On Mon, Jul 15, 2013 at 10:49 AM, Prabath Siriwardena <prab...@wso2.com>wrote:
>
>
> On Mon, Jul 15, 2013 at 10:38 AM, Amila Suriarachchi <am...@wso2.com>wrote:
>
>>
>>
>>
>> Here is another example. Registry has following method. This method is
>> used to check whether a given user in admin role and allow some permissions
>> (see the usage of this method) to user. If we have an hasRole method as in
>> here[1] we shall not require this method and code would have written as
>>
>> userRealm.hasRole(userName, "admin");
>>
>
>
> We have the method, isUserHasRole(User, Role) in UserStoreManager. Having
> this in UserRealm is not that meaningful.
>
Seems like this method now not available in trunk :)
thanks,
Amila.
>
> Thanks & regards,
> -Prabath
>
>
>>
>> public static boolean hasAdminAuthorizations(String userName, UserRealm
>> userRealm)
>> throws RegistryException {
>>
>> try {
>> UserStoreManager userStoreReader =
>> userRealm.getUserStoreManager();
>>
>> RealmConfiguration realmConfig;
>> try {
>> realmConfig = userRealm.getRealmConfiguration();
>> } catch (UserStoreException e) {
>> String msg = "Failed to retrieve realm configuration.";
>> log.error(msg, e);
>> throw new RegistryException(msg, e);
>> }
>> String systemUser = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
>>
>> if (systemUser.equals(userName)) {
>> return true;
>> }
>>
>> String adminUser = realmConfig.getAdminUserName();
>> if (adminUser.equals(userName)) {
>> return true;
>> }
>>
>> String[] roles = userStoreReader.getRoleListOfUser(userName);
>> String adminRoleName = realmConfig.getAdminRoleName();
>> if (containsString(adminRoleName, roles)) {
>> return true;
>> }
>>
>> } catch (UserStoreException e) {
>>
>> String msg = "Failed to check authorization level of user " +
>> userName + ". Caused by: " + e.getMessage();
>> log.error(msg, e);
>> throw new RegistryException(msg, e);
>> }
>>
>> return false;
>> }
>>
>> thanks,
>> Amila.
>>
>>
>> [1]
>> http://tomcat.apache.org/tomcat-5.5-doc/catalina/docs/api/org/apache/catalina/Realm.html
>>
>>>
>>> With C5 we can keep such a simple API at core level and put admin
>>> functionality to carbon components.
>>>
>>> thanks,
>>> Amila.
>>>
>>>
>>> [1]
>>> http://tomcat.apache.org/tomcat-5.5-doc/catalina/docs/api/org/apache/catalina/Realm.html
>>>
>>>>
>>>> Thanks & regards,
>>>> -Prabath
>>>>
>>>>
>>>> On Thu, Jul 11, 2013 at 12:42 PM, Amila Suriarachchi <am...@wso2.com>wrote:
>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Jul 11, 2013 at 10:21 AM, Prabath Siriwardena <
>>>>> prab...@wso2.com> wrote:
>>>>>
>>>>>> UserStoreManager API is not clean at all.. There so many stuff can
>>>>>> remove... Also maintain two interfaces one in the core and another in
>>>>>> API.
>>>>>> We need to get rid of the interface in core..
>>>>>>
>>>>>> On Thu, Jul 11, 2013 at 10:06 AM, Asela Pathberiya <as...@wso2.com>wrote:
>>>>>>
>>>>>>> Hi All,
>>>>>>>
>>>>>>> I am not sure why we are keeping following method in the API...
>>>>>>> Sorry, if i have missed any thing.... If there are on any usage, we can
>>>>>>> remove them...
>>>>>>>
>>>>>>> 1. String[] getAllSecondaryRoles()
>>>>>>>
>>>>>>> Why we need only the roles of secondary user store?
>>>>>>>
>>>>>>
>>>>>> This is useful.. In a multi-tenanted environment - primary user store
>>>>>> is governed by the super tenant.. It's also better to have a method
>>>>>> getRoles(String userStoreDomain).
>>>>>>
>>>>>
>>>>> This is wrong. You should not try to get the roles from the UserStore.
>>>>> Roles has to come from the Authorization manager.
>>>>>
>>>>> thanks,
>>>>> Amila.
>>>>>
>>>>>>
>>>>>> Thanks & regards,
>>>>>> -Prabath
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> 2. int getTenantId(String username)
>>>>>>>
>>>>>>> Once user is authenticated, we knows the tenant Id. Else why we
>>>>>>> need to get the tenant id of a user who is not in its tenant space ?
>>>>>>>
>>>>>>> 3. int getUserId(String username)
>>>>>>>
>>>>>>> What is the use of user id? It seems to this is
>>>>>>> auto increment value of UM_USER table
>>>>>>>
>>>>>>> 4. int getTenantId()
>>>>>>>
>>>>>>> I guess, tenant Id is not need to expose via user store manager
>>>>>>> API, it is available with carbon context
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Asela.
>>>>>>>
>>>>>>> --
>>>>>>> Thanks & Regards,
>>>>>>> Asela
>>>>>>>
>>>>>>> Mobile : +94 777 625 933
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Thanks & Regards,
>>>>>> Prabath
>>>>>>
>>>>>> Mobile : +94 71 809 6732
>>>>>>
>>>>>> http://blog.facilelogin.com
>>>>>> http://RampartFAQ.com
>>>>>>
>>>>>> _______________________________________________
>>>>>> Dev mailing list
>>>>>> Dev@wso2.org
>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> *Amila Suriarachchi*
>>>>>
>>>>> Software Architect
>>>>> WSO2 Inc. ; http://wso2.com
>>>>> lean . enterprise . middleware
>>>>>
>>>>> phone : +94 71 3082805
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Thanks & Regards,
>>>> Prabath
>>>>
>>>> Mobile : +94 71 809 6732
>>>>
>>>> http://blog.facilelogin.com
>>>> http://RampartFAQ.com
>>>>
>>>
>>>
>>>
>>> --
>>> *Amila Suriarachchi*
>>>
>>> Software Architect
>>> WSO2 Inc. ; http://wso2.com
>>> lean . enterprise . middleware
>>>
>>> phone : +94 71 3082805
>>>
>>
>>
>>
>> --
>> *Amila Suriarachchi*
>>
>> Software Architect
>> WSO2 Inc. ; http://wso2.com
>> lean . enterprise . middleware
>>
>> phone : +94 71 3082805
>>
>
>
>
> --
> Thanks & Regards,
> Prabath
>
> Mobile : +94 71 809 6732
>
> http://blog.facilelogin.com
> http://RampartFAQ.com
>
--
*Amila Suriarachchi*
Software Architect
WSO2 Inc. ; http://wso2.com
lean . enterprise . middleware
phone : +94 71 3082805
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
