Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Role based user provisioning improvements #5915

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Role based user provisioning improvements #5915

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
d4948ef
Role based user provisioning improvements
sadilchamishka Sep 5, 2024
b6c4e34
Add inline comment
sadilchamishka Sep 6, 2024
c1a5e05
Add role based outbound provision related listener configs
sadilchamishka Sep 10, 2024
1c06714
Code refactoring
sadilchamishka Sep 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions components/provisioning/org.wso2.carbon.identity.provisioning/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,14 @@
<groupId>org.wso2.carbon.identity.framework</groupId>
<artifactId>org.wso2.carbon.identity.base</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity.framework</groupId>
<artifactId>org.wso2.carbon.identity.role.v2.mgt.core</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity.framework</groupId>
<artifactId>org.wso2.carbon.identity.application.authentication.framework</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.balana</groupId>
<artifactId>org.wso2.balana.utils</artifactId>
Expand Down Expand Up @@ -163,6 +171,10 @@
org.wso2.carbon.user.mgt.*;
version="${carbon.identity.package.import.version.range}",
org.json;version="${json.wso2.version.range}",
org.wso2.carbon.identity.role.v2.mgt.core.*;
version="${carbon.identity.package.import.version.range}",
org.wso2.carbon.identity.application.authentication.framework.util;
version="${carbon.identity.package.import.version.range}"
</Import-Package>
<Export-Package>
!org.wso2.carbon.identity.provisioning.internal,
Expand Down
66 changes: 58 additions & 8 deletions ...ning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,11 @@
import org.wso2.carbon.identity.provisioning.dao.CacheBackedProvisioningMgtDAO;
import org.wso2.carbon.identity.provisioning.dao.ProvisioningManagementDAO;
import org.wso2.carbon.identity.provisioning.internal.IdentityProvisionServiceComponent;
import org.wso2.carbon.identity.provisioning.internal.ProvisioningServiceDataHolder;
import org.wso2.carbon.identity.provisioning.rules.XACMLBasedRuleHandler;
import org.wso2.carbon.identity.role.v2.mgt.core.RoleConstants;
import org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementException;
import org.wso2.carbon.identity.role.v2.mgt.core.model.RoleBasicInfo;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
import org.wso2.carbon.idp.mgt.IdentityProviderManager;
import org.wso2.carbon.idp.mgt.util.IdPManagementUtil;
Expand All @@ -51,6 +55,7 @@
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.claim.Claim;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.util.UserCoreUtil;

Expand All @@ -65,6 +70,7 @@
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.stream.Collectors;

import static org.wso2.carbon.identity.application.mgt.ApplicationConstants.CONSOLE_APPLICATION_NAME;
import static org.wso2.carbon.identity.application.mgt.ApplicationConstants.LOCAL_SP;
Expand All @@ -73,6 +79,7 @@
import static org.wso2.carbon.identity.provisioning.IdentityProvisioningConstants.SELF_SIGNUP_ROLE;
import static org.wso2.carbon.identity.provisioning.ProvisioningUtil.isApplicationBasedOutboundProvisioningEnabled;
import static org.wso2.carbon.identity.provisioning.ProvisioningUtil.isUserTenantBasedOutboundProvisioningEnabled;
import static org.wso2.carbon.identity.role.mgt.core.RoleConstants.INTERNAL_DOMAIN;

/**
*
Expand Down Expand Up @@ -494,9 +501,15 @@
List<String> newUsersList = attributes.get(ClaimMapping.build(
IdentityProvisioningConstants.NEW_USER_CLAIM_URI, null, null, false));

if (newUsersList == null) {
newUsersList = new ArrayList<>();

Check warning on line 505 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L505 

Added line #L505 was not covered by tests
}
List<String> deletedUsersList = attributes.get(ClaimMapping.build(
IdentityProvisioningConstants.DELETED_USER_CLAIM_URI, null, null, false));

if (deletedUsersList == null) {
deletedUsersList = new ArrayList<>();

Check warning on line 511 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L511 

Added line #L511 was not covered by tests
}
Map<ClaimMapping, List<String>> mappedUserClaims;
ProvisionedIdentifier provisionedUserIdentifier;

Expand Down Expand Up @@ -679,10 +692,10 @@
IdentityProvisioningConstants.USERNAME_CLAIM_URI, null, null, false),
Arrays.asList(new String[]{userName}));
}
List<String> roleListOfUser = getUserRoles(userName, tenantDomain);
if (roleListOfUser != null) {
List<String> groupListOfUser = getUserGroups(userName, tenantDomain);

Check warning on line 695 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L695 

Added line #L695 was not covered by tests
if (groupListOfUser != null) {
outboundAttributes.put(ClaimMapping.build(
GROUP_CLAIM_URI, null, null, false), roleListOfUser);
GROUP_CLAIM_URI, null, null, false), groupListOfUser);
}

String domainAwareName = userName;
Expand Down Expand Up @@ -873,14 +886,21 @@
String userName = provisioningEntity.getEntityName();
List<String> provisioningRoleList = Arrays.asList(provisionByRoleList);

/* Both user groups and roles are considered when deciding to outbound provisioning.
The roles have "Internal/" prefix compared to the groups. */
List<String> roleGroupListOfUser = new ArrayList<>();
List<String> groupListOfUser = getUserGroups(userName, tenantDomain);

Check warning on line 892 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L891-L892 

Added lines #L891 - L892 were not covered by tests
// Only fetch directly assigned roles to the user.
List<String> roleListOfUser = getUserRoles(userName, tenantDomain);
if (userHasProvisioningRoles(roleListOfUser, provisioningRoleList, userName)) {
roleGroupListOfUser.addAll(roleListOfUser);
roleGroupListOfUser.addAll(groupListOfUser);

Check warning on line 896 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L895-L896 

Added lines #L895 - L896 were not covered by tests
if (userHasProvisioningRoles(roleGroupListOfUser, provisioningRoleList, userName)) {
return true;
}
List<String> newRoleListOfUser = provisioningEntity.getAttributes().get(ClaimMapping.build
List<String> newGroupListOfUser = provisioningEntity.getAttributes().get(ClaimMapping.build

Check warning on line 900 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L900 

Added line #L900 was not covered by tests
(GROUP_CLAIM_URI, null, null, false));

if (userHasProvisioningRoles(newRoleListOfUser, provisioningRoleList, userName)) {
if (userHasProvisioningRoles(newGroupListOfUser, provisioningRoleList, userName)) {
return true;
}
}
Expand Down Expand Up @@ -913,7 +933,7 @@
* @throws CarbonException
* @throws UserStoreException
*/
private List<String> getUserRoles(String userName, String tenantDomain) throws UserStoreException {
private List<String> getUserGroups(String userName, String tenantDomain) throws UserStoreException {

RealmService realmService = IdentityProvisionServiceComponent.getRealmService();
int tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
Expand All @@ -922,7 +942,37 @@

UserStoreManager userstore = realm.getUserStoreManager();
String[] newRoles = userstore.getRoleListOfUser(userName);
return Arrays.asList(newRoles);
return Arrays.stream(newRoles).filter(role -> !role.startsWith(INTERNAL_DOMAIN)).collect(Collectors.toList());
}

private List<String> getUserRoles(String username, String tenantDomain) throws UserStoreException {

List<String> userRoleList = new ArrayList<>();
RealmService realmService = IdentityProvisionServiceComponent.getRealmService();
int tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
UserRealm realm = (UserRealm) realmService.getTenantUserRealm(tenantId);
AbstractUserStoreManager userStoreManager = (AbstractUserStoreManager) realm.getUserStoreManager();
String userId = userStoreManager.getUserIDFromUserName(username);

Check warning on line 955 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L950-L955 

Added lines #L950 - L955 were not covered by tests
if (userId == null) {
return userRoleList;

Check warning on line 957 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L957 

Added line #L957 was not covered by tests
}
try {
List<String> userRoleIdList = ProvisioningServiceDataHolder.getInstance().getRoleManagementService()
.getRoleIdListOfUser(userId, tenantDomain);

Check warning on line 961 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L960-L961 

Added lines #L960 - L961 were not covered by tests
for (String roleId : userRoleIdList) {
RoleBasicInfo roleBasicInfo = ProvisioningServiceDataHolder.getInstance().getRoleManagementService()
.getRoleBasicInfoById(roleId, tenantDomain);

Check warning on line 964 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L963-L964 

Added lines #L963 - L964 were not covered by tests
// Only organization audience roles are supported for role based outbound provisioning.
if (!RoleConstants.ORGANIZATION.equals(roleBasicInfo.getAudience())) {
continue;

Check warning on line 967 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L967 

Added line #L967 was not covered by tests
}
userRoleList.add(roleBasicInfo.getName());
}
} catch (IdentityRoleManagementException e) {
throw new UserStoreException(e.getMessage(), e);
}
String internalRolePrefix = RoleConstants.INTERNAL_DOMAIN + UserCoreConstants.DOMAIN_SEPARATOR;
return userRoleList.stream().map(role -> internalRolePrefix + role).collect(Collectors.toList());

Check warning on line 975 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/OutboundProvisioningManager.java#L969-L975 

Added lines #L969 - L975 were not covered by tests
}

/**
Expand Down
14 changes: 14 additions & 0 deletions ...ty.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/ProvisioningUtil.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.common.model.OutboundProvisioningConfig;
import org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants;
import org.wso2.carbon.identity.application.mgt.ApplicationConstants;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataHandler;
import org.wso2.carbon.identity.core.util.IdentityUtil;
Expand Down Expand Up @@ -560,6 +561,14 @@
public static boolean isOutboundProvisioningEnabled(String serviceProviderIdentifier,
String tenantDomainName) throws IdentityApplicationManagementException {

/*
Outbound provisioning is enabled for organization by default. If application bound provisioning enabled,
each application should configure outbound provisioning.
*/
if (!isApplicationBasedOutboundProvisioningEnabled()) {
return true;

Check warning on line 569 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/ProvisioningUtil.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/ProvisioningUtil.java#L569 

Added line #L569 was not covered by tests
}

ServiceProvider serviceProvider = ApplicationManagementService.getInstance()
.getServiceProvider(serviceProviderIdentifier, tenantDomainName);

Expand All @@ -568,6 +577,11 @@
serviceProviderIdentifier);
}

// The console app not required to enable outbound provisioning.
if (ApplicationConstants.CONSOLE_APPLICATION_NAME.equals(serviceProvider.getApplicationName())) {
return true;

Check warning on line 582 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/ProvisioningUtil.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/ProvisioningUtil.java#L582 

Added line #L582 was not covered by tests
}

OutboundProvisioningConfig outboundProvisioningConfiguration = serviceProvider
.getOutboundProvisioningConfig();

Expand Down
29 changes: 28 additions & 1 deletion ...ava/org/wso2/carbon/identity/provisioning/internal/IdentityProvisionServiceComponent.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,9 @@
import org.wso2.carbon.identity.provisioning.listener.ProvisioningApplicationMgtListener;
import org.wso2.carbon.identity.provisioning.listener.ProvisioningErrorListener;
import org.wso2.carbon.identity.provisioning.listener.ProvisioningIdentityProviderMgtListener;
import org.wso2.carbon.identity.provisioning.listener.ProvisioningRoleMgtListener;
import org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementService;
import org.wso2.carbon.identity.role.v2.mgt.core.listener.RoleManagementListener;
import org.wso2.carbon.idp.mgt.listener.IdentityProviderMgtListener;
import org.wso2.carbon.user.core.listener.UserManagementErrorEventListener;
import org.wso2.carbon.user.core.listener.UserOperationEventListener;
Expand Down Expand Up @@ -88,7 +91,10 @@
protected void activate(ComponentContext context) {
try {
ProvisioningServiceDataHolder.getInstance().setBundleContext(context.getBundleContext());
ProvisioningServiceDataHolder.getInstance().getBundleContext().registerService(UserOperationEventListener.class.getName(), new DefaultInboundUserProvisioningListener(), null);
DefaultInboundUserProvisioningListener provisioningListener = new DefaultInboundUserProvisioningListener();
ProvisioningServiceDataHolder.getInstance().setDefaultInboundUserProvisioningListener(provisioningListener);
ProvisioningServiceDataHolder.getInstance().getBundleContext()
.registerService(UserOperationEventListener.class.getName(), provisioningListener, null);

Check warning on line 97 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/IdentityProvisionServiceComponent.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/IdentityProvisionServiceComponent.java#L94-L97 

Added lines #L94 - L97 were not covered by tests
if (log.isDebugEnabled()) {
log.debug("Identity Provision Event listener registered successfully");
}
Expand All @@ -103,6 +109,9 @@
ProvisioningServiceDataHolder.getInstance().getBundleContext()
.registerService(UserManagementErrorEventListener.class.getName(), new ProvisioningErrorListener(),
null);
ProvisioningServiceDataHolder.getInstance().getBundleContext()
.registerService(RoleManagementListener.class, new ProvisioningRoleMgtListener(), null);
log.debug("Provisioning role management listener registered successfully");

Check warning on line 114 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/IdentityProvisionServiceComponent.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/IdentityProvisionServiceComponent.java#L112-L114 

Added lines #L112 - L114 were not covered by tests
if (log.isDebugEnabled()) {
log.debug("Identity provisioning error event listener registered successfully");
}
Expand Down Expand Up @@ -207,5 +216,23 @@
}
ProvisioningServiceDataHolder.getInstance().setRolePermissionManagementService(null);
}

@Reference(
name = "org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementService",
service = org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementService.class,
cardinality = ReferenceCardinality.MANDATORY,
policy = ReferencePolicy.DYNAMIC,
unbind = "unsetRoleManagementServiceV2")
protected void setRoleManagementServiceV2(RoleManagementService roleManagementService) {

ProvisioningServiceDataHolder.getInstance().setRoleManagementService(roleManagementService);
log.debug("RoleManagementService set in ProvisioningServiceDataHolder bundle.");
}

Check warning on line 230 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/IdentityProvisionServiceComponent.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/IdentityProvisionServiceComponent.java#L228-L230 

Added lines #L228 - L230 were not covered by tests

protected void unsetRoleManagementServiceV2(RoleManagementService roleManagementService) {

ProvisioningServiceDataHolder.getInstance().setRoleManagementService(null);
log.debug("RoleManagementService unset in ProvisioningServiceDataHolder bundle.");
}

Check warning on line 236 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/IdentityProvisionServiceComponent.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/IdentityProvisionServiceComponent.java#L234-L236 

Added lines #L234 - L236 were not covered by tests
}

25 changes: 25 additions & 0 deletions ...in/java/org/wso2/carbon/identity/provisioning/internal/ProvisioningServiceDataHolder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@
import org.osgi.framework.BundleContext;
import org.wso2.carbon.identity.entitlement.EntitlementService;
import org.wso2.carbon.identity.provisioning.AbstractProvisioningConnectorFactory;
import org.wso2.carbon.identity.provisioning.listener.DefaultInboundUserProvisioningListener;
import org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementService;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.mgt.RolePermissionManagementService;

Expand All @@ -35,6 +37,8 @@
private EntitlementService entitlementService;
private RolePermissionManagementService rolePermissionManagementService;
private Map<String, AbstractProvisioningConnectorFactory> connectorFactories = new HashMap<String, AbstractProvisioningConnectorFactory>();
private DefaultInboundUserProvisioningListener defaultInboundUserProvisioningListener;
private RoleManagementService roleManagementService;

private ProvisioningServiceDataHolder() {
}
Expand Down Expand Up @@ -94,6 +98,27 @@
}
return rolePermissionManagementService;
}

public DefaultInboundUserProvisioningListener getDefaultInboundUserProvisioningListener() {

return defaultInboundUserProvisioningListener;

Check warning on line 104 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/ProvisioningServiceDataHolder.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/ProvisioningServiceDataHolder.java#L104 

Added line #L104 was not covered by tests
}

public void setDefaultInboundUserProvisioningListener(
DefaultInboundUserProvisioningListener defaultInboundUserProvisioningListener) {

this.defaultInboundUserProvisioningListener = defaultInboundUserProvisioningListener;
}

Check warning on line 111 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/ProvisioningServiceDataHolder.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/ProvisioningServiceDataHolder.java#L110-L111 

Added lines #L110 - L111 were not covered by tests

public RoleManagementService getRoleManagementService() {

return roleManagementService;

Check warning on line 115 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/ProvisioningServiceDataHolder.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/ProvisioningServiceDataHolder.java#L115 

Added line #L115 was not covered by tests
}

public void setRoleManagementService(RoleManagementService roleManagementService) {

this.roleManagementService = roleManagementService;
}

Check warning on line 121 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/ProvisioningServiceDataHolder.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/internal/ProvisioningServiceDataHolder.java#L120-L121 

Added lines #L120 - L121 were not covered by tests
}


7 changes: 6 additions & 1 deletion ...rg/wso2/carbon/identity/provisioning/listener/DefaultInboundUserProvisioningListener.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
import org.wso2.carbon.identity.provisioning.ProvisioningEntityType;
import org.wso2.carbon.identity.provisioning.ProvisioningOperation;
import org.wso2.carbon.identity.provisioning.ProvisioningUtil;
import org.wso2.carbon.identity.role.v2.mgt.core.util.RoleManagementUtils;
import org.wso2.carbon.user.api.Permission;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
Expand Down Expand Up @@ -435,7 +436,11 @@
return true;
}

String[] userList = userStoreManager.getUserListOfRole(roleName);
String[] userList = new String[0];

Check warning on line 439 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/listener/DefaultInboundUserProvisioningListener.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/listener/DefaultInboundUserProvisioningListener.java#L439 

Added line #L439 was not covered by tests
// Passing all user list of the role is not used, hence we can remove this logic if unnecessary.
if (!RoleManagementUtils.isHybridRole(roleName)) {
userList = userStoreManager.getUserListOfRole(roleName);

Check warning on line 442 in components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/listener/DefaultInboundUserProvisioningListener.java

View check run for this annotation

Codecov / codecov/patch

components/provisioning/org.wso2.carbon.identity.provisioning/src/main/java/org/wso2/carbon/identity/provisioning/listener/DefaultInboundUserProvisioningListener.java#L442 

Added line #L442 was not covered by tests
}

Map<ClaimMapping, List<String>> outboundAttributes = new HashMap<>();

Expand Down
Loading
Loading