Add permissions and scopes.

components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/AuthenticatorManagementFacade.java

@@ -18,6 +18,7 @@
 
 package org.wso2.carbon.identity.application.common.dao.impl;
 
+import org.wso2.carbon.identity.application.common.dao.AuthenticatorManagementDAO;
 import org.wso2.carbon.identity.application.common.exception.AuthenticatorMgtException;
 import org.wso2.carbon.identity.application.common.model.UserDefinedLocalAuthenticatorConfig;
 import org.wso2.carbon.identity.application.common.util.UserDefinedAuthenticatorEndpointConfigManager;
@@ -29,17 +30,18 @@
  * This class responsible for managing authenticator endpoint configurations for the user defined local
  * authenticators.
  */
-public class AuthenticatorManagementFacade {
+public class AuthenticatorManagementFacade implements AuthenticatorManagementDAO {
 
-    private final AuthenticatorManagementDAOImpl dao;
+    private final AuthenticatorManagementDAO dao;
     private UserDefinedAuthenticatorEndpointConfigManager endpointConfigManager =
             new UserDefinedAuthenticatorEndpointConfigManager();
 
-    public AuthenticatorManagementFacade(AuthenticatorManagementDAOImpl dao) {
+    public AuthenticatorManagementFacade(AuthenticatorManagementDAO dao) {
 
         this.dao = dao;
     }
 
+    @Override
     public UserDefinedLocalAuthenticatorConfig addUserDefinedLocalAuthenticator(
             UserDefinedLocalAuthenticatorConfig authenticatorConfig,
             int tenantId, AuthenticatorPropertyConstants.AuthenticationType type) throws AuthenticatorMgtException {
@@ -52,11 +54,12 @@ public UserDefinedLocalAuthenticatorConfig addUserDefinedLocalAuthenticator(
             throw e;
         }
     }
-
-    public UserDefinedLocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(UserDefinedLocalAuthenticatorConfig 
-            existingAuthenticatorConfig, UserDefinedLocalAuthenticatorConfig newAuthenticatorConfig, 
+
+    @Override
+    public UserDefinedLocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(UserDefinedLocalAuthenticatorConfig
+            existingAuthenticatorConfig, UserDefinedLocalAuthenticatorConfig newAuthenticatorConfig,
             int tenantId) throws AuthenticatorMgtException {
-        
+
         endpointConfigManager.updateEndpointConfigurations(newAuthenticatorConfig, existingAuthenticatorConfig,
                 tenantId);
         try {
@@ -68,15 +71,17 @@ public UserDefinedLocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(U
             throw e;
         }
     }
-
+
+    @Override
     public UserDefinedLocalAuthenticatorConfig getUserDefinedLocalAuthenticator(
             String authenticatorConfigName, int tenantId) throws AuthenticatorMgtException {
 
         UserDefinedLocalAuthenticatorConfig config = dao.getUserDefinedLocalAuthenticator(authenticatorConfigName,
                     tenantId);
         return endpointConfigManager.resolveEndpointConfigurations(config, tenantId);
     }
-
+
+    @Override
     public List<UserDefinedLocalAuthenticatorConfig> getAllUserDefinedLocalAuthenticator(int tenantId)
             throws AuthenticatorMgtException {
 
@@ -86,10 +91,11 @@ public List<UserDefinedLocalAuthenticatorConfig> getAllUserDefinedLocalAuthentic
         }
         return configList;
     }
-
+
+    @Override
     public void deleteUserDefinedLocalAuthenticator(String authenticatorConfigName, UserDefinedLocalAuthenticatorConfig
             authenticatorConfig, int tenantId) throws AuthenticatorMgtException {
-        
+
         endpointConfigManager.deleteEndpointConfigurations(authenticatorConfig, tenantId);
         try {
             dao.deleteUserDefinedLocalAuthenticator(authenticatorConfigName, authenticatorConfig, tenantId);

components/application-mgt/org.wso2.carbon.identity.application.common/src/main/java/org/wso2/carbon/identity/application/common/dao/impl/CacheBackedAuthenticatorMgtDAO.java

@@ -37,11 +37,11 @@ public class CacheBackedAuthenticatorMgtDAO implements AuthenticatorManagementDA
 
     private static final Log LOG = LogFactory.getLog(CacheBackedAuthenticatorMgtDAO.class);
     private final AuthenticatorCache authenticatorCache;
-    private final AuthenticatorManagementDAO authenticatorManagementDAO;
+    private final AuthenticatorManagementFacade authenticatorMgtFacade;
 
     public CacheBackedAuthenticatorMgtDAO(AuthenticatorManagementDAO authenticatorManagementDAO) {
 
-        this.authenticatorManagementDAO = authenticatorManagementDAO;
+        authenticatorMgtFacade = new AuthenticatorManagementFacade(authenticatorManagementDAO);
         authenticatorCache = AuthenticatorCache.getInstance();
     }
 
@@ -50,7 +50,7 @@ public UserDefinedLocalAuthenticatorConfig addUserDefinedLocalAuthenticator(
             UserDefinedLocalAuthenticatorConfig authenticatorConfig,
             int tenantId, AuthenticationType type) throws AuthenticatorMgtException {
 
-        UserDefinedLocalAuthenticatorConfig createdConfig = authenticatorManagementDAO.addUserDefinedLocalAuthenticator(
+        UserDefinedLocalAuthenticatorConfig createdConfig = authenticatorMgtFacade.addUserDefinedLocalAuthenticator(
                 authenticatorConfig, tenantId, type);
 
         AuthenticatorCacheKey cacheKey = new AuthenticatorCacheKey(authenticatorConfig.getName());
@@ -66,7 +66,7 @@ public UserDefinedLocalAuthenticatorConfig updateUserDefinedLocalAuthenticator(U
         AuthenticatorCacheKey cacheKey = new AuthenticatorCacheKey(existingAuthenticatorConfig.getName());
         authenticatorCache.clearCacheEntry(cacheKey, tenantId);
 
-        return authenticatorManagementDAO.updateUserDefinedLocalAuthenticator(
+        return authenticatorMgtFacade.updateUserDefinedLocalAuthenticator(
                 existingAuthenticatorConfig, newAuthenticatorConfig, tenantId);
     }
 
@@ -81,22 +81,22 @@ public UserDefinedLocalAuthenticatorConfig getUserDefinedLocalAuthenticator(
             return entry.getAuthenticatorConfig();
         }
 
-        return authenticatorManagementDAO.getUserDefinedLocalAuthenticator(authenticatorConfigName, tenantId);
+        return authenticatorMgtFacade.getUserDefinedLocalAuthenticator(authenticatorConfigName, tenantId);
     }
 
     @Override
     public List<UserDefinedLocalAuthenticatorConfig> getAllUserDefinedLocalAuthenticator(int tenantId)
             throws AuthenticatorMgtException {
 
-        return authenticatorManagementDAO.getAllUserDefinedLocalAuthenticator(tenantId);
+        return authenticatorMgtFacade.getAllUserDefinedLocalAuthenticator(tenantId);
     }
 
     @Override
     public void deleteUserDefinedLocalAuthenticator(String authenticatorConfigName, 
             UserDefinedLocalAuthenticatorConfig authenticatorConfig, int tenantId) throws AuthenticatorMgtException {
 
         authenticatorCache.clearCacheEntry(new AuthenticatorCacheKey(authenticatorConfigName), tenantId);
-        authenticatorManagementDAO.deleteUserDefinedLocalAuthenticator(authenticatorConfigName, authenticatorConfig,
+        authenticatorMgtFacade.deleteUserDefinedLocalAuthenticator(authenticatorConfigName, authenticatorConfig,
                 tenantId);
     }
 }

features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml

@@ -2308,6 +2308,19 @@
             <Scopes>internal_action_mgt_view</Scopes>
         </Resource>
 
+        <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="POST">
+            <Permissions>/permission/admin/manage/custom_authenticator/create</Permissions>
+            <Scopes>internal_custom_authenticator_create</Scopes>
+        </Resource>
+        <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="PUT">
+            <Permissions>/permission/admin/manage/custom_authenticator/update</Permissions>
+            <Scopes>internal_custom_authenticator_update</Scopes>
+        </Resource>
+        <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="DELETE">
+            <Permissions>/permission/admin/manage/custom_authenticator/delete</Permissions>
+            <Scopes>internal_custom_authenticator_delete</Scopes>
+        </Resource>
+
         <Resource context="/carbon(.*)" secured="false" http-method="all"/>
         <Resource context="(.*)/myaccount(.*)" secured="false" http-method="all"/>
         <Resource context="(.*)/console(.*)" secured="false" http-method="all"/>

features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/identity.xml.j2

@@ -3562,6 +3562,18 @@
             <Scopes>internal_action_mgt_view</Scopes>
         </Resource>
 
+        <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="POST">
+            <Permissions>/permission/admin/manage/custom_authenticator/create</Permissions>
+            <Scopes>internal_custom_authenticator_create</Scopes>
+        </Resource>
+        <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="PUT">
+            <Permissions>/permission/admin/manage/custom_authenticator/update</Permissions>
+            <Scopes>internal_custom_authenticator_update</Scopes>
+        </Resource>
+        <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="DELETE">
+            <Permissions>/permission/admin/manage/custom_authenticator/delete</Permissions>
+            <Scopes>internal_custom_authenticator_delete</Scopes>
+        </Resource>
 
         <Resource context="/carbon(.*)" secured="false" http-method="all"/>
         <Resource context="(.*)/myaccount(.*)" secured="false" http-method="all"/>

features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml

@@ -1199,6 +1199,17 @@
         <Scopes>internal_action_mgt_view</Scopes>
     </Resource>
 
+    <!-- User Defined local authenticator API -->
+    <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="POST">
+        <Scopes>internal_custom_authenticator_create</Scopes>
+    </Resource>
+    <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="PUT">
+        <Scopes>internal_custom_authenticator_update</Scopes>
+    </Resource>
+    <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="DELETE">
+        <Scopes>internal_custom_authenticator_delete</Scopes>
+    </Resource>
+
     <Resource context="/carbon(.*)" secured="false" http-method="all"/>
     <Resource context="(.*)/myaccount(.*)" secured="false" http-method="all"/>
     <Resource context="(.*)/console(.*)" secured="false" http-method="all"/>

features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml.j2

@@ -1255,6 +1255,17 @@
              <Scopes>internal_action_mgt_view</Scopes>
          </Resource>
 
+         <!-- User Defined local authenticator API -->
+         <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="POST">
+             <Scopes>internal_custom_authenticator_create</Scopes>
+         </Resource>
+         <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="PUT">
+             <Scopes>internal_custom_authenticator_update</Scopes>
+         </Resource>
+         <Resource context="(.*)api/server/v1/authenticators/custom(.*)" secured="true" http-method="DELETE">
+             <Scopes>internal_custom_authenticator_delete</Scopes>
+         </Resource>
+
         <Resource context="/carbon(.*)" secured="false" http-method="all"/>
         <Resource context="(.*)/myaccount(.*)" secured="false" http-method="all"/>
         <Resource context="(.*)/console(.*)" secured="false" http-method="all"/>