Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/org_visibility' into master-ne…
Browse files Browse the repository at this point in the history 
…w-merge
  • Loading branch information
@chamilaadhi
chamilaadhi committed Jan 2, 2025
2 parents adb0bd5 + ecd772f commit cb2da14
Show file tree
Hide file tree
Showing 68 changed files with 1,686 additions and 212 deletions.
26 changes: 25 additions & 1 deletion ...imgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/APIConsumer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@
import org.wso2.carbon.apimgt.api.model.KeyManagerApplicationInfo;
import org.wso2.carbon.apimgt.api.model.Monetization;
import org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo;
import org.wso2.carbon.apimgt.api.model.OrganizationInfo;
import org.wso2.carbon.apimgt.api.model.ResourceFile;
import org.wso2.carbon.apimgt.api.model.Scope;
import org.wso2.carbon.apimgt.api.model.SubscribedAPI;
Expand Down Expand Up @@ -461,12 +462,13 @@ OAuthApplicationInfo updateAuthClient(String userId, Application application,
* @param offset
* @param groupingId the groupId to which the applications must belong.
* @param organization Identifier of an organization
* @param sharedOrganization
* @return Applications
* @throws APIManagementException if failed to applications for given subscriber
*/

Application[] getApplicationsWithPagination(Subscriber subscriber, String groupingId, int start, int offset,
String search, String sortColumn, String sortOrder, String organization)
String search, String sortColumn, String sortOrder, String organization, String sharedOrganization)
throws APIManagementException;

/**
Expand Down Expand Up @@ -891,4 +893,26 @@ boolean isKeyManagerByNameAllowedForUser(String keyManagerName, String organizat
* @throws APIManagementException
*/
boolean removalKeys(Application application, String keyMappingId, String xWSO2Tenant) throws APIManagementException;

/**
* @param searchQuery search query. ex : provider:admin
* @param organizationInfo Identifier of an organization
* @param start starting number
* @param end ending number
* @return
* @throws APIManagementException
*/
Map<String, Object> searchPaginatedAPIs(String searchQuery, OrganizationInfo organizationInfo, int start, int end,
String sortBy, String sortOrder) throws APIManagementException;

/**
* @param searchQuery search query
* @param organizationInfo Information about the organization
* @param start
* @param end
* @return
* @throws APIManagementException
*/
Map<String, Object> searchPaginatedContent(String searchQuery, OrganizationInfo organizationInfo, int start, int end)
throws APIManagementException;
}
1 change: 1 addition & 0 deletions ...t/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/ExceptionCodes.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@ public enum ExceptionCodes implements ErrorHandler {
INVALID_CONTEXT(900346, "Invalid context provided", 400, "Invalid context provided for API: %s:%s"),
INVALID_ENDPOINT_URL(900346, "Endpoint URL(s) is(are) not valid", 400, "Endpoint URL(s) is(are) not valid"),
USER_ROLES_CANNOT_BE_NULL(900610, "Access control roles cannot be empty", 400, "Access control roles cannot be empty when visibility is restricted"),
ORGS_CANNOT_BE_NULL(900610, "Access control organizatoins cannot be empty", 400, "Access control organizations cannot be empty when visibility is restricted"),
API_REVISION_NOT_FOUND(900347, "API Revision Not Found", 404, "Requested API Revision with id %s not found"),
EXISTING_API_REVISION_DEPLOYMENT_FOUND(900348, "Can not delete API Revision ", 400, "Couldn't delete API revision since API revision is currently deployed to a gateway. " +
"You need to undeploy the API Revision from the gateway before attempting deleting API Revision: %s "),
Expand Down
12 changes: 12 additions & 0 deletions ...n.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/dto/KeyManagerConfigurationDTO.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,9 @@
package org.wso2.carbon.apimgt.api.dto;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
Expand All @@ -44,6 +46,7 @@ public class KeyManagerConfigurationDTO implements Serializable {
private String alias = null;
private KeyManagerPermissionConfigurationDTO permissions = new KeyManagerPermissionConfigurationDTO();
private Boolean isUsed = null;
private List<String> allowedOrganizations = new ArrayList<String>();

public KeyManagerConfigurationDTO() {
}
Expand All @@ -62,6 +65,7 @@ public KeyManagerConfigurationDTO(KeyManagerConfigurationDTO keyManagerConfigura
this.externalReferenceId = keyManagerConfigurationDTO.getExternalReferenceId();
this.endpoints = keyManagerConfigurationDTO.getEndpoints();
this.setPermissions(keyManagerConfigurationDTO.getPermissions());
this.allowedOrganizations = keyManagerConfigurationDTO.getAllowedOrganizations();
}
public String getName() {

Expand Down Expand Up @@ -207,4 +211,12 @@ public void setUsed(Boolean isUsed) {

this.isUsed = isUsed;
}

public List<String> getAllowedOrganizations() {
return allowedOrganizations;
}

public void setAllowedOrganizations(List<String> allowedOrganizations) {
this.allowedOrganizations = allowedOrganizations;
}
}
12 changes: 11 additions & 1 deletion ...apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/model/API.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,8 +102,10 @@ public class API implements Serializable {
private String visibility;
private String visibleRoles;
private String visibleTenants;
private String visibleOrganizations;

private boolean endpointSecured = false;

private boolean endpointSecured = false;
private boolean endpointAuthDigest = false;
private String endpointUTUsername;
private String endpointUTPassword;
Expand Down Expand Up @@ -1561,6 +1563,14 @@ public List<OperationPolicy> getApiPolicies() {
public void setApiPolicies(List<OperationPolicy> apiPolicies) {
this.apiPolicies = apiPolicies;
}

public String getVisibleOrganizations() {
return visibleOrganizations;
}

public void setVisibleOrganizations(String visibleOrganizations) {
this.visibleOrganizations = visibleOrganizations;
}

/**
* Property to hold whether the API isEGRESS (1)
Expand Down
10 changes: 10 additions & 0 deletions ...rg.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/model/Application.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,8 @@ public Map<String, Map<String, OAuthApplicationInfo>> getKeyManagerWiseOAuthApp(
private String keyType;
private int subscriptionCount;
private String keyManager;
private String sharedOrganization;

public String getCreatedTime() {
return createdTime;
}
Expand Down Expand Up @@ -320,4 +322,12 @@ public void setOrganization(String organization) {

this.organization = organization;
}

public String getSharedOrganization() {
return sharedOrganization;
}

public void setSharedOrganization(String sharedOrganization) {
this.sharedOrganization = sharedOrganization;
}
}
66 changes: 66 additions & 0 deletions ...o2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/model/OrganizationInfo.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
/*
* Copyright (c) 2024, WSO2 LLc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/


package org.wso2.carbon.apimgt.api.model;

public class OrganizationInfo {


String superOrganization;
String name;
String id;
String organizationSelector;
OrganizationInfo parentOrganization;
OrganizationInfo[] childOrganizations;

public String getSuperOrganization() {
return superOrganization;
}
public void setSuperOrganization(String superOrganization) {
this.superOrganization = superOrganization;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public OrganizationInfo getParentOrganization() {
return parentOrganization;
}
public void setParentOrganization(OrganizationInfo parentOrganization) {
this.parentOrganization = parentOrganization;
}
public OrganizationInfo[] getChildOrganizations() {
return childOrganizations;
}
public void setChildOrganizations(OrganizationInfo[] childOrganizations) {
this.childOrganizations = childOrganizations;
}
public String getOrganizationSelector() {
return organizationSelector;
}
public void setOrganizationSelector(String organizationSelector) {
this.organizationSelector = organizationSelector;
}
}
21 changes: 16 additions & 5 deletions ....apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/model/policy/SubscriptionPolicy.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,10 @@

package org.wso2.carbon.apimgt.api.model.policy;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

public class SubscriptionPolicy extends Policy {
Expand All @@ -34,6 +36,7 @@ public class SubscriptionPolicy extends Policy {
private String tierQuotaType;
private int graphQLMaxDepth;
private int graphQLMaxComplexity;
private List<String> allowedOrganizations = new ArrayList<String>();

public SubscriptionPolicy(String name) {
super(name);
Expand Down Expand Up @@ -122,11 +125,11 @@ public void setGraphQLMaxComplexity(int graphQLMaxComplexity) {
@Override
public String toString() {
return "SubscriptionPolicy [rateLimitCount=" + rateLimitCount + ", rateLimitTimeUnit=" + rateLimitTimeUnit
+ ", customAttributes=" + Arrays.toString(customAttributes) + ", stopOnQuotaReach=" + stopOnQuotaReach
+ ", billingPlan=" + billingPlan + ", monetizationPlan=" + monetizationPlan
+ ", monetizationPlanProperties=" + monetizationPlanProperties + ", tierQuotaType=" + tierQuotaType
+ ", maxDepth=" + graphQLMaxDepth + ", maxComplexity=" + graphQLMaxComplexity
+ ", subscriberCount= " + subscriberCount + "]";
+ ", subscriberCount=" + subscriberCount + ", customAttributes=" + Arrays.toString(customAttributes)
+ ", stopOnQuotaReach=" + stopOnQuotaReach + ", billingPlan=" + billingPlan + ", monetizationPlan="
+ monetizationPlan + ", monetizationPlanProperties=" + monetizationPlanProperties + ", tierQuotaType="
+ tierQuotaType + ", graphQLMaxDepth=" + graphQLMaxDepth + ", graphQLMaxComplexity="
+ graphQLMaxComplexity + ", allowedOrganizations=" + allowedOrganizations + "]";
}

public int getSubscriberCount() {
Expand All @@ -136,4 +139,12 @@ public int getSubscriberCount() {
public void setSubscriberCount(int subscriberCount) {
this.subscriberCount = subscriberCount;
}

public List<String> getAllowedOrganizations() {
return allowedOrganizations;
}

public void setAllowedOrganizations(List<String> allowedOrganizations) {
this.allowedOrganizations = allowedOrganizations;
}
}
17 changes: 11 additions & 6 deletions ...rc/main/java/org/wso2/carbon/apimgt/gateway/mediators/OneTimeTokenRevocationMediator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,12 +60,17 @@ public boolean mediate(MessageContext messageContext) {
String issuer = authContext.getIssuer();
List<String> scopes = authContext.getRequestTokenScopes();
if (StringUtils.isNotBlank(issuer)) {
KeyManagerDto keyManagerDto = KeyManagerHolder.getKeyManagerByIssuer(tenantDomain, issuer);
if (keyManagerDto != null && StringUtils.isNotBlank(scope) && scopes.contains(scope)) {
String token = authContext.getAccessToken();
String consumerKey = authContext.getConsumerKey();
oneTimeTokenExecutorService.execute(() ->
keyManagerDto.getKeyManager().revokeOneTimeToken(token, consumerKey));
List<KeyManagerDto> keyManagerDtoList = KeyManagerHolder.getKeyManagerByIssuer(tenantDomain, issuer);
if (keyManagerDtoList != null) {
KeyManagerDto keyManagerDto = keyManagerDtoList.get(0); // TODO : Does not support multiple km with same
// issuer

if (keyManagerDto != null && StringUtils.isNotBlank(scope) && scopes.contains(scope)) {
String token = authContext.getAccessToken();
String consumerKey = authContext.getConsumerKey();
oneTimeTokenExecutorService.execute(() ->
keyManagerDto.getKeyManager().revokeOneTimeToken(token, consumerKey));
}
}
}
}
Expand Down
6 changes: 4 additions & 2 deletions ...est/java/org/wso2/carbon/apimgt/gateway/mediators/OneTimeTokenRevocationMediatorTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,8 +72,10 @@ public void init() {
Mockito.when(authContext.getIssuer()).thenReturn("https://localhost:9443/oauth2/token");
Mockito.when(authContext.getRequestTokenScopes()).thenReturn(scopes);

List<KeyManagerDto> keymanagerList = new ArrayList<KeyManagerDto>();
keymanagerList.add(keyManagerDto);
Mockito.when(KeyManagerHolder.getKeyManagerByIssuer(Mockito.anyString(), Mockito.anyString())).
thenReturn(keyManagerDto);
thenReturn(keymanagerList);
Mockito.when(keyManagerDto.getKeyManager()).thenReturn(keyManager);
Mockito.doNothing().when(oneTimeExecutorService).execute(() ->
keyManagerDto.getKeyManager().revokeOneTimeToken(Mockito.anyString(), Mockito.anyString()));
Expand Down Expand Up @@ -115,7 +117,7 @@ public void testMediateWithNullIssuer() {
* KeyManagerDto is set to null
*/
@Test
public void testMediateWithNullKeyManagerDto() {
public void testMediateWithNullKeyManagerDtoList() {

Mockito.when(KeyManagerHolder.getKeyManagerByIssuer(Mockito.anyString(), Mockito.anyString())).
thenReturn(null);
Expand Down
8 changes: 8 additions & 0 deletions components/apimgt/org.wso2.carbon.apimgt.impl/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -646,6 +646,14 @@
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>9</source>
<target>9</target>
</configuration>
</plugin>

</plugins>
</build>
Expand Down
11 changes: 11 additions & 0 deletions ...t/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,7 @@ public final class APIConstants {
public static final String VISIBILITY = "visibility";

public static final String API_RESTRICTED_VISIBILITY = "restricted";
public static final String API_RESTRICTED_BY_ORG = "restricted_by_org";

public static final String API_PRIVATE_VISIBILITY = "private";

Expand Down Expand Up @@ -844,6 +845,7 @@ private Permissions() {
"internal_application_mgt_delete", "internal_application_mgt_update", "internal_application_mgt_view",
"internal_user_mgt_list"};
public static final String KEY_MANAGER_CLIENT_APPLICATION_PREFIX = "wso2_apim_km_";
public static final String DEFAULT_APP_SHARING_KEYWORD = "private";

public static final String TOKEN_URL = "TokenURL";
public static final String REVOKE_URL = "RevokeURL";
Expand Down Expand Up @@ -2020,6 +2022,8 @@ public enum RegistryResourceTypesForUI {
public static final String API_POLICY_API_LEVEL = "apiLevel";

public static final String BILLING_PLAN_FREE = "FREE";
public static final String ALLOWED_ORGANIZATIONS_DEFAULT = "ALL";
public static final String DEFAULT_VISIBLE_ORG = "all";
public static final String POLICY_RESET = "reset";

public static final String BLOCKING_EVENT_TYPE = "wso2event";
Expand Down Expand Up @@ -3251,6 +3255,13 @@ public static class TokenValidationConstants {
public static final String TOKEN_VALIDATION_CONFIG = "TokenValidation";
public static final String ENFORCE_JWT_TYPE_HEADER_VALIDATION = "EnforceTypeHeaderValidation";
}

// For Organization access control Configuration
public static final String ORG_BASED_ACCESS_CONTROL = "OrganizationBasedAccessControl";
public static final String ORG_BASED_ACCESS_CONTROL_ENABLE = "Enable";
public static final String ORG_BASED_ACCESS_CONTROL_ORG_NAME_CLAIM = "OrganizationNameLocalClaim";
public static final String ORG_BASED_ACCESS_CONTROL_ORG_ID_CLAIM = "OrganizationIDLocalClaim";
public static final String ORG_BASED_ACCESS_CONTROL_SELECTOR_CLAIM = "OrgaizationSelectorLocalClaim";

public static class TransactionCounter {

Expand Down
Loading

0 comments on commit cb2da14

Please sign in to comment.