From 0e75eab7265df2c5228f6013c587e3828f3e4ce7 Mon Sep 17 00:00:00 2001 From: AnuradhaSK Date: Fri, 18 Aug 2023 08:09:40 +0530 Subject: [PATCH] Add application role mgt APIs --- .../pom.xml | 5 + .../ApplicationManagementConstants.java | 1 + .../ApplicationManagementServiceHolder.java | 22 ++ .../ApplicationRoleMgtOSGiServiceFactory.java | 52 +++ .../pom.xml | 5 + .../management/v1/ApplicationsApi.java | 121 +++++++ .../management/v1/ApplicationsApiService.java | 17 +- .../v1/PaginatedAppRoleResponse.java | 140 ++++++++ .../management/v1/PaginationLink.java | 119 +++++++ .../application/management/v1/Permission.java | 121 +++++++ .../application/management/v1/Role.java | 152 ++++++++ .../management/v1/RoleCreationModel.java | 133 +++++++ .../management/v1/RolePatchModel.java | 161 +++++++++ .../ApplicationRoleManagementService.java | 186 ++++++++++ .../v1/impl/ApplicationsApiServiceImpl.java | 61 ++++ .../cxf/applications-server-v1-cxf.xml | 8 + .../src/main/resources/applications.yaml | 335 +++++++++++++++++- pom.xml | 10 +- 18 files changed, 1642 insertions(+), 7 deletions(-) create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/factory/ApplicationRoleMgtOSGiServiceFactory.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PaginatedAppRoleResponse.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PaginationLink.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Permission.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Role.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RoleCreationModel.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RolePatchModel.java create mode 100644 components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ApplicationRoleManagementService.java diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/pom.xml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/pom.xml index 7d7d0221b1..86fbd62e79 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/pom.xml @@ -81,5 +81,10 @@ org.wso2.carbon.identity.auth.attribute.handler provided + + org.wso2.carbon.identity.framework + org.wso2.carbon.identity.application.role.mgt + provided + diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java index 5de79a136f..ae9d73a334 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementConstants.java @@ -36,6 +36,7 @@ private ApplicationManagementConstants() { private static final String APPLICATION_MANAGEMENT_PREFIX = "APP-"; public static final String APPLICATION_MANAGEMENT_PATH_COMPONENT = "/applications"; + public static final String ROLES_PATH_COMPONENT = "/roles"; public static final String APPLICATION_TEMPLATE_MANAGEMENT_PATH_COMPONENT = "/templates"; public static final String INBOUND_PROTOCOLS_PATH_COMPONENT = "/inbound-protocols"; public static final String INBOUND_PROTOCOL_OAUTH2_PATH_COMPONENT = "/oidc"; diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementServiceHolder.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementServiceHolder.java index 16628ebaeb..8b851255c0 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementServiceHolder.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/ApplicationManagementServiceHolder.java @@ -16,6 +16,7 @@ package org.wso2.carbon.identity.api.server.application.management.common; import org.wso2.carbon.identity.application.mgt.ApplicationManagementService; +import org.wso2.carbon.identity.application.role.mgt.ApplicationRoleManager; import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService; import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl; import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration; @@ -37,6 +38,7 @@ public class ApplicationManagementServiceHolder { private static TemplateManager templateManager; private static CORSManagementService corsManagementService; private static RealmService realmService; + private static ApplicationRoleManager applicationRoleManagerService; public static ApplicationManagementService getApplicationManagementService() { @@ -127,4 +129,24 @@ public static void setRealmService(RealmService realmService) { ApplicationManagementServiceHolder.realmService = realmService; } + + /** + * Get ApplicationRoleManager. + * + * @return ApplicationRoleManager. + */ + public static ApplicationRoleManager getApplicationRoleManagerService() { + + return applicationRoleManagerService; + } + + /** + * Set ApplicationRoleManager. + * + * @param applicationRoleManagerService ApplicationRoleManager. + */ + public static void setApplicationRoleManagerService(ApplicationRoleManager applicationRoleManagerService) { + + ApplicationManagementServiceHolder.applicationRoleManagerService = applicationRoleManagerService; + } } diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/factory/ApplicationRoleMgtOSGiServiceFactory.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/factory/ApplicationRoleMgtOSGiServiceFactory.java new file mode 100644 index 0000000000..e7b8f9f562 --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.common/src/main/java/org/wso2/carbon/identity/api/server/application/management/common/factory/ApplicationRoleMgtOSGiServiceFactory.java @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.api.server.application.management.common.factory; + +import org.springframework.beans.factory.config.AbstractFactoryBean; +import org.wso2.carbon.context.PrivilegedCarbonContext; +import org.wso2.carbon.identity.application.role.mgt.ApplicationRoleManager; +/** + * Factory Beans serves as a factory for creating other beans within the IOC container. This factory bean is used to + * instantiate the Application role Manager type of object inside the container. + */ +public class ApplicationRoleMgtOSGiServiceFactory extends AbstractFactoryBean { + + private static ApplicationRoleManager applicationRoleMgtService; + + @Override + public Class getObjectType() { + + return Object.class; + } + + @Override + protected ApplicationRoleManager createInstance() throws Exception { + + if (applicationRoleMgtService == null) { + ApplicationRoleManager taskOperationService = (ApplicationRoleManager) PrivilegedCarbonContext. + getThreadLocalCarbonContext().getOSGiService(ApplicationRoleManager.class, null); + + if (taskOperationService == null) { + throw new Exception("Unable to retrieve application role management service."); + } + applicationRoleMgtService = taskOperationService; + } + return applicationRoleMgtService; + } +} diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/pom.xml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/pom.xml index 973b92ce39..6605f0c2b7 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/pom.xml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/pom.xml @@ -148,6 +148,11 @@ org.wso2.carbon.identity.auth.attribute.handler provided + + org.wso2.carbon.identity.framework + org.wso2.carbon.identity.application.role.mgt + provided + org.apache.cxf cxf-rt-rs-extension-search diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationsApi.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationsApi.java index 0cf8a91191..dc2f68fe5e 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationsApi.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationsApi.java @@ -42,9 +42,13 @@ import org.wso2.carbon.identity.api.server.application.management.v1.InboundProtocolListItem; import org.wso2.carbon.identity.api.server.application.management.v1.OIDCMetaData; import org.wso2.carbon.identity.api.server.application.management.v1.OpenIDConnectConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.PaginatedAppRoleResponse; import org.wso2.carbon.identity.api.server.application.management.v1.PassiveStsConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ProvisioningConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ResidentApplication; +import org.wso2.carbon.identity.api.server.application.management.v1.Role; +import org.wso2.carbon.identity.api.server.application.management.v1.RoleCreationModel; +import org.wso2.carbon.identity.api.server.application.management.v1.RolePatchModel; import org.wso2.carbon.identity.api.server.application.management.v1.SAML2Configuration; import org.wso2.carbon.identity.api.server.application.management.v1.SAML2ServiceProvider; import org.wso2.carbon.identity.api.server.application.management.v1.SAMLMetaData; @@ -92,6 +96,30 @@ public Response changeApplicationOwner(@ApiParam(value = "ID of the application. return delegate.changeApplicationOwner(applicationId, applicationOwner ); } + @Valid + @POST + @Path("/{applicationId}/roles") + @Consumes({ "application/json" }) + @Produces({ "application/json" }) + @ApiOperation(value = "Create an application role with collected permissions ", notes = "Create a new application role with or without permissions
Permission required:
* /permission/admin/manage/identity/applicationmgt/update
Scope required:
* internal_application_mgt_update ", response = Role.class, authorizations = { + @Authorization(value = "BasicAuth"), + @Authorization(value = "OAuth2", scopes = { + + }) + }, tags={ "Application Roles", }) + @ApiResponses(value = { + @ApiResponse(code = 201, message = "Successfully created.", response = Role.class), + @ApiResponse(code = 400, message = "Bad Request", response = Error.class), + @ApiResponse(code = 401, message = "Unauthorized", response = Void.class), + @ApiResponse(code = 403, message = "Forbidden", response = Void.class), + @ApiResponse(code = 409, message = "Conflict", response = Error.class), + @ApiResponse(code = 500, message = "Server Error", response = Error.class) + }) + public Response createAppRole(@ApiParam(value = "Application ID",required=true) @PathParam("applicationId") String applicationId, @ApiParam(value = "Role name and Permissions to add to the role" ) @Valid RoleCreationModel roleCreationModel) { + + return delegate.createAppRole(applicationId, roleCreationModel ); + } + @Valid @POST @@ -142,6 +170,29 @@ public Response createApplicationTemplate(@ApiParam(value = "This represents the return delegate.createApplicationTemplate(applicationTemplateModel ); } + @Valid + @DELETE + @Path("/{applicationId}/roles/{roleId}") + + @Produces({ "application/json" }) + @ApiOperation(value = "Delete an application role ", notes = "Delete a role
Permission required:
* /permission/admin/manage/identity/applicationmgt/update
Scope required:
* internal_application_mgt_update ", response = Void.class, authorizations = { + @Authorization(value = "BasicAuth"), + @Authorization(value = "OAuth2", scopes = { + + }) + }, tags={ "Application Roles", }) + @ApiResponses(value = { + @ApiResponse(code = 204, message = "Delete Success", response = Void.class), + @ApiResponse(code = 400, message = "", response = Void.class), + @ApiResponse(code = 401, message = "Unauthorized", response = Void.class), + @ApiResponse(code = 403, message = "Forbidden", response = Void.class), + @ApiResponse(code = 500, message = "Server Error", response = Error.class) + }) + public Response deleteAppRole(@ApiParam(value = "Application ID",required=true) @PathParam("applicationId") String applicationId, @ApiParam(value = "Role ID",required=true) @PathParam("roleId") String roleId) { + + return delegate.deleteAppRole(applicationId, roleId ); + } + @Valid @DELETE @Path("/{applicationId}") @@ -381,6 +432,29 @@ public Response getAdaptiveAuthTemplates() { return delegate.getAdaptiveAuthTemplates(); } + @Valid + @GET + @Path("/{applicationId}/roles") + + @Produces({ "application/json" }) + @ApiOperation(value = "Get all roles of the application ", notes = "Get all roles of the application
Permission required:
* /permission/admin/manage/identity/applicationmgt/view
Scope required:
* internal_application_mgt_view ", response = PaginatedAppRoleResponse.class, authorizations = { + @Authorization(value = "BasicAuth"), + @Authorization(value = "OAuth2", scopes = { + + }) + }, tags={ "Application Roles", }) + @ApiResponses(value = { + @ApiResponse(code = 200, message = "OK", response = PaginatedAppRoleResponse.class), + @ApiResponse(code = 400, message = "Bad Request", response = Error.class), + @ApiResponse(code = 401, message = "Unauthorized", response = Void.class), + @ApiResponse(code = 403, message = "Forbidden", response = Void.class), + @ApiResponse(code = 500, message = "Server Error", response = Error.class) + }) + public Response getAllAppRoles(@ApiParam(value = "Application ID",required=true) @PathParam("applicationId") String applicationId, @Valid@ApiParam(value = "Previous Cursor") @QueryParam("before") String before, @Valid@ApiParam(value = "Next Cursor") @QueryParam("after") String after) { + + return delegate.getAllAppRoles(applicationId, before, after ); + } + @Valid @GET @Path("/templates") @@ -434,6 +508,30 @@ public Response getAllApplications( @Valid @Min(1)@ApiParam(value = "Maximum return delegate.getAllApplications(limit, offset, filter, sortOrder, sortBy, attributes ); } + @Valid + @GET + @Path("/{applicationId}/roles/{roleId}") + + @Produces({ "application/json" }) + @ApiOperation(value = "Get role and associated permissions ", notes = "Get a role of the application and its associated permissions
Permission required:
* /permission/admin/manage/identity/applicationmgt/update
Scope required:
* internal_application_mgt_update ", response = Role.class, authorizations = { + @Authorization(value = "BasicAuth"), + @Authorization(value = "OAuth2", scopes = { + + }) + }, tags={ "Application Roles", }) + @ApiResponses(value = { + @ApiResponse(code = 200, message = "OK", response = Role.class), + @ApiResponse(code = 400, message = "Bad Request", response = Error.class), + @ApiResponse(code = 401, message = "Unauthorized", response = Void.class), + @ApiResponse(code = 403, message = "Forbidden", response = Void.class), + @ApiResponse(code = 404, message = "Not Found", response = Error.class), + @ApiResponse(code = 500, message = "Server Error", response = Error.class) + }) + public Response getAppRole(@ApiParam(value = "Application ID",required=true) @PathParam("applicationId") String applicationId, @ApiParam(value = "Role ID",required=true) @PathParam("roleId") String roleId) { + + return delegate.getAppRole(applicationId, roleId ); + } + @Valid @GET @Path("/{applicationId}") @@ -838,6 +936,29 @@ public Response importApplicationForUpdate(@Multipart(value = "file", required = return delegate.importApplicationForUpdate(fileInputStream, fileDetail ); } + @Valid + @PATCH + @Path("/{applicationId}/roles/{roleId}") + @Consumes({ "application/json" }) + @Produces({ "application/json" }) + @ApiOperation(value = "Update an application role ", notes = "Update role name and permissions
Permission required:
* /permission/admin/manage/identity/applicationmgt/update
Scope required:
* internal_application_mgt_update ", response = Role.class, authorizations = { + @Authorization(value = "BasicAuth"), + @Authorization(value = "OAuth2", scopes = { + + }) + }, tags={ "Application Roles", }) + @ApiResponses(value = { + @ApiResponse(code = 200, message = "OK", response = Role.class), + @ApiResponse(code = 400, message = "Bad Request", response = Error.class), + @ApiResponse(code = 401, message = "Unauthorized", response = Void.class), + @ApiResponse(code = 403, message = "Forbidden", response = Void.class), + @ApiResponse(code = 500, message = "Server Error", response = Error.class) + }) + public Response patchAppRole(@ApiParam(value = "Application ID",required=true) @PathParam("applicationId") String applicationId, @ApiParam(value = "Role ID",required=true) @PathParam("roleId") String roleId, @ApiParam(value = "" ) @Valid RolePatchModel rolePatchModel) { + + return delegate.patchAppRole(applicationId, roleId, rolePatchModel ); + } + @Valid @PATCH @Path("/{applicationId}") diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationsApiService.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationsApiService.java index 46d2d8f59d..4d163e96de 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationsApiService.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/ApplicationsApiService.java @@ -42,14 +42,20 @@ import org.wso2.carbon.identity.api.server.application.management.v1.InboundProtocolListItem; import org.wso2.carbon.identity.api.server.application.management.v1.OIDCMetaData; import org.wso2.carbon.identity.api.server.application.management.v1.OpenIDConnectConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.PaginatedAppRoleResponse; import org.wso2.carbon.identity.api.server.application.management.v1.PassiveStsConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ProvisioningConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ResidentApplication; +import org.wso2.carbon.identity.api.server.application.management.v1.Role; +import org.wso2.carbon.identity.api.server.application.management.v1.RoleCreationModel; +import org.wso2.carbon.identity.api.server.application.management.v1.RolePatchModel; import org.wso2.carbon.identity.api.server.application.management.v1.SAML2Configuration; import org.wso2.carbon.identity.api.server.application.management.v1.SAML2ServiceProvider; import org.wso2.carbon.identity.api.server.application.management.v1.SAMLMetaData; import org.wso2.carbon.identity.api.server.application.management.v1.WSTrustConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.WSTrustMetaData; +import org.wso2.carbon.identity.application.role.mgt.exceptions.ApplicationRoleManagementException; + import javax.ws.rs.core.Response; @@ -57,10 +63,13 @@ public interface ApplicationsApiService { public Response changeApplicationOwner(String applicationId, ApplicationOwner applicationOwner); + public Response createAppRole(String applicationId, RoleCreationModel roleCreationModel); public Response createApplication(ApplicationModel applicationModel, String template); public Response createApplicationTemplate(ApplicationTemplateModel applicationTemplateModel); + public Response deleteAppRole(String applicationId, String roleId); + public Response deleteApplication(String applicationId); public Response deleteApplicationTemplate(String templateId); @@ -81,10 +90,12 @@ public interface ApplicationsApiService { public Response getAdaptiveAuthTemplates(); - public Response getAllApplicationTemplates(Integer limit, Integer offset, SearchContext searchContext); - + public Response getAllAppRoles(String applicationId, String before, String after) +; public Response getAllApplicationTemplates(Integer limit, Integer offset, SearchContext searchContext); public Response getAllApplications(Integer limit, Integer offset, String filter, String sortOrder, String sortBy, String attributes); + public Response getAppRole(String applicationId, String roleId); + public Response getApplication(String applicationId); public Response getApplicationTemplate(String templateId); @@ -119,6 +130,8 @@ public interface ApplicationsApiService { public Response importApplicationForUpdate(InputStream fileInputStream, Attachment fileDetail); + public Response patchAppRole(String applicationId, String roleId, RolePatchModel rolePatchModel); + public Response patchApplication(String applicationId, ApplicationPatchModel applicationPatchModel); public Response regenerateOAuthClientSecret(String applicationId); diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PaginatedAppRoleResponse.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PaginatedAppRoleResponse.java new file mode 100644 index 0000000000..b24fac7ee5 --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PaginatedAppRoleResponse.java @@ -0,0 +1,140 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonCreator; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.util.ArrayList; +import java.util.List; +import org.wso2.carbon.identity.api.server.application.management.v1.PaginationLink; +import org.wso2.carbon.identity.api.server.application.management.v1.Role; +import javax.validation.constraints.*; + + +import io.swagger.annotations.*; +import java.util.Objects; +import javax.validation.Valid; +import javax.xml.bind.annotation.*; + +public class PaginatedAppRoleResponse { + + private List links = new ArrayList<>(); + + private List roles = null; + + + /** + **/ + public PaginatedAppRoleResponse links(List links) { + + this.links = links; + return this; + } + + @ApiModelProperty(required = true, value = "") + @JsonProperty("links") + @Valid + @NotNull(message = "Property links cannot be null.") + + public List getLinks() { + return links; + } + public void setLinks(List links) { + this.links = links; + } + + public PaginatedAppRoleResponse addLinksItem(PaginationLink linksItem) { + this.links.add(linksItem); + return this; + } + + /** + **/ + public PaginatedAppRoleResponse roles(List roles) { + + this.roles = roles; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("roles") + @Valid + public List getRoles() { + return roles; + } + public void setRoles(List roles) { + this.roles = roles; + } + + public PaginatedAppRoleResponse addRolesItem(Role rolesItem) { + if (this.roles == null) { + this.roles = new ArrayList<>(); + } + this.roles.add(rolesItem); + return this; + } + + + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + PaginatedAppRoleResponse paginatedAppRoleResponse = (PaginatedAppRoleResponse) o; + return Objects.equals(this.links, paginatedAppRoleResponse.links) && + Objects.equals(this.roles, paginatedAppRoleResponse.roles); + } + + @Override + public int hashCode() { + return Objects.hash(links, roles); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class PaginatedAppRoleResponse {\n"); + + sb.append(" links: ").append(toIndentedString(links)).append("\n"); + sb.append(" roles: ").append(toIndentedString(roles)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} + diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PaginationLink.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PaginationLink.java new file mode 100644 index 0000000000..b86d650023 --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/PaginationLink.java @@ -0,0 +1,119 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonCreator; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import javax.validation.constraints.*; + + +import io.swagger.annotations.*; +import java.util.Objects; +import javax.validation.Valid; +import javax.xml.bind.annotation.*; + +public class PaginationLink { + + private String rel; + private String href; + + /** + **/ + public PaginationLink rel(String rel) { + + this.rel = rel; + return this; + } + + @ApiModelProperty(example = "before", value = "") + @JsonProperty("rel") + @Valid + public String getRel() { + return rel; + } + public void setRel(String rel) { + this.rel = rel; + } + + /** + **/ + public PaginationLink href(String href) { + + this.href = href; + return this; + } + + @ApiModelProperty(example = "/t/{tenant-name}/applications/{application-id}/roles?after=NDoy", value = "") + @JsonProperty("href") + @Valid + public String getHref() { + return href; + } + public void setHref(String href) { + this.href = href; + } + + + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + PaginationLink paginationLink = (PaginationLink) o; + return Objects.equals(this.rel, paginationLink.rel) && + Objects.equals(this.href, paginationLink.href); + } + + @Override + public int hashCode() { + return Objects.hash(rel, href); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class PaginationLink {\n"); + + sb.append(" rel: ").append(toIndentedString(rel)).append("\n"); + sb.append(" href: ").append(toIndentedString(href)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} + diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Permission.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Permission.java new file mode 100644 index 0000000000..ba44e24887 --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Permission.java @@ -0,0 +1,121 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonCreator; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import javax.validation.constraints.*; + + +import io.swagger.annotations.*; +import java.util.Objects; +import javax.validation.Valid; +import javax.xml.bind.annotation.*; + +public class Permission { + + private String name; + private String displayName; + + /** + **/ + public Permission name(String name) { + + this.name = name; + return this; + } + + @ApiModelProperty(example = "deploy_component", required = true, value = "") + @JsonProperty("name") + @Valid + @NotNull(message = "Property name cannot be null.") + + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + + /** + **/ + public Permission displayName(String displayName) { + + this.displayName = displayName; + return this; + } + + @ApiModelProperty(example = "Deploy Component", value = "") + @JsonProperty("displayName") + @Valid + public String getDisplayName() { + return displayName; + } + public void setDisplayName(String displayName) { + this.displayName = displayName; + } + + + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + Permission permission = (Permission) o; + return Objects.equals(this.name, permission.name) && + Objects.equals(this.displayName, permission.displayName); + } + + @Override + public int hashCode() { + return Objects.hash(name, displayName); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class Permission {\n"); + + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} + diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Role.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Role.java new file mode 100644 index 0000000000..25ed0584c0 --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/Role.java @@ -0,0 +1,152 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonCreator; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.util.ArrayList; +import java.util.List; +import org.wso2.carbon.identity.api.server.application.management.v1.Permission; +import javax.validation.constraints.*; + + +import io.swagger.annotations.*; +import java.util.Objects; +import javax.validation.Valid; +import javax.xml.bind.annotation.*; + +public class Role { + + private String id; + private String name; + private List permissions = null; + + + /** + **/ + public Role id(String id) { + + this.id = id; + return this; + } + + @ApiModelProperty(example = "85e3f4b8-0d22-4181-b1e3-1651f71b88bd", value = "") + @JsonProperty("id") + @Valid + public String getId() { + return id; + } + public void setId(String id) { + this.id = id; + } + + /** + **/ + public Role name(String name) { + + this.name = name; + return this; + } + + @ApiModelProperty(example = "administrator", value = "") + @JsonProperty("name") + @Valid + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + + /** + **/ + public Role permissions(List permissions) { + + this.permissions = permissions; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("permissions") + @Valid + public List getPermissions() { + return permissions; + } + public void setPermissions(List permissions) { + this.permissions = permissions; + } + + public Role addPermissionsItem(Permission permissionsItem) { + if (this.permissions == null) { + this.permissions = new ArrayList<>(); + } + this.permissions.add(permissionsItem); + return this; + } + + + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + Role role = (Role) o; + return Objects.equals(this.id, role.id) && + Objects.equals(this.name, role.name) && + Objects.equals(this.permissions, role.permissions); + } + + @Override + public int hashCode() { + return Objects.hash(id, name, permissions); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class Role {\n"); + + sb.append(" id: ").append(toIndentedString(id)).append("\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} + diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RoleCreationModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RoleCreationModel.java new file mode 100644 index 0000000000..3575ba36bb --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RoleCreationModel.java @@ -0,0 +1,133 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonCreator; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.util.ArrayList; +import java.util.List; +import org.wso2.carbon.identity.api.server.application.management.v1.Permission; +import javax.validation.constraints.*; + + +import io.swagger.annotations.*; +import java.util.Objects; +import javax.validation.Valid; +import javax.xml.bind.annotation.*; + +public class RoleCreationModel { + + private String name; + private List permissions = null; + + + /** + **/ + public RoleCreationModel name(String name) { + + this.name = name; + return this; + } + + @ApiModelProperty(example = "administrator", required = true, value = "") + @JsonProperty("name") + @Valid + @NotNull(message = "Property name cannot be null.") + + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + + /** + **/ + public RoleCreationModel permissions(List permissions) { + + this.permissions = permissions; + return this; + } + + @ApiModelProperty(value = "") + @JsonProperty("permissions") + @Valid + public List getPermissions() { + return permissions; + } + public void setPermissions(List permissions) { + this.permissions = permissions; + } + + public RoleCreationModel addPermissionsItem(Permission permissionsItem) { + if (this.permissions == null) { + this.permissions = new ArrayList<>(); + } + this.permissions.add(permissionsItem); + return this; + } + + + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + RoleCreationModel roleCreationModel = (RoleCreationModel) o; + return Objects.equals(this.name, roleCreationModel.name) && + Objects.equals(this.permissions, roleCreationModel.permissions); + } + + @Override + public int hashCode() { + return Objects.hash(name, permissions); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class RoleCreationModel {\n"); + + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} + diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RolePatchModel.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RolePatchModel.java new file mode 100644 index 0000000000..0fa2b84084 --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/gen/java/org/wso2/carbon/identity/api/server/application/management/v1/RolePatchModel.java @@ -0,0 +1,161 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.api.server.application.management.v1; + +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonCreator; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.util.ArrayList; +import java.util.List; +import org.wso2.carbon.identity.api.server.application.management.v1.Permission; +import javax.validation.constraints.*; + + +import io.swagger.annotations.*; +import java.util.Objects; +import javax.validation.Valid; +import javax.xml.bind.annotation.*; + +public class RolePatchModel { + + private String name; + private List addedPermissions = new ArrayList<>(); + + private List removedPermissions = new ArrayList<>(); + + + /** + **/ + public RolePatchModel name(String name) { + + this.name = name; + return this; + } + + @ApiModelProperty(example = "uuid", required = true, value = "") + @JsonProperty("name") + @Valid + @NotNull(message = "Property name cannot be null.") + + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + + /** + **/ + public RolePatchModel addedPermissions(List addedPermissions) { + + this.addedPermissions = addedPermissions; + return this; + } + + @ApiModelProperty(required = true, value = "") + @JsonProperty("addedPermissions") + @Valid + @NotNull(message = "Property addedPermissions cannot be null.") + + public List getAddedPermissions() { + return addedPermissions; + } + public void setAddedPermissions(List addedPermissions) { + this.addedPermissions = addedPermissions; + } + + public RolePatchModel addAddedPermissionsItem(Permission addedPermissionsItem) { + this.addedPermissions.add(addedPermissionsItem); + return this; + } + + /** + **/ + public RolePatchModel removedPermissions(List removedPermissions) { + + this.removedPermissions = removedPermissions; + return this; + } + + @ApiModelProperty(required = true, value = "") + @JsonProperty("removedPermissions") + @Valid + @NotNull(message = "Property removedPermissions cannot be null.") + + public List getRemovedPermissions() { + return removedPermissions; + } + public void setRemovedPermissions(List removedPermissions) { + this.removedPermissions = removedPermissions; + } + + public RolePatchModel addRemovedPermissionsItem(Permission removedPermissionsItem) { + this.removedPermissions.add(removedPermissionsItem); + return this; + } + + + + @Override + public boolean equals(java.lang.Object o) { + + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + RolePatchModel rolePatchModel = (RolePatchModel) o; + return Objects.equals(this.name, rolePatchModel.name) && + Objects.equals(this.addedPermissions, rolePatchModel.addedPermissions) && + Objects.equals(this.removedPermissions, rolePatchModel.removedPermissions); + } + + @Override + public int hashCode() { + return Objects.hash(name, addedPermissions, removedPermissions); + } + + @Override + public String toString() { + + StringBuilder sb = new StringBuilder(); + sb.append("class RolePatchModel {\n"); + + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" addedPermissions: ").append(toIndentedString(addedPermissions)).append("\n"); + sb.append(" removedPermissions: ").append(toIndentedString(removedPermissions)).append("\n"); + sb.append("}"); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces + * (except the first line). + */ + private String toIndentedString(java.lang.Object o) { + + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n"); + } +} + diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ApplicationRoleManagementService.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ApplicationRoleManagementService.java new file mode 100644 index 0000000000..b31ee9de6f --- /dev/null +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/core/ApplicationRoleManagementService.java @@ -0,0 +1,186 @@ +/* + * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.identity.api.server.application.management.v1.core; + +import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementServiceHolder; +import org.wso2.carbon.identity.api.server.application.management.v1.Role; +import org.wso2.carbon.identity.api.server.application.management.v1.RoleCreationModel; +import org.wso2.carbon.identity.api.server.application.management.v1.RolePatchModel; +import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils; +import org.wso2.carbon.identity.api.server.common.error.APIError; +import org.wso2.carbon.identity.application.role.mgt.ApplicationRoleManager; +import org.wso2.carbon.identity.application.role.mgt.exceptions.ApplicationRoleManagementClientException; +import org.wso2.carbon.identity.application.role.mgt.exceptions.ApplicationRoleManagementException; +import org.wso2.carbon.identity.application.role.mgt.model.ApplicationRole; + +import java.util.List; +import java.util.UUID; +import java.util.stream.Collectors; + +import static org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants.Error.INVALID_REQUEST; +import static org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants.Error.UNEXPECTED_SERVER_ERROR; + +/** + * Application role management service. + */ +public class ApplicationRoleManagementService { + + /** + * Add a new role to the application. + * + * @param applicationId Application ID. + * @param role Role. + * @return Created role. + */ + public Role addApplicationRole(String applicationId, RoleCreationModel role) { + + // Filter names of the permissions in role.getPermissions() to List[] permissions + List collect = + role.getPermissions().stream().map(permission -> permission.getName()).collect(Collectors.toList()); + String roleId = UUID.randomUUID().toString(); + try { + getApplicationRoleManager().addApplicationRole( + new ApplicationRole(roleId, role.getName(), collect.toArray(new String[0]), + applicationId)); + + Role createdRole = new Role(); + createdRole.setId(roleId); + createdRole.setName(role.getName()); + createdRole.setPermissions(role.getPermissions()); + return createdRole; + } catch (ApplicationRoleManagementException e) { + String msg = "Error while creating application role: " + role.getName() + " for application: " + + applicationId; + throw handleApplicationRoleManagementException(e, msg); + } + } + + /** + * Get a role by ID. + * + * @param applicationId Application ID. + * @param roleId Role ID. + * @return Role. + */ + public Role getApplicationRole(String applicationId, String roleId) { + + ApplicationRole applicationRole = null; + try { + applicationRole = getApplicationRoleManager().getApplicationRoleById(roleId); + Role role = new Role(); + role.setId(roleId); + role.setName(applicationRole.getRoleName()); + // TODO set permissions. + return role; + } + catch (ApplicationRoleManagementException e) { + String msg = "Error while retrieving application role with id: " + roleId; + throw handleApplicationRoleManagementException(e, msg); + } + } + + /** + * Get all roles of an application. + * + * @param applicationId Application ID. + * @param before Filter to get roles created before a given date. (optional) + * @param after Filter to get roles created after a given date. (optional) + * @param limit Maximum number of roles to return. (optional) + * @param filter Filter expression for filtering fields in the response. (optional) + * @param sort Sort expression for sorting the response. (optional) + * @return List of roles. + */ + public List getApplicationRoles(String applicationId, String before, String after, Integer limit, + String filter, String sort) { + + List applicationRoles = null; + try { + applicationRoles = getApplicationRoleManager().getApplicationRoles(applicationId); + return applicationRoles.stream().map(applicationRole -> { + Role role = new Role(); + role.setId(applicationRole.getRoleId()); + role.setName(applicationRole.getRoleName()); + // TODO set permissions. + return role; + }).collect(Collectors.toList()); + } catch (ApplicationRoleManagementException e) { + String msg = "Error while retrieving application roles of application: " + applicationId; + throw handleApplicationRoleManagementException(e, msg); + } + } + + /** + * Delete a role by ID. + * + * @param applicationId Application ID. + * @param roleId Role ID. + */ + public void deleteApplicationRole(String applicationId, String roleId) { + + try { + getApplicationRoleManager().deleteApplicationRole(roleId); + } catch (ApplicationRoleManagementException e) { + String msg = "Error while deleting application role with id: " + roleId; + throw handleApplicationRoleManagementException(e, msg); + } + } + + /** + * Update a role by ID. + * + * @param applicationId Application ID. + * @param roleId Role ID. + * @param roleUpdate Role update. + */ + public void updateApplicationRole(String applicationId, String roleId, RolePatchModel roleUpdate) { + + // TODO implement. + } + + private ApplicationRoleManager getApplicationRoleManager() { + + return ApplicationManagementServiceHolder.getApplicationRoleManagerService(); + } + + private APIError handleApplicationRoleManagementException(ApplicationRoleManagementException e, String msg) { + + if (e instanceof ApplicationRoleManagementClientException) { + throw buildClientError(e, msg); + } + throw buildServerError(e, msg); + } + + private APIError buildServerError(ApplicationRoleManagementException e, String message) { + + String errorCode = getErrorCode(e, UNEXPECTED_SERVER_ERROR.getCode()); + return Utils.buildServerError(errorCode, message, e.getMessage(), e); + } + + private APIError buildClientError(ApplicationRoleManagementException e, String message) { + + String errorCode = getErrorCode(e, INVALID_REQUEST.getCode()); + return Utils.buildClientError(errorCode, message, e.getMessage()); + } + + private String getErrorCode(ApplicationRoleManagementException e, String defaultErrorCode) { + + return e.getErrorCode() != null ? e.getErrorCode() : defaultErrorCode; + } +} + diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/impl/ApplicationsApiServiceImpl.java b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/impl/ApplicationsApiServiceImpl.java index 8c57c012cc..4dd09d8393 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/impl/ApplicationsApiServiceImpl.java +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/java/org/wso2/carbon/identity/api/server/application/management/v1/impl/ApplicationsApiServiceImpl.java @@ -34,21 +34,33 @@ import org.wso2.carbon.identity.api.server.application.management.v1.PassiveStsConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ProvisioningConfiguration; import org.wso2.carbon.identity.api.server.application.management.v1.ResidentApplication; +import org.wso2.carbon.identity.api.server.application.management.v1.Role; +import org.wso2.carbon.identity.api.server.application.management.v1.RoleCreationModel; +import org.wso2.carbon.identity.api.server.application.management.v1.RolePatchModel; import org.wso2.carbon.identity.api.server.application.management.v1.SAML2Configuration; import org.wso2.carbon.identity.api.server.application.management.v1.SAML2ServiceProvider; import org.wso2.carbon.identity.api.server.application.management.v1.WSTrustConfiguration; +import org.wso2.carbon.identity.api.server.application.management.v1.core.ApplicationRoleManagementService; import org.wso2.carbon.identity.api.server.application.management.v1.core.ServerApplicationManagementService; import org.wso2.carbon.identity.api.server.application.management.v1.core.ServerApplicationMetadataService; import org.wso2.carbon.identity.api.server.application.management.v1.core.TransferResource; import org.wso2.carbon.identity.api.server.common.Constants; import org.wso2.carbon.identity.api.server.common.ContextLoader; +import org.wso2.carbon.identity.api.server.common.error.APIError; +import org.wso2.carbon.identity.api.server.common.error.ErrorResponse; +import org.wso2.carbon.identity.application.role.mgt.exceptions.ApplicationRoleManagementException; import java.io.InputStream; +import java.io.UnsupportedEncodingException; import java.net.URI; +import java.net.URLEncoder; +import java.nio.charset.StandardCharsets; import java.util.List; import javax.ws.rs.core.Response; +import static org.wso2.carbon.identity.api.server.common.Constants.V1_API_PATH_COMPONENT; + /** * Implementation of ApplicationsApiService. */ @@ -60,6 +72,9 @@ public class ApplicationsApiServiceImpl implements ApplicationsApiService { @Autowired private ServerApplicationMetadataService applicationMetadataService; + @Autowired + private ApplicationRoleManagementService applicationRoleManagementService; + @Override public Response getAllApplications(Integer limit, Integer offset, String filter, String sortOrder, String sortBy, String requiredAttributes) { @@ -69,6 +84,12 @@ public Response getAllApplications(Integer limit, Integer offset, String filter, return Response.ok().entity(listResponse).build(); } + @Override + public Response getAppRole(String applicationId, String roleId) { + + return Response.ok().entity(applicationRoleManagementService.getApplicationRole(applicationId, roleId)).build(); + } + @Override public Response getApplication(String applicationId) { @@ -95,6 +116,24 @@ public Response changeApplicationOwner(String applicationId, ApplicationOwner ap return Response.ok().build(); } + @Override + public Response createAppRole(String applicationId, RoleCreationModel roleCreationModel) { + + Role role = applicationRoleManagementService.addApplicationRole(applicationId, roleCreationModel); + URI location; + try { + location = ContextLoader.buildURIForHeader(Constants.V1_API_PATH_COMPONENT + + ApplicationManagementConstants.APPLICATION_MANAGEMENT_PATH_COMPONENT + "/" + applicationId + "/" + + ApplicationManagementConstants.ROLES_PATH_COMPONENT + "/" + + URLEncoder.encode(role.getId(), StandardCharsets.UTF_8.name())); + } catch (UnsupportedEncodingException e) { + ErrorResponse errorResponse = + new ErrorResponse.Builder().withMessage("Error due to unsupported encoding.").build(); + throw new APIError(Response.Status.METHOD_NOT_ALLOWED, errorResponse); + } + return Response.created(location).entity(role).build(); + } + @Override public Response createApplication(ApplicationModel applicationModel, String template) { @@ -109,6 +148,13 @@ public Response createApplicationTemplate(ApplicationTemplateModel applicationTe return Response.created(getTemplateResourceLocation(templateId)).build(); } + @Override + public Response deleteAppRole(String applicationId, String roleId) { + + applicationRoleManagementService.deleteApplicationRole(applicationId, roleId); + return Response.noContent().build(); + } + @Override public Response deleteApplication(String applicationId) { @@ -242,6 +288,13 @@ public Response importApplicationForUpdate(InputStream fileInputStream, Attachme return Response.ok().location(getResourceLocation(resourceId)).build(); } + @Override + public Response patchAppRole(String applicationId, String roleId, RolePatchModel rolePatchModel) { + + applicationRoleManagementService.updateApplicationRole(applicationId, roleId, rolePatchModel); + return Response.ok().build(); + } + @Override public Response getInboundAuthenticationConfigurations(String applicationId) { @@ -361,6 +414,14 @@ public Response getAdaptiveAuthTemplates() { return Response.ok().entity(applicationMetadataService.getAdaptiveAuthTemplates()).build(); } + @Override + public Response getAllAppRoles(String applicationId, String before, String after) { + + return Response.ok() + .entity(applicationRoleManagementService.getApplicationRoles(applicationId, before, after, null, null, + null)).build(); + } + @Override public Response getAllApplicationTemplates(Integer limit, Integer offset, SearchContext searchContext) { diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/META-INF/cxf/applications-server-v1-cxf.xml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/META-INF/cxf/applications-server-v1-cxf.xml index 142d89d26c..b6ebe1c430 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/META-INF/cxf/applications-server-v1-cxf.xml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/META-INF/cxf/applications-server-v1-cxf.xml @@ -20,6 +20,7 @@ + + + + @@ -66,4 +71,7 @@ + + diff --git a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml index a4a43de4ee..53f9147986 100644 --- a/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml +++ b/components/org.wso2.carbon.identity.api.server.application.management/org.wso2.carbon.identity.api.server.application.management.v1/src/main/resources/applications.yaml @@ -1955,7 +1955,261 @@ paths: application/json: schema: $ref: '#/components/schemas/Error' - + '/applications/{applicationId}/roles': + post: + tags: + - Application Roles + summary: | + Create an application role with collected permissions + description: > + Create a new application role with or without permissions
+ Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update + operationId: createAppRole + parameters: + - name: applicationId + in: path + description: Application ID + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RoleCreationModel' + description: Role name and Permissions to add to the role + responses: + 201: + description: Successfully created. + content: + application/json: + schema: + $ref: '#/components/schemas/Role' + 400: + description: Bad Request + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + 401: + description: Unauthorized + 403: + description: Forbidden + 409: + description: Conflict + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + 500: + description: Server Error + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + get: + tags: + - Application Roles + summary: | + Get all roles of the application + description: > + Get all roles of the application
+ Permission required:
+ * /permission/admin/manage/identity/applicationmgt/view
+ Scope required:
+ * internal_application_mgt_view + operationId: getAllAppRoles + parameters: + - name: applicationId + in: path + description: Application ID + required: true + schema: + type: string + - name: before + in: query + description: Previous Cursor + schema: + type: string + - name: after + in: query + description: Next Cursor + schema: + type: string + responses: + 200: + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAppRoleResponse' + 400: + description: Bad Request + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + 401: + description: Unauthorized + 403: + description: Forbidden + 500: + description: Server Error + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '/applications/{applicationId}/roles/{roleId}': + get: + tags: + - Application Roles + summary: | + Get role and associated permissions + description: > + Get a role of the application and its associated permissions
+ Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update + operationId: getAppRole + parameters: + - name: applicationId + in: path + description: Application ID + required: true + schema: + type: string + - name: roleId + in: path + description: Role ID + required: true + schema: + type: string + responses: + 200: + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/Role' + 400: + description: Bad Request + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + 401: + description: Unauthorized + 403: + description: Forbidden + 404: + description: Not Found + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + 500: + description: Server Error + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + patch: + tags: + - Application Roles + summary: | + Update an application role + description: > + Update role name and permissions
+ Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update + operationId: patchAppRole + parameters: + - name: applicationId + in: path + description: Application ID + required: true + schema: + type: string + - name: roleId + in: path + description: Role ID + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RolePatchModel' + responses: + 200: + description: OK + content: + application/json: + schema: + $ref: '#/components/schemas/Role' + 400: + description: Bad Request + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + 401: + description: Unauthorized + 403: + description: Forbidden + 500: + description: Server Error + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + delete: + tags: + - Application Roles + summary: | + Delete an application role + description: > + Delete a role
+ Permission required:
+ * /permission/admin/manage/identity/applicationmgt/update
+ Scope required:
+ * internal_application_mgt_update + operationId: deleteAppRole + parameters: + - name: applicationId + in: path + description: Application ID + required: true + schema: + type: string + - name: roleId + in: path + description: Role ID + required: true + schema: + type: string + responses: + 204: + description: Delete Success + 400: + $ref: '#/components/schemas/Error' + 401: + description: Unauthorized + 403: + description: Forbidden + 500: + description: Server Error + content: + application/json: + schema: + $ref: '#/components/schemas/Error' /applications/templates: get: tags: @@ -3507,7 +3761,82 @@ components: example: "85e3f4b8-0d22-4181-b1e3-1651f71b88bd" required: - id - + RoleCreationModel: + type: object + required: + - name + properties: + name: + type: string + example: administrator + permissions: + type: array + items: + $ref: '#/components/schemas/Permission' + Role: + type: object + properties: + id: + type: string + example: "85e3f4b8-0d22-4181-b1e3-1651f71b88bd" + name: + type: string + example: administrator + permissions: + type: array + items: + $ref: '#/components/schemas/Permission' + Permission: + type: object + required: + - name + properties: + name: + type: string + example: 'deploy_component' + displayName: + type: string + example: "Deploy Component" + PaginatedAppRoleResponse: + type: object + required: + - links + properties: + links: + type: array + items: + $ref: '#/components/schemas/PaginationLink' + roles: + type: array + items: + $ref: '#/components/schemas/Role' + PaginationLink: + type: object + properties: + rel: + type: string + example: before + href: + type: string + example: /t/{tenant-name}/applications/{application-id}/roles?after=NDoy + RolePatchModel: + type: object + required: + - name + - addedPermissions + - removedPermissions + properties: + name: + type: string + example: uuid + addedPermissions: + type: array + items: + $ref: '#/components/schemas/Permission' + removedPermissions: + type: array + items: + $ref: '#/components/schemas/Permission' Error: type: object properties: @@ -3530,4 +3859,4 @@ servers: tenant-domain: default: "carbon.super" server-url: - default: "localhost:9443" + default: "localhost:9443" \ No newline at end of file diff --git a/pom.xml b/pom.xml index c21a2bf642..dbe8cf4b56 100644 --- a/pom.xml +++ b/pom.xml @@ -587,6 +587,12 @@ ${h2database.version} test + + org.wso2.carbon.identity.framework + org.wso2.carbon.identity.application.role.mgt + ${carbon.identity.framework.version} + provided + @@ -671,7 +677,7 @@ 1.4 1.2.4 1.8.57 - 5.25.198 + 5.25.266-SNAPSHOT 3.0.5 5.2.0 **/gen/**/* @@ -697,7 +703,7 @@ [1.0.0, 2.0.0) - + 1.3.50