Merge pull request #663 from ashanthamara/actions

Restrict not implemented action types from Action Mangement APIs
wso2 · Sep 4, 2024 · 9dd3462 · 9dd3462
2 parents 97c49ec + 764fb85
commit 9dd3462
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 7 deletions.
diff --git a/...carbon/identity/api/server/action/management/v1/constants/ActionMgtEndpointConstants.java b/...carbon/identity/api/server/action/management/v1/constants/ActionMgtEndpointConstants.java
@@ -47,7 +47,12 @@ public enum ErrorMessage {
                 "Authentication property values cannot be empty."),
         ERROR_NO_ACTION_FOUND_ON_GIVEN_ACTION_TYPE_AND_ID("60004",
                 "Action is not found.",
-                "No action is found for given action id and action type");
+                "No action is found for given action id and action type"),
+
+        // Server errors.
+        ERROR_NOT_IMPLEMENTED_ACTION_TYPE("65001",
+                "Unable to perform the operation.",
+                "The requested action type is not currently supported by the server.");
 
         private final String code;
         private final String message;

diff --git a/...2/carbon/identity/api/server/action/management/v1/core/ServerActionManagementService.java b/...2/carbon/identity/api/server/action/management/v1/core/ServerActionManagementService.java
@@ -40,14 +40,17 @@
 
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import javax.ws.rs.core.Response;
 
 import static org.wso2.carbon.identity.api.server.action.management.v1.constants.ActionMgtEndpointConstants.ErrorMessage.ERROR_EMPTY_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES;
 import static org.wso2.carbon.identity.api.server.action.management.v1.constants.ActionMgtEndpointConstants.ErrorMessage.ERROR_INVALID_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES;
 import static org.wso2.carbon.identity.api.server.action.management.v1.constants.ActionMgtEndpointConstants.ErrorMessage.ERROR_INVALID_ACTION_ENDPOINT_AUTH_TYPE;
+import static org.wso2.carbon.identity.api.server.action.management.v1.constants.ActionMgtEndpointConstants.ErrorMessage.ERROR_NOT_IMPLEMENTED_ACTION_TYPE;
 import static org.wso2.carbon.identity.api.server.action.management.v1.constants.ActionMgtEndpointConstants.ErrorMessage.ERROR_NO_ACTION_FOUND_ON_GIVEN_ACTION_TYPE_AND_ID;
 
 /**
@@ -56,10 +59,19 @@
 public class ServerActionManagementService {
 
     private static final Log LOG = LogFactory.getLog(ServerActionManagementService.class);
+    private static final Set<String> NOT_IMPLEMENTED_ACTION_TYPES = new HashSet<>();
+
+    static {
+        NOT_IMPLEMENTED_ACTION_TYPES.add(Action.ActionTypes.PRE_UPDATE_PASSWORD.getPathParam());
+        NOT_IMPLEMENTED_ACTION_TYPES.add(Action.ActionTypes.PRE_UPDATE_PROFILE.getPathParam());
+        NOT_IMPLEMENTED_ACTION_TYPES.add(Action.ActionTypes.PRE_REGISTRATION.getPathParam());
+        NOT_IMPLEMENTED_ACTION_TYPES.add(Action.ActionTypes.AUTHENTICATION.getPathParam());
+    }
 
     public ActionResponse createAction(String actionType, ActionModel actionModel) {
 
         try {
+            handleNotImplementedActionTypes(actionType);
             return buildActionResponse(ActionManagementServiceHolder.getActionManagementService()
                     .addAction(actionType, buildAction(actionModel),
                             CarbonContext.getThreadLocalCarbonContext().getTenantDomain()));
@@ -71,6 +83,7 @@ public ActionResponse createAction(String actionType, ActionModel actionModel) {
     public List<ActionResponse> getActionsByActionType(String actionType) {
 
         try {
+            handleNotImplementedActionTypes(actionType);
             List<Action> actions = ActionManagementServiceHolder.getActionManagementService()
                     .getActionsByActionType(actionType,
                             CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
@@ -88,6 +101,7 @@ public List<ActionResponse> getActionsByActionType(String actionType) {
     public ActionResponse getActionByActionId(String actionType, String actionId) {
 
         try {
+            handleNotImplementedActionTypes(actionType);
             Action action = ActionManagementServiceHolder.getActionManagementService()
                     .getActionByActionId(actionType, actionId,
                             CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
@@ -106,6 +120,7 @@ public ActionResponse getActionByActionId(String actionType, String actionId) {
     public ActionResponse updateAction(String actionType, String actionId, ActionUpdateModel actionUpdateModel) {
 
         try {
+            handleNotImplementedActionTypes(actionType);
             return buildActionResponse(ActionManagementServiceHolder.getActionManagementService()
                     .updateAction(actionType, actionId, buildUpdatingAction(actionUpdateModel),
                             CarbonContext.getThreadLocalCarbonContext().getTenantDomain()));
@@ -117,6 +132,7 @@ public ActionResponse updateAction(String actionType, String actionId, ActionUpd
     public void deleteAction(String actionType, String actionId) {
 
         try {
+            handleNotImplementedActionTypes(actionType);
             ActionManagementServiceHolder.getActionManagementService().deleteAction(actionType, actionId,
                     CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
         } catch (ActionMgtException e) {
@@ -127,6 +143,7 @@ public void deleteAction(String actionType, String actionId) {
     public ActionBasicResponse activateAction(String actionType, String actionId) {
 
         try {
+            handleNotImplementedActionTypes(actionType);
             return buildActionBasicResponse(ActionManagementServiceHolder.getActionManagementService()
                     .activateAction(actionType, actionId,
                             CarbonContext.getThreadLocalCarbonContext().getTenantDomain()));
@@ -138,6 +155,7 @@ public ActionBasicResponse activateAction(String actionType, String actionId) {
     public ActionBasicResponse deactivateAction(String actionType, String actionId) {
 
         try {
+            handleNotImplementedActionTypes(actionType);
             return buildActionBasicResponse(ActionManagementServiceHolder.getActionManagementService()
                     .deactivateAction(actionType, actionId,
                             CarbonContext.getThreadLocalCarbonContext().getTenantDomain()));
@@ -158,12 +176,14 @@ public List<ActionTypesResponseItem> getActionTypes() {
             List<ActionTypesResponseItem> actionTypesResponseItems = new ArrayList<>();
             for (Action.ActionTypes actionType : Action.ActionTypes.values()) {
 
-                actionTypesResponseItems.add(new ActionTypesResponseItem()
-                        .type(ActionType.valueOf(actionType.getActionType()))
-                        .displayName(actionType.getDisplayName())
-                        .description(actionType.getDescription())
-                        .count(actionsCountPerType.getOrDefault(actionType.getActionType(), 0))
-                        .self(ActionMgtEndpointUtil.buildURIForActionType(actionType.getActionType())));
+                if (!NOT_IMPLEMENTED_ACTION_TYPES.contains(actionType.getPathParam())) {
+                    actionTypesResponseItems.add(new ActionTypesResponseItem()
+                            .type(ActionType.valueOf(actionType.getActionType()))
+                            .displayName(actionType.getDisplayName())
+                            .description(actionType.getDescription())
+                            .count(actionsCountPerType.getOrDefault(actionType.getActionType(), 0))
+                            .self(ActionMgtEndpointUtil.buildURIForActionType(actionType.getActionType())));
+                }
             }
 
             return actionTypesResponseItems;
@@ -176,6 +196,7 @@ public ActionResponse updateActionEndpointAuthentication(String actionType, Stri
                                                          AuthenticationTypeProperties authenticationTypeProperties) {
 
         try {
+            handleNotImplementedActionTypes(actionType);
             Authentication authentication = buildAuthentication(getAuthTypeFromPath(authType),
                     authenticationTypeProperties.getProperties());
             return buildActionResponse(ActionManagementServiceHolder.getActionManagementService()
@@ -352,4 +373,17 @@ private Authentication.Type getAuthTypeFromPath(String authType) {
                 .orElseThrow(() -> ActionMgtEndpointUtil.handleException(Response.Status.BAD_REQUEST,
                         ERROR_INVALID_ACTION_ENDPOINT_AUTH_TYPE));
     }
+
+    /**
+     * Handle not implemented action types.
+     *
+     * @param actionType Action type.
+     */
+    private void handleNotImplementedActionTypes(String actionType) {
+
+        if (NOT_IMPLEMENTED_ACTION_TYPES.contains(actionType)) {
+            throw ActionMgtEndpointUtil.handleException(Response.Status.NOT_IMPLEMENTED,
+                    ERROR_NOT_IMPLEMENTED_ACTION_TYPE);
+        }
+    }
 }