Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding role based access control to marketplace assistant #12551

Merged
merged 2 commits into from
Sep 27, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -1752,7 +1752,10 @@ private ConfigParameters() {
public static final String QUERY = "query";
public static final String HISTORY = "history";
public static final String VERSION = "version";
public static final String VISIBILITYROLES = "visibility_roles";
public static final String APIM_VERSION = "apim_version";
public static final String DESCRIPTION = "description";
public static final String USERROLES = "user_roles";

public static final String DEMOTE_TO_CREATED= "Demote to Created";
public static final String BLOCK = "Block";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1140,7 +1140,8 @@ public API updateAPI(API api, API existingAPI) throws APIManagementException {
APIEvent apiEvent = new APIEvent(UUID.randomUUID().toString(), System.currentTimeMillis(),
APIConstants.EventType.API_UPDATE.name(), tenantId, organization, api.getId().getApiName(), apiId,
api.getUuid(), api.getId().getVersion(), api.getType(), api.getContext(),
APIUtil.replaceEmailDomainBack(api.getId().getProviderName()), api.getStatus(), action, api.getApiSecurity(), api.getVisibility());
APIUtil.replaceEmailDomainBack(api.getId().getProviderName()), api.getStatus(), action,
api.getApiSecurity(), api.getVisibility(), api.getVisibleRoles());
APIUtil.sendNotification(apiEvent, APIConstants.NotifierType.API.name());

// Extracting API details for the recommendation system
Expand Down Expand Up @@ -2679,7 +2680,7 @@ public void deleteAPI(String apiUuid, String organization) throws APIManagementE
APIConstants.EventType.API_DELETE.name(), tenantId, organization, api.getId().getApiName(), apiId,
api.getUuid(), api.getId().getVersion(), api.getType(), api.getContext(),
APIUtil.replaceEmailDomainBack(api.getId().getProviderName()),
api.getStatus(), api.getApiSecurity(), api.getStatus(), api.getVisibility());
api.getStatus(), api.getApiSecurity(), api.getStatus(), api.getVisibility(), api.getVisibleRoles());
APIUtil.sendNotification(apiEvent, APIConstants.NotifierType.API.name());
} else {
log.debug("Event has not published to gateways due to API id has failed to retrieve from DB for API "
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;


/**
* The default API notification service implementation in which API creation, update, delete and LifeCycle change
* events are published to gateway.
Expand Down Expand Up @@ -69,31 +70,16 @@ private void process (Event event) throws NotifierException {

if (APIConstants.EventType.API_UPDATE.name().equals(event.getType())) {
String currentStatus = apiEvent.getCurrentStatus().toUpperCase();
if (!APIConstants.API_GLOBAL_VISIBILITY.equals(apiEvent.getApiVisibility())) {
switch (currentStatus) {
case APIConstants.PROTOTYPED:
case APIConstants.PUBLISHED:
deleteRequest(apiEvent);
break;
default:
break;
}
} else {
switch (currentStatus) {
case APIConstants.PROTOTYPED:
case APIConstants.PUBLISHED:
postRequest(apiEvent);
break;
default:
break;
}
switch (currentStatus) {
case APIConstants.PROTOTYPED:
case APIConstants.PUBLISHED:
postRequest(apiEvent);
break;
default:
break;
}
} else {

if (!APIConstants.API_GLOBAL_VISIBILITY.equals(apiEvent.getApiVisibility())) {
return;
}

if (APIConstants.EventType.API_LIFECYCLE_CHANGE.name().equals(event.getType())) {
String lifecycleEvent = apiEvent.getLifecycleEvent();
String currentStatus = apiEvent.getCurrentStatus().toUpperCase();
Expand Down Expand Up @@ -205,6 +191,13 @@ public void run() {
payload.put(APIConstants.TENANT_DOMAIN, apiEvent.getTenantDomain());
payload.put(APIConstants.VERSION, apiEvent.getApiVersion());

String visibleRoles = apiEvent.getApiVisibleRoles();
if (visibleRoles == null) {
visibleRoles = ""; // Assign an empty string if null
}
payload.put(APIConstants.VISIBILITYROLES, visibleRoles.toLowerCase());
payload.put(APIConstants.APIM_VERSION, APIUtil.getAPIMVersion());

if (marketplaceAssistantConfigurationDto.isKeyProvided()) {
APIUtil.invokeAIService(marketplaceAssistantConfigurationDto.getEndpoint(),
marketplaceAssistantConfigurationDto.getTokenEndpoint(),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ public class APIEvent extends Event {
private String securityScheme;
private String currentStatus;
private String apiVisibility;
private String apiVisibleRoles;
private String lifecycleEvent;

public APIEvent(String uuid, String logLevel, String type, String apiContext, String resourceMethod,
Expand Down Expand Up @@ -148,6 +149,30 @@ public APIEvent(String eventId, long timestamp, String type, int tenantId, Strin
this.apiVisibility = apiVisibility;
}

public APIEvent(String eventId, long timestamp, String type, int tenantId, String tenantDomain, String apiName,
int apiId, String uuid, String apiVersion, String apiType, String apiContext, String apiProvider,
String apiStatus, APIConstants.EventAction action, String securityScheme, String apiVisibility,
String apiVisibleRoles) {
this.eventId = eventId;
this.timeStamp = timestamp;
this.type = type;
this.tenantId = tenantId;
this.apiId = apiId;
this.uuid = uuid;
this.apiVersion = apiVersion;
this.apiName = apiName;
this.apiType = apiType;
this.apiContext = apiContext;
this.apiProvider = apiProvider;
this.apiStatus = apiStatus;
this.tenantDomain = tenantDomain;
this.action = action;
this.securityScheme = securityScheme;
this.currentStatus = apiStatus;
this.apiVisibility = apiVisibility;
this.apiVisibleRoles = apiVisibleRoles;
}

public APIEvent(String eventId, long timestamp, String type, int tenantId, String tenantDomain, String apiName,
int apiId, String uuid, String apiVersion, String apiType, String apiContext, String apiProvider,
String apiStatus, String securityScheme, String action, String currentStatus, String apiVisibility) {
Expand All @@ -170,6 +195,30 @@ public APIEvent(String eventId, long timestamp, String type, int tenantId, Strin
this.apiVisibility = apiVisibility;
}

public APIEvent(String eventId, long timestamp, String type, int tenantId, String tenantDomain, String apiName,
int apiId, String uuid, String apiVersion, String apiType, String apiContext, String apiProvider,
String apiStatus, String securityScheme, String action, String currentStatus,
String apiVisibility, String apiVisibleRoles) {
this.eventId = eventId;
this.timeStamp = timestamp;
this.type = type;
this.tenantId = tenantId;
this.apiId = apiId;
this.uuid = uuid;
this.apiVersion = apiVersion;
this.apiName = apiName;
this.apiType = apiType;
this.apiContext = apiContext;
this.apiProvider = apiProvider;
this.apiStatus = apiStatus;
this.tenantDomain = tenantDomain;
this.securityScheme = securityScheme;
this.lifecycleEvent = action;
this.currentStatus = currentStatus;
this.apiVisibility = apiVisibility;
this.apiVisibleRoles = apiVisibleRoles;
}

@Override
public String toString() {

Expand Down Expand Up @@ -342,4 +391,12 @@ public String getApiVisibility() {
public void setApiVisibility(String apiVisibility) {
this.apiVisibility = apiVisibility;
}

public String getApiVisibleRoles() {
return apiVisibleRoles;
}

public void setApiVisibleRoles(String apiVisibleRoles) {
this.apiVisibleRoles = apiVisibleRoles;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -10749,4 +10749,8 @@ public static List<ApplicationInfoKeyManager> getPaginatedApplicationList(
}
return applications.subList(offset, endIndex);
}

public static String getAPIMVersion() {
return CarbonUtils.getServerConfiguration().getFirstProperty("Version");
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ public static void changeLifecycle(String user, APIProvider apiProvider, String
String uuid = apiTypeWrapper.getUuid();
String currentStatus = apiTypeWrapper.getStatus();
String apiVisibility = apiTypeWrapper.getVisibility();
String apiVisibleRoles = apiTypeWrapper.getVisibleRoles();
targetStatus = LCManagerFactory.getInstance().getLCManager().getStateForTransition(action);

// Update lifecycle state in the registry
Expand All @@ -79,7 +80,8 @@ public static void changeLifecycle(String user, APIProvider apiProvider, String
// Add LC state change event to the event queue
sendLCStateChangeNotification(apiName, apiType, apiContext, apiTypeWrapper.getId().getVersion(), targetStatus,
apiTypeWrapper.getId().getProviderName(), apiTypeWrapper.getId().getId(), uuid, orgId,
apiTypeWrapper.getApi() != null ? apiTypeWrapper.getApi().getApiSecurity() : null, action, currentStatus, apiVisibility);
apiTypeWrapper.getApi() != null ? apiTypeWrapper.getApi().getApiSecurity() : null, action,
currentStatus, apiVisibility, apiVisibleRoles);

// Remove revisions and subscriptions after API retire
if (!apiTypeWrapper.isAPIProduct()) {
Expand Down Expand Up @@ -399,14 +401,15 @@ private static void addLCStateChangeInDatabase(String user, ApiTypeWrapper apiTy
*/
private static void sendLCStateChangeNotification(String apiName, String apiType, String apiContext,
String apiVersion, String targetStatus, String provider, int apiOrApiProductId, String uuid,
String organization, String securityScheme, String action, String currentStatus, String apiVisibility)
String organization, String securityScheme, String action, String currentStatus, String apiVisibility,
String apiVisibleRoles)
throws APIManagementException {

APIEvent apiEvent = new APIEvent(UUID.randomUUID().toString(), System.currentTimeMillis(),
APIConstants.EventType.API_LIFECYCLE_CHANGE.name(), APIUtil.getInternalOrganizationId(organization),
organization, apiName, apiOrApiProductId, uuid, apiVersion, apiType, apiContext,
APIUtil.replaceEmailDomainBack(provider), targetStatus, securityScheme, action, currentStatus,
apiVisibility);
apiVisibility, apiVisibleRoles);
APIUtil.sendNotification(apiEvent, APIConstants.NotifierType.API.name());
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,11 +40,16 @@
import org.wso2.carbon.apimgt.rest.api.store.v1.dto.MarketplaceAssistantRequestDTO;
import org.wso2.carbon.apimgt.rest.api.store.v1.dto.MarketplaceAssistantResponseDTO;
import org.wso2.carbon.apimgt.rest.api.util.utils.RestApiUtil;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.oauth.OAuthUtil;
import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext;

import java.io.IOException;

import javax.ws.rs.core.Response;


public class MarketplaceAssistantApiServiceImpl implements MarketplaceAssistantApiService {

private static final Log log = LogFactory.getLog(MarketplaceAssistantApiServiceImpl.class);
Expand Down Expand Up @@ -77,9 +82,15 @@ public Response marketplaceAssistantExecute(MarketplaceAssistantRequestDTO marke
JSONObject payload = new JSONObject();
String history = new Gson().toJson(marketplaceAssistantRequestDTO.getHistory());

String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
String userRoles = new Gson().toJson(APIUtil.getListOfRoles(username));

payload.put(APIConstants.QUERY, marketplaceAssistantRequestDTO.getQuery());
payload.put(APIConstants.HISTORY, history);
payload.put(APIConstants.TENANT_DOMAIN, organization);
payload.put(APIConstants.USERROLES, userRoles.toLowerCase());
payload.put(APIConstants.APIM_VERSION, APIUtil.getAPIMVersion());

String response;
if (configDto.isKeyProvided()) {
response = APIUtil.invokeAIService(configDto.getEndpoint(), configDto.getTokenEndpoint(),
Expand Down
Loading