From b95fa7bcd56ef39f8478a9e879c493f815b29dd3 Mon Sep 17 00:00:00 2001 From: pujavs <43700552+pujavs@users.noreply.github.com> Date: Mon, 13 Jun 2022 14:08:30 +0530 Subject: [PATCH] feat(jans-config-api): user management endpoint 418 (#1548) * feat(jans-config-api): user management endpoint for user password * feat:(jans-config-api): userPassword made mandatory only for create user method --- .../docs/jans-config-api-swagger.yaml | 21 ++++++++++++++--- .../plugin/mgt/rest/UserResource.java | 9 ++++---- .../plugin/mgt/service/UserService.java | 23 ++++++++++++++++--- 3 files changed, 43 insertions(+), 10 deletions(-) diff --git a/jans-config-api/docs/jans-config-api-swagger.yaml b/jans-config-api/docs/jans-config-api-swagger.yaml index d2ed0c4eeda..3ddf15f2f37 100644 --- a/jans-config-api/docs/jans-config-api-swagger.yaml +++ b/jans-config-api/docs/jans-config-api-swagger.yaml @@ -2531,7 +2531,7 @@ paths: schema: title: User Details. description: User Details. - $ref: '#/components/schemas/CustomUser' + $ref: '#/components/schemas/ExtendedCustomUser' responses: '201': description: Created @@ -6813,7 +6813,6 @@ components: - displayName - givenName - jansStatus - - userPassword properties: dn: type: string @@ -6824,6 +6823,11 @@ components: jansStatus: type: string description: User status + enum: + - ACTIVE + - INACTIVE + - EXPIRED + - REGISTER userId: description: A domain issued and managed identifier for the user. type: string @@ -6860,7 +6864,18 @@ components: inum: description: XRI i-number. Identifier to uniquely identify the user. type: string - + + ExtendedCustomUser: + allOf: # Combines the CustomUser and the inline model + - $ref: '#/components/schemas/CustomUser' + - type: object + required: + - userPassword + properties: + userPassword: + type: string + description: User password + UserPatchRequest: title: User Patch Request object description: UserPatchRequest. diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java index 28346c24c09..4f56aa63c60 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java @@ -117,7 +117,7 @@ public Response createUser(@Valid CustomUser customUser) logger.debug("Create user:{}", user); // checking mandatory attributes - checkMissingAttributes(user); + checkMissingAttributes(user,null); user = userSrv.addUser(user, true); logger.debug("User created {}", user); @@ -145,7 +145,8 @@ public Response updateUser(@Valid CustomUser customUser) logger.debug("Create user:{}", user); // checking mandatory attributes - checkMissingAttributes(user); + List excludeAttributes = List.of(USER_PWD); + checkMissingAttributes(user, excludeAttributes); user = userSrv.updateUser(user); logger.debug("Updated user:{}", user); @@ -232,9 +233,9 @@ private User excludeUserAttributes(User user) throws IllegalAccessException, Inv return userSrv.excludeAttributes(user, userSrv.getUserExclusionAttributesAsString()); } - private void checkMissingAttributes(User user) + private void checkMissingAttributes(User user, List excludeAttributes) throws NoSuchMethodException, IllegalAccessException, InvocationTargetException { - String missingAttributes = userSrv.checkMandatoryFields(user); + String missingAttributes = userSrv.checkMandatoryFields(user,excludeAttributes); logger.debug("missingAttributes:{}", missingAttributes); if (StringHelper.isEmpty(missingAttributes)) { diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserService.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserService.java index 9fba435288a..0a21c519bf2 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserService.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/service/UserService.java @@ -221,10 +221,10 @@ public String getUserExclusionAttributesAsString() { return authUtil.getUserExclusionAttributesAsString(); } - public String checkMandatoryFields(User user) + public String checkMandatoryFields(User user, List excludeAttributes) throws NoSuchMethodException, IllegalAccessException, InvocationTargetException { List mandatoryAttributes = authUtil.getUserMandatoryAttributes(); - logger.debug("mandatoryAttributess :{} ", mandatoryAttributes); + logger.debug("mandatoryAttributess :{}, excludeAttributes:{} ", mandatoryAttributes, excludeAttributes); StringBuilder missingAttributes = new StringBuilder(); @@ -239,6 +239,13 @@ public String checkMandatoryFields(User user) for (String attribute : mandatoryAttributes) { logger.debug("User class allFields:{} conatins attribute:{} ? :{} ", allFields, attribute, authUtil.containsField(allFields, attribute)); + + //check if to be excluded + if(isExcludedAttribute(excludeAttributes,attribute)) { + logger.debug("Not checking if the attribute:{} is missing as it's in excludeAttributes:{}" , attribute, excludeAttributes); + continue; + } + if (authUtil.containsField(allFields, attribute)) { logger.debug("Checking if attribute:{} is simple attribute", attribute); attributeValue = BeanUtils.getProperty(user, attribute); @@ -261,5 +268,15 @@ public String checkMandatoryFields(User user) logger.debug("Returning missingAttributes:{} ", missingAttributes); return missingAttributes.toString(); } - + + private boolean isExcludedAttribute(List excludeAttributes,String attribute) { + logger.debug(" Is attribute:{} in excludeAttributeList:{} ", attribute, excludeAttributes); + + if(excludeAttributes==null || excludeAttributes.isEmpty()) { + return false; + } + + return excludeAttributes.stream().anyMatch( e -> e.equals(attribute)); + } + }