diff --git a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/pom.xml b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/pom.xml
index 4136f7d35..080ee01f3 100644
--- a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/pom.xml
+++ b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/pom.xml
@@ -60,6 +60,10 @@
org.wso2.carbon.identity.framework
org.wso2.carbon.identity.application.mgt
+
+ org.wso2.carbon.identity.framework
+ org.wso2.carbon.identity.application.authentication.framework
+
org.wso2.carbon.utils
org.wso2.carbon.database.utils
@@ -140,6 +144,7 @@
org.wso2.carbon.identity.application.common;version="${carbon.identity.package.import.version.range}",
org.wso2.carbon.identity.application.common.model;version="${carbon.identity.package.import.version.range}",
org.wso2.carbon.identity.application.mgt;version="${carbon.identity.package.import.version.range}",
+ org.wso2.carbon.identity.application.authentication.framework.util; version="${carbon.identity.package.import.version.range}",
org.wso2.carbon.identity.core;version="${carbon.identity.package.import.version.range}",
org.wso2.carbon.identity.core.util;version="${carbon.identity.package.import.version.range}",
org.wso2.carbon.identity.role.v2.mgt.core;version="${carbon.identity.package.import.version.range}",
@@ -151,6 +156,7 @@
org.wso2.carbon.identity.organization.management.service.constant;version="${org.wso2.identity.organization.mgt.core.imp.pkg.version.range}",
org.wso2.carbon.identity.organization.management.role.management.service;version="${org.wso2.identity.organization.mgt.imp.pkg.version.range}",
org.wso2.carbon.identity.organization.management.role.management.service.models;version="${org.wso2.identity.organization.mgt.imp.pkg.version.range}",
+ org.wso2.carbon.identity.organization.management.ext;version="${org.wso2.identity.organization.mgt.imp.pkg.version.range}",
org.wso2.carbon.user.api;version="${carbon.user.api.imp.pkg.version.range}",
org.wso2.carbon.user.core;version="${carbon.kernel.package.import.version.range}",
org.wso2.carbon.user.core.common;version="${carbon.kernel.package.import.version.range}",
diff --git a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/listener/SharingOrganizationCreatorUserEventHandler.java b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/listener/SharingOrganizationCreatorUserEventHandler.java
index fe6643e8c..4c5598413 100644
--- a/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/listener/SharingOrganizationCreatorUserEventHandler.java
+++ b/components/org.wso2.carbon.identity.organization.management.organization.user.sharing/src/main/java/org/wso2/carbon/identity/organization/management/organization/user/sharing/listener/SharingOrganizationCreatorUserEventHandler.java
@@ -21,9 +21,12 @@
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.ApplicationConstants;
+import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
+import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.event.IdentityEventException;
import org.wso2.carbon.identity.event.event.Event;
import org.wso2.carbon.identity.event.handler.AbstractEventHandler;
@@ -42,11 +45,14 @@
import org.wso2.carbon.identity.organization.management.service.util.Utils;
import org.wso2.carbon.identity.role.v2.mgt.core.RoleConstants;
import org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementException;
+import org.wso2.carbon.user.api.RealmConfiguration;
+import org.wso2.carbon.user.api.UserStoreException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Map;
+import static org.wso2.carbon.identity.organization.management.ext.Constants.EVENT_PROP_ORGANIZATION_ID;
import static org.wso2.carbon.identity.organization.management.role.management.service.constant.RoleManagementConstants.ORG_ADMINISTRATOR_ROLE;
import static org.wso2.carbon.identity.organization.management.role.management.service.constant.RoleManagementConstants.ORG_CREATOR_ROLE;
@@ -90,14 +96,18 @@ public void handleEvent(Event event) throws IdentityEventException {
} else {
if ("POST_SHARED_CONSOLE_APP".equals(eventName)) {
Map eventProperties = event.getEventProperties();
- orgId = (String) eventProperties.get("ORGANIZATION_ID");
+ orgId = (String) eventProperties.get(EVENT_PROP_ORGANIZATION_ID);
String tenantDomain = OrganizationUserSharingDataHolder.getInstance().getOrganizationManager()
.resolveTenantDomain(orgId);
if (!OrganizationManagementUtil.isOrganization(tenantDomain)) {
return;
}
- String associatedUserName = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
- String associatedUserId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserId();
+
+ RealmConfiguration realmConfiguration = OrganizationUserSharingDataHolder.getInstance()
+ .getRealmService().getTenantUserRealm(IdentityTenantUtil.getTenantId(tenantDomain))
+ .getRealmConfiguration();
+ String associatedUserName = realmConfiguration.getAdminUserName();
+ String associatedUserId = realmConfiguration.getAdminUserId();
String associatedOrgId = PrivilegedCarbonContext.getThreadLocalCarbonContext()
.getUserResidentOrganizationId();
if (StringUtils.isEmpty(associatedOrgId)) {
@@ -111,18 +121,31 @@ public void handleEvent(Event event) throws IdentityEventException {
String userId = userSharingService
.getUserAssociationOfAssociatedUserByOrgId(associatedUserId, orgId)
.getUserId();
- assignUserToAdminRole(userId, orgId, tenantDomain);
+ if (isAuthenticatedFromConsoleApp()) {
+ assignUserToConsoleAppAdminRole(userId, tenantDomain);
+ }
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
}
- } catch (OrganizationManagementException e) {
+ } catch (OrganizationManagementException | UserStoreException e) {
throw new IdentityEventException("An error occurred while sharing the organization creator to the " +
"organization : " + orgId, e);
}
}
+ private boolean isAuthenticatedFromConsoleApp() {
+
+ Object authenticatedAppFromThreadLocal = IdentityUtil.threadLocalProperties.get()
+ .get(FrameworkConstants.SERVICE_PROVIDER);
+ if (!(authenticatedAppFromThreadLocal instanceof String)) {
+ return false;
+ }
+ String authenticatedApp = (String) authenticatedAppFromThreadLocal;
+ return FrameworkConstants.Application.CONSOLE_APP.equals(authenticatedApp);
+ }
+
private Role buildOrgCreatorRole(String adminUUID) {
Role organizationCreatorRole = new Role();
@@ -165,7 +188,7 @@ private RoleManager getRoleManager() {
return OrganizationUserSharingDataHolder.getInstance().getRoleManager();
}
- private void assignUserToAdminRole(String userId, String organizationId, String tenantDomain)
+ private void assignUserToConsoleAppAdminRole(String userId, String tenantDomain)
throws IdentityEventException {
try {
diff --git a/pom.xml b/pom.xml
index d1490925e..d71258855 100644
--- a/pom.xml
+++ b/pom.xml
@@ -507,7 +507,7 @@
[1.0.0,2.0.0)
- 1.0.90
+ 1.0.94
[1.0.0,2.0.0)