when I follow the WSO2 SCIM 2.0 REST Endpoint(https://docs.wso2.com/display/IS560/apidocs/SCIM2-endpoints/index.html#!/operations#UsersEndpoint#getUser) to get multiple users by list of user names, the wso2 identity server(version:5.7.0) returns "or is not supported". The filter string likes this: filter=(userName eq "user01") or (userName eq "user02").
#Override
public List<UserInfo> getUsersByNames(List<String> userNames) {
if(userNames==null||userNames.isEmpty()) return null;
List<UserInfo> users=null;
StringBuffer queryStr=new StringBuffer();
for(String userName:userNames) {
userName=userName.trim();
if(userName.contains(" ")) throw new IllegalArgumentException("invalid user name in getUsersByNames:("+userName+")");
if(queryStr.length()==0) {
queryStr.append("(userName eq \"").append(userName).append("\")");
}
else {
queryStr.append(" or (userName eq \"").append(userName).append("\")");
}
}
users=getUserRequest(queryStr.toString(),0,100);
return users;
}
private List<UserInfo> getUserRequest(String filter, int startIndex, int maxCount) {
UserInfo userInfo=null;
try {
SCIMClientTool client=new SCIMClientTool();
//use Scimv2UsersApi to get user with filter
ScimApiResponse<String> result=client.getSCIMUserApi(null).getUser(null, null, filter, startIndex, maxCount, null, null);
if(result==null||result.getStatusCode()==404) {
throw new ObjectNotFoundException("cannot get user by filter:"+filter);
}
if(result.getData()==null||result.getData().length()==0) return null;
//convert the json string to UserInfo object
System.out.println("raw json result from getSCIMUserApi.getUser:"+result.getData());
List<UserInfo> userInfos=SCIMUserConverter.convertMultiple(result.getData());
return userInfos;
} catch (ScimApiException e) {
logger.error("fail to get user from SCIM REST Endpoint", e);
throw new ApiException("fail to get user from SCIM REST Endpoint",e);
}
}
For the moment supported logical operator is "and" operator, apart from this 'Eq', Ew', 'Co', 'Sw' filters also supported. You can refer to this document for more information.
Related
I have the below Java 11 method which is invoked by the controller where ID is the required param and status,version are optional params. I had to write multiple repository methods to fetch the record based on those params. Am wondering is there a better/effiecient way to refactor this method with out the if/else ladder?
#Override
#Transactional(transactionManager = "customTransactionManager")
public Optional<String> getInformation(UUID id, Status status, Long version) {
try {
Preconditions.checkNotNull(id, ID_MUST_BE_NOT_NULL_MSG);
if (status != null && version != null) {
return repository.findByIdAndVersionAndStatus(id, version, status);
} else if (status != null) {
return repository.findFirstByIdAndStatus(id, status);
} else if (version != null) {
return repository.findFirstByIdAndVersion(id, version);
} else {
return repository.findFirstByIdOrderByIdDesc(id);
}
} catch (Exception e) {
log.error(e);
throw new CustomException(MessageFormat.format(PUBLIC_ERROR_MESSAGE, id));
}
}
You could use Specifications for that:
private Specification<YourEntity> toSpecification(UUID id, Status status, Long version) {
return (root, query, builder) -> {
Set<Predicate> predicates = new HashSet<>();
predicates.add(builder.equal(root.get("id"), id));
if (status != null) predicates.add(builder.equal(root.get("status"), status));
if (version != null) predicates.add(builder.equal(root.get("version"), version));
return builder.and(predicates.toArray(Predicate[]::new));
};
}
If you let your repository extend JpaSpecificationExecutor you can use the build specification object like so:
Specification<YourEntity> specification = toSpecification(id, status, version);
Optional<YourEntity> result = repository.findOne(specification);
When using Hibernate Metamodel Generator you can also write builder.equal(YourEntity_.id, id) instead of builder.equal(root.get("id"), id).
In addition to the accepted answer, I find Query By Examples much more intuitive and simple.
https://www.baeldung.com/spring-data-query-by-example would be a good start.
It basically creates a query based on non-null fields from your jpa entity.
I'm using the webflux framework for spring boot, the behavior I'm trying to implement is creating a new customer in the database, if it does not already exist (throw an exception if it does)
and also maintain another country code database (if the new customer is from a new country, add to the database, if the country is already saved, use the old information)
This is the function in the service :
public Mono<Customer> createNewCustomer(Customer customer) {
if(!customer.isValid()) {
return Mono.error(new BadRequestException("Bad email or birthdate format"));
}
Mono<Customer> customerFromDB = customerDB.findByEmail(customer.getEmail());
Mono<Country> countryFromDB = countryDB.findByCountryCode(customer.getCountryCode());
Mono<Customer> c = customerFromDB.zipWith(countryFromDB).doOnSuccess(new Consumer<Tuple2<Customer, Country>>() {
#Override
public void accept(Tuple2<Customer, Country> t) {
System.err.println("tuple " + t);
if(t == null) {
countryDB.save(new Country(customer.getCountryCode(), customer.getCountryName())).subscribe();
customerDB.save(customer).subscribe();
return;
}
Customer cus = t.getT1();
Country country = t.getT2();
if(cus != null) {
throw new CustomerAlreadyExistsException();
}
if(country == null) {
countryDB.save(new Country(customer.getCountryCode(), customer.getCountryName())).subscribe();
}
else {
customer.setCountryName(country.getCountryName());
}
customerDB.save(customer).subscribe();
}
}).thenReturn(customer);
return c;
}
My problem is, the tuple returns null if either country or customer are not found, while I need to know about them separately if they exist or not, so that I can save to the database correctly.
country == null is never true
I also tried to use customerFromDB.block() to get the actual value but I receive an error that it's not supported, so I guess that's not the way
Is there anyway to do two queries to get their values?
Solved it with the following solution:
public Mono<Customer> createNewCustomer(Customer customer) {
if(!customer.isValid()) {
return Mono.error(new BadRequestException("Bad email or birthdate format"));
}
return customerDB.findByEmail(customer.getEmail())
.defaultIfEmpty(new Customer("empty", "", "", "", "", ""))
.flatMap(cu -> {
if(!cu.getEmail().equals("empty")) {
return Mono.error(new CustomerAlreadyExistsException());
}
return countryDB.findByCountryCode(customer.getCountryCode())
.defaultIfEmpty(new Country(customer.getCountryCode(), customer.getCountryName()))
.flatMap(country -> {
customer.setCountryName(country.getCountryName());
customerDB.save(customer).subscribe();
countryDB.save(country).subscribe();
return Mono.just(customer);});
});
}
Instead of doing both queries simulatneaously, I queried for one result and then queries for the next, I think this is the reactive way of doing it, but I'm open for corrections.
public static void insertInboundJive(Map<Id, String> mapCases){
try{
system.debug('Aditya');
Map<Id, String> mapCases1 = new Map<Id, String>();
Map<Id, Integer> mapIncrements = new Map<Id, Integer>();
//List<ICS_Case_Interaction__c> lstCaseInteraction;
if(mapCases != null && mapCases.size() > 0) {
List<ICS_Case_Interaction__c> lstCaseInteraction = [ SELECT Id,case__r.origin FROM ICS_Case_Interaction__c Where case__r.Id =:mapCases.keySet()];
for(ICS_Case_Interaction__c caseInteracts :lstCaseInteraction ){
if(caseInteracts.case__r.Id != null && caseInteracts.case__r.Status == 'New Customer Message'){
system.debug('**AdityaDebug**' +caseInteracts.case__r.Id);
system.debug('**AdityaDebug**' +caseInteracts.case__r.Status);
mapcases1.put(caseInteracts.case__r.Id , TYPE_JIVE_INBOUND);
Integer intIncrement = mapIncrements.get(caseInteracts.case__r.Id);
system.debug('Increment' +intIncrement);
if(intIncrement != null){
intIncrement++;
system.debug('Increment++' +intIncrement);
}
else {
intIncrement = 1;
}
mapIncrements.put(caseInteracts.case__r.Id, intIncrement);
}
}
if(mapCases.size() > 0) {
insertByCaseAsync(mapCases, mapIncrements);
}
}
}
catch(Exception ex){
Core_Log_Entry.logEntryWithException('Case Interaction Metrics', 'CaseInteraction','insertInboundEmail', 'Error', null, null, ex);
}
}
This is my Method in the class.I am trying to call the apex method in the trigger.but its throwing the error.Could you please help me and try to reach out the best.
The error which I am getting was
line 188, col 106. Method does not exist or incorrect signature: void insertInboundJive(List) from the type ICS_Case_Interactions_Trigger_Handler
if(trigger.isUpdate) {
if(Label.ICS_Case_Interaction_Metrics.equals('1')) {ICS_Case_Interactions_Trigger_Handler.insertInboundJive(trigger.new);}
}
You are trying to pass the wrong parameters. In the method you have defined that when called you need to pass a Map where the values are String however you are passing Trigger.new which is a list of Objects. My approach is to handle the mapping in the trigger and then manipulate data in the controller:
In this case you can do the below to pass the records and get the string of data you want in the controller.. or do it in the trigger so you don't change the controller.
Map<Id,Contact> map = new Map<Id,ICS_Case_Interaction__c>(); // new map
for(ICS_Case_Interaction__c con :trigger.new){
map.put(con.Id, con); // enter the records you need for the method
}
if(trigger.isUpdate) {
if(Label.ICS_Case_Interaction_Metrics.equals('1')) {
ICS_Case_Interactions_Trigger_Handler.insertInboundJive(map);
}
}
and in the controller you should have
public static void insertInboundJive(Map<Id, ICS_Case_Interaction__c> mapCases){
}
I've searched and searched with no luck.
FYI: I'm a newbie...I'm trying to query a class for non-current user data. I've verified that user_objectID and userID are correct and that Parse has these files, but the list shows up as 0. When I switch userID to my ID then it works.
ParseQuery<ParseObject> query = ParseQuery.getQuery("Workouts");
query.whereEqualTo("user_objectID", userID);
query.findInBackground(new FindCallback<ParseObject>() {
#Override
public void done(List<ParseObject> list, ParseException e) {
if (e == null) {
Log.v(TAG, userID + ": " + list.size());
for (ParseObject each : list) {
Log.v(TAG, each.getDouble("distance") + "");
}
} else {
Log.v(TAG, e.getLocalizedMessage());
}
}
});
What am I doing wrong? Is it a setting? Am I not using the right query paramters?
Thanks so much for any insight.
Tyler
All of the settings in Net SQL AzMan seem to be "OR" based.
For example:
If you add 3 (Authorized) Application Groups to an operation, a user needs to be in the first OR the second OR the third to have permissions for the operation.
I am looking for a way to say the user needs to be in (the first AND the second) OR (the first AND the third).
Is there a way to do that?
Reason Why:
We have users that snowball permissions as they move from department to department. I want to setup one role per Active Directory Departement ("the first" in my example above). If I can get the above logic working then when the user changes departments they will lose the permissions from their former department (even if their boss is lazy and does not get AzMan updated).
If I can't get this working in AzMan, then I can have my apps do it. But it would be so much easier at the AzMan level.
You could do this with a BizRule on the operation. The code for it is a bit overkill, but this should work with minimal modifications.
using System;
using System.Security.Principal;
using System.IO;
using System.Data;
using System.Collections;
using System.Collections.Specialized;
using System.Collections.Generic;
using System.Text;
using NetSqlAzMan;
using NetSqlAzMan.Interfaces;
using System.Security.Principal;
using System.Reflection;
namespace APPLICATION.BizRules
{
public sealed class BizRule : IAzManBizRule
{
public BizRule()
{ }
public bool Execute(Hashtable contextParameters, IAzManSid identity, IAzManItem ownerItem, ref AuthorizationType authorizationType)
{
string sqlConnectionString = "data source=DATABASE_FQN;initial catalog=DATABASE;Integrated Security=false;User Id=USER_NAME;Password=PASSWORD";
IAzManStorage storage = new SqlAzManStorage(sqlConnectionString);
try
{
bool authorized = false;
if (identity.StringValue.StartsWith("S"))
{
//this is a little over kill but there is no way to reference standard .net libraries in NetSqlAzMan
Assembly asm = Assembly.Load(#"System.DirectoryServices.AccountManagement, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089");
System.Type userPrincipalType = asm.GetType("System.DirectoryServices.AccountManagement.UserPrincipal");
System.Type principalContextType = asm.GetType("System.DirectoryServices.AccountManagement.PrincipalContext");
System.Type contextTypeType = asm.GetType("System.DirectoryServices.AccountManagement.ContextType");
System.Type identityTypeType = asm.GetType("System.DirectoryServices.AccountManagement.IdentityType");
Object principalContext = Activator.CreateInstance(principalContextType, new object[] { Enum.ToObject(contextTypeType, 1), "DENALLIX" });
MethodInfo methodInfo = userPrincipalType.GetMethod("FindByIdentity", new Type[] { principalContextType, identityTypeType, typeof(string) });
Object userPrincipal = methodInfo.Invoke(null, new object[] { principalContext, Enum.ToObject(identityTypeType, 4), identity.StringValue });
string userPrincipalName = userPrincipal.GetType().GetProperty("UserPrincipalName").GetValue(userPrincipal, null).ToString();
WindowsIdentity user = new WindowsIdentity(userPrincipalName);
authorized = (checkRoleAuthorization(storage, "GROUP1", user) && checkRoleAuthorization(storage, "GROUP2", user)) || checkRoleAuthorization(storage, "GROUP3", user);
}
else
{
AzManUser user = new AzManUser(identity);
authorized = (checkRoleAuthorization(storage, "GROUP1", user) && checkRoleAuthorization(storage, "GROUP2", user)) || checkRoleAuthorization(storage, "GROUP3", user);
}
return authorized;
}
catch (SqlAzManException ex)
{
return false;
}
}
private bool checkRoleAuthorization(IAzManStorage storage, string roleName, object user)
{
AuthorizationType auth = AuthorizationType.Deny;
if (user is WindowsIdentity)
{
auth = storage.CheckAccess("MY STORE", "MY APPLICATION", roleName, (WindowsIdentity)user, DateTime.Now, true);
}
else
{
auth = storage.CheckAccess("MY STORE", "MY APPLICATION", roleName, (IAzManDBUser)user, DateTime.Now, true);
}
return auth == AuthorizationType.Allow || auth == AuthorizationType.AllowWithDelegation;
}
}
public partial class AzManUser : IAzManDBUser
{
private Dictionary<string, object> _customColumns = new Dictionary<string, object>();
private IAzManSid _sid;
private string _username;
public AzManUser(string username, string sid)
{
_username = username;
_sid = new NetSqlAzMan.SqlAzManSID(sid);
}
public AzManUser(string sid)
{
_username = string.Empty;
_sid = new NetSqlAzMan.SqlAzManSID(sid);
}
public AzManUser(IAzManSid sid)
{
_username = string.Empty;
_sid = sid;
}
public Dictionary<string, object> CustomColumns
{
get { return _customColumns; }
}
public IAzManSid CustomSid
{
get
{
return _sid;
}
}
public string UserName
{
get { return _username; }
}
}
}