Java Code Examples for org.wso2.carbon.user.api.UserStoreException#getMessage()
The following examples show how to use
org.wso2.carbon.user.api.UserStoreException#getMessage() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: UserStoreConfigServiceImpl.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
|
@Override
public void addUserStore(UserStoreDTO userStoreDTO) throws IdentityUserStoreMgtException {
try {
if (SecondaryUserStoreConfigurationUtil.isUserStoreRepositorySeparationEnabled() &&
StringUtils.isNotBlank(userStoreDTO.getRepositoryClass())) {
AbstractUserStoreDAOFactory userStoreDAOFactory = UserStoreConfigListenersHolder.
getInstance().getUserStoreDAOFactories().get(userStoreDTO.getRepositoryClass());
userStoreDAOFactory.getInstance().addUserStore(userStoreDTO);
} else {
if (StringUtils.isNotBlank(userStoreDTO.getRepositoryClass())) {
if (LOG.isDebugEnabled()) {
LOG.debug("Repository separation of user-stores has been disabled. Adding user-store " +
userStoreDTO.getDomainId() + " with file-based configuration.");
}
}
SecondaryUserStoreConfigurationUtil.getFileBasedUserStoreDAOFactory().addUserStore(userStoreDTO);
}
} catch (UserStoreException e) {
String errorMessage = e.getMessage();
throw new IdentityUserStoreMgtException(errorMessage, e);
}
}
Example 2
| Source File: StratosUserManagerUtils.java From attic-stratos with Apache License 2.0 | 6 votes |
|
/**
* Add a user to the user-store of the particular tenant
*
* @param userStoreManager UserStoreManager
* @param userInfoBean UserInfoBean
* @throws UserManagerException
*/
public static void addUser(UserStoreManager userStoreManager, UserInfoBean userInfoBean)
throws UserManagerException {
if (log.isDebugEnabled()) {
log.debug("Creating new User: " + userInfoBean.getUserName());
}
String[] roles = new String[1];
roles[0] = userInfoBean.getRole();
Map<String, String> claims = new HashMap<String, String>();
//set firstname, lastname and email as user claims
claims.put(UserCoreConstants.ClaimTypeURIs.EMAIL_ADDRESS, userInfoBean.getEmail());
claims.put(UserCoreConstants.ClaimTypeURIs.GIVEN_NAME, userInfoBean.getFirstName());
claims.put(UserCoreConstants.ClaimTypeURIs.SURNAME, userInfoBean.getLastName());
try {
userStoreManager.addUser(userInfoBean.getUserName(), userInfoBean.getCredential(), roles, claims, userInfoBean.getProfileName());
} catch (UserStoreException e) {
String msg = "Error in adding user " + userInfoBean.getUserName() + " to User Store";
log.error(msg, e);
throw new UserManagerException(e.getMessage());
}
}
Example 3
| Source File: SelfSignUpUtil.java From carbon-apimgt with Apache License 2.0 | 6 votes |
|
/**
* Check whether user can signup to the tenant domain
*
* @param userName - The user name
* @param realm - The realm
* @return - A boolean value
* @throws APIManagementException
*/
public static boolean isUserNameWithAllowedDomainName(String userName, UserRealm realm)
throws APIManagementException {
int index;
index = userName.indexOf('/');
// Check whether we have a secondary UserStoreManager setup.
if (index > 0) {
// Using the short-circuit. User name comes with the domain name.
try {
return !realm.getRealmConfiguration()
.isRestrictedDomainForSlefSignUp(userName.substring(0, index));
} catch (UserStoreException e) {
throw new APIManagementException(e.getMessage(), e);
}
}
return true;
}
Example 4
| Source File: UserStoreConfigServiceImpl.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
@Override
public void updateUserStoreByDomainName(String previousDomainName, UserStoreDTO userStoreDTO)
throws IdentityUserStoreMgtException {
try {
if (SecondaryUserStoreConfigurationUtil.isUserStoreRepositorySeparationEnabled() &&
StringUtils.isNotEmpty(userStoreDTO.getRepositoryClass())) {
AbstractUserStoreDAOFactory userStoreDAOFactory = UserStoreConfigListenersHolder.getInstance().
getUserStoreDAOFactories().get(userStoreDTO.getRepositoryClass());
userStoreDAOFactory.getInstance().updateUserStoreDomainName(previousDomainName, userStoreDTO);
} else if (StringUtils.equals(userStoreDTO.getRepositoryClass(), FILE_BASED_REPOSITORY_CLASS)) {
if (LOG.isDebugEnabled()) {
LOG.debug("Repository separation of user-stores has been disabled. Updating user-store " +
"domain name " + userStoreDTO.getDomainId() + " with file-based configuration.");
}
SecondaryUserStoreConfigurationUtil.getFileBasedUserStoreDAOFactory().updateUserStoreDomainName
(previousDomainName, userStoreDTO);
} else if (StringUtils.isNotEmpty(userStoreDTO.getRepositoryClass())) {
if (LOG.isDebugEnabled()) {
LOG.debug("Repository separation of user-stores has been disabled. Unable to update " +
"user-store domain name " + userStoreDTO.getDomainId() + " with repository class " +
userStoreDTO.getRepositoryClass());
}
} else {
SecondaryUserStoreConfigurationUtil.getFileBasedUserStoreDAOFactory().
updateUserStoreDomainName(previousDomainName, userStoreDTO);
}
} catch (UserStoreException e) {
String errorMessage = e.getMessage();
throw new IdentityUserStoreMgtException(errorMessage);
}
}
Example 5
| Source File: UserProfileAdmin.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
public boolean isReadOnlyUserStore() throws UserProfileException {
try {
UserRealm realm = getUserRealm();
if ("true".equals(realm.getRealmConfiguration().getUserStoreProperty(
UserCoreConstants.RealmConfig.PROPERTY_READ_ONLY))) {
return true;
}
return false;
} catch (UserStoreException e) {
log.error(e.getMessage(), e);
throw new UserProfileException(e.getMessage(), e);
}
}
Example 6
| Source File: DeleteRoleWFRequestHandler.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams,
Map<String, Object> responseAdditionalParams, int tenantId)
throws WorkflowException {
String roleName = (String) requestParams.get(ROLENAME);
if (roleName == null) {
throw new WorkflowException("Callback request for delete role received without the mandatory " +
"parameter 'username'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
roleName = userStoreDomain + "/" + roleName;
}
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().deleteRole(roleName);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug("Deleting role is aborted for role '" + roleName + "', Reason: Workflow response was " +
status);
}
}
}
Example 7
| Source File: DeleteUserWFRequestHandler.java From carbon-identity with Apache License 2.0 | 5 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams,
Map<String, Object> responseAdditionalParams, int tenantId)
throws WorkflowException {
String userName;
Object requestUsername = requestParams.get(USERNAME);
if (requestUsername == null || !(requestUsername instanceof String)) {
throw new WorkflowException("Callback request for delete user received without the mandatory " +
"parameter 'username'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
userName = userStoreDomain + "/" + requestUsername;
} else {
userName = (String) requestUsername;
}
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().deleteUser(userName);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug("Deleting user is aborted for user '" + userName + "', Reason: Workflow response was " +
status);
}
}
}
Example 8
| Source File: UserStoreConfigServiceImpl.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
@Override
public void updateUserStore(UserStoreDTO userStoreDTO, boolean isStateChange) throws IdentityUserStoreMgtException {
try {
if (SecondaryUserStoreConfigurationUtil.isUserStoreRepositorySeparationEnabled() &&
StringUtils.isNotEmpty(userStoreDTO.getRepositoryClass())) {
AbstractUserStoreDAOFactory userStoreDAOFactory = UserStoreConfigListenersHolder.getInstance().
getUserStoreDAOFactories().get(userStoreDTO.getRepositoryClass());
userStoreDAOFactory.getInstance().updateUserStore(userStoreDTO, false);
} else if (StringUtils.equals(userStoreDTO.getRepositoryClass(), FILE_BASED_REPOSITORY_CLASS)) {
if (LOG.isDebugEnabled()) {
LOG.debug("Repository separation of user-stores has been disabled. Editing user-store " +
userStoreDTO.getDomainId() + " with file-based configuration.");
}
SecondaryUserStoreConfigurationUtil.getFileBasedUserStoreDAOFactory().updateUserStore(userStoreDTO,
false);
} else if (StringUtils.isNotEmpty(userStoreDTO.getRepositoryClass())) {
if (LOG.isDebugEnabled()) {
LOG.debug("Repository separation of user-stores has been disabled. Unable to edit " +
"user-store " + userStoreDTO.getDomainId() + " with repository class " +
userStoreDTO.getRepositoryClass());
}
} else {
SecondaryUserStoreConfigurationUtil.getFileBasedUserStoreDAOFactory().updateUserStore(userStoreDTO,
false);
}
} catch (UserStoreException e) {
String errorMessage = e.getMessage();
throw new IdentityUserStoreMgtException(errorMessage, e);
}
}
Example 9
| Source File: SetMultipleClaimsWFRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams,
Map<String, Object> responseAdditionalParams, int tenantId)
throws WorkflowException {
String userName;
Object requestUsername = requestParams.get(USERNAME);
if (requestUsername == null || !(requestUsername instanceof String)) {
throw new WorkflowException("Callback request for Set User Claim received without the mandatory " +
"parameter 'username'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
userName = userStoreDomain + "/" + requestUsername;
} else {
userName = (String) requestUsername;
}
Map<String, String> claims = (Map<String, String>) requestParams.get(CLAIMS);
String profile = (String) requestParams.get(PROFILE_NAME);
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().setUserClaimValues(userName, claims, profile);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug("Setting User Claims is aborted for user '" + userName + "', Reason: Workflow response was " +
status);
}
}
}
Example 10
| Source File: UpdateUserRolesWFRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams, Map<String, Object>
responseAdditionalParams, int tenantId) throws WorkflowException {
String userName;
Object requestUsername = requestParams.get(USERNAME);
if (requestUsername == null || !(requestUsername instanceof String)) {
throw new WorkflowException("Callback request for Add User received without the mandatory " +
"parameter 'username'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
userName = userStoreDomain + "/" + requestUsername;
} else {
userName = (String) requestUsername;
}
List<String> deletedRoleList = ((List<String>) requestParams.get(DELETED_ROLE_LIST));
String[] deletedRoles;
if (deletedRoleList != null) {
deletedRoles = new String[deletedRoleList.size()];
deletedRoles = deletedRoleList.toArray(deletedRoles);
} else {
deletedRoles = new String[0];
}
List<String> newRoleList = ((List<String>) requestParams.get(NEW_ROLE_LIST));
String[] newRoles;
if (newRoleList != null) {
newRoles = new String[newRoleList.size()];
newRoles = newRoleList.toArray(newRoles);
} else {
newRoles = new String[0];
}
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().updateRoleListOfUser(userName, deletedRoles, newRoles);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug("Updating user roles is aborted for user '" + userName + "', Reason: Workflow response was " +
status);
}
}
}
Example 11
| Source File: UpdateRoleNameWFRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams,
Map<String, Object> responseAdditionalParams, int tenantId)
throws WorkflowException {
String roleName = (String) requestParams.get(ROLENAME);
String newRoleName = (String) requestParams.get(NEW_ROLENAME);
if (roleName == null) {
throw new WorkflowException("Callback request for rename role received without the mandatory " +
"parameter 'roleName'");
}
if (newRoleName == null) {
throw new WorkflowException("Callback request for rename role received without the mandatory " +
"parameter 'newRoleName'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
roleName = userStoreDomain + "/" + roleName;
newRoleName = userStoreDomain + "/" + newRoleName;
}
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().updateRoleName(roleName, newRoleName);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug("Updating role is aborted for role '" + roleName + "', Reason: Workflow response was " +
status);
}
}
}
Example 12
| Source File: SetUserClaimWFRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams,
Map<String, Object> responseAdditionalParams, int tenantId)
throws WorkflowException {
String userName;
Object requestUsername = requestParams.get(USERNAME);
if (requestUsername == null || !(requestUsername instanceof String)) {
throw new WorkflowException("Callback request for Set User Claim received without the mandatory " +
"parameter 'username'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
userName = userStoreDomain + "/" + requestUsername;
} else {
userName = (String) requestUsername;
}
String claimURI = (String) requestParams.get(CLAIM_URI);
String claimValue = (String) requestParams.get(CLAIM_VALUE);
String profile = (String) requestParams.get(PROFILE_NAME);
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().setUserClaimValue(userName, claimURI, claimValue, profile);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug("Setting User Claim is aborted for user '" + userName + "', ClaimURI:" + claimURI + " " +
"ClaimValue:" + claimValue + ", Reason: Workflow response was " + status);
}
}
}
Example 13
| Source File: ChangeCredentialWFRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams,
Map<String, Object> responseAdditionalParams, int tenantId)
throws WorkflowException {
String userName;
Object requestUsername = requestParams.get(USERNAME);
if (requestUsername == null || !(requestUsername instanceof String)) {
throw new WorkflowException("Callback request for update credential without the mandatory " +
"parameter 'username'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
userName = userStoreDomain + "/" + requestUsername;
} else {
userName = (String) requestUsername;
}
Object oldCredential = requestParams.get(OLD_CREDENTIAL);
Object newCredential = requestParams.get(NEW_CREDENTIAL);
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().updateCredential(userName, newCredential, oldCredential);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug(
"Updating credentials for user '" + userName + "', Reason: Workflow response" + " was " +
status);
}
}
}
Example 14
| Source File: DeleteMultipleClaimsWFRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams,
Map<String, Object> responseAdditionalParams, int tenantId)
throws WorkflowException {
String userName;
Object requestUsername = requestParams.get(USERNAME);
if (requestUsername == null || !(requestUsername instanceof String)) {
throw new WorkflowException("Callback request for Set User Claim received without the mandatory " +
"parameter 'username'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
userName = userStoreDomain + "/" + requestUsername;
} else {
userName = (String) requestUsername;
}
List<String> claims = (List<String>) requestParams.get(CLAIMS);
String profile = (String) requestParams.get(PROFILE_NAME);
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().deleteUserClaimValues(userName,
claims.toArray(new String[claims.size()]), profile);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug("Deleting User Claims is aborted for user '" + userName + "', Reason: Workflow response " +
"was: " + status);
}
}
}
Example 15
| Source File: AddRoleWFRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams, Map<String, Object>
responseAdditionalParams, int tenantId) throws WorkflowException {
String roleName = (String) requestParams.get(ROLENAME);
if (roleName == null) {
throw new WorkflowException("Callback request for Add role received without the mandatory " +
"parameter 'roleName'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
roleName = userStoreDomain + "/" + roleName;
}
List<String> userList = (List<String>) requestParams.get(USER_LIST);
String[] users;
if (userList != null) {
users = new String[userList.size()];
users = userList.toArray(users);
} else {
users = new String[0];
}
List<String> permissionList = (List<String>) requestParams.get(PERMISSIONS);
Permission[] permissions;
if (permissionList != null) {
permissions = new Permission[permissionList.size()];
int i = 0;
for (String permissionString : permissionList) {
String[] splittedString = permissionString.split(SEPARATOR);
if (splittedString.length == 2) {
permissions[i] = new Permission(splittedString[0], splittedString[1]);
}
i++;
}
} else {
permissions = new Permission[0];
}
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().addRole(roleName, users, permissions);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug(
"Adding role is aborted for role '" + roleName + "', Reason: Workflow response was " + status);
}
}
}
Example 16
| Source File: UpdateRoleUsersWFRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams, Map<String, Object>
responseAdditionalParams, int tenantId) throws WorkflowException {
String roleName = (String) requestParams.get(ROLENAME);
if (roleName == null) {
throw new WorkflowException("Callback request for Add User received without the mandatory " +
"parameter 'username'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
roleName = userStoreDomain + "/" + roleName;
}
List<String> deletedUserList = ((List<String>) requestParams.get(DELETED_USER_LIST));
String[] deletedUsers;
if (deletedUserList != null) {
deletedUsers = new String[deletedUserList.size()];
deletedUsers = deletedUserList.toArray(deletedUsers);
} else {
deletedUsers = new String[0];
}
List<String> newUserList = ((List<String>) requestParams.get(NEW_USER_LIST));
String[] newUsers;
if (newUserList != null) {
newUsers = new String[newUserList.size()];
newUsers = newUserList.toArray(newUsers);
} else {
newUsers = new String[0];
}
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().updateUserListOfRole(roleName, deletedUsers, newUsers);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug(
"Updating role users is aborted for role '" + roleName + "', Reason: Workflow response was " +
status);
}
}
}
Example 17
| Source File: DeleteClaimWFRequestHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
@Override
public void onWorkflowCompletion(String status, Map<String, Object> requestParams,
Map<String, Object> responseAdditionalParams, int tenantId)
throws WorkflowException {
String userName;
Object requestUsername = requestParams.get(USERNAME);
if (requestUsername == null || !(requestUsername instanceof String)) {
throw new WorkflowException("Callback request for Set User Claim received without the mandatory " +
"parameter 'username'");
}
String userStoreDomain = (String) requestParams.get(USER_STORE_DOMAIN);
if (StringUtils.isNotBlank(userStoreDomain)) {
userName = userStoreDomain + "/" + requestUsername;
} else {
userName = (String) requestUsername;
}
String claimURI = (String) requestParams.get(CLAIM_URI);
String profile = (String) requestParams.get(PROFILE_NAME);
if (WorkflowRequestStatus.APPROVED.toString().equals(status) ||
WorkflowRequestStatus.SKIPPED.toString().equals(status)) {
try {
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService();
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
userRealm.getUserStoreManager().deleteUserClaimValue(userName, claimURI, profile);
} catch (UserStoreException e) {
// Sending e.getMessage() since it is required to give error message to end user.
throw new WorkflowException(e.getMessage(), e);
}
} else {
if (retryNeedAtCallback()) {
//unset threadlocal variable
unsetWorkFlowCompleted();
}
if (log.isDebugEnabled()) {
log.debug("Deleting User Claim is aborted for user '" + userName + "', ClaimURI:" + claimURI +
", Reason: Workflow response was " + status);
}
}
}
Example 18
| Source File: ApplicationMgtUtil.java From carbon-identity-framework with Apache License 2.0 | 4 votes |
|
/**
* If the Application/<sp-name> role addition has failed giving role already exists issue, then
* assign the role to user.
*
* @param username User name
* @param roleName Role name
* @param userStoreManager User store manager
* @param e User store exception threw.
* @throws IdentityApplicationManagementException
*/
private static void assignRoleToUser(String username, String roleName, UserStoreManager userStoreManager,
UserStoreException e) throws IdentityApplicationManagementException {
String errorMsgString = String.format(ERROR_CODE_ROLE_ALREADY_EXISTS.getMessage(), roleName);
String errMsg = e.getMessage();
if (errMsg != null && (errMsg.contains(ERROR_CODE_ROLE_ALREADY_EXISTS.getCode()) ||
errorMsgString.contains(errMsg))) {
String[] newRoles = {roleName};
if (log.isDebugEnabled()) {
log.debug("Application role is already created. Skip creating: " + roleName + " and assigning" +
" the user: " + username);
}
try {
userStoreManager.updateRoleListOfUser(username, null, newRoles);
} catch (UserStoreException e1) {
String msg = "Error while updating application role: " + roleName + " with user " + username;
// If concurrent requests were made, the role could already be assigned to the user. When that
// validation is done upon a user store exception(rather than checking it prior updating the role
// list of the user), even the extreme case where the concurrent request assigns the role just before
// db query is executed, is handled.
try {
if (isRoleAlreadyApplied(username, roleName, userStoreManager)) {
if (log.isDebugEnabled()) {
log.debug("The role: " + roleName + ", is already assigned to the user: " + username
+ ". Skip assigning");
}
return;
}
} catch (UserStoreException ex) {
msg = "Error while getting existing application roles of the user " + username;
throw new IdentityApplicationManagementException(msg, ex);
}
// Throw the error, unless the error caused from role being already assigned.
throw new IdentityApplicationManagementException(msg, e1);
}
} else {
throw new IdentityApplicationManagementException("Error while creating application role: " + roleName +
" with user " + username, e);
}
}
