Skip to content

Commit

Permalink
Merge pull request #5571 from sadilchamishka/IS7-idaas-upgrade
Browse files Browse the repository at this point in the history
Improve admin role resolving
  • Loading branch information
sadilchamishka authored Apr 8, 2024
2 parents 685cbbd + 3e1edf9 commit f201883
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -2216,8 +2216,10 @@ public ServiceProvider getApplication(int applicationId) throws IdentityApplicat
serviceProvider.setCertificateContent(getCertificateContent(propertyList, connection));

// Set role associations.
serviceProvider.setAssociatedRolesConfig(
getAssociatedRoles(serviceProvider.getApplicationResourceId(), connection, tenantID));
if (!CarbonConstants.ENABLE_LEGACY_AUTHZ_RUNTIME) {
serviceProvider.setAssociatedRolesConfig(
getAssociatedRoles(serviceProvider.getApplicationResourceId(), connection, tenantID));
}
// Will be supported with 'Advance Consent Management Feature'.
/*
ConsentConfig consentConfig = serviceProvider.getConsentConfig();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -140,10 +140,13 @@ private boolean isAdminRole(String roleId, String tenantDomain) throws IdentityR
RoleManagementService roleManagementService = ApplicationManagementServiceComponentHolder.getInstance()
.getRoleManagementServiceV2();
RoleBasicInfo role = roleManagementService.getRoleBasicInfoById(roleId, tenantDomain);
if (StringUtils.equals(getOrgAdminRoleName(), (role.getName()))) {
return role.getAudience().equals(RoleConstants.ORGANIZATION);
} else if (RoleConstants.ADMINISTRATOR.equals(role.getName())) {
return role.getAudienceName().equals(ApplicationConstants.CONSOLE_APPLICATION_NAME);
if (StringUtils.equals(getOrgAdminRoleName(), (role.getName())) &&
role.getAudience().equals(RoleConstants.ORGANIZATION)) {
return true;
}
if (RoleConstants.ADMINISTRATOR.equals(role.getName()) &&
role.getAudienceName().equals(ApplicationConstants.CONSOLE_APPLICATION_NAME)) {
return true;
}
return false;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.base.CarbonBaseConstants;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
Expand Down Expand Up @@ -166,6 +167,7 @@ public void setup() throws RegistryException, UserStoreException, SecretManageme
SecretManagerComponentDataHolder.getInstance().setSecretManagementEnabled(true);
SecretDAO secretDAO = new SecretDAOImpl();
SecretManagerComponentDataHolder.getInstance().setSecretDAOS(Collections.singletonList(secretDAO));
CarbonConstants.ENABLE_LEGACY_AUTHZ_RUNTIME = false;
}

@DataProvider(name = "addApplicationDataProvider")
Expand Down

0 comments on commit f201883

Please sign in to comment.