Merge pull request #490 from harshanL/release-2.0.x

IOTS-337:Fixed permission remove issue when updating role permissions.
2025-10-06 02:01:45 +00:00 · 2016-12-16 19:48:46 +05:30 · 2016-12-16 19:48:46 +05:30 · b03866e1af
commit b03866e1af
parent 78b9052c37 a2a03a523e
1 changed files with 40 additions and 0 deletions
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java
@ -143,6 +143,17 @@ public class RoleManagementServiceImpl implements RoleManagementService {
        }
    }

+    private UIPermissionNode getAllRolePermissions(String roleName, UserRealm userRealm) throws UserAdminException {
+        org.wso2.carbon.user.core.UserRealm userRealmCore = null;
+        if (userRealm instanceof org.wso2.carbon.user.core.UserRealm) {
+            userRealmCore = (org.wso2.carbon.user.core.UserRealm) userRealm;
+        }
+        final UserRealmProxy userRealmProxy = new UserRealmProxy(userRealmCore);
+        final UIPermissionNode rolePermissions =
+                userRealmProxy.getRolePermissions(roleName, MultitenantConstants.SUPER_TENANT_ID);
+        return rolePermissions;
+    }
+
    private UIPermissionNode getUIPermissionNode(String roleName, UserRealm userRealm)
            throws UserAdminException {
        org.wso2.carbon.user.core.UserRealm userRealmCore = null;
@ -228,6 +239,19 @@ public class RoleManagementServiceImpl implements RoleManagementService {
        return list;
    }

+
+    private List<String> getAuthorizedPermissions(UIPermissionNode uiPermissionNode, List<String> list) {
+        for (UIPermissionNode permissionNode : uiPermissionNode.getNodeList()) {
+            if (permissionNode.isSelected()) {
+                list.add(permissionNode.getResourcePath());
+            }
+            if (permissionNode.getNodeList() != null && permissionNode.getNodeList().length > 0) {
+                getAuthorizedPermissions(permissionNode, list);
+            }
+        }
+        return list;
+    }
+
    @POST
    @Override
    public Response addRole(RoleInfo roleInfo) {
@ -377,6 +401,17 @@ public class RoleManagementServiceImpl implements RoleManagementService {
            }

            if (roleInfo.getPermissions() != null) {
+                // Get all role permissions
+                final UIPermissionNode rolePermissions = this.getAllRolePermissions(roleName, userRealm);
+                List<String> permissions = new ArrayList<String>();
+                this.getAuthorizedPermissions(rolePermissions, permissions);
+                for (String permission : roleInfo.getPermissions()) {
+                    permissions.add(permission);
+                }
+                String [] allApplicablePerms = new String[permissions.size()];
+                allApplicablePerms = permissions.toArray(allApplicablePerms);
+                roleInfo.setPermissions(allApplicablePerms);
+
                // Delete all authorizations for the current role before authorizing the permission tree
                authorizationManager.clearRoleAuthorization(roleName);
                if (roleInfo.getPermissions().length > 0) {
@ -394,6 +429,11 @@ public class RoleManagementServiceImpl implements RoleManagementService {
            log.error(msg, e);
            return Response.serverError().entity(
                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
+        } catch (UserAdminException e) {
+            String msg = "Error occurred while updating permissions of the role '" + roleName + "'";
+            log.error(msg, e);
+            return Response.serverError().entity(
+                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
        }
    }