            return ((AbstractUserStoreManager) userStoreManager).isUserInRole(username, applicationRoleName);
        }

        String[] userRoles = userStoreManager.getRoleListOfUser(username);
        for (String userRole : userRoles) {
            if (applicationRoleName.equals(userRole)) {
                return true;
            }
        }
    } catch (UserStoreException e) {
        throw new IdentityApplicationManagementException("Error while checking authorization for user: " +
                username + " for application: " + applicationName, e);
    }
    return false;
}
 
Example 5
Source File: UserManagementServiceImpl.java    From carbon-device-mgt with Apache License 2.0 5 votes vote down vote up
private List<String> getFilteredRoles(UserStoreManager userStoreManager, String username)
        throws UserStoreException {
    String[] roleListOfUser;
    roleListOfUser = userStoreManager.getRoleListOfUser(username);
    List<String> filteredRoles = new ArrayList<>();
    for (String role : roleListOfUser) {
        if (!(role.startsWith("Internal/") || role.startsWith("Authentication/"))) {
            filteredRoles.add(role);
        }
    }
    return filteredRoles;
}
 
Example 6
Source File: UserManagementServiceImpl.java    From carbon-device-mgt with Apache License 2.0 5 votes vote down vote up
private List<String> getFilteredRoles(UserStoreManager userStoreManager, String username)
        throws UserStoreException {
    String[] roleListOfUser;
    roleListOfUser = userStoreManager.getRoleListOfUser(username);
    List<String> filteredRoles = new ArrayList<>();
    for (String role : roleListOfUser) {
        if (!(role.startsWith("Internal/") || role.startsWith("Authentication/"))) {
            filteredRoles.add(role);
        }
    }
    return filteredRoles;
}
 
Example 7
Source File: RoleBasedScopesIssuer.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
/**
 * This method is used to get roles list of the user.
 *
 * @param authenticatedUser Authenticated user
 * @return roles list
 */
private String[] getUserRoles(AuthenticatedUser authenticatedUser) {

    String[] userRoles = null;
    String tenantDomain;
    String username;
    if (authenticatedUser.isFederatedUser()) {
        tenantDomain = MultitenantUtils.getTenantDomain(authenticatedUser.getAuthenticatedSubjectIdentifier());
        username = MultitenantUtils.getTenantAwareUsername(authenticatedUser.getAuthenticatedSubjectIdentifier());
    } else {
        tenantDomain = authenticatedUser.getTenantDomain();
        username = authenticatedUser.getUserName();
    }
    String userStoreDomain = authenticatedUser.getUserStoreDomain();
    RealmService realmService = getRealmService();
    try {
        int tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
        // If tenant Id is not set in the tokenReqContext, deriving it from username.
        if (tenantId == 0 || tenantId == -1) {
            tenantId = getTenantIdOfUser(username);
        }
        UserStoreManager userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
        String endUsernameWithDomain = addDomainToName(username, userStoreDomain);
        userRoles = userStoreManager.getRoleListOfUser(endUsernameWithDomain);

    } catch (UserStoreException e) {
        //Log and return since we do not want to stop issuing the token in case of scope validation failures.
        log.error("Error when getting the tenant's UserStoreManager or when getting roles of user ", e);
    }
    return userRoles;
}
 
Example 8
Source File: APIKeyMgtRemoteUserStoreMgtService.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
public BasicAuthValidationInfoDTO getUserAuthenticationInfo(String username, String password)
        throws APIManagementException {

    String tenantDomain = MultitenantUtils.getTenantDomain(username);
    PrivilegedCarbonContext.startTenantFlow();
    PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);

    UserStoreManager userStoreManager;
    BasicAuthValidationInfoDTO basicAuthValidationInfoDTO = new BasicAuthValidationInfoDTO();
    boolean isAuthenticated;
    String userRoles[];
    String domainQualifiedUsername;
    try {
        userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
        isAuthenticated = userStoreManager
                .authenticate(MultitenantUtils.getTenantAwareUsername(username), password);
        if (isAuthenticated) {
            basicAuthValidationInfoDTO.setAuthenticated(true);
            domainQualifiedUsername = UserCoreUtil.addDomainToName(username, UserCoreUtil.getDomainFromThreadLocal());
            basicAuthValidationInfoDTO.setDomainQualifiedUsername(domainQualifiedUsername);
        } else {
            //return default validation DTO with authentication false
            return basicAuthValidationInfoDTO;
        }
        //Get role list of user.
        //Should give the domain qualified username when getting the role list of user.
        userRoles = userStoreManager
                .getRoleListOfUser(MultitenantUtils.getTenantAwareUsername(domainQualifiedUsername));
        basicAuthValidationInfoDTO.setUserRoleList(userRoles);
    } catch (UserStoreException e) {
        APIUtil.handleException("Error occurred while retrieving user authentication info of user " + username, e);
    } finally {
        PrivilegedCarbonContext.getThreadLocalCarbonContext().endTenantFlow();
    }
    return basicAuthValidationInfoDTO;
}