Improve DCR process in organization management

components/org.wso2.carbon.identity.organization.management.application/pom.xml

@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.wso2.carbon.identity.organization.management</groupId>
         <artifactId>identity-organization-management</artifactId>
-        <version>1.4.48-SNAPSHOT</version>
+        <version>1.4.47</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
 

components/org.wso2.carbon.identity.organization.management.application/src/main/java/org/wso2/carbon/identity/organization/management/application/listener/FragmentApplicationMgtListener.java

@@ -131,23 +131,26 @@ public boolean isEnable() {
     public boolean doPreCreateApplication(ServiceProvider serviceProvider, String tenantDomain, String userName)
             throws IdentityApplicationManagementException {
 
-        try {
-            String organizationId = getOrganizationManager().resolveOrganizationId(tenantDomain);
-            int organizationDepthInHierarchy =
-                    getOrganizationManager().getOrganizationDepthInHierarchy(organizationId);
-            if (isSubOrganization(organizationDepthInHierarchy) &&
-                    !isSharedAppFromInternalProcess(serviceProvider, tenantDomain)) {
-                throw new IdentityApplicationManagementClientException(
-                        ERROR_CODE_SUB_ORG_CANNOT_CREATE_APP.getCode(),
-                        ERROR_CODE_SUB_ORG_CANNOT_CREATE_APP.getMessage());
-            }
-        } catch (OrganizationManagementClientException e) {
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("Organization not found for the tenant: " + tenantDomain);
+        if (StringUtils.isEmpty(PrivilegedCarbonContext.getThreadLocalCarbonContext()
+                .getApplicationResidentOrganizationId())) {
+            try {
+                String organizationId = getOrganizationManager().resolveOrganizationId(tenantDomain);
+                int organizationDepthInHierarchy =
+                        getOrganizationManager().getOrganizationDepthInHierarchy(organizationId);
+                if (isSubOrganization(organizationDepthInHierarchy) &&
+                        !isSharedAppFromInternalProcess(serviceProvider, tenantDomain)) {
+                    throw new IdentityApplicationManagementClientException(
+                            ERROR_CODE_SUB_ORG_CANNOT_CREATE_APP.getCode(),
+                            ERROR_CODE_SUB_ORG_CANNOT_CREATE_APP.getMessage());
+                }
+            } catch (OrganizationManagementClientException e) {
+                if (LOG.isDebugEnabled()) {
+                    LOG.debug("Organization not found for the tenant: " + tenantDomain);
+                }
+            } catch (OrganizationManagementException e) {
+                throw new IdentityApplicationManagementException(
+                        "An error occurred while getting depth of the organization", e);
             }
-        } catch (OrganizationManagementException e) {
-            throw new IdentityApplicationManagementException(
-                    "An error occurred while getting depth of the organization", e);
         }
         return true;
     }

components/org.wso2.carbon.identity.organization.management.handler/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <artifactId>identity-organization-management</artifactId>
         <groupId>org.wso2.carbon.identity.organization.management</groupId>
-        <version>1.4.48-SNAPSHOT</version>
+        <version>1.4.50</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
@@ -187,6 +187,14 @@
                     </execution>
                 </executions>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>8</source>
+                    <target>8</target>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
 </project>

components/org.wso2.carbon.identity.organization.management.handler/src/main/java/org/wso2/carbon/identity/organization/management/handler/SharedRoleMgtHandler.java

@@ -200,6 +200,7 @@ private void createSharedRolesOnNewRoleCreation(Map<String, Object> eventPropert
                     int noOfSharedApps = sharedApplications.size();
                     for (int i = 0; i < noOfSharedApps; i++) {
                         final int taskId = i;
+                        String finalMainRoleName = mainRoleName;
                         CompletableFuture.runAsync(() -> {
                             try {
                                 String sharedApplicationId = sharedApplications.get(taskId).getSharedApplicationId();
@@ -215,7 +216,7 @@ private void createSharedRolesOnNewRoleCreation(Map<String, Object> eventPropert
                                     PrivilegedCarbonContext.getThreadLocalCarbonContext()
                                             .setUsername(associatedUserName);
                                     RoleBasicInfo sharedRoleInfo =
-                                        getRoleManagementServiceV2().addRole(mainRoleName, Collections.emptyList(),
+                                        getRoleManagementServiceV2().addRole(finalMainRoleName, Collections.emptyList(),
                                                 Collections.emptyList(),
                                                 Collections.emptyList(), RoleConstants.APPLICATION, sharedApplicationId,
                                                 shareAppTenantDomain);
@@ -232,7 +233,7 @@ private void createSharedRolesOnNewRoleCreation(Map<String, Object> eventPropert
                         }, executorService).exceptionally(throwable -> {
                             LOG.error(String.format(
                                     "Exception occurred during creating a shared role: %s in organization: %s",
-                                    mainRoleName, sharedApplications.get(taskId).getOrganizationId()), throwable);
+                                    finalMainRoleName, sharedApplications.get(taskId).getOrganizationId()), throwable);
                             return null;
                         });
                     }
@@ -271,7 +272,12 @@ private void createSharedRolesOnNewRoleCreation(Map<String, Object> eventPropert
                     for (BasicOrganization organization : applicationSharedOrganizations) {
                         String shareAppTenantDomain =
                                 getOrganizationManager().resolveTenantDomain(organization.getId());
-                        RoleBasicInfo sharedRoleInfo = getRoleManagementServiceV2().addRole(mainRoleName,
+                        String sharedOrgRoleName = mainRoleName;
+                        if (getRoleManagementServiceV2().isExistingRoleName(mainRoleName, RoleConstants.ORGANIZATION,
+                                organization.getId(), shareAppTenantDomain)) {
+                            sharedOrgRoleName = mainRoleName + "_shared_to_" + shareAppTenantDomain;
+                        }
+                        RoleBasicInfo sharedRoleInfo = getRoleManagementServiceV2().addRole(sharedOrgRoleName,
                                 Collections.emptyList(),
                                 Collections.emptyList(),
                                 Collections.emptyList(), RoleConstants.ORGANIZATION, organization.getId(),

components/org.wso2.carbon.identity.organization.management.handler/src/main/java/org/wso2/carbon/identity/organization/management/handler/listener/SharedRoleMgtListener.java

@@ -467,45 +467,51 @@ private void handleAddedApplicationAudienceRolesOnAppUpdate(List<RoleV2> addedAp
     public boolean doPreDeleteApplication(String applicationName, String tenantDomain, String userName)
             throws IdentityApplicationManagementException {
 
-        try {
-            // If the deleting application is an application of tenant(i.e primary org) nothing to do here.
-            if (!OrganizationManagementUtil.isOrganization(tenantDomain)) {
-                return true;
-            }
+//        if (StringUtils.isEmpty(PrivilegedCarbonContext.getThreadLocalCarbonContext()
+//                .getApplicationResidentOrganizationId())) {
+            try {
+                // If the deleting application is an application of tenant(i.e primary org) nothing to do here.
+                if (!OrganizationManagementUtil.isOrganization(tenantDomain)) {
+                    return true;
+                }
 
-            ServiceProvider sharedApplication = getApplicationByName(applicationName, tenantDomain);
-            if (sharedApplication == null) {
-                return false;
-            }
-            String sharedAppId = sharedApplication.getApplicationResourceId();
-            String sharedAppOrgId = organizationManager.resolveOrganizationId(tenantDomain);
-            // Resolve the main application details.
-            String mainAppId = orgApplicationManager.getMainApplicationIdForGivenSharedApp(sharedAppId, sharedAppOrgId);
-            if (mainAppId == null) {
-                return false;
-            }
-            int mainAppTenantId = applicationManagementService.getTenantIdByApp(mainAppId);
-            String mainAppTenantDomain = IdentityTenantUtil.getTenantDomain(mainAppTenantId);
+                ServiceProvider sharedApplication = getApplicationByName(applicationName, tenantDomain);
+                if (sharedApplication == null) {
+                    return false;
+                }
+                String sharedAppId = sharedApplication.getApplicationResourceId();
+                String sharedAppOrgId = organizationManager.resolveOrganizationId(tenantDomain);
+                // Resolve the main application details.
+                String mainAppId = orgApplicationManager.getMainApplicationIdForGivenSharedApp(sharedAppId,
+                        sharedAppOrgId);
+                if (mainAppId == null) {
+                    return false;
+                }
+                int mainAppTenantId = applicationManagementService.getTenantIdByApp(mainAppId);
+                String mainAppTenantDomain = IdentityTenantUtil.getTenantDomain(mainAppTenantId);
+
+                String allowedAudienceForRoleAssociationInMainApp =
+                        applicationManagementService.getAllowedAudienceForRoleAssociation(mainAppId,
+                                mainAppTenantDomain);
+                boolean hasAppAudiencedRoles =
+                        RoleConstants.APPLICATION.equalsIgnoreCase(allowedAudienceForRoleAssociationInMainApp);
+                if (hasAppAudiencedRoles) {
+                    // Handle role deletion in application deletion post actions.
+                    return true;
+                }
 
-            String allowedAudienceForRoleAssociationInMainApp =
-                    applicationManagementService.getAllowedAudienceForRoleAssociation(mainAppId, mainAppTenantDomain);
-            boolean hasAppAudiencedRoles =
-                    RoleConstants.APPLICATION.equalsIgnoreCase(allowedAudienceForRoleAssociationInMainApp);
-            if (hasAppAudiencedRoles) {
-                // Handle role deletion in application deletion post actions.
-                return true;
+                // Handing organization audienced roles associated case.
+                List<RoleV2> associatedRolesOfMainApplication = applicationManagementService
+                        .getAssociatedRolesOfApplication(mainAppId, mainAppTenantDomain);
+                handleOrganizationAudiencedSharedRoleDeletion(associatedRolesOfMainApplication, mainAppId,
+                        mainAppTenantDomain, sharedAppOrgId);
+            } catch (OrganizationManagementException | IdentityRoleManagementException e) {
+                throw new IdentityApplicationManagementException(
+                        "Error while deleting organization roles associated to the app.", e);
             }
-
-            // Handing organization audienced roles associated case.
-            List<RoleV2> associatedRolesOfMainApplication = applicationManagementService
-                    .getAssociatedRolesOfApplication(mainAppId, mainAppTenantDomain);
-            handleOrganizationAudiencedSharedRoleDeletion(associatedRolesOfMainApplication, mainAppId,
-                    mainAppTenantDomain, sharedAppOrgId);
-        } catch (OrganizationManagementException | IdentityRoleManagementException e) {
-            throw new IdentityApplicationManagementException(
-                    "Error while deleting organization roles associated to the app.", e);
-        }
-        return super.doPreDeleteApplication(applicationName, tenantDomain, userName);
+            return super.doPreDeleteApplication(applicationName, tenantDomain, userName);
+//        }
+//        return true;
     }
 
     private void handleOrganizationAudiencedSharedRoleDeletion(List<RoleV2> rolesList, String mainApplicationId,
@@ -584,7 +590,10 @@ public boolean doPostGetAllowedAudienceForRoleAssociation(AssociatedRolesConfig
             throws IdentityApplicationManagementException {
 
         try {
-            if (!OrganizationManagementUtil.isOrganization(tenantDomain)) {
+            if (!OrganizationManagementUtil.isOrganization(tenantDomain)
+//                    || StringUtils.isNotEmpty(PrivilegedCarbonContext.getThreadLocalCarbonContext()
+//                            .getApplicationResidentOrganizationId())
+                            ) {
                 return true;
             }
             // Resolve the allowed audience for associated roles of shared application from main application details.

pom.xml

@@ -25,7 +25,7 @@
 
     <groupId>org.wso2.carbon.identity.organization.management</groupId>
     <artifactId>identity-organization-management</artifactId>
-    <version>1.4.48-SNAPSHOT</version>
+    <version>1.4.50</version>
     <modelVersion>4.0.0</modelVersion>
     <packaging>pom</packaging>
     <name>WSO2 Carbon - Organization Management</name>
@@ -482,9 +482,9 @@
     <properties>
 
         <!-- Carbon kernel version -->
-        <carbon.kernel.version>4.9.17</carbon.kernel.version>
+        <carbon.kernel.version>4.10.22</carbon.kernel.version>
         <carbon.kernel.package.import.version.range>[4.7.0, 5.0.0)</carbon.kernel.package.import.version.range>
-        <carbon.kernel.feature.version>4.6.0</carbon.kernel.feature.version>
+        <carbon.kernel.feature.version>4.10.0</carbon.kernel.feature.version>
 
         <carbon.commons.imp.pkg.version.range>[4.7.0, 5.0.0)</carbon.commons.imp.pkg.version.range>
 
@@ -525,7 +525,7 @@
         <carbon.multitenancy.package.import.version.range>[4.7.0,5.0.0)
         </carbon.multitenancy.package.import.version.range>
 
-        <carbon.identity.framework.version>7.3.3</carbon.identity.framework.version>
+        <carbon.identity.framework.version>7.5.26</carbon.identity.framework.version>
         <carbon.identity.package.import.version.range>[5.20.0, 8.0.0)
         </carbon.identity.package.import.version.range>