@Override public Group updateGroup(Group oldGroup, Group newGroup, Map<String, Boolean> requiredAttributes) throws NotImplementedException, BadRequestException, CharonException, NotFoundException { log.debug("Updating group: {}", oldGroup.getId()); try { if (getSCIMGroup(oldGroup.getId(), requiredGroupClaims, false) == null) { String errMsg = "Group " + oldGroup.getId() + " does not exist."; log.error(errMsg); throw new NotFoundException(errMsg); userStoreConnector.updateGroupAttributes(oldGroup.getId(), attributeList); userStoreConnector.updateUsersOfGroup(oldGroup.getId(), userIds); } else { userStoreConnector.removeUsersOfGroup(oldGroup.getId()); userStoreConnector.removeUsersOfGroup(oldGroup.getId()); return this.getGroup(oldGroup.getId(), requiredAttributes); } catch (UserStoreConnectorException e) { String errMsg = "Error occurred while updating group: " + oldGroup.getId();
private List<Object> listGroups(Map<String, Boolean> requiredAttributes) throws CharonException { List<Object> groupList = new ArrayList<>(); //0th index is to store total number of results; groupList.add(0); try { SCIMGroupHandler groupHandler = new SCIMGroupHandler(carbonUM.getTenantId()); Set<String> roleNames = groupHandler.listSCIMRoles(); for (String roleName : roleNames) { Group group = this.getGroupWithName(roleName); if (group.getId() != null) { groupList.add(group); } } } catch (org.wso2.carbon.user.core.UserStoreException e) { String errMsg = "Error in obtaining role names from user store."; errMsg += e.getMessage(); throw new CharonException(errMsg, e); } catch (IdentitySCIMException | BadRequestException e) { throw new CharonException("Error in retrieving SCIM Group information from database.", e); } //set the totalResults value in index 0 groupList.set(0, groupList.size()-1); return groupList; }
private void updateMemberList(Group oldGroup, Group newGroup) throws CharonException, IdentityStoreException { // list to store the new user ids which will be added to the group's members. List<String> newUserIds = new ArrayList<>(); MultiValuedAttribute newMembersAttribute = (MultiValuedAttribute) newGroup.getAttribute(SCIMConstants.GroupSchemaConstants.MEMBERS); //add the member ids to newUserIds list if (newMembersAttribute != null) { List<Attribute> membersValues = newMembersAttribute.getAttributeValues(); for (Attribute attribute : membersValues) { ComplexAttribute attributeValue = (ComplexAttribute) attribute; SimpleAttribute valueAttribute = (SimpleAttribute) attributeValue.getSubAttribute(SCIMConstants.CommonSchemaConstants.VALUE); newUserIds.add((String) valueAttribute.getValue()); } } //TODO : add the domain name here. identityStore.updateUsersOfGroup(oldGroup.getId(), newUserIds); } }
@Override public Group updateGroup(Group oldGroup, Group newGroup, Map<String, Boolean> requiredAttributes) throws NotImplementedException, BadRequestException, CharonException, NotFoundException { try { if (log.isDebugEnabled()) { log.debug("Updating group: " + oldGroup.toString()); } //get the claims map from the new scim user object. Map<String, String> claims = SCIMClaimResolver.getClaimsMap(newGroup); //get the claim list to be updated. List<Claim> claimList = getGroupBeanFromClaims(claims).getClaims(); //TODO this is a temporary method. need to remove this once the claim management is completed. claimList = ClaimMapper.getInstance().convertMetaToWso2Dialect(claimList); //set user updated claim values //TODO : Give the domain name identityStore.updateGroupClaims(oldGroup.getId(), claimList); //update the member list separately. updateMemberList(oldGroup, newGroup); if (log.isDebugEnabled()) { log.debug("User: " + newGroup.getDisplayName() + " updated through SCIM."); } //get the updated group from the user core and sent it to client. return this.getGroup(newGroup.getId(), requiredAttributes); } catch (GroupNotFoundException e) { throw new NotFoundException("No such group with the group id : " + oldGroup.getId()); } catch (IdentityStoreException e) { throw new CharonException("Error in updating the Group", e); } }
/** * When adding group through SCIM Resource endpoint, add the group attributes to the * Identity_SCIM_GROUP table, in addition to the ones added in UserStore (i.e display name, users) * * @param group */ public void createSCIMAttributes(Group group) throws IdentitySCIMException { try { Map<String, String> attributes = new HashMap<>(); attributes.put(SCIMConstants.CommonSchemaConstants.ID_URI, group.getId()); attributes.put(SCIMConstants.CommonSchemaConstants.CREATED_URI, AttributeUtil.formatDateTime( group.getCreatedDate())); attributes.put(SCIMConstants.CommonSchemaConstants.LAST_MODIFIED_URI, AttributeUtil.formatDateTime( group.getLastModified())); attributes.put(SCIMConstants.CommonSchemaConstants.LOCATION_URI, group.getLocation()); GroupDAO groupDAO = new GroupDAO(); groupDAO.addSCIMGroupAttributes(tenantId, group.getDisplayName(), attributes); } catch (CharonException e) { throw new IdentitySCIMException("Error getting group name from SCIM Group.", e); } }
scimUser.setGroup(null, group.getId(), role);
scimUser.setGroup(null, group.getId(), role);
public void deleteGroup() throws IdentitySCIMException { try { String filter = GROUP_FILTER + ((Group) scimObject).getDisplayName(); List<Group> groups = (List<Group>) (List<?>) listWithGet(null, null, filter, 1, 1, null, null, SCIM2CommonConstants.GROUP); if (groups != null && groups.size() > 0) { String groupId = groups.get(0).getId(); if (groupId == null) { return; } client.setURL(groupEPURL + "/" + groupId); Scimv2GroupsApi api = new Scimv2GroupsApi(client); ScimApiResponse<String> response = api.deleteGroup(); logger.info("SCIM - delete group operation returned with response code: " + response.getStatusCode()); handleSCIMErrorResponse(response); } } catch (AbstractCharonException e) { throw new IdentitySCIMException("Error in provisioning 'delete group' operation for user : " + userName, e); } catch (ScimApiException e) { throw new IdentitySCIMException(e.getMessage(), e); } catch (IOException e) { throw new IdentitySCIMException("Error in provisioning 'delete group' operation for user : " + userName, e); } }
Optional<Group> group = Optional.ofNullable(getSCIMGroup(groupId, requiredGroupClaims, false)); if (group.isPresent()) { scimUser.setGroup(null, group.get().getId(), group.get().getDisplayName()); } else { log.warn("Group " + groupId + " recorded as a group of user " + userId + " but group "
if (groups != null && groups.size() > 0) { SCIMClient scimClient = new SCIMClient(); String groupId = groups.get(0).getId(); if (groupId == null) { return;