From f24aa1f4b4047906cb657c7d654990642dfebab6 Mon Sep 17 00:00:00 2001 From: sadilchamishka Date: Wed, 25 Oct 2023 15:09:00 +0530 Subject: [PATCH 1/2] Add util method to get the user ID of an associated user --- .../pom.xml | 24 ++++++++++++------- .../OrganizationManagementAuthzHandler.java | 15 ++++++++---- .../OrganizationUserSharingDataHolder.java | 22 +++++++++++++++++ ...ganizationUserSharingServiceComponent.java | 7 ++++-- .../util/OrganizationSharedUserUtil.java | 10 ++++++++ 5 files changed, 64 insertions(+), 14 deletions(-) diff --git a/components/org.wso2.carbon.identity.organization.management.authz.service/pom.xml b/components/org.wso2.carbon.identity.organization.management.authz.service/pom.xml index 794ecdf2a..880afa3db 100644 --- a/components/org.wso2.carbon.identity.organization.management.authz.service/pom.xml +++ b/components/org.wso2.carbon.identity.organization.management.authz.service/pom.xml @@ -1,18 +1,20 @@ @@ -59,6 +61,10 @@ org.wso2.carbon.identity.organization.management.core org.wso2.carbon.identity.organization.management.service + + org.wso2.carbon.identity.organization.management + org.wso2.carbon.identity.organization.management.organization.user.sharing + @@ -101,6 +107,8 @@ org.wso2.carbon.identity.organization.management.authz.service.handler;version="${org.wso2.identity.organization.mgt.imp.pkg.version.range}", org.wso2.carbon.identity.organization.management.service.authz;version="${org.wso2.identity.organization.mgt.core.imp.pkg.version.range}", org.wso2.carbon.identity.organization.management.service.exception;version="${org.wso2.identity.organization.mgt.core.imp.pkg.version.range}", + org.wso2.carbon.identity.organization.management.organization.user.sharing.util;version="${org.wso2.identity.organization.mgt.imp.pkg.version.range}", + org.wso2.carbon.identity.organization.management.organization.user.sharing.models;version="${org.wso2.identity.organization.mgt.imp.pkg.version.range}", org.wso2.carbon.user.api; version="${carbon.user.api.imp.pkg.version.range}", org.wso2.carbon.user.core;version="${carbon.kernel.package.import.version.range}", org.wso2.carbon.user.core.common;version="${carbon.kernel.package.import.version.range}", diff --git a/components/org.wso2.carbon.identity.organization.management.authz.service/src/main/java/org/wso2/carbon/identity/organization/management/authz/service/handler/OrganizationManagementAuthzHandler.java b/components/org.wso2.carbon.identity.organization.management.authz.service/src/main/java/org/wso2/carbon/identity/organization/management/authz/service/handler/OrganizationManagementAuthzHandler.java index 870dc051e..4ae666825 100644 --- a/components/org.wso2.carbon.identity.organization.management.authz.service/src/main/java/org/wso2/carbon/identity/organization/management/authz/service/handler/OrganizationManagementAuthzHandler.java +++ b/components/org.wso2.carbon.identity.organization.management.authz.service/src/main/java/org/wso2/carbon/identity/organization/management/authz/service/handler/OrganizationManagementAuthzHandler.java @@ -34,7 +34,9 @@ import org.wso2.carbon.identity.organization.management.authz.service.OrganizationManagementAuthorizationContext; import org.wso2.carbon.identity.organization.management.authz.service.exception.OrganizationManagementAuthzServiceServerException; import org.wso2.carbon.identity.organization.management.authz.service.internal.OrganizationManagementAuthzServiceHolder; +import org.wso2.carbon.identity.organization.management.organization.user.sharing.util.OrganizationSharedUserUtil; import org.wso2.carbon.identity.organization.management.service.authz.OrganizationManagementAuthorizationManager; +import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException; import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementServerException; import org.wso2.carbon.user.api.Tenant; import org.wso2.carbon.user.api.UserStoreException; @@ -42,6 +44,8 @@ import org.wso2.carbon.user.core.service.RealmService; import org.wso2.carbon.utils.multitenancy.MultitenantConstants; +import java.util.Optional; + import static org.wso2.carbon.identity.auth.service.util.Constants.OAUTH2_ALLOWED_SCOPES; import static org.wso2.carbon.identity.auth.service.util.Constants.OAUTH2_VALIDATE_SCOPE; import static org.wso2.carbon.identity.organization.management.authz.service.constant.AuthorizationConstants.RESOURCE_PERMISSION_NONE; @@ -143,7 +147,7 @@ private void validatePermissions(String orgId, String permissionString, User use try { boolean isUserAuthorized = OrganizationManagementAuthorizationManager.getInstance().isUserAuthorized - (getUserId(user), permissionString, orgId); + (getUserId(user, orgId), permissionString, orgId); if (isUserAuthorized) { authorizationResult.setAuthorizationStatus(AuthorizationStatus.GRANT); } @@ -152,12 +156,15 @@ private void validatePermissions(String orgId, String permissionString, User use } } - private String getUserId(User user) throws OrganizationManagementAuthzServiceServerException { + private String getUserId(User user, String orgId) throws OrganizationManagementAuthzServiceServerException { try { AbstractUserStoreManager userStoreManager = (AbstractUserStoreManager) getUserStoreManager(user); - return userStoreManager.getUser(null, user.getUserName()).getUserID(); - } catch (UserStoreException e) { + String userId = userStoreManager.getUser(null, user.getUserName()).getUserID(); + Optional optionalUserId = OrganizationSharedUserUtil + .fetchUserIdOfAssociatedUser(userId, orgId); + return optionalUserId.orElse(userId); + } catch (UserStoreException | OrganizationManagementException e) { throw new OrganizationManagementAuthzServiceServerException(e); } } diff --git a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/internal/OrganizationUserSharingDataHolder.java b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/internal/OrganizationUserSharingDataHolder.java index 8a17076e8..e728b95b1 100644 --- a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/internal/OrganizationUserSharingDataHolder.java +++ b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/internal/OrganizationUserSharingDataHolder.java @@ -18,6 +18,7 @@ package org.wso2.carbon.identity.organization.management.organization.user.sharing.internal; +import org.wso2.carbon.identity.organization.management.organization.user.sharing.OrganizationUserSharingService; import org.wso2.carbon.identity.organization.management.role.management.service.RoleManager; import org.wso2.carbon.identity.organization.management.service.OrganizationManager; import org.wso2.carbon.user.core.service.RealmService; @@ -31,6 +32,7 @@ public class OrganizationUserSharingDataHolder { private RealmService realmService; private OrganizationManager organizationManager; private RoleManager roleManager; + private OrganizationUserSharingService organizationUserSharingService; public static OrganizationUserSharingDataHolder getInstance() { @@ -96,4 +98,24 @@ public void setRoleManager(RoleManager roleManager) { this.roleManager = roleManager; } + + /** + * Get the organization user sharing service. + * + * @return OrganizationUserSharingService organization user sharing service. + */ + public OrganizationUserSharingService getOrganizationUserSharingService() { + + return organizationUserSharingService; + } + + /** + * Set the organization user sharing service. + * + * @param organizationUserSharingService Organization user sharing service. + */ + public void setOrganizationUserSharingService(OrganizationUserSharingService organizationUserSharingService) { + + this.organizationUserSharingService = organizationUserSharingService; + } } diff --git a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/internal/OrganizationUserSharingServiceComponent.java b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/internal/OrganizationUserSharingServiceComponent.java index ca001bc3e..281985bdb 100644 --- a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/internal/OrganizationUserSharingServiceComponent.java +++ b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/internal/OrganizationUserSharingServiceComponent.java @@ -52,8 +52,11 @@ public class OrganizationUserSharingServiceComponent { protected void activate(ComponentContext componentContext) { BundleContext bundleContext = componentContext.getBundleContext(); - bundleContext.registerService(OrganizationUserSharingService.class.getName(), - new OrganizationUserSharingServiceImpl(), null); + OrganizationUserSharingService organizationUserSharingService = new OrganizationUserSharingServiceImpl(); + OrganizationUserSharingDataHolder.getInstance() + .setOrganizationUserSharingService(organizationUserSharingService); + bundleContext.registerService(OrganizationUserSharingService.class.getName(), organizationUserSharingService, + null); bundleContext.registerService(UserOperationEventListener.class.getName(), new SharedUserOperationEventListener(), null); bundleContext.registerService(AbstractEventHandler.class.getName(), diff --git a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/util/OrganizationSharedUserUtil.java b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/util/OrganizationSharedUserUtil.java index bf9750b6d..58664f0c1 100644 --- a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/util/OrganizationSharedUserUtil.java +++ b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/util/OrganizationSharedUserUtil.java @@ -18,10 +18,13 @@ package org.wso2.carbon.identity.organization.management.organization.user.sharing.util; +import org.wso2.carbon.identity.organization.management.organization.user.sharing.internal.OrganizationUserSharingDataHolder; +import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException; import org.wso2.carbon.user.core.UserStoreException; import org.wso2.carbon.user.core.common.AbstractUserStoreManager; import java.util.Map; +import java.util.Optional; import static org.wso2.carbon.identity.organization.management.organization.user.sharing.constant.UserSharingConstants.CLAIM_MANAGED_ORGANIZATION; @@ -39,4 +42,11 @@ public static String getUserManagedOrganizationClaim(AbstractUserStoreManager us return claimsMap.get(CLAIM_MANAGED_ORGANIZATION); } + + public static Optional fetchUserIdOfAssociatedUser(String userId, String accessingOrgId) + throws OrganizationManagementException { + + return Optional.ofNullable(OrganizationUserSharingDataHolder.getInstance().getOrganizationUserSharingService() + .getUserAssociationOfAssociatedUserByOrgId(userId, accessingOrgId).getUserId()); + } } From 894cb2ce0aade5f8ecc4a4cfcc68e47fe8f91870 Mon Sep 17 00:00:00 2001 From: sadilchamishka Date: Wed, 25 Oct 2023 15:51:36 +0530 Subject: [PATCH 2/2] Address review comments --- .../handler/OrganizationManagementAuthzHandler.java | 4 ++-- .../user/sharing/util/OrganizationSharedUserUtil.java | 7 +++++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/components/org.wso2.carbon.identity.organization.management.authz.service/src/main/java/org/wso2/carbon/identity/organization/management/authz/service/handler/OrganizationManagementAuthzHandler.java b/components/org.wso2.carbon.identity.organization.management.authz.service/src/main/java/org/wso2/carbon/identity/organization/management/authz/service/handler/OrganizationManagementAuthzHandler.java index 4ae666825..64e00974b 100644 --- a/components/org.wso2.carbon.identity.organization.management.authz.service/src/main/java/org/wso2/carbon/identity/organization/management/authz/service/handler/OrganizationManagementAuthzHandler.java +++ b/components/org.wso2.carbon.identity.organization.management.authz.service/src/main/java/org/wso2/carbon/identity/organization/management/authz/service/handler/OrganizationManagementAuthzHandler.java @@ -161,8 +161,8 @@ private String getUserId(User user, String orgId) throws OrganizationManagementA try { AbstractUserStoreManager userStoreManager = (AbstractUserStoreManager) getUserStoreManager(user); String userId = userStoreManager.getUser(null, user.getUserName()).getUserID(); - Optional optionalUserId = OrganizationSharedUserUtil - .fetchUserIdOfAssociatedUser(userId, orgId); + Optional optionalUserId = + OrganizationSharedUserUtil.getUserIdOfAssociatedUserByOrgId(userId, orgId); return optionalUserId.orElse(userId); } catch (UserStoreException | OrganizationManagementException e) { throw new OrganizationManagementAuthzServiceServerException(e); diff --git a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/util/OrganizationSharedUserUtil.java b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/util/OrganizationSharedUserUtil.java index 58664f0c1..b28b12f92 100644 --- a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/util/OrganizationSharedUserUtil.java +++ b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/util/OrganizationSharedUserUtil.java @@ -43,10 +43,13 @@ public static String getUserManagedOrganizationClaim(AbstractUserStoreManager us } - public static Optional fetchUserIdOfAssociatedUser(String userId, String accessingOrgId) + /** + * Get the user ID of the associated user by the organization ID. + */ + public static Optional getUserIdOfAssociatedUserByOrgId(String associatedUserId, String orgId) throws OrganizationManagementException { return Optional.ofNullable(OrganizationUserSharingDataHolder.getInstance().getOrganizationUserSharingService() - .getUserAssociationOfAssociatedUserByOrgId(userId, accessingOrgId).getUserId()); + .getUserAssociationOfAssociatedUserByOrgId(associatedUserId, orgId).getUserId()); } }