You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2013/10/01 16:49:23 UTC

svn commit: r1528109 - in /syncope/trunk: ./ common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java

Author: ilgrosso
Date: Tue Oct  1 14:49:23 2013
New Revision: 1528109

URL: http://svn.apache.org/r1528109
Log:
[SYNCOPE-419] Merge from 1_1_X

Modified:
    syncope/trunk/   (props changed)
    syncope/trunk/common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java
    syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java

Propchange: syncope/trunk/
------------------------------------------------------------------------------
  Merged /syncope/branches/1_1_X:r1528106-1528107

Modified: syncope/trunk/common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java
URL: http://svn.apache.org/viewvc/syncope/trunk/common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java?rev=1528109&r1=1528108&r2=1528109&view=diff
==============================================================================
--- syncope/trunk/common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java (original)
+++ syncope/trunk/common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java Tue Oct  1 14:49:23 2013
@@ -63,6 +63,7 @@ public enum SyncopeClientExceptionType {
     NotFound("Syncope.NotFound", "Syncope.NotFound.entity"),
     RejectedUserCreate("Syncope.RejectUserCreate", "Syncope.RejectUserCreate.userId"),
     RequiredValuesMissing("Syncope.RequiredValuesMissing", "Syncope.RequiredValuesMissing.attributeName"),
+    RoleOwnership("Syncope.RoleOwnership", "Syncope.RoleOwnership.role"),
     Scheduling("Syncope.Scheduling", "Syncope.Scheduling.message"),
     UnauthorizedRole("Syncope.UnauthorizedRole", "Syncope.UnauthorizedRole.id"),
     Unauthorized("Syncope.Unauthorized", "Syncope.Unauthorized"),

Modified: syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java
URL: http://svn.apache.org/viewvc/syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java?rev=1528109&r1=1528108&r2=1528109&view=diff
==============================================================================
--- syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java (original)
+++ syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java Tue Oct  1 14:49:23 2013
@@ -24,6 +24,7 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+import javax.ws.rs.core.Response;
 import org.apache.syncope.common.mod.UserMod;
 import org.apache.syncope.common.search.NodeCond;
 import org.apache.syncope.common.services.InvalidSearchConditionException;
@@ -39,12 +40,17 @@ import org.apache.syncope.common.types.A
 import org.apache.syncope.common.types.AuditElements.Result;
 import org.apache.syncope.common.types.AuditElements.UserSubCategory;
 import org.apache.syncope.common.types.ResourceOperation;
+import org.apache.syncope.common.types.SyncopeClientExceptionType;
+import org.apache.syncope.common.validation.SyncopeClientCompositeException;
+import org.apache.syncope.common.validation.SyncopeClientException;
 import org.apache.syncope.core.audit.AuditManager;
 import org.apache.syncope.core.connid.ConnObjectUtil;
 import org.apache.syncope.core.notification.NotificationManager;
 import org.apache.syncope.core.persistence.beans.PropagationTask;
+import org.apache.syncope.core.persistence.beans.role.SyncopeRole;
 import org.apache.syncope.core.persistence.beans.user.SyncopeUser;
 import org.apache.syncope.core.persistence.dao.AttributableSearchDAO;
+import org.apache.syncope.core.persistence.dao.RoleDAO;
 import org.apache.syncope.core.persistence.dao.UserDAO;
 import org.apache.syncope.core.propagation.PropagationByResource;
 import org.apache.syncope.core.propagation.PropagationException;
@@ -84,6 +90,9 @@ public class UserController {
     protected UserDAO userDAO;
 
     @Autowired
+    protected RoleDAO roleDAO;
+
+    @Autowired
     protected AttributableSearchDAO searchDAO;
 
     @Autowired
@@ -512,6 +521,26 @@ public class UserController {
     }
 
     protected UserTO doDelete(final Long userId) {
+        List<SyncopeRole> ownedRoles = roleDAO.findOwned(binder.getUserFromId(userId));
+        if (!ownedRoles.isEmpty()) {
+            List<String> owned = new ArrayList<String>(ownedRoles.size());
+            for (SyncopeRole role : ownedRoles) {
+                owned.add(role.getId() + " " + role.getName());
+            }
+
+            auditManager.audit(Category.user, UserSubCategory.delete, Result.failure,
+                    "Could not delete user: " + userId + " because of role(s) ownership " + owned);
+
+            SyncopeClientCompositeException sccee =
+                    new SyncopeClientCompositeException(Response.Status.BAD_REQUEST.getStatusCode());
+
+            SyncopeClientException sce = new SyncopeClientException(SyncopeClientExceptionType.RoleOwnership);
+            sce.setElements(owned);
+            sccee.addException(sce);
+
+            throw sccee;
+        }
+
         // Note here that we can only notify about "delete", not any other
         // task defined in workflow process definition: this because this
         // information could only be available after uwfAdapter.delete(), which