From 764fb8515de973a2badbbcffa6adb43f19f8af4f Mon Sep 17 00:00:00 2001 From: Ashan Thamara Palihakkara <75057725+ashanthamara@users.noreply.github.com> Date: Wed, 4 Sep 2024 23:43:28 +0530 Subject: [PATCH] Restrict not implemented action types --- .../constants/ActionMgtEndpointConstants.java | 7 ++- .../core/ServerActionManagementService.java | 46 ++++++++++++++++--- 2 files changed, 46 insertions(+), 7 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/constants/ActionMgtEndpointConstants.java b/components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/constants/ActionMgtEndpointConstants.java index c14e97ef1a..16e8085990 100644 --- a/components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/constants/ActionMgtEndpointConstants.java +++ b/components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/constants/ActionMgtEndpointConstants.java @@ -47,7 +47,12 @@ public enum ErrorMessage { "Authentication property values cannot be empty."), ERROR_NO_ACTION_FOUND_ON_GIVEN_ACTION_TYPE_AND_ID("60004", "Action is not found.", - "No action is found for given action id and action type"); + "No action is found for given action id and action type"), + + // Server errors. + ERROR_NOT_IMPLEMENTED_ACTION_TYPE("65001", + "Unable to perform the operation.", + "The requested action type is not currently supported by the server."); private final String code; private final String message; diff --git a/components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/core/ServerActionManagementService.java b/components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/core/ServerActionManagementService.java index 3b71a784ff..a4cf6ba42c 100644 --- a/components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/core/ServerActionManagementService.java +++ b/components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/core/ServerActionManagementService.java @@ -40,14 +40,17 @@ import java.util.ArrayList; import java.util.Arrays; +import java.util.HashSet; import java.util.List; import java.util.Map; +import java.util.Set; import javax.ws.rs.core.Response; import static org.wso2.carbon.identity.api.server.action.management.v1.constants.ActionMgtEndpointConstants.ErrorMessage.ERROR_EMPTY_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES; import static org.wso2.carbon.identity.api.server.action.management.v1.constants.ActionMgtEndpointConstants.ErrorMessage.ERROR_INVALID_ACTION_ENDPOINT_AUTHENTICATION_PROPERTIES; import static org.wso2.carbon.identity.api.server.action.management.v1.constants.ActionMgtEndpointConstants.ErrorMessage.ERROR_INVALID_ACTION_ENDPOINT_AUTH_TYPE; +import static org.wso2.carbon.identity.api.server.action.management.v1.constants.ActionMgtEndpointConstants.ErrorMessage.ERROR_NOT_IMPLEMENTED_ACTION_TYPE; import static org.wso2.carbon.identity.api.server.action.management.v1.constants.ActionMgtEndpointConstants.ErrorMessage.ERROR_NO_ACTION_FOUND_ON_GIVEN_ACTION_TYPE_AND_ID; /** @@ -56,10 +59,19 @@ public class ServerActionManagementService { private static final Log LOG = LogFactory.getLog(ServerActionManagementService.class); + private static final Set NOT_IMPLEMENTED_ACTION_TYPES = new HashSet<>(); + + static { + NOT_IMPLEMENTED_ACTION_TYPES.add(Action.ActionTypes.PRE_UPDATE_PASSWORD.getPathParam()); + NOT_IMPLEMENTED_ACTION_TYPES.add(Action.ActionTypes.PRE_UPDATE_PROFILE.getPathParam()); + NOT_IMPLEMENTED_ACTION_TYPES.add(Action.ActionTypes.PRE_REGISTRATION.getPathParam()); + NOT_IMPLEMENTED_ACTION_TYPES.add(Action.ActionTypes.AUTHENTICATION.getPathParam()); + } public ActionResponse createAction(String actionType, ActionModel actionModel) { try { + handleNotImplementedActionTypes(actionType); return buildActionResponse(ActionManagementServiceHolder.getActionManagementService() .addAction(actionType, buildAction(actionModel), CarbonContext.getThreadLocalCarbonContext().getTenantDomain())); @@ -71,6 +83,7 @@ public ActionResponse createAction(String actionType, ActionModel actionModel) { public List getActionsByActionType(String actionType) { try { + handleNotImplementedActionTypes(actionType); List actions = ActionManagementServiceHolder.getActionManagementService() .getActionsByActionType(actionType, CarbonContext.getThreadLocalCarbonContext().getTenantDomain()); @@ -88,6 +101,7 @@ public List getActionsByActionType(String actionType) { public ActionResponse getActionByActionId(String actionType, String actionId) { try { + handleNotImplementedActionTypes(actionType); Action action = ActionManagementServiceHolder.getActionManagementService() .getActionByActionId(actionType, actionId, CarbonContext.getThreadLocalCarbonContext().getTenantDomain()); @@ -106,6 +120,7 @@ public ActionResponse getActionByActionId(String actionType, String actionId) { public ActionResponse updateAction(String actionType, String actionId, ActionUpdateModel actionUpdateModel) { try { + handleNotImplementedActionTypes(actionType); return buildActionResponse(ActionManagementServiceHolder.getActionManagementService() .updateAction(actionType, actionId, buildUpdatingAction(actionUpdateModel), CarbonContext.getThreadLocalCarbonContext().getTenantDomain())); @@ -117,6 +132,7 @@ public ActionResponse updateAction(String actionType, String actionId, ActionUpd public void deleteAction(String actionType, String actionId) { try { + handleNotImplementedActionTypes(actionType); ActionManagementServiceHolder.getActionManagementService().deleteAction(actionType, actionId, CarbonContext.getThreadLocalCarbonContext().getTenantDomain()); } catch (ActionMgtException e) { @@ -127,6 +143,7 @@ public void deleteAction(String actionType, String actionId) { public ActionBasicResponse activateAction(String actionType, String actionId) { try { + handleNotImplementedActionTypes(actionType); return buildActionBasicResponse(ActionManagementServiceHolder.getActionManagementService() .activateAction(actionType, actionId, CarbonContext.getThreadLocalCarbonContext().getTenantDomain())); @@ -138,6 +155,7 @@ public ActionBasicResponse activateAction(String actionType, String actionId) { public ActionBasicResponse deactivateAction(String actionType, String actionId) { try { + handleNotImplementedActionTypes(actionType); return buildActionBasicResponse(ActionManagementServiceHolder.getActionManagementService() .deactivateAction(actionType, actionId, CarbonContext.getThreadLocalCarbonContext().getTenantDomain())); @@ -158,12 +176,14 @@ public List getActionTypes() { List actionTypesResponseItems = new ArrayList<>(); for (Action.ActionTypes actionType : Action.ActionTypes.values()) { - actionTypesResponseItems.add(new ActionTypesResponseItem() - .type(ActionType.valueOf(actionType.getActionType())) - .displayName(actionType.getDisplayName()) - .description(actionType.getDescription()) - .count(actionsCountPerType.getOrDefault(actionType.getActionType(), 0)) - .self(ActionMgtEndpointUtil.buildURIForActionType(actionType.getActionType()))); + if (!NOT_IMPLEMENTED_ACTION_TYPES.contains(actionType.getPathParam())) { + actionTypesResponseItems.add(new ActionTypesResponseItem() + .type(ActionType.valueOf(actionType.getActionType())) + .displayName(actionType.getDisplayName()) + .description(actionType.getDescription()) + .count(actionsCountPerType.getOrDefault(actionType.getActionType(), 0)) + .self(ActionMgtEndpointUtil.buildURIForActionType(actionType.getActionType()))); + } } return actionTypesResponseItems; @@ -176,6 +196,7 @@ public ActionResponse updateActionEndpointAuthentication(String actionType, Stri AuthenticationTypeProperties authenticationTypeProperties) { try { + handleNotImplementedActionTypes(actionType); Authentication authentication = buildAuthentication(getAuthTypeFromPath(authType), authenticationTypeProperties.getProperties()); return buildActionResponse(ActionManagementServiceHolder.getActionManagementService() @@ -352,4 +373,17 @@ private Authentication.Type getAuthTypeFromPath(String authType) { .orElseThrow(() -> ActionMgtEndpointUtil.handleException(Response.Status.BAD_REQUEST, ERROR_INVALID_ACTION_ENDPOINT_AUTH_TYPE)); } + + /** + * Handle not implemented action types. + * + * @param actionType Action type. + */ + private void handleNotImplementedActionTypes(String actionType) { + + if (NOT_IMPLEMENTED_ACTION_TYPES.contains(actionType)) { + throw ActionMgtEndpointUtil.handleException(Response.Status.NOT_IMPLEMENTED, + ERROR_NOT_IMPLEMENTED_ACTION_TYPE); + } + } }