You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2017/06/21 20:44:34 UTC
[3/3] airavata git commit: AIRAVATA-2403 Adding user role management
methods
AIRAVATA-2403 Adding user role management methods
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/78f08958
Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/78f08958
Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/78f08958
Branch: refs/heads/develop
Commit: 78f089582f33bdf3fb7e5ccfb739d6e46428a491
Parents: 14bb432
Author: Marcus Christie <ma...@apache.org>
Authored: Wed Jun 21 16:44:14 2017 -0400
Committer: Marcus Christie <ma...@apache.org>
Committed: Wed Jun 21 16:44:14 2017 -0400
----------------------------------------------------------------------
.../Iam/Admin/Services/CPI/IamAdminServices.php | 981 +++++--
.../Profile/Tenant/CPI/TenantProfileService.php | 2 +
.../core/impl/TenantManagementKeycloakImpl.java | 108 +-
.../interfaces/TenantManagementInterface.java | 24 +
.../handlers/IamAdminServicesHandler.java | 28 +
.../admin/services/cpi/IamAdminServices.java | 2602 ++++++++++++++++++
.../iam-admin-services-cpi.thrift | 12 +
7 files changed, 3525 insertions(+), 232 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/airavata/blob/78f08958/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Service/Iam/Admin/Services/CPI/IamAdminServices.php
----------------------------------------------------------------------
diff --git a/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Service/Iam/Admin/Services/CPI/IamAdminServices.php b/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Service/Iam/Admin/Services/CPI/IamAdminServices.php
index bda8df7..0697595 100644
--- a/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Service/Iam/Admin/Services/CPI/IamAdminServices.php
+++ b/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Service/Iam/Admin/Services/CPI/IamAdminServices.php
@@ -27,52 +27,49 @@ interface IamAdminServicesIf {
/**
* @param \Airavata\Model\Security\AuthzToken $authzToken
* @param \Airavata\Model\Workspace\Gateway $gateway
- * @param \Airavata\Model\Credential\Store\PasswordCredential $isSuperAdminCredentials
* @return \Airavata\Model\Workspace\Gateway
* @throws \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException
* @throws \Airavata\API\Error\AuthorizationException
*/
- public function setUpGateway(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\Workspace\Gateway $gateway, \Airavata\Model\Credential\Store\PasswordCredential $isSuperAdminCredentials);
+ public function setUpGateway(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\Workspace\Gateway $gateway);
/**
* @param \Airavata\Model\Security\AuthzToken $authzToken
- * @param \Airavata\Model\User\UserProfile $userDetails
- * @param \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials
+ * @param string $username
+ * @param string $emailAddress
+ * @param string $firstName
+ * @param string $lastName
* @param string $newPassword
* @return bool
* @throws \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException
* @throws \Airavata\API\Error\AuthorizationException
*/
- public function registerUser(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\User\UserProfile $userDetails, \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials, $newPassword);
+ public function registerUser(\Airavata\Model\Security\AuthzToken $authzToken, $username, $emailAddress, $firstName, $lastName, $newPassword);
/**
* @param \Airavata\Model\Security\AuthzToken $authzToken
- * @param \Airavata\Model\User\UserProfile $userDetails
- * @param \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials
+ * @param string $username
* @return bool
* @throws \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException
* @throws \Airavata\API\Error\AuthorizationException
*/
- public function enableUser(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\User\UserProfile $userDetails, \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials);
+ public function enableUser(\Airavata\Model\Security\AuthzToken $authzToken, $username);
/**
* @param \Airavata\Model\Security\AuthzToken $authzToken
- * @param string $tenantId
* @param string $username
* @param string $newPassword
* @return bool
* @throws \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException
* @throws \Airavata\API\Error\AuthorizationException
*/
- public function resetUserPassword(\Airavata\Model\Security\AuthzToken $authzToken, $tenantId, $username, $newPassword);
+ public function resetUserPassword(\Airavata\Model\Security\AuthzToken $authzToken, $username, $newPassword);
/**
* @param \Airavata\Model\Security\AuthzToken $authzToken
- * @param string $gatewayID
* @param string $email
* @param string $userId
- * @param \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials
* @return \Airavata\Model\User\UserProfile[]
* @throws \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException
* @throws \Airavata\API\Error\AuthorizationException
*/
- public function findUsers(\Airavata\Model\Security\AuthzToken $authzToken, $gatewayID, $email, $userId, \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials);
+ public function findUsers(\Airavata\Model\Security\AuthzToken $authzToken, $email, $userId);
/**
* @param \Airavata\Model\Security\AuthzToken $authzToken
* @param \Airavata\Model\User\UserProfile $userDetails
@@ -80,6 +77,24 @@ interface IamAdminServicesIf {
* @throws \Airavata\API\Error\AuthorizationException
*/
public function updateUserProfile(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\User\UserProfile $userDetails);
+ /**
+ * @param \Airavata\Model\Security\AuthzToken $authzToken
+ * @param string $username
+ * @param string $roleName
+ * @return bool
+ * @throws \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException
+ * @throws \Airavata\API\Error\AuthorizationException
+ */
+ public function addRoleToUser(\Airavata\Model\Security\AuthzToken $authzToken, $username, $roleName);
+ /**
+ * @param \Airavata\Model\Security\AuthzToken $authzToken
+ * @param string $username
+ * @param string $roleName
+ * @return bool
+ * @throws \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException
+ * @throws \Airavata\API\Error\AuthorizationException
+ */
+ public function removeRoleFromUser(\Airavata\Model\Security\AuthzToken $authzToken, $username, $roleName);
}
class IamAdminServicesClient implements \Airavata\Service\Iam\Admin\Services\CPI\IamAdminServicesIf {
@@ -150,18 +165,17 @@ class IamAdminServicesClient implements \Airavata\Service\Iam\Admin\Services\CPI
throw new \Exception("getAPIVersion failed: unknown result");
}
- public function setUpGateway(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\Workspace\Gateway $gateway, \Airavata\Model\Credential\Store\PasswordCredential $isSuperAdminCredentials)
+ public function setUpGateway(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\Workspace\Gateway $gateway)
{
- $this->send_setUpGateway($authzToken, $gateway, $isSuperAdminCredentials);
+ $this->send_setUpGateway($authzToken, $gateway);
return $this->recv_setUpGateway();
}
- public function send_setUpGateway(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\Workspace\Gateway $gateway, \Airavata\Model\Credential\Store\PasswordCredential $isSuperAdminCredentials)
+ public function send_setUpGateway(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\Workspace\Gateway $gateway)
{
$args = new \Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_setUpGateway_args();
$args->authzToken = $authzToken;
$args->gateway = $gateway;
- $args->isSuperAdminCredentials = $isSuperAdminCredentials;
$bin_accel = ($this->output_ instanceof TBinaryProtocolAccelerated) && function_exists('thrift_protocol_write_binary');
if ($bin_accel)
{
@@ -209,18 +223,20 @@ class IamAdminServicesClient implements \Airavata\Service\Iam\Admin\Services\CPI
throw new \Exception("setUpGateway failed: unknown result");
}
- public function registerUser(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\User\UserProfile $userDetails, \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials, $newPassword)
+ public function registerUser(\Airavata\Model\Security\AuthzToken $authzToken, $username, $emailAddress, $firstName, $lastName, $newPassword)
{
- $this->send_registerUser($authzToken, $userDetails, $isRealmAdminCredentials, $newPassword);
+ $this->send_registerUser($authzToken, $username, $emailAddress, $firstName, $lastName, $newPassword);
return $this->recv_registerUser();
}
- public function send_registerUser(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\User\UserProfile $userDetails, \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials, $newPassword)
+ public function send_registerUser(\Airavata\Model\Security\AuthzToken $authzToken, $username, $emailAddress, $firstName, $lastName, $newPassword)
{
$args = new \Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_registerUser_args();
$args->authzToken = $authzToken;
- $args->userDetails = $userDetails;
- $args->isRealmAdminCredentials = $isRealmAdminCredentials;
+ $args->username = $username;
+ $args->emailAddress = $emailAddress;
+ $args->firstName = $firstName;
+ $args->lastName = $lastName;
$args->newPassword = $newPassword;
$bin_accel = ($this->output_ instanceof TBinaryProtocolAccelerated) && function_exists('thrift_protocol_write_binary');
if ($bin_accel)
@@ -269,18 +285,17 @@ class IamAdminServicesClient implements \Airavata\Service\Iam\Admin\Services\CPI
throw new \Exception("registerUser failed: unknown result");
}
- public function enableUser(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\User\UserProfile $userDetails, \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials)
+ public function enableUser(\Airavata\Model\Security\AuthzToken $authzToken, $username)
{
- $this->send_enableUser($authzToken, $userDetails, $isRealmAdminCredentials);
+ $this->send_enableUser($authzToken, $username);
return $this->recv_enableUser();
}
- public function send_enableUser(\Airavata\Model\Security\AuthzToken $authzToken, \Airavata\Model\User\UserProfile $userDetails, \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials)
+ public function send_enableUser(\Airavata\Model\Security\AuthzToken $authzToken, $username)
{
$args = new \Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_enableUser_args();
$args->authzToken = $authzToken;
- $args->userDetails = $userDetails;
- $args->isRealmAdminCredentials = $isRealmAdminCredentials;
+ $args->username = $username;
$bin_accel = ($this->output_ instanceof TBinaryProtocolAccelerated) && function_exists('thrift_protocol_write_binary');
if ($bin_accel)
{
@@ -328,17 +343,16 @@ class IamAdminServicesClient implements \Airavata\Service\Iam\Admin\Services\CPI
throw new \Exception("enableUser failed: unknown result");
}
- public function resetUserPassword(\Airavata\Model\Security\AuthzToken $authzToken, $tenantId, $username, $newPassword)
+ public function resetUserPassword(\Airavata\Model\Security\AuthzToken $authzToken, $username, $newPassword)
{
- $this->send_resetUserPassword($authzToken, $tenantId, $username, $newPassword);
+ $this->send_resetUserPassword($authzToken, $username, $newPassword);
return $this->recv_resetUserPassword();
}
- public function send_resetUserPassword(\Airavata\Model\Security\AuthzToken $authzToken, $tenantId, $username, $newPassword)
+ public function send_resetUserPassword(\Airavata\Model\Security\AuthzToken $authzToken, $username, $newPassword)
{
$args = new \Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_resetUserPassword_args();
$args->authzToken = $authzToken;
- $args->tenantId = $tenantId;
$args->username = $username;
$args->newPassword = $newPassword;
$bin_accel = ($this->output_ instanceof TBinaryProtocolAccelerated) && function_exists('thrift_protocol_write_binary');
@@ -388,20 +402,18 @@ class IamAdminServicesClient implements \Airavata\Service\Iam\Admin\Services\CPI
throw new \Exception("resetUserPassword failed: unknown result");
}
- public function findUsers(\Airavata\Model\Security\AuthzToken $authzToken, $gatewayID, $email, $userId, \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials)
+ public function findUsers(\Airavata\Model\Security\AuthzToken $authzToken, $email, $userId)
{
- $this->send_findUsers($authzToken, $gatewayID, $email, $userId, $isRealmAdminCredentials);
+ $this->send_findUsers($authzToken, $email, $userId);
return $this->recv_findUsers();
}
- public function send_findUsers(\Airavata\Model\Security\AuthzToken $authzToken, $gatewayID, $email, $userId, \Airavata\Model\Credential\Store\PasswordCredential $isRealmAdminCredentials)
+ public function send_findUsers(\Airavata\Model\Security\AuthzToken $authzToken, $email, $userId)
{
$args = new \Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_findUsers_args();
$args->authzToken = $authzToken;
- $args->gatewayID = $gatewayID;
$args->email = $email;
$args->userId = $userId;
- $args->isRealmAdminCredentials = $isRealmAdminCredentials;
$bin_accel = ($this->output_ instanceof TBinaryProtocolAccelerated) && function_exists('thrift_protocol_write_binary');
if ($bin_accel)
{
@@ -504,6 +516,124 @@ class IamAdminServicesClient implements \Airavata\Service\Iam\Admin\Services\CPI
return;
}
+ public function addRoleToUser(\Airavata\Model\Security\AuthzToken $authzToken, $username, $roleName)
+ {
+ $this->send_addRoleToUser($authzToken, $username, $roleName);
+ return $this->recv_addRoleToUser();
+ }
+
+ public function send_addRoleToUser(\Airavata\Model\Security\AuthzToken $authzToken, $username, $roleName)
+ {
+ $args = new \Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_addRoleToUser_args();
+ $args->authzToken = $authzToken;
+ $args->username = $username;
+ $args->roleName = $roleName;
+ $bin_accel = ($this->output_ instanceof TBinaryProtocolAccelerated) && function_exists('thrift_protocol_write_binary');
+ if ($bin_accel)
+ {
+ thrift_protocol_write_binary($this->output_, 'addRoleToUser', TMessageType::CALL, $args, $this->seqid_, $this->output_->isStrictWrite());
+ }
+ else
+ {
+ $this->output_->writeMessageBegin('addRoleToUser', TMessageType::CALL, $this->seqid_);
+ $args->write($this->output_);
+ $this->output_->writeMessageEnd();
+ $this->output_->getTransport()->flush();
+ }
+ }
+
+ public function recv_addRoleToUser()
+ {
+ $bin_accel = ($this->input_ instanceof TBinaryProtocolAccelerated) && function_exists('thrift_protocol_read_binary');
+ if ($bin_accel) $result = thrift_protocol_read_binary($this->input_, '\Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_addRoleToUser_result', $this->input_->isStrictRead());
+ else
+ {
+ $rseqid = 0;
+ $fname = null;
+ $mtype = 0;
+
+ $this->input_->readMessageBegin($fname, $mtype, $rseqid);
+ if ($mtype == TMessageType::EXCEPTION) {
+ $x = new TApplicationException();
+ $x->read($this->input_);
+ $this->input_->readMessageEnd();
+ throw $x;
+ }
+ $result = new \Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_addRoleToUser_result();
+ $result->read($this->input_);
+ $this->input_->readMessageEnd();
+ }
+ if ($result->success !== null) {
+ return $result->success;
+ }
+ if ($result->Idse !== null) {
+ throw $result->Idse;
+ }
+ if ($result->ae !== null) {
+ throw $result->ae;
+ }
+ throw new \Exception("addRoleToUser failed: unknown result");
+ }
+
+ public function removeRoleFromUser(\Airavata\Model\Security\AuthzToken $authzToken, $username, $roleName)
+ {
+ $this->send_removeRoleFromUser($authzToken, $username, $roleName);
+ return $this->recv_removeRoleFromUser();
+ }
+
+ public function send_removeRoleFromUser(\Airavata\Model\Security\AuthzToken $authzToken, $username, $roleName)
+ {
+ $args = new \Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_removeRoleFromUser_args();
+ $args->authzToken = $authzToken;
+ $args->username = $username;
+ $args->roleName = $roleName;
+ $bin_accel = ($this->output_ instanceof TBinaryProtocolAccelerated) && function_exists('thrift_protocol_write_binary');
+ if ($bin_accel)
+ {
+ thrift_protocol_write_binary($this->output_, 'removeRoleFromUser', TMessageType::CALL, $args, $this->seqid_, $this->output_->isStrictWrite());
+ }
+ else
+ {
+ $this->output_->writeMessageBegin('removeRoleFromUser', TMessageType::CALL, $this->seqid_);
+ $args->write($this->output_);
+ $this->output_->writeMessageEnd();
+ $this->output_->getTransport()->flush();
+ }
+ }
+
+ public function recv_removeRoleFromUser()
+ {
+ $bin_accel = ($this->input_ instanceof TBinaryProtocolAccelerated) && function_exists('thrift_protocol_read_binary');
+ if ($bin_accel) $result = thrift_protocol_read_binary($this->input_, '\Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_removeRoleFromUser_result', $this->input_->isStrictRead());
+ else
+ {
+ $rseqid = 0;
+ $fname = null;
+ $mtype = 0;
+
+ $this->input_->readMessageBegin($fname, $mtype, $rseqid);
+ if ($mtype == TMessageType::EXCEPTION) {
+ $x = new TApplicationException();
+ $x->read($this->input_);
+ $this->input_->readMessageEnd();
+ throw $x;
+ }
+ $result = new \Airavata\Service\Iam\Admin\Services\CPI\IamAdminServices_removeRoleFromUser_result();
+ $result->read($this->input_);
+ $this->input_->readMessageEnd();
+ }
+ if ($result->success !== null) {
+ return $result->success;
+ }
+ if ($result->Idse !== null) {
+ throw $result->Idse;
+ }
+ if ($result->ae !== null) {
+ throw $result->ae;
+ }
+ throw new \Exception("removeRoleFromUser failed: unknown result");
+ }
+
}
// HELPER FUNCTIONS AND STRUCTURES
@@ -724,10 +854,6 @@ class IamAdminServices_setUpGateway_args {
* @var \Airavata\Model\Workspace\Gateway
*/
public $gateway = null;
- /**
- * @var \Airavata\Model\Credential\Store\PasswordCredential
- */
- public $isSuperAdminCredentials = null;
public function __construct($vals=null) {
if (!isset(self::$_TSPEC)) {
@@ -742,11 +868,6 @@ class IamAdminServices_setUpGateway_args {
'type' => TType::STRUCT,
'class' => '\Airavata\Model\Workspace\Gateway',
),
- 3 => array(
- 'var' => 'isSuperAdminCredentials',
- 'type' => TType::STRUCT,
- 'class' => '\Airavata\Model\Credential\Store\PasswordCredential',
- ),
);
}
if (is_array($vals)) {
@@ -756,9 +877,6 @@ class IamAdminServices_setUpGateway_args {
if (isset($vals['gateway'])) {
$this->gateway = $vals['gateway'];
}
- if (isset($vals['isSuperAdminCredentials'])) {
- $this->isSuperAdminCredentials = $vals['isSuperAdminCredentials'];
- }
}
}
@@ -797,14 +915,6 @@ class IamAdminServices_setUpGateway_args {
$xfer += $input->skip($ftype);
}
break;
- case 3:
- if ($ftype == TType::STRUCT) {
- $this->isSuperAdminCredentials = new \Airavata\Model\Credential\Store\PasswordCredential();
- $xfer += $this->isSuperAdminCredentials->read($input);
- } else {
- $xfer += $input->skip($ftype);
- }
- break;
default:
$xfer += $input->skip($ftype);
break;
@@ -834,14 +944,6 @@ class IamAdminServices_setUpGateway_args {
$xfer += $this->gateway->write($output);
$xfer += $output->writeFieldEnd();
}
- if ($this->isSuperAdminCredentials !== null) {
- if (!is_object($this->isSuperAdminCredentials)) {
- throw new TProtocolException('Bad type in structure.', TProtocolException::INVALID_DATA);
- }
- $xfer += $output->writeFieldBegin('isSuperAdminCredentials', TType::STRUCT, 3);
- $xfer += $this->isSuperAdminCredentials->write($output);
- $xfer += $output->writeFieldEnd();
- }
$xfer += $output->writeFieldStop();
$xfer += $output->writeStructEnd();
return $xfer;
@@ -987,13 +1089,21 @@ class IamAdminServices_registerUser_args {
*/
public $authzToken = null;
/**
- * @var \Airavata\Model\User\UserProfile
+ * @var string
*/
- public $userDetails = null;
+ public $username = null;
/**
- * @var \Airavata\Model\Credential\Store\PasswordCredential
+ * @var string
+ */
+ public $emailAddress = null;
+ /**
+ * @var string
*/
- public $isRealmAdminCredentials = null;
+ public $firstName = null;
+ /**
+ * @var string
+ */
+ public $lastName = null;
/**
* @var string
*/
@@ -1008,16 +1118,22 @@ class IamAdminServices_registerUser_args {
'class' => '\Airavata\Model\Security\AuthzToken',
),
2 => array(
- 'var' => 'userDetails',
- 'type' => TType::STRUCT,
- 'class' => '\Airavata\Model\User\UserProfile',
+ 'var' => 'username',
+ 'type' => TType::STRING,
),
3 => array(
- 'var' => 'isRealmAdminCredentials',
- 'type' => TType::STRUCT,
- 'class' => '\Airavata\Model\Credential\Store\PasswordCredential',
+ 'var' => 'emailAddress',
+ 'type' => TType::STRING,
),
4 => array(
+ 'var' => 'firstName',
+ 'type' => TType::STRING,
+ ),
+ 5 => array(
+ 'var' => 'lastName',
+ 'type' => TType::STRING,
+ ),
+ 6 => array(
'var' => 'newPassword',
'type' => TType::STRING,
),
@@ -1027,11 +1143,17 @@ class IamAdminServices_registerUser_args {
if (isset($vals['authzToken'])) {
$this->authzToken = $vals['authzToken'];
}
- if (isset($vals['userDetails'])) {
- $this->userDetails = $vals['userDetails'];
+ if (isset($vals['username'])) {
+ $this->username = $vals['username'];
+ }
+ if (isset($vals['emailAddress'])) {
+ $this->emailAddress = $vals['emailAddress'];
}
- if (isset($vals['isRealmAdminCredentials'])) {
- $this->isRealmAdminCredentials = $vals['isRealmAdminCredentials'];
+ if (isset($vals['firstName'])) {
+ $this->firstName = $vals['firstName'];
+ }
+ if (isset($vals['lastName'])) {
+ $this->lastName = $vals['lastName'];
}
if (isset($vals['newPassword'])) {
$this->newPassword = $vals['newPassword'];
@@ -1067,23 +1189,35 @@ class IamAdminServices_registerUser_args {
}
break;
case 2:
- if ($ftype == TType::STRUCT) {
- $this->userDetails = new \Airavata\Model\User\UserProfile();
- $xfer += $this->userDetails->read($input);
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->username);
} else {
$xfer += $input->skip($ftype);
}
break;
case 3:
- if ($ftype == TType::STRUCT) {
- $this->isRealmAdminCredentials = new \Airavata\Model\Credential\Store\PasswordCredential();
- $xfer += $this->isRealmAdminCredentials->read($input);
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->emailAddress);
} else {
$xfer += $input->skip($ftype);
}
break;
case 4:
if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->firstName);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 5:
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->lastName);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 6:
+ if ($ftype == TType::STRING) {
$xfer += $input->readString($this->newPassword);
} else {
$xfer += $input->skip($ftype);
@@ -1110,24 +1244,28 @@ class IamAdminServices_registerUser_args {
$xfer += $this->authzToken->write($output);
$xfer += $output->writeFieldEnd();
}
- if ($this->userDetails !== null) {
- if (!is_object($this->userDetails)) {
- throw new TProtocolException('Bad type in structure.', TProtocolException::INVALID_DATA);
- }
- $xfer += $output->writeFieldBegin('userDetails', TType::STRUCT, 2);
- $xfer += $this->userDetails->write($output);
+ if ($this->username !== null) {
+ $xfer += $output->writeFieldBegin('username', TType::STRING, 2);
+ $xfer += $output->writeString($this->username);
$xfer += $output->writeFieldEnd();
}
- if ($this->isRealmAdminCredentials !== null) {
- if (!is_object($this->isRealmAdminCredentials)) {
- throw new TProtocolException('Bad type in structure.', TProtocolException::INVALID_DATA);
- }
- $xfer += $output->writeFieldBegin('isRealmAdminCredentials', TType::STRUCT, 3);
- $xfer += $this->isRealmAdminCredentials->write($output);
+ if ($this->emailAddress !== null) {
+ $xfer += $output->writeFieldBegin('emailAddress', TType::STRING, 3);
+ $xfer += $output->writeString($this->emailAddress);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->firstName !== null) {
+ $xfer += $output->writeFieldBegin('firstName', TType::STRING, 4);
+ $xfer += $output->writeString($this->firstName);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->lastName !== null) {
+ $xfer += $output->writeFieldBegin('lastName', TType::STRING, 5);
+ $xfer += $output->writeString($this->lastName);
$xfer += $output->writeFieldEnd();
}
if ($this->newPassword !== null) {
- $xfer += $output->writeFieldBegin('newPassword', TType::STRING, 4);
+ $xfer += $output->writeFieldBegin('newPassword', TType::STRING, 6);
$xfer += $output->writeString($this->newPassword);
$xfer += $output->writeFieldEnd();
}
@@ -1271,13 +1409,9 @@ class IamAdminServices_enableUser_args {
*/
public $authzToken = null;
/**
- * @var \Airavata\Model\User\UserProfile
- */
- public $userDetails = null;
- /**
- * @var \Airavata\Model\Credential\Store\PasswordCredential
+ * @var string
*/
- public $isRealmAdminCredentials = null;
+ public $username = null;
public function __construct($vals=null) {
if (!isset(self::$_TSPEC)) {
@@ -1288,14 +1422,8 @@ class IamAdminServices_enableUser_args {
'class' => '\Airavata\Model\Security\AuthzToken',
),
2 => array(
- 'var' => 'userDetails',
- 'type' => TType::STRUCT,
- 'class' => '\Airavata\Model\User\UserProfile',
- ),
- 3 => array(
- 'var' => 'isRealmAdminCredentials',
- 'type' => TType::STRUCT,
- 'class' => '\Airavata\Model\Credential\Store\PasswordCredential',
+ 'var' => 'username',
+ 'type' => TType::STRING,
),
);
}
@@ -1303,11 +1431,8 @@ class IamAdminServices_enableUser_args {
if (isset($vals['authzToken'])) {
$this->authzToken = $vals['authzToken'];
}
- if (isset($vals['userDetails'])) {
- $this->userDetails = $vals['userDetails'];
- }
- if (isset($vals['isRealmAdminCredentials'])) {
- $this->isRealmAdminCredentials = $vals['isRealmAdminCredentials'];
+ if (isset($vals['username'])) {
+ $this->username = $vals['username'];
}
}
}
@@ -1340,17 +1465,8 @@ class IamAdminServices_enableUser_args {
}
break;
case 2:
- if ($ftype == TType::STRUCT) {
- $this->userDetails = new \Airavata\Model\User\UserProfile();
- $xfer += $this->userDetails->read($input);
- } else {
- $xfer += $input->skip($ftype);
- }
- break;
- case 3:
- if ($ftype == TType::STRUCT) {
- $this->isRealmAdminCredentials = new \Airavata\Model\Credential\Store\PasswordCredential();
- $xfer += $this->isRealmAdminCredentials->read($input);
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->username);
} else {
$xfer += $input->skip($ftype);
}
@@ -1376,20 +1492,9 @@ class IamAdminServices_enableUser_args {
$xfer += $this->authzToken->write($output);
$xfer += $output->writeFieldEnd();
}
- if ($this->userDetails !== null) {
- if (!is_object($this->userDetails)) {
- throw new TProtocolException('Bad type in structure.', TProtocolException::INVALID_DATA);
- }
- $xfer += $output->writeFieldBegin('userDetails', TType::STRUCT, 2);
- $xfer += $this->userDetails->write($output);
- $xfer += $output->writeFieldEnd();
- }
- if ($this->isRealmAdminCredentials !== null) {
- if (!is_object($this->isRealmAdminCredentials)) {
- throw new TProtocolException('Bad type in structure.', TProtocolException::INVALID_DATA);
- }
- $xfer += $output->writeFieldBegin('isRealmAdminCredentials', TType::STRUCT, 3);
- $xfer += $this->isRealmAdminCredentials->write($output);
+ if ($this->username !== null) {
+ $xfer += $output->writeFieldBegin('username', TType::STRING, 2);
+ $xfer += $output->writeString($this->username);
$xfer += $output->writeFieldEnd();
}
$xfer += $output->writeFieldStop();
@@ -1534,10 +1639,6 @@ class IamAdminServices_resetUserPassword_args {
/**
* @var string
*/
- public $tenantId = null;
- /**
- * @var string
- */
public $username = null;
/**
* @var string
@@ -1553,14 +1654,10 @@ class IamAdminServices_resetUserPassword_args {
'class' => '\Airavata\Model\Security\AuthzToken',
),
2 => array(
- 'var' => 'tenantId',
- 'type' => TType::STRING,
- ),
- 3 => array(
'var' => 'username',
'type' => TType::STRING,
),
- 4 => array(
+ 3 => array(
'var' => 'newPassword',
'type' => TType::STRING,
),
@@ -1570,9 +1667,6 @@ class IamAdminServices_resetUserPassword_args {
if (isset($vals['authzToken'])) {
$this->authzToken = $vals['authzToken'];
}
- if (isset($vals['tenantId'])) {
- $this->tenantId = $vals['tenantId'];
- }
if (isset($vals['username'])) {
$this->username = $vals['username'];
}
@@ -1611,19 +1705,12 @@ class IamAdminServices_resetUserPassword_args {
break;
case 2:
if ($ftype == TType::STRING) {
- $xfer += $input->readString($this->tenantId);
- } else {
- $xfer += $input->skip($ftype);
- }
- break;
- case 3:
- if ($ftype == TType::STRING) {
$xfer += $input->readString($this->username);
} else {
$xfer += $input->skip($ftype);
}
break;
- case 4:
+ case 3:
if ($ftype == TType::STRING) {
$xfer += $input->readString($this->newPassword);
} else {
@@ -1651,18 +1738,13 @@ class IamAdminServices_resetUserPassword_args {
$xfer += $this->authzToken->write($output);
$xfer += $output->writeFieldEnd();
}
- if ($this->tenantId !== null) {
- $xfer += $output->writeFieldBegin('tenantId', TType::STRING, 2);
- $xfer += $output->writeString($this->tenantId);
- $xfer += $output->writeFieldEnd();
- }
if ($this->username !== null) {
- $xfer += $output->writeFieldBegin('username', TType::STRING, 3);
+ $xfer += $output->writeFieldBegin('username', TType::STRING, 2);
$xfer += $output->writeString($this->username);
$xfer += $output->writeFieldEnd();
}
if ($this->newPassword !== null) {
- $xfer += $output->writeFieldBegin('newPassword', TType::STRING, 4);
+ $xfer += $output->writeFieldBegin('newPassword', TType::STRING, 3);
$xfer += $output->writeString($this->newPassword);
$xfer += $output->writeFieldEnd();
}
@@ -1808,19 +1890,11 @@ class IamAdminServices_findUsers_args {
/**
* @var string
*/
- public $gatewayID = null;
- /**
- * @var string
- */
- public $email = null;
+ public $email = null;
/**
* @var string
*/
public $userId = null;
- /**
- * @var \Airavata\Model\Credential\Store\PasswordCredential
- */
- public $isRealmAdminCredentials = null;
public function __construct($vals=null) {
if (!isset(self::$_TSPEC)) {
@@ -1831,40 +1905,25 @@ class IamAdminServices_findUsers_args {
'class' => '\Airavata\Model\Security\AuthzToken',
),
2 => array(
- 'var' => 'gatewayID',
- 'type' => TType::STRING,
- ),
- 3 => array(
'var' => 'email',
'type' => TType::STRING,
),
- 4 => array(
+ 3 => array(
'var' => 'userId',
'type' => TType::STRING,
),
- 5 => array(
- 'var' => 'isRealmAdminCredentials',
- 'type' => TType::STRUCT,
- 'class' => '\Airavata\Model\Credential\Store\PasswordCredential',
- ),
);
}
if (is_array($vals)) {
if (isset($vals['authzToken'])) {
$this->authzToken = $vals['authzToken'];
}
- if (isset($vals['gatewayID'])) {
- $this->gatewayID = $vals['gatewayID'];
- }
if (isset($vals['email'])) {
$this->email = $vals['email'];
}
if (isset($vals['userId'])) {
$this->userId = $vals['userId'];
}
- if (isset($vals['isRealmAdminCredentials'])) {
- $this->isRealmAdminCredentials = $vals['isRealmAdminCredentials'];
- }
}
}
@@ -1897,33 +1956,18 @@ class IamAdminServices_findUsers_args {
break;
case 2:
if ($ftype == TType::STRING) {
- $xfer += $input->readString($this->gatewayID);
- } else {
- $xfer += $input->skip($ftype);
- }
- break;
- case 3:
- if ($ftype == TType::STRING) {
$xfer += $input->readString($this->email);
} else {
$xfer += $input->skip($ftype);
}
break;
- case 4:
+ case 3:
if ($ftype == TType::STRING) {
$xfer += $input->readString($this->userId);
} else {
$xfer += $input->skip($ftype);
}
break;
- case 5:
- if ($ftype == TType::STRUCT) {
- $this->isRealmAdminCredentials = new \Airavata\Model\Credential\Store\PasswordCredential();
- $xfer += $this->isRealmAdminCredentials->read($input);
- } else {
- $xfer += $input->skip($ftype);
- }
- break;
default:
$xfer += $input->skip($ftype);
break;
@@ -1945,29 +1989,16 @@ class IamAdminServices_findUsers_args {
$xfer += $this->authzToken->write($output);
$xfer += $output->writeFieldEnd();
}
- if ($this->gatewayID !== null) {
- $xfer += $output->writeFieldBegin('gatewayID', TType::STRING, 2);
- $xfer += $output->writeString($this->gatewayID);
- $xfer += $output->writeFieldEnd();
- }
if ($this->email !== null) {
- $xfer += $output->writeFieldBegin('email', TType::STRING, 3);
+ $xfer += $output->writeFieldBegin('email', TType::STRING, 2);
$xfer += $output->writeString($this->email);
$xfer += $output->writeFieldEnd();
}
if ($this->userId !== null) {
- $xfer += $output->writeFieldBegin('userId', TType::STRING, 4);
+ $xfer += $output->writeFieldBegin('userId', TType::STRING, 3);
$xfer += $output->writeString($this->userId);
$xfer += $output->writeFieldEnd();
}
- if ($this->isRealmAdminCredentials !== null) {
- if (!is_object($this->isRealmAdminCredentials)) {
- throw new TProtocolException('Bad type in structure.', TProtocolException::INVALID_DATA);
- }
- $xfer += $output->writeFieldBegin('isRealmAdminCredentials', TType::STRUCT, 5);
- $xfer += $this->isRealmAdminCredentials->write($output);
- $xfer += $output->writeFieldEnd();
- }
$xfer += $output->writeFieldStop();
$xfer += $output->writeStructEnd();
return $xfer;
@@ -2338,4 +2369,506 @@ class IamAdminServices_updateUserProfile_result {
}
+class IamAdminServices_addRoleToUser_args {
+ static $_TSPEC;
+
+ /**
+ * @var \Airavata\Model\Security\AuthzToken
+ */
+ public $authzToken = null;
+ /**
+ * @var string
+ */
+ public $username = null;
+ /**
+ * @var string
+ */
+ public $roleName = null;
+
+ public function __construct($vals=null) {
+ if (!isset(self::$_TSPEC)) {
+ self::$_TSPEC = array(
+ 1 => array(
+ 'var' => 'authzToken',
+ 'type' => TType::STRUCT,
+ 'class' => '\Airavata\Model\Security\AuthzToken',
+ ),
+ 2 => array(
+ 'var' => 'username',
+ 'type' => TType::STRING,
+ ),
+ 3 => array(
+ 'var' => 'roleName',
+ 'type' => TType::STRING,
+ ),
+ );
+ }
+ if (is_array($vals)) {
+ if (isset($vals['authzToken'])) {
+ $this->authzToken = $vals['authzToken'];
+ }
+ if (isset($vals['username'])) {
+ $this->username = $vals['username'];
+ }
+ if (isset($vals['roleName'])) {
+ $this->roleName = $vals['roleName'];
+ }
+ }
+ }
+
+ public function getName() {
+ return 'IamAdminServices_addRoleToUser_args';
+ }
+
+ public function read($input)
+ {
+ $xfer = 0;
+ $fname = null;
+ $ftype = 0;
+ $fid = 0;
+ $xfer += $input->readStructBegin($fname);
+ while (true)
+ {
+ $xfer += $input->readFieldBegin($fname, $ftype, $fid);
+ if ($ftype == TType::STOP) {
+ break;
+ }
+ switch ($fid)
+ {
+ case 1:
+ if ($ftype == TType::STRUCT) {
+ $this->authzToken = new \Airavata\Model\Security\AuthzToken();
+ $xfer += $this->authzToken->read($input);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 2:
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->username);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 3:
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->roleName);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ default:
+ $xfer += $input->skip($ftype);
+ break;
+ }
+ $xfer += $input->readFieldEnd();
+ }
+ $xfer += $input->readStructEnd();
+ return $xfer;
+ }
+
+ public function write($output) {
+ $xfer = 0;
+ $xfer += $output->writeStructBegin('IamAdminServices_addRoleToUser_args');
+ if ($this->authzToken !== null) {
+ if (!is_object($this->authzToken)) {
+ throw new TProtocolException('Bad type in structure.', TProtocolException::INVALID_DATA);
+ }
+ $xfer += $output->writeFieldBegin('authzToken', TType::STRUCT, 1);
+ $xfer += $this->authzToken->write($output);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->username !== null) {
+ $xfer += $output->writeFieldBegin('username', TType::STRING, 2);
+ $xfer += $output->writeString($this->username);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->roleName !== null) {
+ $xfer += $output->writeFieldBegin('roleName', TType::STRING, 3);
+ $xfer += $output->writeString($this->roleName);
+ $xfer += $output->writeFieldEnd();
+ }
+ $xfer += $output->writeFieldStop();
+ $xfer += $output->writeStructEnd();
+ return $xfer;
+ }
+
+}
+
+class IamAdminServices_addRoleToUser_result {
+ static $_TSPEC;
+
+ /**
+ * @var bool
+ */
+ public $success = null;
+ /**
+ * @var \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException
+ */
+ public $Idse = null;
+ /**
+ * @var \Airavata\API\Error\AuthorizationException
+ */
+ public $ae = null;
+
+ public function __construct($vals=null) {
+ if (!isset(self::$_TSPEC)) {
+ self::$_TSPEC = array(
+ 0 => array(
+ 'var' => 'success',
+ 'type' => TType::BOOL,
+ ),
+ 1 => array(
+ 'var' => 'Idse',
+ 'type' => TType::STRUCT,
+ 'class' => '\Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException',
+ ),
+ 2 => array(
+ 'var' => 'ae',
+ 'type' => TType::STRUCT,
+ 'class' => '\Airavata\API\Error\AuthorizationException',
+ ),
+ );
+ }
+ if (is_array($vals)) {
+ if (isset($vals['success'])) {
+ $this->success = $vals['success'];
+ }
+ if (isset($vals['Idse'])) {
+ $this->Idse = $vals['Idse'];
+ }
+ if (isset($vals['ae'])) {
+ $this->ae = $vals['ae'];
+ }
+ }
+ }
+
+ public function getName() {
+ return 'IamAdminServices_addRoleToUser_result';
+ }
+
+ public function read($input)
+ {
+ $xfer = 0;
+ $fname = null;
+ $ftype = 0;
+ $fid = 0;
+ $xfer += $input->readStructBegin($fname);
+ while (true)
+ {
+ $xfer += $input->readFieldBegin($fname, $ftype, $fid);
+ if ($ftype == TType::STOP) {
+ break;
+ }
+ switch ($fid)
+ {
+ case 0:
+ if ($ftype == TType::BOOL) {
+ $xfer += $input->readBool($this->success);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 1:
+ if ($ftype == TType::STRUCT) {
+ $this->Idse = new \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException();
+ $xfer += $this->Idse->read($input);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 2:
+ if ($ftype == TType::STRUCT) {
+ $this->ae = new \Airavata\API\Error\AuthorizationException();
+ $xfer += $this->ae->read($input);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ default:
+ $xfer += $input->skip($ftype);
+ break;
+ }
+ $xfer += $input->readFieldEnd();
+ }
+ $xfer += $input->readStructEnd();
+ return $xfer;
+ }
+
+ public function write($output) {
+ $xfer = 0;
+ $xfer += $output->writeStructBegin('IamAdminServices_addRoleToUser_result');
+ if ($this->success !== null) {
+ $xfer += $output->writeFieldBegin('success', TType::BOOL, 0);
+ $xfer += $output->writeBool($this->success);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->Idse !== null) {
+ $xfer += $output->writeFieldBegin('Idse', TType::STRUCT, 1);
+ $xfer += $this->Idse->write($output);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->ae !== null) {
+ $xfer += $output->writeFieldBegin('ae', TType::STRUCT, 2);
+ $xfer += $this->ae->write($output);
+ $xfer += $output->writeFieldEnd();
+ }
+ $xfer += $output->writeFieldStop();
+ $xfer += $output->writeStructEnd();
+ return $xfer;
+ }
+
+}
+
+class IamAdminServices_removeRoleFromUser_args {
+ static $_TSPEC;
+
+ /**
+ * @var \Airavata\Model\Security\AuthzToken
+ */
+ public $authzToken = null;
+ /**
+ * @var string
+ */
+ public $username = null;
+ /**
+ * @var string
+ */
+ public $roleName = null;
+
+ public function __construct($vals=null) {
+ if (!isset(self::$_TSPEC)) {
+ self::$_TSPEC = array(
+ 1 => array(
+ 'var' => 'authzToken',
+ 'type' => TType::STRUCT,
+ 'class' => '\Airavata\Model\Security\AuthzToken',
+ ),
+ 2 => array(
+ 'var' => 'username',
+ 'type' => TType::STRING,
+ ),
+ 3 => array(
+ 'var' => 'roleName',
+ 'type' => TType::STRING,
+ ),
+ );
+ }
+ if (is_array($vals)) {
+ if (isset($vals['authzToken'])) {
+ $this->authzToken = $vals['authzToken'];
+ }
+ if (isset($vals['username'])) {
+ $this->username = $vals['username'];
+ }
+ if (isset($vals['roleName'])) {
+ $this->roleName = $vals['roleName'];
+ }
+ }
+ }
+
+ public function getName() {
+ return 'IamAdminServices_removeRoleFromUser_args';
+ }
+
+ public function read($input)
+ {
+ $xfer = 0;
+ $fname = null;
+ $ftype = 0;
+ $fid = 0;
+ $xfer += $input->readStructBegin($fname);
+ while (true)
+ {
+ $xfer += $input->readFieldBegin($fname, $ftype, $fid);
+ if ($ftype == TType::STOP) {
+ break;
+ }
+ switch ($fid)
+ {
+ case 1:
+ if ($ftype == TType::STRUCT) {
+ $this->authzToken = new \Airavata\Model\Security\AuthzToken();
+ $xfer += $this->authzToken->read($input);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 2:
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->username);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 3:
+ if ($ftype == TType::STRING) {
+ $xfer += $input->readString($this->roleName);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ default:
+ $xfer += $input->skip($ftype);
+ break;
+ }
+ $xfer += $input->readFieldEnd();
+ }
+ $xfer += $input->readStructEnd();
+ return $xfer;
+ }
+
+ public function write($output) {
+ $xfer = 0;
+ $xfer += $output->writeStructBegin('IamAdminServices_removeRoleFromUser_args');
+ if ($this->authzToken !== null) {
+ if (!is_object($this->authzToken)) {
+ throw new TProtocolException('Bad type in structure.', TProtocolException::INVALID_DATA);
+ }
+ $xfer += $output->writeFieldBegin('authzToken', TType::STRUCT, 1);
+ $xfer += $this->authzToken->write($output);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->username !== null) {
+ $xfer += $output->writeFieldBegin('username', TType::STRING, 2);
+ $xfer += $output->writeString($this->username);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->roleName !== null) {
+ $xfer += $output->writeFieldBegin('roleName', TType::STRING, 3);
+ $xfer += $output->writeString($this->roleName);
+ $xfer += $output->writeFieldEnd();
+ }
+ $xfer += $output->writeFieldStop();
+ $xfer += $output->writeStructEnd();
+ return $xfer;
+ }
+
+}
+
+class IamAdminServices_removeRoleFromUser_result {
+ static $_TSPEC;
+
+ /**
+ * @var bool
+ */
+ public $success = null;
+ /**
+ * @var \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException
+ */
+ public $Idse = null;
+ /**
+ * @var \Airavata\API\Error\AuthorizationException
+ */
+ public $ae = null;
+
+ public function __construct($vals=null) {
+ if (!isset(self::$_TSPEC)) {
+ self::$_TSPEC = array(
+ 0 => array(
+ 'var' => 'success',
+ 'type' => TType::BOOL,
+ ),
+ 1 => array(
+ 'var' => 'Idse',
+ 'type' => TType::STRUCT,
+ 'class' => '\Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException',
+ ),
+ 2 => array(
+ 'var' => 'ae',
+ 'type' => TType::STRUCT,
+ 'class' => '\Airavata\API\Error\AuthorizationException',
+ ),
+ );
+ }
+ if (is_array($vals)) {
+ if (isset($vals['success'])) {
+ $this->success = $vals['success'];
+ }
+ if (isset($vals['Idse'])) {
+ $this->Idse = $vals['Idse'];
+ }
+ if (isset($vals['ae'])) {
+ $this->ae = $vals['ae'];
+ }
+ }
+ }
+
+ public function getName() {
+ return 'IamAdminServices_removeRoleFromUser_result';
+ }
+
+ public function read($input)
+ {
+ $xfer = 0;
+ $fname = null;
+ $ftype = 0;
+ $fid = 0;
+ $xfer += $input->readStructBegin($fname);
+ while (true)
+ {
+ $xfer += $input->readFieldBegin($fname, $ftype, $fid);
+ if ($ftype == TType::STOP) {
+ break;
+ }
+ switch ($fid)
+ {
+ case 0:
+ if ($ftype == TType::BOOL) {
+ $xfer += $input->readBool($this->success);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 1:
+ if ($ftype == TType::STRUCT) {
+ $this->Idse = new \Airavata\Service\Iam\Admin\Services\CPI\Error\IamAdminServicesException();
+ $xfer += $this->Idse->read($input);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ case 2:
+ if ($ftype == TType::STRUCT) {
+ $this->ae = new \Airavata\API\Error\AuthorizationException();
+ $xfer += $this->ae->read($input);
+ } else {
+ $xfer += $input->skip($ftype);
+ }
+ break;
+ default:
+ $xfer += $input->skip($ftype);
+ break;
+ }
+ $xfer += $input->readFieldEnd();
+ }
+ $xfer += $input->readStructEnd();
+ return $xfer;
+ }
+
+ public function write($output) {
+ $xfer = 0;
+ $xfer += $output->writeStructBegin('IamAdminServices_removeRoleFromUser_result');
+ if ($this->success !== null) {
+ $xfer += $output->writeFieldBegin('success', TType::BOOL, 0);
+ $xfer += $output->writeBool($this->success);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->Idse !== null) {
+ $xfer += $output->writeFieldBegin('Idse', TType::STRUCT, 1);
+ $xfer += $this->Idse->write($output);
+ $xfer += $output->writeFieldEnd();
+ }
+ if ($this->ae !== null) {
+ $xfer += $output->writeFieldBegin('ae', TType::STRUCT, 2);
+ $xfer += $this->ae->write($output);
+ $xfer += $output->writeFieldEnd();
+ }
+ $xfer += $output->writeFieldStop();
+ $xfer += $output->writeStructEnd();
+ return $xfer;
+ }
+
+}
+
http://git-wip-us.apache.org/repos/asf/airavata/blob/78f08958/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Service/Profile/Tenant/CPI/TenantProfileService.php
----------------------------------------------------------------------
diff --git a/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Service/Profile/Tenant/CPI/TenantProfileService.php b/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Service/Profile/Tenant/CPI/TenantProfileService.php
index c367cad..40fd7fe 100644
--- a/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Service/Profile/Tenant/CPI/TenantProfileService.php
+++ b/airavata-api/airavata-client-sdks/airavata-php-sdk/src/main/resources/lib/Airavata/Service/Profile/Tenant/CPI/TenantProfileService.php
@@ -25,6 +25,8 @@ interface TenantProfileServiceIf {
*/
public function getAPIVersion(\Airavata\Model\Security\AuthzToken $authzToken);
/**
+ * Return the airavataInternalGatewayId assigned to given gateway.
+ *
* @param \Airavata\Model\Security\AuthzToken $authzToken
* @param \Airavata\Model\Workspace\Gateway $gateway
* @return string
http://git-wip-us.apache.org/repos/asf/airavata/blob/78f08958/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
index f8d2ca3..7cd6b5b 100644
--- a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
+++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
@@ -52,7 +52,6 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
private String superAdminRealmId = "master";
- // TODO: close Keycloak client once done with it?
private static Keycloak getClient(String adminUrl, String realm, PasswordCredential AdminPasswordCreds) {
ResteasyClient resteasyClient = new ResteasyClientBuilder()
@@ -92,9 +91,10 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
@Override
public Gateway addTenant(PasswordCredential isSuperAdminPasswordCreds, Gateway gatewayDetails) throws IamAdminServicesException {
+ Keycloak client = null;
try {
// get client
- Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), this.superAdminRealmId, isSuperAdminPasswordCreds);
+ client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), this.superAdminRealmId, isSuperAdminPasswordCreds);
// create realm
RealmRepresentation newRealmDetails = new RealmRepresentation();
newRealmDetails.setEnabled(true);
@@ -117,6 +117,10 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error creating Realm in Keycloak Server, reason: " + ex.getMessage());
throw exception;
+ } finally {
+ if (client != null) {
+ client.close();
+ }
}
}
@@ -150,8 +154,9 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
@Override
public boolean createTenantAdminAccount(PasswordCredential isSuperAdminPasswordCreds, Gateway gatewayDetails) throws IamAdminServicesException{
+ Keycloak client = null;
try{
- Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), this.superAdminRealmId, isSuperAdminPasswordCreds);
+ client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), this.superAdminRealmId, isSuperAdminPasswordCreds);
UserRepresentation user = new UserRepresentation();
user.setUsername(gatewayDetails.getIdentityServerUserName());
user.setFirstName(gatewayDetails.getGatewayAdminFirstName());
@@ -204,13 +209,18 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error creating Realm Admin Account in keycloak server, reason: " + ex.getMessage());
throw exception;
+ } finally {
+ if (client != null) {
+ client.close();
+ }
}
}
@Override
public Gateway configureClient(PasswordCredential isSuperAdminPasswordCreds, Gateway gatewayDetails) throws IamAdminServicesException{
+ Keycloak client = null;
try{
- Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), this.superAdminRealmId, isSuperAdminPasswordCreds);
+ client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), this.superAdminRealmId, isSuperAdminPasswordCreds);
ClientRepresentation pgaClient = new ClientRepresentation();
pgaClient.setName("pga");
pgaClient.setClientId("pga");
@@ -257,13 +267,18 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
throw exception;
+ } finally {
+ if (client != null) {
+ client.close();
+ }
}
}
@Override
public boolean createUser(PasswordCredential realmAdminCreds, String tenantId, String username, String emailAddress, String firstName, String lastName, String newPassword) throws IamAdminServicesException{
+ Keycloak client = null;
try{
- Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
+ client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
UserRepresentation user = new UserRepresentation();
user.setUsername(username);
user.setFirstName(firstName);
@@ -293,14 +308,19 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
throw exception;
+ } finally {
+ if (client != null) {
+ client.close();
+ }
}
return false;
}
@Override
public boolean enableUserAccount(PasswordCredential realmAdminCreds, String tenantId, String username) throws IamAdminServicesException{
+ Keycloak client = null;
try{
- Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
+ client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
List<UserRepresentation> userResourceList = client.realm(tenantId).users().search(username,0,1);
UserResource userResource = client.realm(tenantId).users().get(userResourceList.get(0).getId());
UserRepresentation profile = userResource.toRepresentation();
@@ -312,13 +332,18 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
throw exception;
+ } finally {
+ if (client != null) {
+ client.close();
+ }
}
}
@Override
public boolean resetUserPassword(PasswordCredential realmAdminCreds, String tenantId, String username, String newPassword) throws IamAdminServicesException{
+ Keycloak client = null;
try{
- Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
+ client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
List<UserRepresentation> retrieveUserList = client.realm(tenantId).users().search(username,
null,
null,
@@ -351,13 +376,18 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error resetting user password in keycloak server, reason: " + ex.getMessage());
throw exception;
+ } finally {
+ if (client != null) {
+ client.close();
+ }
}
}
@Override
public List<UserProfile> findUser(PasswordCredential realmAdminCreds, String tenantId, String email, String userName) throws IamAdminServicesException{
+ Keycloak client = null;
try{
- Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
+ client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
List<UserRepresentation> retrieveUserList = client.realm(tenantId).users().search(userName,
null,
null,
@@ -389,6 +419,10 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error finding user in keycloak server, reason: " + ex.getMessage());
throw exception;
+ } finally {
+ if (client != null) {
+ client.close();
+ }
}
}
@@ -430,4 +464,62 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
}
}
}
+
+ @Override
+ public boolean addRoleToUser(PasswordCredential realmAdminCreds, String tenantId, String username, String roleName) throws IamAdminServicesException {
+
+ Keycloak client = null;
+ try{
+ client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
+ List<UserRepresentation> retrieveCreatedUserList = client.realm(tenantId).users().search(username,
+ null,
+ null,
+ null,
+ 0, 1);
+ UserResource retrievedUser = client.realm(tenantId).users().get(retrieveCreatedUserList.get(0).getId());
+
+ // Add user to the role
+ RoleResource roleResource = client.realm(tenantId).roles().get(roleName);
+ retrievedUser.roles().realmLevel().add(Arrays.asList(roleResource.toRepresentation()));
+ return true;
+ } catch (ApplicationSettingsException ex) {
+ logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
+ IamAdminServicesException exception = new IamAdminServicesException();
+ exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
+ throw exception;
+ } finally {
+ if (client != null) {
+ client.close();
+ }
+ }
+ }
+
+ @Override
+ public boolean removeRoleFromUser(PasswordCredential realmAdminCreds, String tenantId, String username, String roleName) throws IamAdminServicesException {
+
+ Keycloak client = null;
+ try{
+ client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
+ List<UserRepresentation> retrieveCreatedUserList = client.realm(tenantId).users().search(username,
+ null,
+ null,
+ null,
+ 0, 1);
+ UserResource retrievedUser = client.realm(tenantId).users().get(retrieveCreatedUserList.get(0).getId());
+
+ // Remove role from user
+ RoleResource roleResource = client.realm(tenantId).roles().get(roleName);
+ retrievedUser.roles().realmLevel().remove(Arrays.asList(roleResource.toRepresentation()));
+ return true;
+ } catch (ApplicationSettingsException ex) {
+ logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
+ IamAdminServicesException exception = new IamAdminServicesException();
+ exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
+ throw exception;
+ } finally {
+ if (client != null) {
+ client.close();
+ }
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/airavata/blob/78f08958/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
index 5972dfe..7b5e34d 100644
--- a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
+++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
@@ -111,4 +111,28 @@ public interface TenantManagementInterface {
* @param userDetails
*/
void updateUserProfile(PasswordCredential realmAdminCreds, String tenantId, String username, UserProfile userDetails) throws IamAdminServicesException;
+
+ /**
+ * Add the given role to the user.
+ *
+ * @param realmAdminCreds
+ * @param tenantId
+ * @param username
+ * @param roleName
+ * @return
+ * @throws IamAdminServicesException
+ */
+ boolean addRoleToUser(PasswordCredential realmAdminCreds, String tenantId, String username, String roleName) throws IamAdminServicesException;
+
+ /**
+ * Remove the given role from the user.
+ *
+ * @param realmAdminCreds
+ * @param tenantId
+ * @param username
+ * @param roleName
+ * @return
+ * @throws IamAdminServicesException
+ */
+ boolean removeRoleFromUser(PasswordCredential realmAdminCreds, String tenantId, String username, String roleName) throws IamAdminServicesException;
}
http://git-wip-us.apache.org/repos/asf/airavata/blob/78f08958/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java b/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
index 57d8b8b..b2f33e6 100644
--- a/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
+++ b/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
@@ -173,6 +173,34 @@ public class IamAdminServicesHandler implements IamAdminServices.Iface {
}
}
+ @Override
+ public boolean addRoleToUser(AuthzToken authzToken, String username, String roleName) throws IamAdminServicesException, AuthorizationException, TException {
+ TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl();
+ String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
+ try{
+ PasswordCredential isRealmAdminCredentials = getTenantAdminPasswordCredential(gatewayId);
+ return keycloakclient.addRoleToUser(isRealmAdminCredentials, gatewayId, username, roleName);
+ } catch (TException|ApplicationSettingsException ex){
+ String msg = "Error while adding role to user, reason: " + ex.getMessage();
+ logger.error(msg, ex);
+ throw new IamAdminServicesException(msg);
+ }
+ }
+
+ @Override
+ public boolean removeRoleFromUser(AuthzToken authzToken, String username, String roleName) throws IamAdminServicesException, AuthorizationException, TException {
+ TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl();
+ String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
+ try{
+ PasswordCredential isRealmAdminCredentials = getTenantAdminPasswordCredential(gatewayId);
+ return keycloakclient.removeRoleFromUser(isRealmAdminCredentials, gatewayId, username, roleName);
+ } catch (TException|ApplicationSettingsException ex){
+ String msg = "Error while removing role from user, reason: " + ex.getMessage();
+ logger.error(msg, ex);
+ throw new IamAdminServicesException(msg);
+ }
+ }
+
private PasswordCredential getSuperAdminPasswordCredential() {
PasswordCredential isSuperAdminCredentials = new PasswordCredential();
try {