本文整理汇总了Java中org.wso2.carbon.user.api.UserStoreManager.isExistingRole方法的典型用法代码示例。如果您正苦于以下问题:Java UserStoreManager.isExistingRole方法的具体用法?Java UserStoreManager.isExistingRole怎么用?Java UserStoreManager.isExistingRole使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.wso2.carbon.user.api.UserStoreManager的用法示例。
在下文中一共展示了UserStoreManager.isExistingRole方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: registerApiAccessRoles
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
public static void registerApiAccessRoles(String user) {
UserStoreManager userStoreManager = null;
try {
userStoreManager = getUserStoreManager();
String[] userList = new String[]{user};
if (userStoreManager != null) {
String rolesOfUser[] = userStoreManager.getRoleListOfUser(user);
if (!userStoreManager.isExistingRole(Constants.DEFAULT_ROLE_NAME)) {
userStoreManager.addRole(Constants.DEFAULT_ROLE_NAME, userList, Constants.DEFAULT_PERMISSION);
} else if (rolesOfUser != null && Arrays.asList(rolesOfUser).contains(Constants.DEFAULT_ROLE_NAME)) {
return;
} else {
userStoreManager.updateUserListOfRole(Constants.DEFAULT_ROLE_NAME, new String[0], userList);
}
}
} catch (UserStoreException e) {
log.error("Error while creating a role and adding a user for virtual_firealarm.", e);
}
}
示例2: removeRoleCreateForLoggedInUser
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
/**
* Every queue/topic has a role with the same name as the queue/topic name. This role is used
* to store the permissions for the user who created the queue/topic.This role should be
* deleted when the queue/topic is deleted.
*
* @param destinationName name of the queue or topic
* @throws EventBrokerException
*/
private static void removeRoleCreateForLoggedInUser(String destinationName)
throws EventBrokerException {
//For registry we use a modified queue name
String newDestinationName = destinationName.replace("@", AT_REPLACE_CHAR);
String roleName = UserCoreUtil.addInternalDomainName(TOPIC_ROLE_PREFIX +
newDestinationName.replace("/", "-"));
try {
UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
if (userStoreManager.isExistingRole(roleName)) {
userStoreManager.deleteRole(roleName);
}
} catch (UserStoreException e) {
throw new EventBrokerException("Error while deleting " + newDestinationName, e);
}
}
示例3: createInternalUserRole
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
/**
* Creating Internal/user Role at Carbon Server Start-up
*/
public static void createInternalUserRole(UserStoreManager userStoreManager) throws UserManagerException {
String userRole = "Internal/user";
try {
if (!userStoreManager.isExistingRole(userRole)) {
log.info("Creating internal user role: " + userRole);
//Set permissions to the Internal/user role
List<Permission> permissions = new ArrayList<Permission>();
for (String permissionResourceId : PermissionConstants.STRATOS_PERMISSIONS) {
Permission permission = new Permission(permissionResourceId, UserMgtConstants.EXECUTE_ACTION);
permissions.add(permission);
}
String[] userList = new String[]{};
userStoreManager.addRole(userRole, userList, permissions.toArray(new Permission[permissions.size()]));
}
} catch (UserStoreException e) {
String msg = "Error while creating the role: " + userRole;
log.error(msg, e);
throw new UserManagerException(msg, e);
}
}
示例4: removeRoleCreatedForLoggedInUser
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
/**
* Every queue has a role with the same name as the queue name. This role is used to store
* the permissions for the user who created the queue.This role should be deleted when the
* queue is deleted.
*
* @param queueName name of the queue
* @throws QueueManagerException
*/
private static void removeRoleCreatedForLoggedInUser(String queueName)
throws QueueManagerException {
//For registry we use a modified queue name
String newQueueName = queueName.replace("@", AT_REPLACE_CHAR);
String roleName = UserCoreUtil.addInternalDomainName(QUEUE_ROLE_PREFIX +
newQueueName.replace(".", "-").replace("/", "-"));
try {
UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext()
.getUserRealm().getUserStoreManager();
if (userStoreManager.isExistingRole(roleName)) {
userStoreManager.deleteRole(roleName);
}
} catch (UserStoreException e) {
throw new QueueManagerException("Error while deleting " + newQueueName, e);
}
}
示例5: removeQueueRoleCreateForLoggedInUser
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
/**
* Every queue has a role with the name QUEUE_ROLE_PREFIX+queueName. This role is used
* to store the permissions for the user who created the queue.This role should be
* deleted when the queue/topic is deleted.
*
* @param queueName name of the queue or topic
* @throws UserStoreException if user store exception occurred
*/
private static void removeQueueRoleCreateForLoggedInUser(String queueName)
throws UserStoreException {
String roleName = UserCoreUtil.addInternalDomainName(QUEUE_ROLE_PREFIX +
queueName.replace(".","-").replace("/", "-"));
AuthorizationManager authorizationManager = CarbonContext.getThreadLocalCarbonContext()
.getUserRealm().getAuthorizationManager();
UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext()
.getUserRealm().getUserStoreManager();
if (userStoreManager.isExistingRole(roleName)) {
userStoreManager.deleteRole(roleName);
authorizationManager.clearResourceAuthorizations(CommonsUtil.getQueueID(queueName));
}
if (log.isDebugEnabled()) {
log.debug("role " + roleName + " associated with queue " + queueName + " deleted");
}
}
示例6: authorizePermissionsToLoggedInUser
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
/**
* Create a new role which has the same name as the destinationName and assign the logged in
* user to the newly created role. Then, authorize the newly created role to subscribe and
* publish to the destination.
*
* @param username name of the logged in user
* @param destinationName destination name. Either topic or queue name
* @param destinationId ID given to the destination
* @param userRealm the user store
* @throws UserStoreException
*/
private static void authorizePermissionsToLoggedInUser(String username, String destinationName,
String destinationId,
UserRealm userRealm) throws
UserStoreException {
//For registry we use a modified queue name
String newDestinationName = destinationName.replace("@", AT_REPLACE_CHAR);
// creating the internal role name
String roleName = UserCoreUtil.addInternalDomainName(TOPIC_ROLE_PREFIX +
newDestinationName.replace("/", "-"));
// the interface to store user data
UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
if (!userStoreManager.isExistingRole(roleName)) {
String[] user = {MultitenantUtils.getTenantAwareUsername(username)};
// adds the internal role to user store
userStoreManager.addRole(roleName, user, null);
// gives subscribe permissions to the internal role in the user store
userRealm.getAuthorizationManager().authorizeRole(
roleName, destinationId, EventBrokerConstants.EB_PERMISSION_SUBSCRIBE);
// gives publish permissions to the internal role in the user store
userRealm.getAuthorizationManager().authorizeRole(
roleName, destinationId, EventBrokerConstants.EB_PERMISSION_PUBLISH);
// gives change permissions to the internal role in the user store
userRealm.getAuthorizationManager().authorizeRole(
roleName, destinationId, EventBrokerConstants.EB_PERMISSION_CHANGE_PERMISSION);
} else {
log.warn("Unable to provide permissions to the user, " +
" " + username + ", to subscribe and publish to " + newDestinationName);
}
}
示例7: authorizePermissionsToLoggedInUser
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
/**
* Create a new role which has the same name as the queueName and assign the logged in
* user to the newly created role. Then, authorize the newly created role to subscribe and* * publish to the queue.
*
* @param queueName queue name
* @param queueId Id given to the queue
* @param userRealm User's Realm
* @throws QueueManagerException
*/
private static void authorizePermissionsToLoggedInUser(String queueName,
String queueId,
UserRealm userRealm)
throws QueueManagerException {
//For registry we use a modified queue name
String newQueueName = queueName.replace("@", AT_REPLACE_CHAR);
String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
try {
String roleName = UserCoreUtil.addInternalDomainName(QUEUE_ROLE_PREFIX +
queueName.replace(".", "-").replace("/", "-"));
UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext()
.getUserRealm().getUserStoreManager();
if (!userStoreManager.isExistingRole(roleName)) {
String[] user = {MultitenantUtils.getTenantAwareUsername(username)};
userStoreManager.addRole(roleName, user, null);
userRealm.getAuthorizationManager().authorizeRole(roleName, queueId,
PERMISSION_CHANGE_PERMISSION);
userRealm.getAuthorizationManager().authorizeRole(
roleName, queueId, TreeNode.Permission.CONSUME.toString().toLowerCase());
userRealm.getAuthorizationManager().authorizeRole(
roleName, queueId, TreeNode.Permission.PUBLISH.toString().toLowerCase());
} else {
throw new QueueManagerException("Unable to provide permissions to the user, " +
" " + username + ", to subscribe and publish to " +
newQueueName);
}
} catch (UserStoreException e) {
throw new QueueManagerException("Error while creating " + newQueueName, e);
}
}
示例8: authorizePermissionsToLoggedInUser
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
/**
* Create a new role which has the same name as the destinationName and assign the logged in
* user to the newly created role. Then, authorize the newly created role to subscribe and
* publish to the destination.
*
* @param username name of the logged in user
* @param destinationName destination name. Either topic or queue name
* @param destinationId ID given to the destination
* @param userRealm the user store
* @throws org.wso2.carbon.user.api.UserStoreException
*/
private static void authorizePermissionsToLoggedInUser(String username, String destinationName,
String destinationId,
UserRealm userRealm) throws
UserStoreException {
//For registry we use a modified queue name
String roleName;
String newDestinationName = destinationName.replace("@", AT_REPLACE_CHAR);
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
// creating the internal role name
newDestinationName = newDestinationName.substring(0, 1)
.equalsIgnoreCase("/") ? newDestinationName.replaceFirst("/", "") : newDestinationName;
if (CarbonContext.getThreadLocalCarbonContext().getTenantId() >= 0) {
String destinationWithTenantDomain = tenantDomain + "/" + newDestinationName;
roleName = UserCoreUtil.addInternalDomainName(TOPIC_ROLE_PREFIX +
destinationWithTenantDomain.replace(".","-").replace("/", "-"));
} else {
roleName = UserCoreUtil.addInternalDomainName(TOPIC_ROLE_PREFIX +
newDestinationName.replace(".","-").replace("/", "-"));
}
// the interface to store user data
UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
if (!userStoreManager.isExistingRole(roleName)) {
String[] user = {MultitenantUtils.getTenantAwareUsername(username)};
// adds the internal role to user store
userStoreManager.addRole(roleName, user, null);
// giving permissions to the topic and it's all hierarchy
grantPermissionToHierarchyLevel(userRealm, destinationId, roleName);
} else {
log.warn("Unable to provide permissions to the user, " +
" " + username + ", to subscribe and publish to " + newDestinationName);
}
}
示例9: removeRoleCreateForLoggedInUser
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
/**
* Every queue/topic has a role with the same name as the queue/topic name. This role is used
* to store the permissions for the user who created the queue/topic.This role should be
* deleted when the queue/topic is deleted.
*
* @param destinationName name of the queue or topic
* @throws EventBrokerException
*/
private void removeRoleCreateForLoggedInUser(String destinationName)
throws EventBrokerException {
//For registry we use a modified queue name
String roleName;
String newDestinationName = destinationName.replace("@", AT_REPLACE_CHAR);
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
if (CarbonContext.getThreadLocalCarbonContext().getTenantId() >= 0) {
String destinationWithTenantDomain = tenantDomain + "/" + newDestinationName;
roleName = UserCoreUtil.addInternalDomainName(TOPIC_ROLE_PREFIX +
destinationWithTenantDomain.replace(".","-").replace("/", "-"));
} else {
roleName = UserCoreUtil.addInternalDomainName(TOPIC_ROLE_PREFIX +
newDestinationName.replace(".","-").replace("/", "-"));
}
try {
UserStoreManager userStoreManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager();
AuthorizationManager authorizationManager = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getAuthorizationManager();
if (userStoreManager.isExistingRole(roleName)) {
userStoreManager.deleteRole(roleName);
authorizationManager.clearResourceAuthorizations(JavaUtil.getResourcePath(destinationName, getTopicStoragePath()));
}
} catch (UserStoreException e) {
throw new EventBrokerException("Error while deleting " + newDestinationName, e);
}
}
示例10: authorizeQueuePermissionsToLoggedInUser
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
/**
* Create a new role which has the same name as the queueName and assign the logged in
* user to the newly created role. Then, authorize the newly created role to subscribe and
* publish to the queue.
*
* @param username name of the logged in user
* @param queueName queue name
* @param queueId ID given to the queue
* @param userRealm User's Realm
* @throws UserStoreException if user store exception occurred
*/
private static void authorizeQueuePermissionsToLoggedInUser(String username, String queueName,
String queueId, UserRealm userRealm)
throws UserStoreException {
// if this is the dead letter channel user is not given permission to consume or subscribe
if (DLCQueueUtils.isDeadLetterQueue(queueName)) {
if (log.isDebugEnabled()) {
log.debug("Dead letter channel permission to subscribe or consume is not granted " +
"to users");
}
return;
}
String roleName = UserCoreUtil.addInternalDomainName(QUEUE_ROLE_PREFIX
+ queueName.replace(".","-").replace("/", "-"));
UserStoreManager userStoreManager = userRealm.getUserStoreManager();
if (!userStoreManager.isExistingRole(roleName)) {
String[] user = {MultitenantUtils.getTenantAwareUsername(username)};
userStoreManager.addRole(roleName, user, null);
authorizeRoleToPublishConsume(userRealm, roleName, queueId);
if (log.isDebugEnabled()) {
log.debug("permission granted to user = " + username + " role = " + roleName
+ " queue = " + queueName + " queueId = " + queueId);
}
} else {
log.warn("Unable to provide permissions to the user, " +
" " + username + ", to subscribe and publish to " + queueName);
}
}
示例11: authorizeTopicPermissionsToLoggedInUser
import org.wso2.carbon.user.api.UserStoreManager; //导入方法依赖的package包/类
/**
* Create a new role which has the same name as the topicName and assign the logged in
* user to the newly created role. Then, authorize the newly created role to subscribe and
* publish to the topic.
*
* @param username name of the logged in user
* @param topicName destination name. Either topic or queue name
* @param topicId Id given to the destination
* @param queueName temp queue name
* @param userRealm User's Realm
* @throws UserStoreException if user store exception occurred
*/
private static void authorizeTopicPermissionsToLoggedInUser(String username, String topicName,
String topicId, String queueName,
UserRealm userRealm)
throws UserStoreException {
String roleName = UserCoreUtil.addInternalDomainName(TOPIC_ROLE_PREFIX +
topicName.replace(".*", "").replace(".#", "")
.replace(".","-").replace("/", "-"));
UserStoreManager userStoreManager = userRealm.getUserStoreManager();
String[] user = {MultitenantUtils.getTenantAwareUsername(username)};
String tempQueueId = CommonsUtil.getQueueID(queueName);
if (!userStoreManager.isExistingRole(roleName)) {
userStoreManager.addRole(roleName, user, null);
}
boolean userShouldBeAdded = true;
for (String foundUser : userStoreManager.getUserListOfRole(roleName)) {
if (username.equals(foundUser)) {
userShouldBeAdded = false;
break;
}
}
if (userShouldBeAdded) {
userStoreManager.updateUserListOfRole(roleName, new String[0], user);
}
//giving permissions to the topic
grantPermissionToHierarchyLevel(username, userRealm, topicId, roleName);
if (isTopicSubscriberQueue(queueName)) {
//if user has add topic permission then map tmp queue with topic name because in
//consume we are getting only tmp queue name
temporaryQueueToTopicMap.put(queueName, topicName);
} else {
//Giving permissions for the durable topic queue because this has to be persist in permission table.
//We need to handle durable subscription even server shutdown and start again. We cannot maintain durable
//subscription queue permission as above in memory.
authorizeRoleToPublishConsume(userRealm, roleName, tempQueueId);
}
if (log.isDebugEnabled()) {
log.debug("permission granted to user = " + username + " role = " + roleName
+ " topic = " + topicName + " topicId = " + topicId);
}
}