Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Organization Visibility Capability #12730

Closed
wants to merge 72 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
72 commits
Select commit Hold shift + click to select a range
62cd1b1
Add initial implementation
chamilaadhi Aug 13, 2024
413a84a
Merge pull request #12512 from chamilaadhi/org_visibility
chamilaadhi Aug 13, 2024
6930c4e
Add api org visibility to registry property
chamilaadhi Aug 16, 2024
197b95c
Add application sharing with the organization
chamilaadhi Aug 17, 2024
9514f90
Remove invalid files
chamilaadhi Aug 17, 2024
bdbab23
Merge pull request #12517 from chamilaadhi/org_visibility
chamilaadhi Aug 17, 2024
74ce0a9
Add application visibility info to the payload
chamilaadhi Aug 21, 2024
44adec3
Allow api visibility to admin users
chamilaadhi Aug 21, 2024
20abc2d
Merge pull request #12519 from chamilaadhi/org_visibility
chamilaadhi Aug 21, 2024
9b4b931
Fix bug
chamilaadhi Aug 21, 2024
6a13494
Merge pull request #12521 from chamilaadhi/org_visibility
chamilaadhi Aug 21, 2024
cbbec05
Add subscription tiers visibility by org
chamilaadhi Aug 23, 2024
6f04ad5
Merge pull request #12523 from chamilaadhi/org_visibility
chamilaadhi Aug 23, 2024
75f595d
Fix issues
chamilaadhi Aug 28, 2024
3a95871
Merge pull request #12528 from chamilaadhi/test-org
chamilaadhi Aug 28, 2024
364cec9
Fix admin dev portal api loading issue
chamilaadhi Aug 29, 2024
ba78056
Add indexed document modification logic
chamilaadhi Aug 29, 2024
2aa39f2
Merge pull request #12529 from chamilaadhi/org_visibility
chamilaadhi Aug 29, 2024
78bb1e7
Fix bug
chamilaadhi Sep 5, 2024
788ee7e
Merge pull request #12542 from chamilaadhi/org_visibility
chamilaadhi Sep 6, 2024
c7f06ad
Merge remote-tracking branch 'upstream/org_visibility' into org_test
chamilaadhi Sep 6, 2024
fca7dd0
Merge pull request #12549 from chamilaadhi/org_test
chamilaadhi Sep 9, 2024
66ba661
Fix multiple status display issue
chamilaadhi Sep 12, 2024
1fa232f
Fix shared application view issue
chamilaadhi Sep 12, 2024
cd392b5
Merge pull request #12559 from chamilaadhi/org_visibility
chamilaadhi Sep 12, 2024
e28bc64
Introduce config to enable org related visibility
chamilaadhi Sep 18, 2024
e1f97f1
Add dev portal org visibility to seperate section
chamilaadhi Sep 18, 2024
034ca35
Fix bug
chamilaadhi Sep 18, 2024
134b2c0
Fix bug
chamilaadhi Sep 18, 2024
60441da
Merge pull request #12572 from chamilaadhi/org_visibility
chamilaadhi Sep 18, 2024
62c00fc
Add capability to append org id and org name to dev portal token urls
chamilaadhi Sep 24, 2024
a33a3dd
Backend for keymanager visibility
chamilaadhi Oct 2, 2024
1ea20af
Revert url template change
chamilaadhi Oct 2, 2024
8a875bc
Format
chamilaadhi Oct 2, 2024
1c4e79a
Merge pull request #12592 from chamilaadhi/org_visibility
chamilaadhi Oct 2, 2024
9477c98
Refactor subcription visibility db
chamilaadhi Oct 4, 2024
4b34048
Merge pull request #12634 from chamilaadhi/org_visibility
chamilaadhi Oct 4, 2024
48ec34a
Fix app keys loading issue for shared apps
chamilaadhi Oct 7, 2024
d892178
Merge pull request #12640 from chamilaadhi/org_visibility
chamilaadhi Oct 7, 2024
88b7607
Add capability to use multiple keymanagers with same issuer
chamilaadhi Oct 9, 2024
27b3d21
Merge pull request #12652 from chamilaadhi/org_visibility
chamilaadhi Oct 9, 2024
6a6d5ce
Add org with spaces in the name
chamilaadhi Oct 10, 2024
4ca72b4
Merge pull request #12653 from chamilaadhi/org_visibility
chamilaadhi Oct 10, 2024
9081ab9
Fix orgs with space
chamilaadhi Oct 11, 2024
867d569
Merge pull request #12655 from chamilaadhi/org_visibility
chamilaadhi Oct 11, 2024
763494a
Provide config to set claim to select the organization info
chamilaadhi Oct 15, 2024
10c523b
Merge pull request #12670 from chamilaadhi/org_visibility
chamilaadhi Oct 15, 2024
1c6916b
Fix api overview page visibility
chamilaadhi Oct 16, 2024
08f9959
Merge pull request #12675 from chamilaadhi/org_visibility
chamilaadhi Oct 16, 2024
9d8bb3d
Merge remote-tracking branch 'upstream/master' into org_visibility_ma…
chamilaadhi Nov 22, 2024
10b0c64
Merge pull request #12707 from chamilaadhi/org_visibility
chamilaadhi Nov 22, 2024
60c483e
Fix issues related to unit test failures -carbon.apimgt.persistence
RusJaI Nov 22, 2024
3eafcbc
Fix issues related to unit test failures - carbon.apimgt.impl
RusJaI Nov 24, 2024
12961fb
Fix issues related to unit test failures - carbon.apimgt.gateway
RusJaI Nov 25, 2024
41002da
Undo expanding waiting time
RusJaI Nov 25, 2024
442cc04
Update language level for apimgt.impl component. This is not affected…
RusJaI Nov 25, 2024
e0c2c6b
Fix unit test related issues
RusJaI Nov 26, 2024
0ccafa1
Merge pull request #12711 from RusJaI/org_visibility
chamilaadhi Nov 26, 2024
e907f6d
Fix unified API search for APIs across organizations
RusJaI Dec 2, 2024
946c893
Fix tag based search
RusJaI Dec 3, 2024
2565f11
Fix api state based search
RusJaI Dec 4, 2024
011aab7
Fix api category based search
RusJaI Dec 4, 2024
f6aae23
Fix the visibility of API in Store for admin in same domain
RusJaI Dec 9, 2024
134262e
Maintain existing behavior when org visibility is not enabled
RusJaI Dec 10, 2024
a237ec8
save visibility value as a property for api artifacts
RusJaI Dec 12, 2024
99ecfb4
Introduce constants for search attribute fields
RusJaI Dec 27, 2024
354b156
Refactor the function which adds org visibility value for API Artifacts
RusJaI Dec 27, 2024
ecd772f
Merge pull request #12717 from RusJaI/org_visibility
chamilaadhi Jan 2, 2025
cb2da14
Merge remote-tracking branch 'upstream/org_visibility' into master-ne…
chamilaadhi Jan 2, 2025
012f9f5
Fix NPE in product listing in dev portal
chamilaadhi Jan 7, 2025
3369374
Fix dev portal rest api search
chamilaadhi Jan 8, 2025
d558299
Merge branch 'org_visibility' into master-new-merge
chamilaadhi Jan 8, 2025
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@
import org.wso2.carbon.apimgt.api.model.KeyManagerApplicationInfo;
import org.wso2.carbon.apimgt.api.model.Monetization;
import org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo;
import org.wso2.carbon.apimgt.api.model.OrganizationInfo;
import org.wso2.carbon.apimgt.api.model.ResourceFile;
import org.wso2.carbon.apimgt.api.model.Scope;
import org.wso2.carbon.apimgt.api.model.SubscribedAPI;
Expand Down Expand Up @@ -461,12 +462,13 @@ OAuthApplicationInfo updateAuthClient(String userId, Application application,
* @param offset
* @param groupingId the groupId to which the applications must belong.
* @param organization Identifier of an organization
* @param sharedOrganization
* @return Applications
* @throws APIManagementException if failed to applications for given subscriber
*/

Application[] getApplicationsWithPagination(Subscriber subscriber, String groupingId, int start, int offset,
String search, String sortColumn, String sortOrder, String organization)
String search, String sortColumn, String sortOrder, String organization, String sharedOrganization)
throws APIManagementException;

/**
Expand Down Expand Up @@ -891,4 +893,26 @@ boolean isKeyManagerByNameAllowedForUser(String keyManagerName, String organizat
* @throws APIManagementException
*/
boolean removalKeys(Application application, String keyMappingId, String xWSO2Tenant) throws APIManagementException;

/**
* @param searchQuery search query. ex : provider:admin
* @param organizationInfo Identifier of an organization
* @param start starting number
* @param end ending number
* @return
* @throws APIManagementException
*/
Map<String, Object> searchPaginatedAPIs(String searchQuery, OrganizationInfo organizationInfo, int start, int end,
String sortBy, String sortOrder) throws APIManagementException;

/**
* @param searchQuery search query
* @param organizationInfo Information about the organization
* @param start
* @param end
* @return
* @throws APIManagementException
*/
Map<String, Object> searchPaginatedContent(String searchQuery, OrganizationInfo organizationInfo, int start, int end)
throws APIManagementException;
}
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@ public enum ExceptionCodes implements ErrorHandler {
INVALID_CONTEXT(900346, "Invalid context provided", 400, "Invalid context provided for API: %s:%s"),
INVALID_ENDPOINT_URL(900346, "Endpoint URL(s) is(are) not valid", 400, "Endpoint URL(s) is(are) not valid"),
USER_ROLES_CANNOT_BE_NULL(900610, "Access control roles cannot be empty", 400, "Access control roles cannot be empty when visibility is restricted"),
ORGS_CANNOT_BE_NULL(900610, "Access control organizatoins cannot be empty", 400, "Access control organizations cannot be empty when visibility is restricted"),
API_REVISION_NOT_FOUND(900347, "API Revision Not Found", 404, "Requested API Revision with id %s not found"),
EXISTING_API_REVISION_DEPLOYMENT_FOUND(900348, "Can not delete API Revision ", 400, "Couldn't delete API revision since API revision is currently deployed to a gateway. " +
"You need to undeploy the API Revision from the gateway before attempting deleting API Revision: %s "),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,9 @@
package org.wso2.carbon.apimgt.api.dto;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
Expand All @@ -44,6 +46,7 @@ public class KeyManagerConfigurationDTO implements Serializable {
private String alias = null;
private KeyManagerPermissionConfigurationDTO permissions = new KeyManagerPermissionConfigurationDTO();
private Boolean isUsed = null;
private List<String> allowedOrganizations = new ArrayList<String>();

public KeyManagerConfigurationDTO() {
}
Expand All @@ -62,6 +65,7 @@ public KeyManagerConfigurationDTO(KeyManagerConfigurationDTO keyManagerConfigura
this.externalReferenceId = keyManagerConfigurationDTO.getExternalReferenceId();
this.endpoints = keyManagerConfigurationDTO.getEndpoints();
this.setPermissions(keyManagerConfigurationDTO.getPermissions());
this.allowedOrganizations = keyManagerConfigurationDTO.getAllowedOrganizations();
}
public String getName() {

Expand Down Expand Up @@ -207,4 +211,12 @@ public void setUsed(Boolean isUsed) {

this.isUsed = isUsed;
}

public List<String> getAllowedOrganizations() {
return allowedOrganizations;
}

public void setAllowedOrganizations(List<String> allowedOrganizations) {
this.allowedOrganizations = allowedOrganizations;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -102,8 +102,10 @@ public class API implements Serializable {
private String visibility;
private String visibleRoles;
private String visibleTenants;
private String visibleOrganizations;

private boolean endpointSecured = false;

private boolean endpointSecured = false;
private boolean endpointAuthDigest = false;
private String endpointUTUsername;
private String endpointUTPassword;
Expand Down Expand Up @@ -1561,6 +1563,14 @@ public List<OperationPolicy> getApiPolicies() {
public void setApiPolicies(List<OperationPolicy> apiPolicies) {
this.apiPolicies = apiPolicies;
}

public String getVisibleOrganizations() {
return visibleOrganizations;
}

public void setVisibleOrganizations(String visibleOrganizations) {
this.visibleOrganizations = visibleOrganizations;
}

/**
* Property to hold whether the API isEGRESS (1)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,8 @@ public Map<String, Map<String, OAuthApplicationInfo>> getKeyManagerWiseOAuthApp(
private String keyType;
private int subscriptionCount;
private String keyManager;
private String sharedOrganization;

public String getCreatedTime() {
return createdTime;
}
Expand Down Expand Up @@ -320,4 +322,12 @@ public void setOrganization(String organization) {

this.organization = organization;
}

public String getSharedOrganization() {
return sharedOrganization;
}

public void setSharedOrganization(String sharedOrganization) {
this.sharedOrganization = sharedOrganization;
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
/*
* Copyright (c) 2024, WSO2 LLc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/


package org.wso2.carbon.apimgt.api.model;

public class OrganizationInfo {


String superOrganization;
String name;
String id;
String organizationSelector;
OrganizationInfo parentOrganization;
OrganizationInfo[] childOrganizations;

public String getSuperOrganization() {
return superOrganization;
}
public void setSuperOrganization(String superOrganization) {
this.superOrganization = superOrganization;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public OrganizationInfo getParentOrganization() {
return parentOrganization;
}
public void setParentOrganization(OrganizationInfo parentOrganization) {
this.parentOrganization = parentOrganization;
}
public OrganizationInfo[] getChildOrganizations() {
return childOrganizations;
}
public void setChildOrganizations(OrganizationInfo[] childOrganizations) {
this.childOrganizations = childOrganizations;
}
public String getOrganizationSelector() {
return organizationSelector;
}
public void setOrganizationSelector(String organizationSelector) {
this.organizationSelector = organizationSelector;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,10 @@

package org.wso2.carbon.apimgt.api.model.policy;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

public class SubscriptionPolicy extends Policy {
Expand All @@ -34,6 +36,7 @@ public class SubscriptionPolicy extends Policy {
private String tierQuotaType;
private int graphQLMaxDepth;
private int graphQLMaxComplexity;
private List<String> allowedOrganizations = new ArrayList<String>();

public SubscriptionPolicy(String name) {
super(name);
Expand Down Expand Up @@ -122,11 +125,11 @@ public void setGraphQLMaxComplexity(int graphQLMaxComplexity) {
@Override
public String toString() {
return "SubscriptionPolicy [rateLimitCount=" + rateLimitCount + ", rateLimitTimeUnit=" + rateLimitTimeUnit
+ ", customAttributes=" + Arrays.toString(customAttributes) + ", stopOnQuotaReach=" + stopOnQuotaReach
+ ", billingPlan=" + billingPlan + ", monetizationPlan=" + monetizationPlan
+ ", monetizationPlanProperties=" + monetizationPlanProperties + ", tierQuotaType=" + tierQuotaType
+ ", maxDepth=" + graphQLMaxDepth + ", maxComplexity=" + graphQLMaxComplexity
+ ", subscriberCount= " + subscriberCount + "]";
+ ", subscriberCount=" + subscriberCount + ", customAttributes=" + Arrays.toString(customAttributes)
+ ", stopOnQuotaReach=" + stopOnQuotaReach + ", billingPlan=" + billingPlan + ", monetizationPlan="
+ monetizationPlan + ", monetizationPlanProperties=" + monetizationPlanProperties + ", tierQuotaType="
+ tierQuotaType + ", graphQLMaxDepth=" + graphQLMaxDepth + ", graphQLMaxComplexity="
+ graphQLMaxComplexity + ", allowedOrganizations=" + allowedOrganizations + "]";
}

public int getSubscriberCount() {
Expand All @@ -136,4 +139,12 @@ public int getSubscriberCount() {
public void setSubscriberCount(int subscriberCount) {
this.subscriberCount = subscriberCount;
}

public List<String> getAllowedOrganizations() {
return allowedOrganizations;
}

public void setAllowedOrganizations(List<String> allowedOrganizations) {
this.allowedOrganizations = allowedOrganizations;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -60,12 +60,17 @@ public boolean mediate(MessageContext messageContext) {
String issuer = authContext.getIssuer();
List<String> scopes = authContext.getRequestTokenScopes();
if (StringUtils.isNotBlank(issuer)) {
KeyManagerDto keyManagerDto = KeyManagerHolder.getKeyManagerByIssuer(tenantDomain, issuer);
if (keyManagerDto != null && StringUtils.isNotBlank(scope) && scopes.contains(scope)) {
String token = authContext.getAccessToken();
String consumerKey = authContext.getConsumerKey();
oneTimeTokenExecutorService.execute(() ->
keyManagerDto.getKeyManager().revokeOneTimeToken(token, consumerKey));
List<KeyManagerDto> keyManagerDtoList = KeyManagerHolder.getKeyManagerByIssuer(tenantDomain, issuer);
if (keyManagerDtoList != null) {
KeyManagerDto keyManagerDto = keyManagerDtoList.get(0); // TODO : Does not support multiple km with same
// issuer

if (keyManagerDto != null && StringUtils.isNotBlank(scope) && scopes.contains(scope)) {
String token = authContext.getAccessToken();
String consumerKey = authContext.getConsumerKey();
oneTimeTokenExecutorService.execute(() ->
keyManagerDto.getKeyManager().revokeOneTimeToken(token, consumerKey));
}
}
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -72,8 +72,10 @@ public void init() {
Mockito.when(authContext.getIssuer()).thenReturn("https://localhost:9443/oauth2/token");
Mockito.when(authContext.getRequestTokenScopes()).thenReturn(scopes);

List<KeyManagerDto> keymanagerList = new ArrayList<KeyManagerDto>();
keymanagerList.add(keyManagerDto);
Mockito.when(KeyManagerHolder.getKeyManagerByIssuer(Mockito.anyString(), Mockito.anyString())).
thenReturn(keyManagerDto);
thenReturn(keymanagerList);
Mockito.when(keyManagerDto.getKeyManager()).thenReturn(keyManager);
Mockito.doNothing().when(oneTimeExecutorService).execute(() ->
keyManagerDto.getKeyManager().revokeOneTimeToken(Mockito.anyString(), Mockito.anyString()));
Expand Down Expand Up @@ -115,7 +117,7 @@ public void testMediateWithNullIssuer() {
* KeyManagerDto is set to null
*/
@Test
public void testMediateWithNullKeyManagerDto() {
public void testMediateWithNullKeyManagerDtoList() {

Mockito.when(KeyManagerHolder.getKeyManagerByIssuer(Mockito.anyString(), Mockito.anyString())).
thenReturn(null);
Expand Down
8 changes: 8 additions & 0 deletions components/apimgt/org.wso2.carbon.apimgt.impl/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -646,6 +646,14 @@
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>9</source>
<target>9</target>
</configuration>
</plugin>

</plugins>
</build>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,7 @@ public final class APIConstants {
public static final String VISIBILITY = "visibility";

public static final String API_RESTRICTED_VISIBILITY = "restricted";
public static final String API_RESTRICTED_BY_ORG = "restricted_by_org";

public static final String API_PRIVATE_VISIBILITY = "private";

Expand Down Expand Up @@ -844,6 +845,7 @@ private Permissions() {
"internal_application_mgt_delete", "internal_application_mgt_update", "internal_application_mgt_view",
"internal_user_mgt_list"};
public static final String KEY_MANAGER_CLIENT_APPLICATION_PREFIX = "wso2_apim_km_";
public static final String DEFAULT_APP_SHARING_KEYWORD = "private";

public static final String TOKEN_URL = "TokenURL";
public static final String REVOKE_URL = "RevokeURL";
Expand Down Expand Up @@ -2020,6 +2022,8 @@ public enum RegistryResourceTypesForUI {
public static final String API_POLICY_API_LEVEL = "apiLevel";

public static final String BILLING_PLAN_FREE = "FREE";
public static final String ALLOWED_ORGANIZATIONS_DEFAULT = "ALL";
public static final String DEFAULT_VISIBLE_ORG = "all";
public static final String POLICY_RESET = "reset";

public static final String BLOCKING_EVENT_TYPE = "wso2event";
Expand Down Expand Up @@ -3251,6 +3255,13 @@ public static class TokenValidationConstants {
public static final String TOKEN_VALIDATION_CONFIG = "TokenValidation";
public static final String ENFORCE_JWT_TYPE_HEADER_VALIDATION = "EnforceTypeHeaderValidation";
}

// For Organization access control Configuration
public static final String ORG_BASED_ACCESS_CONTROL = "OrganizationBasedAccessControl";
public static final String ORG_BASED_ACCESS_CONTROL_ENABLE = "Enable";
public static final String ORG_BASED_ACCESS_CONTROL_ORG_NAME_CLAIM = "OrganizationNameLocalClaim";
public static final String ORG_BASED_ACCESS_CONTROL_ORG_ID_CLAIM = "OrganizationIDLocalClaim";
public static final String ORG_BASED_ACCESS_CONTROL_SELECTOR_CLAIM = "OrgaizationSelectorLocalClaim";

public static class TransactionCounter {

Expand Down
Loading