Java Code Examples for org.wso2.carbon.user.api.UserStoreManager#getRoleListOfUser()
The following examples show how to use
org.wso2.carbon.user.api.UserStoreManager#getRoleListOfUser() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: APIUtil.java From product-iots with Apache License 2.0 | 6 votes |
|
public static void registerApiAccessRoles(String user) {
UserStoreManager userStoreManager = null;
try {
userStoreManager = getUserStoreManager();
String[] userList = new String[]{user};
if (userStoreManager != null) {
String rolesOfUser[] = userStoreManager.getRoleListOfUser(user);
if (!userStoreManager.isExistingRole(Constants.DEFAULT_ROLE_NAME)) {
userStoreManager.addRole(Constants.DEFAULT_ROLE_NAME, userList, Constants.DEFAULT_PERMISSION);
} else if (rolesOfUser != null && Arrays.asList(rolesOfUser).contains(Constants.DEFAULT_ROLE_NAME)) {
return;
} else {
userStoreManager.updateUserListOfRole(Constants.DEFAULT_ROLE_NAME, new String[0], userList);
}
}
} catch (UserStoreException e) {
log.error("Error while creating a role and adding a user for virtual_firealarm.", e);
}
}
Example 2
| Source File: APIKeyMgtRemoteUserStoreMgtService.java From carbon-apimgt with Apache License 2.0 | 6 votes |
|
/**
* Get the role list of a user. Works for any tenant domain.
* @param username username with tenant domain
* @return list of roles
* @throws APIManagementException
*/
public String[] getUserRoles(String username) throws APIManagementException {
String userRoles[] = null;
String tenantDomain = MultitenantUtils.getTenantDomain(username);
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);
UserStoreManager userStoreManager;
try {
userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
userRoles = userStoreManager.getRoleListOfUser(MultitenantUtils.getTenantAwareUsername(username));
} catch (UserStoreException e) {
APIUtil.handleException("Error occurred retrieving roles of user " + username, e);
} finally {
PrivilegedCarbonContext.getThreadLocalCarbonContext().endTenantFlow();
}
return userRoles;
}
Example 3
| Source File: StratosUserManagerUtils.java From attic-stratos with Apache License 2.0 | 6 votes |
|
/**
* Get the List of userRoles except the Internal/everyone role
*
* @param userStoreManager UserStoreManager
* @param username Username of the user
* @return String[]
* @throws UserManagerException
*/
private static String[] getRefinedListOfRolesOfUser(UserStoreManager userStoreManager, String username)
throws UserManagerException {
ArrayList<String> rolesWithoutEveryoneRole = new ArrayList<String>();
try {
String[] allUserRoles = userStoreManager.getRoleListOfUser(username);
for (String role : allUserRoles) {
if (!role.equals(INTERNAL_EVERYONE_ROLE)) {
rolesWithoutEveryoneRole.add(role);
}
}
String[] rolesWithoutEveryoneRoleArray = new String[rolesWithoutEveryoneRole.size()];
return rolesWithoutEveryoneRole.toArray(rolesWithoutEveryoneRoleArray);
} catch (UserStoreException e) {
String msg = "Error in listing the roles of user " + username + " in User Store";
log.error(msg, e);
throw new UserManagerException(msg, e);
}
}
Example 4
| Source File: ApplicationMgtUtil.java From carbon-identity-framework with Apache License 2.0 | 5 votes |
|
/**
* @param applicationName
* @param username
* @return
* @throws IdentityApplicationManagementException
*/
public static boolean isUserAuthorized(String applicationName, String username)
throws IdentityApplicationManagementException {
String applicationRoleName = getAppRoleName(applicationName);
try {
if (log.isDebugEnabled()) {
log.debug("Checking whether user has role : " + applicationRoleName + " by retrieving role list of " +
"user : " + username);
}
UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm()
.getUserStoreManager();
if (userStoreManager instanceof AbstractUserStoreManager) {
return ((AbstractUserStoreManager) userStoreManager).isUserInRole(username, applicationRoleName);
}
String[] userRoles = userStoreManager.getRoleListOfUser(username);
for (String userRole : userRoles) {
if (applicationRoleName.equals(userRole)) {
return true;
}
}
} catch (UserStoreException e) {
throw new IdentityApplicationManagementException("Error while checking authorization for user: " +
username + " for application: " + applicationName, e);
}
return false;
}
Example 5
| Source File: UserManagementServiceImpl.java From carbon-device-mgt with Apache License 2.0 | 5 votes |
|
private List<String> getFilteredRoles(UserStoreManager userStoreManager, String username)
throws UserStoreException {
String[] roleListOfUser;
roleListOfUser = userStoreManager.getRoleListOfUser(username);
List<String> filteredRoles = new ArrayList<>();
for (String role : roleListOfUser) {
if (!(role.startsWith("Internal/") || role.startsWith("Authentication/"))) {
filteredRoles.add(role);
}
}
return filteredRoles;
}
Example 6
| Source File: UserManagementServiceImpl.java From carbon-device-mgt with Apache License 2.0 | 5 votes |
|
private List<String> getFilteredRoles(UserStoreManager userStoreManager, String username)
throws UserStoreException {
String[] roleListOfUser;
roleListOfUser = userStoreManager.getRoleListOfUser(username);
List<String> filteredRoles = new ArrayList<>();
for (String role : roleListOfUser) {
if (!(role.startsWith("Internal/") || role.startsWith("Authentication/"))) {
filteredRoles.add(role);
}
}
return filteredRoles;
}
Example 7
| Source File: RoleBasedScopesIssuer.java From carbon-apimgt with Apache License 2.0 | 5 votes |
|
/**
* This method is used to get roles list of the user.
*
* @param authenticatedUser Authenticated user
* @return roles list
*/
private String[] getUserRoles(AuthenticatedUser authenticatedUser) {
String[] userRoles = null;
String tenantDomain;
String username;
if (authenticatedUser.isFederatedUser()) {
tenantDomain = MultitenantUtils.getTenantDomain(authenticatedUser.getAuthenticatedSubjectIdentifier());
username = MultitenantUtils.getTenantAwareUsername(authenticatedUser.getAuthenticatedSubjectIdentifier());
} else {
tenantDomain = authenticatedUser.getTenantDomain();
username = authenticatedUser.getUserName();
}
String userStoreDomain = authenticatedUser.getUserStoreDomain();
RealmService realmService = getRealmService();
try {
int tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
// If tenant Id is not set in the tokenReqContext, deriving it from username.
if (tenantId == 0 || tenantId == -1) {
tenantId = getTenantIdOfUser(username);
}
UserStoreManager userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
String endUsernameWithDomain = addDomainToName(username, userStoreDomain);
userRoles = userStoreManager.getRoleListOfUser(endUsernameWithDomain);
} catch (UserStoreException e) {
//Log and return since we do not want to stop issuing the token in case of scope validation failures.
log.error("Error when getting the tenant's UserStoreManager or when getting roles of user ", e);
}
return userRoles;
}
Example 8
| Source File: APIKeyMgtRemoteUserStoreMgtService.java From carbon-apimgt with Apache License 2.0 | 5 votes |
|
public BasicAuthValidationInfoDTO getUserAuthenticationInfo(String username, String password)
throws APIManagementException {
String tenantDomain = MultitenantUtils.getTenantDomain(username);
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain, true);
UserStoreManager userStoreManager;
BasicAuthValidationInfoDTO basicAuthValidationInfoDTO = new BasicAuthValidationInfoDTO();
boolean isAuthenticated;
String userRoles[];
String domainQualifiedUsername;
try {
userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
isAuthenticated = userStoreManager
.authenticate(MultitenantUtils.getTenantAwareUsername(username), password);
if (isAuthenticated) {
basicAuthValidationInfoDTO.setAuthenticated(true);
domainQualifiedUsername = UserCoreUtil.addDomainToName(username, UserCoreUtil.getDomainFromThreadLocal());
basicAuthValidationInfoDTO.setDomainQualifiedUsername(domainQualifiedUsername);
} else {
//return default validation DTO with authentication false
return basicAuthValidationInfoDTO;
}
//Get role list of user.
//Should give the domain qualified username when getting the role list of user.
userRoles = userStoreManager
.getRoleListOfUser(MultitenantUtils.getTenantAwareUsername(domainQualifiedUsername));
basicAuthValidationInfoDTO.setUserRoleList(userRoles);
} catch (UserStoreException e) {
APIUtil.handleException("Error occurred while retrieving user authentication info of user " + username, e);
} finally {
PrivilegedCarbonContext.getThreadLocalCarbonContext().endTenantFlow();
}
return basicAuthValidationInfoDTO;
}
