private static String getLocalRoleName(RoleMapping roleMapping) { return roleMapping.getLocalRole().getLocalRoleName(); }
/** * Get mapped idp roles for given role list * * @param groupList * @param idPRoleMapping * @return */ private List<String> getMappedGroups(List<String> groupList, RoleMapping[] idPRoleMapping) { if (CollectionUtils.isEmpty(groupList)) { return new ArrayList<>(); } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = groupList.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } return mappedUserGroups; }
/** * Get mapped idp roles for given role list * * @param groupList * @param idPRoleMapping * @return */ private List<String> getMappedGroups(List<String> groupList, RoleMapping[] idPRoleMapping) { if (CollectionUtils.isEmpty(groupList)) { return new ArrayList<>(); } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = groupList.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } return mappedUserGroups; }
/** * @param provisioningEntity * @param idPRoleMapping */ private void updateProvisioningUserWithMappedRoles(ProvisioningEntity provisioningEntity, RoleMapping[] idPRoleMapping) { if (provisioningEntity.getEntityType() != ProvisioningEntityType.USER || idPRoleMapping == null || idPRoleMapping.length == 0) { return; } List<String> userGroups = getGroupNames(provisioningEntity.getAttributes()); if (CollectionUtils.isEmpty(userGroups)) { return; } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = userGroups.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } ProvisioningUtil.setClaimValue(IdentityProvisioningConstants.GROUP_CLAIM_URI, provisioningEntity.getAttributes(), mappedUserGroups); }
/** * Validate local roles in role mapping configuration. * * @param validationMsg validation error messages * @param permissionsAndRoleConfig permission and role configurations * @param tenantDomain tenant domain */ private void validateRoleConfigs(List<String> validationMsg, PermissionsAndRoleConfig permissionsAndRoleConfig, String tenantDomain) { if (permissionsAndRoleConfig == null || permissionsAndRoleConfig.getRoleMappings() == null) { return; } try { UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm() .getUserStoreManager(); for (RoleMapping roleMapping : permissionsAndRoleConfig.getRoleMappings()) { if (!userStoreManager.isExistingRole(roleMapping.getLocalRole().getLocalRoleName())) { validationMsg.add(String.format(ROLE_NOT_AVAILABLE, roleMapping.getLocalRole().getLocalRoleName())); break; } } } catch (UserStoreException e) { validationMsg.add(String.format("Error when checking the existence of local roles in %s.", tenantDomain)); } } }
String localRole = mapping.getLocalRole().getLocalRoleName();
log.debug("Local Role: " + roleMapping.getLocalRole().getLocalRoleName() + " SPRole: " + roleMapping.getRemoteRole());
log.debug("Local Role: " + roleMapping.getLocalRole().getLocalRoleName() + " SPRole: " + roleMapping.getRemoteRole());
storeRoleMapPrepStmt.setString(2, roleMapping.getLocalRole().getLocalRoleName()); storeRoleMapPrepStmt.setString(3, roleMapping.getRemoteRole()); storeRoleMapPrepStmt.setInt(4, applicationID);
storeRoleMapPrepStmt.setString(2, roleMapping.getLocalRole().getLocalRoleName()); storeRoleMapPrepStmt.setString(3, roleMapping.getRemoteRole()); storeRoleMapPrepStmt.setInt(4, applicationID);
/** * @param identityProvider */ public ExternalIdPConfig(IdentityProvider identityProvider) { this.identityProvider = identityProvider; claimConfiguration = identityProvider.getClaimConfig(); roleConfiguration = identityProvider.getPermissionAndRoleConfig(); justInTimeProConfig = identityProvider.getJustInTimeProvisioningConfig(); RoleMapping[] mappings = roleConfiguration.getRoleMappings(); if (mappings != null && mappings.length > 0) { for (RoleMapping roleMapping : mappings) { if (StringUtils.isNotEmpty(roleMapping.getLocalRole().getUserStoreId())) { this.roleMappings.put(roleMapping.getRemoteRole(), UserCoreUtil.addDomainToName(roleMapping .getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId())); } else { this.roleMappings.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole() .getLocalRoleName()); } } } }
/** * @param identityProvider */ public ExternalIdPConfig(IdentityProvider identityProvider) { this.identityProvider = identityProvider; claimConfiguration = identityProvider.getClaimConfig(); roleConfiguration = identityProvider.getPermissionAndRoleConfig(); justInTimeProConfig = identityProvider.getJustInTimeProvisioningConfig(); if(roleConfiguration != null) { RoleMapping[] mappings = roleConfiguration.getRoleMappings(); if (mappings != null && mappings.length > 0) { for (RoleMapping roleMapping : mappings) { if (StringUtils.isNotEmpty(roleMapping.getLocalRole().getUserStoreId())) { this.roleMappings.put(roleMapping.getRemoteRole(), UserCoreUtil .addDomainToName(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId())); } else { this.roleMappings.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole().getLocalRoleName()); } } } } }
for (RoleMapping roleMapping : permissionAndRoleConfig.getRoleMappings()) { if (roleMapping.getRemoteRole().equals(receivedRole)) { updatedRoleClaimValues.add(roleMapping.getLocalRole().getLocalRoleName()); continue loop;
/** * @param identityProvider */ public ExternalIdPConfig(IdentityProvider identityProvider) { this.identityProvider = identityProvider; claimConfiguration = identityProvider.getClaimConfig(); roleConfiguration = identityProvider.getPermissionAndRoleConfig(); justInTimeProConfig = identityProvider.getJustInTimeProvisioningConfig(); if(roleConfiguration != null) { RoleMapping[] mappings = roleConfiguration.getRoleMappings(); if (mappings != null && mappings.length > 0) { for (RoleMapping roleMapping : mappings) { if (StringUtils.isNotEmpty(roleMapping.getLocalRole().getUserStoreId())) { this.roleMappings.put(roleMapping.getRemoteRole(), UserCoreUtil .addDomainToName(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getLocalRole().getUserStoreId())); } else { this.roleMappings.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole().getLocalRoleName()); } } } } }
role = mapping.getLocalRole().getUserStoreId() + CarbonConstants.DOMAIN_SEPARATOR + mapping.getLocalRole().getLocalRoleName(); } else { role = mapping.getLocalRole().getLocalRoleName();
role = mapping.getLocalRole().getUserStoreId() + CarbonConstants.DOMAIN_SEPARATOR + mapping.getLocalRole().getLocalRoleName();
this.roleMappings = new HashMap<String, String>(); for (RoleMapping roleMapping : tempRoleMappings) { this.roleMappings.put(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getRemoteRole());
this.roleMappings.put(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getRemoteRole());
this.roleMappings.put(roleMapping.getLocalRole().getLocalRoleName(), roleMapping.getRemoteRole());