Java Code Examples for org.wso2.carbon.user.api.AuthorizationManager#isRoleAuthorized()
The following examples show how to use
org.wso2.carbon.user.api.AuthorizationManager#isRoleAuthorized() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: UserAdmin.java From carbon-identity-framework with Apache License 2.0 | 6 votes |
/** * Get list of roles which have given permission * * @param filter filter to check * @param permission permission to check * @param limit * @return * @throws UserAdminException */ public FlaggedName[] getAllPermittedRoleNames(String filter, String permission, int limit) throws UserAdminException { FlaggedName[] roles = getUserAdminProxy().getAllRolesNames(filter, limit); List<FlaggedName> permittedRoles = new ArrayList<>(); try { org.wso2.carbon.user.api.UserRealm realm = UserMgtDSComponent.getRealmService().getTenantUserRealm (PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId()); AuthorizationManager authorizationManager = realm.getAuthorizationManager(); for (int i = 0; i < roles.length - 1; i++) { if (authorizationManager.isRoleAuthorized(roles[i].getItemName(), permission, UserMgtConstants .EXECUTE_ACTION)) { permittedRoles.add(roles[i]); } } permittedRoles.add(roles[roles.length - 1]); } catch (org.wso2.carbon.user.api.UserStoreException e) { throw new UserAdminException("Error while filtering authorized roles.", e); } FlaggedName[] permittedRolesArray = new FlaggedName[permittedRoles.size()]; return permittedRoles.toArray(permittedRolesArray); }
Example 2
Source File: UserAdmin.java From carbon-identity with Apache License 2.0 | 6 votes |
/** * Get list of roles which have given permission * * @param filter filter to check * @param permission permission to check * @param limit * @return * @throws UserAdminException */ public FlaggedName[] getAllPermittedRoleNames(String filter, String permission, int limit) throws UserAdminException { FlaggedName[] roles = getUserAdminProxy().getAllRolesNames(filter, limit); List<FlaggedName> permittedRoles = new ArrayList<>(); try { org.wso2.carbon.user.api.UserRealm realm = UserMgtDSComponent.getRealmService().getTenantUserRealm (PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId()); AuthorizationManager authorizationManager = realm.getAuthorizationManager(); for (int i = 0; i < roles.length - 1; i++) { if (authorizationManager.isRoleAuthorized(roles[i].getItemName(), permission, UserMgtConstants .EXECUTE_ACTION)) { permittedRoles.add(roles[i]); } } permittedRoles.add(roles[roles.length - 1]); } catch (org.wso2.carbon.user.api.UserStoreException e) { throw new UserAdminException("Error while filtering authorized roles.", e); } FlaggedName[] permittedRolesArray = new FlaggedName[permittedRoles.size()]; return permittedRoles.toArray(permittedRolesArray); }
Example 3
Source File: APIManagerComponent.java From carbon-apimgt with Apache License 2.0 | 5 votes |
private void setupImagePermissions() throws APIManagementException { try { AuthorizationManager accessControlAdmin = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(MultitenantConstants.SUPER_TENANT_ID).getAuthorizationManager(); String imageLocation = APIUtil.getMountedPath(RegistryContext.getBaseInstance(), RegistryConstants.GOVERNANCE_REGISTRY_BASE_PATH) + APIConstants.API_IMAGE_LOCATION; if (!accessControlAdmin.isRoleAuthorized(CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME, imageLocation, ActionConstants.GET)) { // Can we get rid of this? accessControlAdmin.authorizeRole(CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME, imageLocation, ActionConstants.GET); } } catch (UserStoreException e) { throw new APIManagementException("Error while setting up permissions for image collection", e); } }