Skip to content

Commit

Permalink
feat(jans-config-api): add deletable flag to admin-ui role object #888 (
Browse files Browse the repository at this point in the history
#900)

* feat: add deletable flag to admin-ui role object #888

* feat: add deletable flag to admin-ui role object #888

* feat: add deletable flag to admin-ui role object #888
  • Loading branch information
duttarnab authored Feb 24, 2022
1 parent b9f56c3 commit 500a773
Show file tree
Hide file tree
Showing 4 changed files with 50 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
public class AdminRole {
private String role;
private String description;
private Boolean deletable;

public String getRole() {
return role;
Expand All @@ -22,6 +23,13 @@ public void setDescription(String description) {
this.description = description;
}

public Boolean getDeletable() {
return deletable;
}

public void setDeletable(Boolean deletable) {
this.deletable = deletable;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
Expand All @@ -40,6 +48,7 @@ public String toString() {
return "AdminRole{" +
"role='" + role + '\'' +
", description='" + description + '\'' +
", deletable='" + deletable + '\'' +
'}';
}
}
3 changes: 3 additions & 0 deletions jans-config-api/docs/jans-config-api-swagger.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6471,6 +6471,9 @@ components:
description:
type: string
description: role description
deletable:
type: boolean
description: can we delete the role?
AdminPermission:
type: object
description: Admin permission
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,24 @@ public List<AdminRole> getRoles() throws ApplicationException {
}
}

private AdminRole getRoleObjByName(String role) throws ApplicationException {
try {
AdminConf adminConf = entryManager.find(AdminConf.class, CONFIG_DN);
List<AdminRole> roles = adminConf.getDynamic().getRoles().stream().filter(ele -> ele.getRole().equals(role)).collect(Collectors.toList());
if (roles.isEmpty()) {
log.error(ErrorResponse.ROLE_NOT_FOUND.getDescription());
throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.ROLE_NOT_FOUND.getDescription());
}
return roles.get(0);
} catch (ApplicationException e) {
log.error(ErrorResponse.GET_ADMIUI_ROLES_ERROR.getDescription());
throw e;
} catch (Exception e) {
log.error(ErrorResponse.GET_ADMIUI_ROLES_ERROR.getDescription(), e);
throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.GET_ADMIUI_ROLES_ERROR.getDescription());
}
}

public List<AdminRole> addRole(AdminRole roleArg) throws ApplicationException {
try {
AdminConf adminConf = entryManager.find(AdminConf.class, CONFIG_DN);
Expand Down Expand Up @@ -103,6 +121,11 @@ public List<AdminRole> deleteRole(String role) throws ApplicationException {
}

List<AdminRole> roles = adminConf.getDynamic().getRoles();
if (isFalse(getRoleObjByName(role).getDeletable())) {
log.error(ErrorResponse.ROLE_MARKED_UNDELETABLE.getDescription());
throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.ROLE_MARKED_UNDELETABLE.getDescription());
}

roles.removeIf(ele -> ele.getRole().equals(role));

adminConf.getDynamic().setRoles(roles);
Expand Down Expand Up @@ -287,13 +310,20 @@ public List<RolePermissionMapping> mapPermissionsToRole(RolePermissionMapping ro
public List<RolePermissionMapping> removePermissionsFromRole(RolePermissionMapping rolePermissionMappingArg) throws ApplicationException {
try {
AdminConf adminConf = entryManager.find(AdminConf.class, CONFIG_DN);
if (isFalse(getRoleObjByName(role).getDeletable())) {
log.error(ErrorResponse.ROLE_MARKED_UNDELETABLE.getDescription());
throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.ROLE_MARKED_UNDELETABLE.getDescription());
}
List<RolePermissionMapping> roleScopeMapping = adminConf.getDynamic().getRolePermissionMapping()
.stream().filter(ele -> !ele.getRole().equalsIgnoreCase(rolePermissionMappingArg.getRole()))
.collect(Collectors.toList());
adminConf.getDynamic().setRolePermissionMapping(roleScopeMapping);
entryManager.merge(adminConf);

return adminConf.getDynamic().getRolePermissionMapping();
} catch (ApplicationException e) {
log.error(ErrorResponse.ERROR_IN_DELETING_ROLE_PERMISSION.getDescription());
throw e;
} catch (Exception e) {
log.error(ErrorResponse.ERROR_IN_DELETING_ROLE_PERMISSION.getDescription(), e);
throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.ERROR_IN_DELETING_ROLE_PERMISSION.getDescription());
Expand Down Expand Up @@ -321,4 +351,11 @@ private void validateRolePermissionMapping(AdminConf adminConf, RolePermissionMa
throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.PERMISSION_NOT_FOUND.getDescription());
}
}

private static boolean isFalse(Boolean bool) {
if (bool == null) {
return true;
}
return bool.booleanValue() ? false : true;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ public enum ErrorResponse {
SAVE_ADMIUI_PERMISSIONS_ERROR("Error in saving Admin UI permissions."),
EDIT_ADMIUI_PERMISSIONS_ERROR("Error in editing Admin UI permissions."),
DELETE_ADMIUI_PERMISSIONS_ERROR("Error in deleting Admin UI permissions."),
ROLE_MARKED_UNDELETABLE("Role cannot be deleted. Please set ‘deletable’ property of role to true."),
UNABLE_TO_DELETE_ROLE_MAPPED_TO_PERMISSIONS("Role is mapped to permissions so cannot be deleted. Please remove the permissions mapped before deleting the role."),
UNABLE_TO_DELETE_PERMISSION_MAPPED_TO_ROLE("Permission is mapped to role so cannot be deleted. Please remove the permission mapped to the role before deleting it.");

Expand Down

0 comments on commit 500a773

Please sign in to comment.