You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2013/10/01 16:49:23 UTC
svn commit: r1528109 - in /syncope/trunk: ./
common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java
core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java
Author: ilgrosso
Date: Tue Oct 1 14:49:23 2013
New Revision: 1528109
URL: http://svn.apache.org/r1528109
Log:
[SYNCOPE-419] Merge from 1_1_X
Modified:
syncope/trunk/ (props changed)
syncope/trunk/common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java
syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java
Propchange: syncope/trunk/
------------------------------------------------------------------------------
Merged /syncope/branches/1_1_X:r1528106-1528107
Modified: syncope/trunk/common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java
URL: http://svn.apache.org/viewvc/syncope/trunk/common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java?rev=1528109&r1=1528108&r2=1528109&view=diff
==============================================================================
--- syncope/trunk/common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java (original)
+++ syncope/trunk/common/src/main/java/org/apache/syncope/common/types/SyncopeClientExceptionType.java Tue Oct 1 14:49:23 2013
@@ -63,6 +63,7 @@ public enum SyncopeClientExceptionType {
NotFound("Syncope.NotFound", "Syncope.NotFound.entity"),
RejectedUserCreate("Syncope.RejectUserCreate", "Syncope.RejectUserCreate.userId"),
RequiredValuesMissing("Syncope.RequiredValuesMissing", "Syncope.RequiredValuesMissing.attributeName"),
+ RoleOwnership("Syncope.RoleOwnership", "Syncope.RoleOwnership.role"),
Scheduling("Syncope.Scheduling", "Syncope.Scheduling.message"),
UnauthorizedRole("Syncope.UnauthorizedRole", "Syncope.UnauthorizedRole.id"),
Unauthorized("Syncope.Unauthorized", "Syncope.Unauthorized"),
Modified: syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java
URL: http://svn.apache.org/viewvc/syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java?rev=1528109&r1=1528108&r2=1528109&view=diff
==============================================================================
--- syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java (original)
+++ syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java Tue Oct 1 14:49:23 2013
@@ -24,6 +24,7 @@ import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
+import javax.ws.rs.core.Response;
import org.apache.syncope.common.mod.UserMod;
import org.apache.syncope.common.search.NodeCond;
import org.apache.syncope.common.services.InvalidSearchConditionException;
@@ -39,12 +40,17 @@ import org.apache.syncope.common.types.A
import org.apache.syncope.common.types.AuditElements.Result;
import org.apache.syncope.common.types.AuditElements.UserSubCategory;
import org.apache.syncope.common.types.ResourceOperation;
+import org.apache.syncope.common.types.SyncopeClientExceptionType;
+import org.apache.syncope.common.validation.SyncopeClientCompositeException;
+import org.apache.syncope.common.validation.SyncopeClientException;
import org.apache.syncope.core.audit.AuditManager;
import org.apache.syncope.core.connid.ConnObjectUtil;
import org.apache.syncope.core.notification.NotificationManager;
import org.apache.syncope.core.persistence.beans.PropagationTask;
+import org.apache.syncope.core.persistence.beans.role.SyncopeRole;
import org.apache.syncope.core.persistence.beans.user.SyncopeUser;
import org.apache.syncope.core.persistence.dao.AttributableSearchDAO;
+import org.apache.syncope.core.persistence.dao.RoleDAO;
import org.apache.syncope.core.persistence.dao.UserDAO;
import org.apache.syncope.core.propagation.PropagationByResource;
import org.apache.syncope.core.propagation.PropagationException;
@@ -84,6 +90,9 @@ public class UserController {
protected UserDAO userDAO;
@Autowired
+ protected RoleDAO roleDAO;
+
+ @Autowired
protected AttributableSearchDAO searchDAO;
@Autowired
@@ -512,6 +521,26 @@ public class UserController {
}
protected UserTO doDelete(final Long userId) {
+ List<SyncopeRole> ownedRoles = roleDAO.findOwned(binder.getUserFromId(userId));
+ if (!ownedRoles.isEmpty()) {
+ List<String> owned = new ArrayList<String>(ownedRoles.size());
+ for (SyncopeRole role : ownedRoles) {
+ owned.add(role.getId() + " " + role.getName());
+ }
+
+ auditManager.audit(Category.user, UserSubCategory.delete, Result.failure,
+ "Could not delete user: " + userId + " because of role(s) ownership " + owned);
+
+ SyncopeClientCompositeException sccee =
+ new SyncopeClientCompositeException(Response.Status.BAD_REQUEST.getStatusCode());
+
+ SyncopeClientException sce = new SyncopeClientException(SyncopeClientExceptionType.RoleOwnership);
+ sce.setElements(owned);
+ sccee.addException(sce);
+
+ throw sccee;
+ }
+
// Note here that we can only notify about "delete", not any other
// task defined in workflow process definition: this because this
// information could only be available after uwfAdapter.delete(), which