On Mon, Jul 15, 2013 at 10:49 AM, Prabath Siriwardena <prab...@wso2.com>wrote:
> > > On Mon, Jul 15, 2013 at 10:38 AM, Amila Suriarachchi <am...@wso2.com>wrote: > >> >> >> >> Here is another example. Registry has following method. This method is >> used to check whether a given user in admin role and allow some permissions >> (see the usage of this method) to user. If we have an hasRole method as in >> here[1] we shall not require this method and code would have written as >> >> userRealm.hasRole(userName, "admin"); >> > > > We have the method, isUserHasRole(User, Role) in UserStoreManager. Having > this in UserRealm is not that meaningful. > Seems like this method now not available in trunk :) thanks, Amila. > > Thanks & regards, > -Prabath > > >> >> public static boolean hasAdminAuthorizations(String userName, UserRealm >> userRealm) >> throws RegistryException { >> >> try { >> UserStoreManager userStoreReader = >> userRealm.getUserStoreManager(); >> >> RealmConfiguration realmConfig; >> try { >> realmConfig = userRealm.getRealmConfiguration(); >> } catch (UserStoreException e) { >> String msg = "Failed to retrieve realm configuration."; >> log.error(msg, e); >> throw new RegistryException(msg, e); >> } >> String systemUser = CarbonConstants.REGISTRY_SYSTEM_USERNAME; >> >> if (systemUser.equals(userName)) { >> return true; >> } >> >> String adminUser = realmConfig.getAdminUserName(); >> if (adminUser.equals(userName)) { >> return true; >> } >> >> String[] roles = userStoreReader.getRoleListOfUser(userName); >> String adminRoleName = realmConfig.getAdminRoleName(); >> if (containsString(adminRoleName, roles)) { >> return true; >> } >> >> } catch (UserStoreException e) { >> >> String msg = "Failed to check authorization level of user " + >> userName + ". Caused by: " + e.getMessage(); >> log.error(msg, e); >> throw new RegistryException(msg, e); >> } >> >> return false; >> } >> >> thanks, >> Amila. >> >> >> [1] >> http://tomcat.apache.org/tomcat-5.5-doc/catalina/docs/api/org/apache/catalina/Realm.html >> >>> >>> With C5 we can keep such a simple API at core level and put admin >>> functionality to carbon components. >>> >>> thanks, >>> Amila. >>> >>> >>> [1] >>> http://tomcat.apache.org/tomcat-5.5-doc/catalina/docs/api/org/apache/catalina/Realm.html >>> >>>> >>>> Thanks & regards, >>>> -Prabath >>>> >>>> >>>> On Thu, Jul 11, 2013 at 12:42 PM, Amila Suriarachchi <am...@wso2.com>wrote: >>>> >>>>> >>>>> >>>>> >>>>> On Thu, Jul 11, 2013 at 10:21 AM, Prabath Siriwardena < >>>>> prab...@wso2.com> wrote: >>>>> >>>>>> UserStoreManager API is not clean at all.. There so many stuff can >>>>>> remove... Also maintain two interfaces one in the core and another in >>>>>> API. >>>>>> We need to get rid of the interface in core.. >>>>>> >>>>>> On Thu, Jul 11, 2013 at 10:06 AM, Asela Pathberiya <as...@wso2.com>wrote: >>>>>> >>>>>>> Hi All, >>>>>>> >>>>>>> I am not sure why we are keeping following method in the API... >>>>>>> Sorry, if i have missed any thing.... If there are on any usage, we can >>>>>>> remove them... >>>>>>> >>>>>>> 1. String[] getAllSecondaryRoles() >>>>>>> >>>>>>> Why we need only the roles of secondary user store? >>>>>>> >>>>>> >>>>>> This is useful.. In a multi-tenanted environment - primary user store >>>>>> is governed by the super tenant.. It's also better to have a method >>>>>> getRoles(String userStoreDomain). >>>>>> >>>>> >>>>> This is wrong. You should not try to get the roles from the UserStore. >>>>> Roles has to come from the Authorization manager. >>>>> >>>>> thanks, >>>>> Amila. >>>>> >>>>>> >>>>>> Thanks & regards, >>>>>> -Prabath >>>>>> >>>>>> >>>>>>> >>>>>>> 2. int getTenantId(String username) >>>>>>> >>>>>>> Once user is authenticated, we knows the tenant Id. Else why we >>>>>>> need to get the tenant id of a user who is not in its tenant space ? >>>>>>> >>>>>>> 3. int getUserId(String username) >>>>>>> >>>>>>> What is the use of user id? It seems to this is >>>>>>> auto increment value of UM_USER table >>>>>>> >>>>>>> 4. int getTenantId() >>>>>>> >>>>>>> I guess, tenant Id is not need to expose via user store manager >>>>>>> API, it is available with carbon context >>>>>>> >>>>>>> Thanks, >>>>>>> Asela. >>>>>>> >>>>>>> -- >>>>>>> Thanks & Regards, >>>>>>> Asela >>>>>>> >>>>>>> Mobile : +94 777 625 933 >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Thanks & Regards, >>>>>> Prabath >>>>>> >>>>>> Mobile : +94 71 809 6732 >>>>>> >>>>>> http://blog.facilelogin.com >>>>>> http://RampartFAQ.com >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> Dev@wso2.org >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> *Amila Suriarachchi* >>>>> >>>>> Software Architect >>>>> WSO2 Inc. ; http://wso2.com >>>>> lean . enterprise . middleware >>>>> >>>>> phone : +94 71 3082805 >>>>> >>>> >>>> >>>> >>>> -- >>>> Thanks & Regards, >>>> Prabath >>>> >>>> Mobile : +94 71 809 6732 >>>> >>>> http://blog.facilelogin.com >>>> http://RampartFAQ.com >>>> >>> >>> >>> >>> -- >>> *Amila Suriarachchi* >>> >>> Software Architect >>> WSO2 Inc. ; http://wso2.com >>> lean . enterprise . middleware >>> >>> phone : +94 71 3082805 >>> >> >> >> >> -- >> *Amila Suriarachchi* >> >> Software Architect >> WSO2 Inc. ; http://wso2.com >> lean . enterprise . middleware >> >> phone : +94 71 3082805 >> > > > > -- > Thanks & Regards, > Prabath > > Mobile : +94 71 809 6732 > > http://blog.facilelogin.com > http://RampartFAQ.com > -- *Amila Suriarachchi* Software Architect WSO2 Inc. ; http://wso2.com lean . enterprise . middleware phone : +94 71 3082805
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev