From 735591fce39ac80b1cec9cd720cf80d35fac6641 Mon Sep 17 00:00:00 2001 From: KaveeshaPiumini Date: Tue, 7 Jan 2025 14:14:03 +0530 Subject: [PATCH 1/4] Add support to filter by the account state disabled --- .../IdleAccountIdentificationConstants.java | 9 +- .../identification/v1/InactiveUsersApi.java | 11 +- .../v1/InactiveUsersApiService.java | 16 ++- .../InactiveUsersManagementApiService.java | 121 +++++++++++++++++- .../v1/impl/InactiveUsersApiServiceImpl.java | 17 ++- 5 files changed, 167 insertions(+), 7 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.common/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/common/util/IdleAccountIdentificationConstants.java b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.common/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/common/util/IdleAccountIdentificationConstants.java index 6704400d6e..e5b4bb3040 100644 --- a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.common/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/common/util/IdleAccountIdentificationConstants.java +++ b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.common/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/common/util/IdleAccountIdentificationConstants.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * Copyright (c) 2023-2025, WSO2 LLC. (http://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except @@ -28,6 +28,9 @@ public class IdleAccountIdentificationConstants { public static final String DATE_INACTIVE_AFTER = "inactiveAfter"; public static final String DATE_EXCLUDE_BEFORE = "excludeBefore"; public static final String DATE_FORMAT_REGEX = "^\\d{4}-\\d{2}-\\d{2}$"; + public static final String IS_DISABLED = "isDisabled"; + public static final String TRUE_VALUE = "true"; + public static final String FALSE_VALUE = "false"; /** * Enums for error messages. @@ -51,6 +54,10 @@ public enum ErrorMessage { "Invalid date combination is provided.", "The inactive after date must be before the exclude after date."), + ERROR_INVALID_FILTER("60005", + "Invalid filter value provided.", + "The filter value provided is invalid"), + // Server errors 650xx. ERROR_RETRIEVING_INACTIVE_USERS("65001", "Error while retrieving inactive users.", diff --git a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/gen/java/org/wso2/carbon/identity/api/idle/account/identification/v1/InactiveUsersApi.java b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/gen/java/org/wso2/carbon/identity/api/idle/account/identification/v1/InactiveUsersApi.java index 5eb47e452b..ec07c75116 100644 --- a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/gen/java/org/wso2/carbon/identity/api/idle/account/identification/v1/InactiveUsersApi.java +++ b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/gen/java/org/wso2/carbon/identity/api/idle/account/identification/v1/InactiveUsersApi.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * Copyright (c) 2023-2025, WSO2 LLC. (http://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except @@ -33,6 +33,7 @@ import javax.ws.rs.*; import javax.ws.rs.core.Response; import io.swagger.annotations.*; +import org.wso2.carbon.identity.idle.account.identification.exception.IdleAccountIdentificationClientException; import javax.validation.constraints.*; @@ -57,8 +58,12 @@ public class InactiveUsersApi { @ApiResponse(code = 403, message = "Resource Forbidden", response = Void.class), @ApiResponse(code = 500, message = "Internal Server Error", response = Error.class) }) - public Response getInactiveUsers( @Valid@ApiParam(value = "Latest active date of login.") @QueryParam("inactiveAfter") String inactiveAfter, @Valid@ApiParam(value = "Date to exclude the oldest inactive users.") @QueryParam("excludeBefore") String excludeBefore) { + public Response getInactiveUsers( + @Valid @ApiParam(value = "Latest active date of login.") @QueryParam("inactiveAfter") String inactiveAfter, + @Valid @ApiParam(value = "Date to exclude the oldest inactive users.") @QueryParam("excludeBefore") String excludeBefore, + @Valid @ApiParam(value = "Filter inactive users by account state disabled.") @QueryParam("filter") String filter) + throws IdleAccountIdentificationClientException { - return delegate.getInactiveUsers(inactiveAfter, excludeBefore ); + return delegate.getInactiveUsers(inactiveAfter, excludeBefore, filter); } } diff --git a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/gen/java/org/wso2/carbon/identity/api/idle/account/identification/v1/InactiveUsersApiService.java b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/gen/java/org/wso2/carbon/identity/api/idle/account/identification/v1/InactiveUsersApiService.java index ada01cc9d6..8632e10f3a 100644 --- a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/gen/java/org/wso2/carbon/identity/api/idle/account/identification/v1/InactiveUsersApiService.java +++ b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/gen/java/org/wso2/carbon/identity/api/idle/account/identification/v1/InactiveUsersApiService.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * Copyright (c) 2023-2025, WSO2 LLC. (http://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except @@ -27,9 +27,23 @@ import org.wso2.carbon.identity.api.idle.account.identification.v1.model.Error; import org.wso2.carbon.identity.api.idle.account.identification.v1.model.InactiveUser; import org.wso2.carbon.identity.api.idle.account.identification.v1.model.Unauthorized; +import org.wso2.carbon.identity.idle.account.identification.exception.IdleAccountIdentificationClientException; + import javax.ws.rs.core.Response; public interface InactiveUsersApiService { public Response getInactiveUsers(String inactiveAfter, String excludeBefore); + + /** + * Get inactive users list for a specified period. + * + * @param inactiveAfter The date after which the users are considered as inactive. + * @param excludeBefore The date before which the users are considered as inactive. (optional) + * @param filter Filter inactive users based isDisabled attribute. (optional) + * @return InactiveUser + * @throws IdleAccountIdentificationClientException If an error occurs while retrieving inactive users. + */ + Response getInactiveUsers(String inactiveAfter, String excludeBefore, String filter) + throws IdleAccountIdentificationClientException; } diff --git a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java index 31c2659538..c8d11acfea 100644 --- a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java +++ b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * Copyright (c) 2023-2025, WSO2 LLC. (http://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except @@ -26,11 +26,16 @@ import org.wso2.carbon.identity.api.idle.account.identification.v1.model.InactiveUser; import org.wso2.carbon.identity.api.server.common.error.APIError; import org.wso2.carbon.identity.api.server.common.error.ErrorResponse; +import org.wso2.carbon.identity.base.IdentityException; +import org.wso2.carbon.identity.core.model.ExpressionNode; +import org.wso2.carbon.identity.core.model.FilterTreeBuilder; +import org.wso2.carbon.identity.core.model.Node; import org.wso2.carbon.identity.idle.account.identification.exception.IdleAccountIdentificationClientException; import org.wso2.carbon.identity.idle.account.identification.exception.IdleAccountIdentificationException; import org.wso2.carbon.identity.idle.account.identification.exception.IdleAccountIdentificationServerException; import org.wso2.carbon.identity.idle.account.identification.models.InactiveUserModel; +import java.io.IOException; import java.time.LocalDate; import java.time.LocalDateTime; import java.time.format.DateTimeParseException; @@ -44,6 +49,9 @@ import static org.wso2.carbon.identity.api.idle.account.identification.common.util.IdleAccountIdentificationConstants.DATE_FORMAT_REGEX; import static org.wso2.carbon.identity.api.idle.account.identification.common.util.IdleAccountIdentificationConstants.DATE_INACTIVE_AFTER; import static org.wso2.carbon.identity.api.idle.account.identification.common.util.IdleAccountIdentificationConstants.ErrorMessage; +import static org.wso2.carbon.identity.api.idle.account.identification.common.util.IdleAccountIdentificationConstants.FALSE_VALUE; +import static org.wso2.carbon.identity.api.idle.account.identification.common.util.IdleAccountIdentificationConstants.IS_DISABLED; +import static org.wso2.carbon.identity.api.idle.account.identification.common.util.IdleAccountIdentificationConstants.TRUE_VALUE; /** * Calls internal osgi services to perform idle account identification management related operations. @@ -83,6 +91,41 @@ public List getInactiveUsers(String inactiveAfter, String excludeB } } + /** + * Get inactive users. + * + * @param inactiveAfter Latest active date of login. + * @param excludeBefore Date to exclude the oldest inactive users. + * @param tenantDomain Tenant domain. + * @return List of inactive users. + * @throws IdleAccountIdentificationClientException If an error occurs while retrieving inactive users. + */ + public List getInactiveUsers(String inactiveAfter, String excludeBefore, String tenantDomain, + String filter) throws IdleAccountIdentificationClientException { + + List expressionNodes = getExpressionNodes(filter); + if (validateExpressionNodes(expressionNodes)) { + boolean isDisabled = Boolean.parseBoolean(expressionNodes.get(0).getValue()); + List inactiveUsers; + try { + validateDates(inactiveAfter, excludeBefore); + LocalDateTime inactiveAfterDate = convertToDateObject(inactiveAfter, DATE_INACTIVE_AFTER); + LocalDateTime excludeBeforeDate = convertToDateObject(excludeBefore, DATE_EXCLUDE_BEFORE); + + validateDatesCombination(inactiveAfterDate, excludeBeforeDate); + + inactiveUsers = IdleAccountIdentificationServiceHolder.getIdleAccountIdentificationService() + .filterInactiveUsersIfDisabled(inactiveAfterDate, excludeBeforeDate, tenantDomain, isDisabled); + + return buildResponse(inactiveUsers); + } catch (IdleAccountIdentificationException e) { + throw handleIdleAccIdentificationException(e, ErrorMessage.ERROR_RETRIEVING_INACTIVE_USERS, + tenantDomain); + } + } + return getInactiveUsers(inactiveAfter, excludeBefore, tenantDomain); + } + /** * Validate the dates. * @@ -257,4 +300,80 @@ private void validateDatesCombination(LocalDateTime inactiveAfterDate, LocalDate String.format(error.getDescription())); } } + + /** + * Get the filter node as a list. + * + * @param filter value of the filter. + * @return node tree. + * @throws IdleAccountIdentificationClientException Error when validate filters. + */ + private List getExpressionNodes(String filter) throws IdleAccountIdentificationClientException { + + // Filter example : isDisabled eq true. + List expressionNodes = new ArrayList<>(); + FilterTreeBuilder filterTreeBuilder; + try { + if (StringUtils.isNotBlank(filter)) { + filterTreeBuilder = new FilterTreeBuilder(filter); + Node rootNode = filterTreeBuilder.buildTree(); + setExpressionNodeList(rootNode, expressionNodes); + } + } catch (IOException | IdentityException e) { + ErrorMessage error = ErrorMessage.ERROR_INVALID_FILTER; + throw new IdleAccountIdentificationClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription())); + } + return expressionNodes; + } + + /** + * Set the node values as list of expression. + * + * @param node filter node. + * @param expression list of expression. + * @throws IdleAccountIdentificationClientException Error when passing invalid filter. + */ + private void setExpressionNodeList(Node node, List expression) + throws IdleAccountIdentificationClientException { + + if (node instanceof ExpressionNode) { + if (StringUtils.isNotBlank(((ExpressionNode) node).getAttributeValue())) { + if (((ExpressionNode) node).getAttributeValue().contains(IS_DISABLED)) { + if (TRUE_VALUE.contains(((ExpressionNode) node).getValue())) { + ((ExpressionNode) node).setValue(TRUE_VALUE); + } else if (FALSE_VALUE.contains(((ExpressionNode) node).getValue())) { + ((ExpressionNode) node).setValue(FALSE_VALUE); + } else { + String message = "Invalid value: " + ((ExpressionNode) node).getValue() + "is passed for '" + + IS_DISABLED + "' attribute in the filter. It should be '" + TRUE_VALUE + "' or '" + + FALSE_VALUE + "'"; + ErrorMessage error = ErrorMessage.ERROR_INVALID_FILTER; + throw new IdleAccountIdentificationClientException(error.getCode(), error.getMessage(), + message); + } + } + } + expression.add((ExpressionNode) node); + } + } + + /** + * Validate the expression nodes. + * + * @param expressionNodes List of expression nodes. + * @return boolean. + * @throws IdleAccountIdentificationClientException Error when validate filters. + */ + private boolean validateExpressionNodes(List expressionNodes) + throws IdleAccountIdentificationClientException { + + if (expressionNodes.get(0).getAttributeValue().equals(IS_DISABLED)) { + return true; + } + + ErrorMessage error = ErrorMessage.ERROR_INVALID_FILTER; + throw new IdleAccountIdentificationClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription())); + } } diff --git a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/impl/InactiveUsersApiServiceImpl.java b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/impl/InactiveUsersApiServiceImpl.java index 849cfe15af..17ae630943 100644 --- a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/impl/InactiveUsersApiServiceImpl.java +++ b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/impl/InactiveUsersApiServiceImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com). + * Copyright (c) 2023-2025, WSO2 LLC. (http://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except @@ -22,6 +22,7 @@ import org.wso2.carbon.identity.api.idle.account.identification.common.ContextLoader; import org.wso2.carbon.identity.api.idle.account.identification.v1.InactiveUsersApiService; import org.wso2.carbon.identity.api.idle.account.identification.v1.core.InactiveUsersManagementApiService; +import org.wso2.carbon.identity.idle.account.identification.exception.IdleAccountIdentificationClientException; import javax.ws.rs.core.Response; @@ -40,4 +41,18 @@ public Response getInactiveUsers(String inactiveAfter, String excludeBefore) { return Response.ok().entity( inactiveUsersManagementApiService.getInactiveUsers(inactiveAfter, excludeBefore, tenantDomain)).build(); } + + @Override + public Response getInactiveUsers(String inactiveAfter, String excludeBefore, String filter) + throws IdleAccountIdentificationClientException { + + String tenantDomain = ContextLoader.getTenantDomainFromContext(); + + if (filter != null) { + return Response.ok().entity( + inactiveUsersManagementApiService.getInactiveUsers(inactiveAfter, excludeBefore, tenantDomain, + filter)).build(); + } + return getInactiveUsers(inactiveAfter, excludeBefore); + } } From c80df88f63765223531e1c40529cfbb3661fc0b7 Mon Sep 17 00:00:00 2001 From: Piumini Kaveesha Ranasinghe <62582918+KaveeshaPiumini@users.noreply.github.com> Date: Thu, 16 Jan 2025 12:08:27 +0530 Subject: [PATCH 2/4] Update governance version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 747685f38a..89415187f9 100644 --- a/pom.xml +++ b/pom.xml @@ -820,7 +820,7 @@ 2.3.1.wso2v1 1.4 1.2.4 - 1.11.21 + 1.11.27 7.7.73 3.0.5 1.12.0 From cbef9e9d206652061c156ea0d4e0de7e870a8fbb Mon Sep 17 00:00:00 2001 From: KaveeshaPiumini Date: Thu, 23 Jan 2025 14:26:34 +0530 Subject: [PATCH 3/4] Update Api Service Method --- .../InactiveUsersManagementApiService.java | 64 +++++++++---------- .../resources/idleAccountIdentification.yaml | 15 ++++- 2 files changed, 46 insertions(+), 33 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java index d57f61f26d..30680c6510 100644 --- a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java +++ b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java @@ -77,22 +77,8 @@ public InactiveUsersManagementApiService(IdleAccountIdentificationService idleAc */ public List getInactiveUsers(String inactiveAfter, String excludeBefore, String tenantDomain) { - List inactiveUsers = null; try { - validateDates(inactiveAfter, excludeBefore); - LocalDateTime inactiveAfterDate = convertToDateObject(inactiveAfter, DATE_INACTIVE_AFTER); - LocalDateTime excludeBeforeDate = convertToDateObject(excludeBefore, DATE_EXCLUDE_BEFORE); - - validateDatesCombination(inactiveAfterDate, excludeBeforeDate); - - if (excludeBeforeDate == null) { - inactiveUsers = idleAccountIdentificationService - .getInactiveUsersFromSpecificDate(inactiveAfterDate, tenantDomain); - } else { - inactiveUsers = idleAccountIdentificationService - .getLimitedInactiveUsersFromSpecificDate(inactiveAfterDate, excludeBeforeDate, tenantDomain); - } - return buildResponse(inactiveUsers); + return getInactiveUsers(inactiveAfter, excludeBefore, tenantDomain, null); } catch (IdleAccountIdentificationException e) { throw handleIdleAccIdentificationException(e, ErrorMessage.ERROR_RETRIEVING_INACTIVE_USERS, tenantDomain); } @@ -110,27 +96,41 @@ public List getInactiveUsers(String inactiveAfter, String excludeB public List getInactiveUsers(String inactiveAfter, String excludeBefore, String tenantDomain, String filter) throws IdleAccountIdentificationClientException { - List expressionNodes = getExpressionNodes(filter); - if (validateExpressionNodes(expressionNodes)) { - boolean isDisabled = Boolean.parseBoolean(expressionNodes.get(0).getValue()); - List inactiveUsers; - try { - validateDates(inactiveAfter, excludeBefore); - LocalDateTime inactiveAfterDate = convertToDateObject(inactiveAfter, DATE_INACTIVE_AFTER); - LocalDateTime excludeBeforeDate = convertToDateObject(excludeBefore, DATE_EXCLUDE_BEFORE); - - validateDatesCombination(inactiveAfterDate, excludeBeforeDate); + List inactiveUsers = null; + try { + validateDates(inactiveAfter, excludeBefore); + LocalDateTime inactiveAfterDate = convertToDateObject(inactiveAfter, DATE_INACTIVE_AFTER); + LocalDateTime excludeBeforeDate = convertToDateObject(excludeBefore, DATE_EXCLUDE_BEFORE); - inactiveUsers = IdleAccountIdentificationServiceHolder.getIdleAccountIdentificationService() - .filterInactiveUsersIfDisabled(inactiveAfterDate, excludeBeforeDate, tenantDomain, isDisabled); + validateDatesCombination(inactiveAfterDate, excludeBeforeDate); + if (filter == null) { + if (excludeBeforeDate == null) { + inactiveUsers = idleAccountIdentificationService + .getInactiveUsersFromSpecificDate(inactiveAfterDate, tenantDomain); + } else { + inactiveUsers = + idleAccountIdentificationService.getLimitedInactiveUsersFromSpecificDate(inactiveAfterDate, + excludeBeforeDate, tenantDomain); + } return buildResponse(inactiveUsers); - } catch (IdleAccountIdentificationException e) { - throw handleIdleAccIdentificationException(e, ErrorMessage.ERROR_RETRIEVING_INACTIVE_USERS, - tenantDomain); + } else { + List expressionNodes = getExpressionNodes(filter); + if (validateExpressionNodes(expressionNodes)) { + boolean isDisabled = Boolean.parseBoolean(expressionNodes.get(0).getValue()); + + inactiveUsers = IdleAccountIdentificationServiceHolder.getIdleAccountIdentificationService() + .filterInactiveUsersIfDisabled(inactiveAfterDate, excludeBeforeDate, tenantDomain, + isDisabled); + + return buildResponse(inactiveUsers); + } + return getInactiveUsers(inactiveAfter, excludeBefore, tenantDomain); } + + } catch (IdleAccountIdentificationException e) { + throw handleIdleAccIdentificationException(e, ErrorMessage.ERROR_RETRIEVING_INACTIVE_USERS, tenantDomain); } - return getInactiveUsers(inactiveAfter, excludeBefore, tenantDomain); } /** @@ -180,8 +180,8 @@ private void validateDateFormat(String dateString, String dateType) throws * * @param dateString Date as a string. * @param dateType Date type. - * @throws IdleAccountIdentificationClientException IdleAccIdentificationClientException. * @return List of inactive users. + * @throws IdleAccountIdentificationClientException IdleAccIdentificationClientException. */ private LocalDateTime convertToDateObject(String dateString, String dateType) throws IdleAccountIdentificationClientException { diff --git a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/resources/idleAccountIdentification.yaml b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/resources/idleAccountIdentification.yaml index e762d705cf..86190f319b 100644 --- a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/resources/idleAccountIdentification.yaml +++ b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/resources/idleAccountIdentification.yaml @@ -26,6 +26,7 @@ paths: get: tags: - Get inactive users + summary: Get inactive users description: Get inactive users list for a specified period. operationId: getInactiveUsers parameters: @@ -39,8 +40,20 @@ paths: name: excludeBefore schema: type: string - description: Date to exclude the oldest inactive users. + description: Exclude users whose last active date is before this date. example: 2023-01-01 + - in: query + name: filter + schema: + type: string + description: | + Filter inactive users based on whether their account state is DISABLED. + **Usage**: + - If `isDisabled eq true`: Returns inactive users whose accounts are disabled. + - If `isDisabled eq false`: Returns inactive users whose accounts are not disabled. + **NOTE**: + - The `filter` parameter can only be used as specified above. + example: isDisabled eq true responses: '200': $ref: '#/components/responses/Success' From dae16e880288e91c6195e098c02fe2d1d06d69fb Mon Sep 17 00:00:00 2001 From: KaveeshaPiumini Date: Fri, 24 Jan 2025 15:05:02 +0530 Subject: [PATCH 4/4] Code formatting --- .../InactiveUsersManagementApiService.java | 62 +++++++++---------- 1 file changed, 30 insertions(+), 32 deletions(-) diff --git a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java index 30680c6510..78e52e9ed4 100644 --- a/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java +++ b/components/org.wso2.carbon.identity.api.idle.account.identification/org.wso2.carbon.identity.api.idle.account.identification.v1/src/main/java/org/wso2/carbon/identity/api/idle/account/identification/v1/core/InactiveUsersManagementApiService.java @@ -114,19 +114,19 @@ public List getInactiveUsers(String inactiveAfter, String excludeB excludeBeforeDate, tenantDomain); } return buildResponse(inactiveUsers); - } else { - List expressionNodes = getExpressionNodes(filter); - if (validateExpressionNodes(expressionNodes)) { - boolean isDisabled = Boolean.parseBoolean(expressionNodes.get(0).getValue()); + } - inactiveUsers = IdleAccountIdentificationServiceHolder.getIdleAccountIdentificationService() - .filterInactiveUsersIfDisabled(inactiveAfterDate, excludeBeforeDate, tenantDomain, - isDisabled); + List expressionNodes = getExpressionNodes(filter); + if (validateExpressionNodes(expressionNodes)) { + boolean isDisabled = Boolean.parseBoolean(expressionNodes.get(0).getValue()); - return buildResponse(inactiveUsers); - } - return getInactiveUsers(inactiveAfter, excludeBefore, tenantDomain); + inactiveUsers = IdleAccountIdentificationServiceHolder.getIdleAccountIdentificationService() + .filterInactiveUsersIfDisabled(inactiveAfterDate, excludeBeforeDate, tenantDomain, + isDisabled); + + return buildResponse(inactiveUsers); } + return getInactiveUsers(inactiveAfter, excludeBefore, tenantDomain); } catch (IdleAccountIdentificationException e) { throw handleIdleAccIdentificationException(e, ErrorMessage.ERROR_RETRIEVING_INACTIVE_USERS, tenantDomain); @@ -320,16 +320,16 @@ private List getExpressionNodes(String filter) throws IdleAccoun // Filter example : isDisabled eq true. List expressionNodes = new ArrayList<>(); FilterTreeBuilder filterTreeBuilder; - try { - if (StringUtils.isNotBlank(filter)) { + if (StringUtils.isNotBlank(filter)) { + try { filterTreeBuilder = new FilterTreeBuilder(filter); Node rootNode = filterTreeBuilder.buildTree(); setExpressionNodeList(rootNode, expressionNodes); + } catch (IOException | IdentityException e) { + ErrorMessage error = ErrorMessage.ERROR_INVALID_FILTER; + throw new IdleAccountIdentificationClientException(error.getCode(), error.getMessage(), + String.format(error.getDescription())); } - } catch (IOException | IdentityException e) { - ErrorMessage error = ErrorMessage.ERROR_INVALID_FILTER; - throw new IdleAccountIdentificationClientException(error.getCode(), error.getMessage(), - String.format(error.getDescription())); } return expressionNodes; } @@ -344,21 +344,19 @@ private List getExpressionNodes(String filter) throws IdleAccoun private void setExpressionNodeList(Node node, List expression) throws IdleAccountIdentificationClientException { - if (node instanceof ExpressionNode) { - if (StringUtils.isNotBlank(((ExpressionNode) node).getAttributeValue())) { - if (((ExpressionNode) node).getAttributeValue().contains(IS_DISABLED)) { - if (TRUE_VALUE.contains(((ExpressionNode) node).getValue())) { - ((ExpressionNode) node).setValue(TRUE_VALUE); - } else if (FALSE_VALUE.contains(((ExpressionNode) node).getValue())) { - ((ExpressionNode) node).setValue(FALSE_VALUE); - } else { - String message = "Invalid value: " + ((ExpressionNode) node).getValue() + "is passed for '" + - IS_DISABLED + "' attribute in the filter. It should be '" + TRUE_VALUE + "' or '" + - FALSE_VALUE + "'"; - ErrorMessage error = ErrorMessage.ERROR_INVALID_FILTER; - throw new IdleAccountIdentificationClientException(error.getCode(), error.getMessage(), - message); - } + if (node instanceof ExpressionNode && StringUtils.isNotBlank(((ExpressionNode) node).getAttributeValue())) { + if (((ExpressionNode) node).getAttributeValue().contains(IS_DISABLED)) { + if (TRUE_VALUE.contains(((ExpressionNode) node).getValue())) { + ((ExpressionNode) node).setValue(TRUE_VALUE); + } else if (FALSE_VALUE.contains(((ExpressionNode) node).getValue())) { + ((ExpressionNode) node).setValue(FALSE_VALUE); + } else { + String message = "Invalid value: " + ((ExpressionNode) node).getValue() + "is passed for '" + + IS_DISABLED + "' attribute in the filter. It should be '" + TRUE_VALUE + "' or '" + + FALSE_VALUE + "'"; + ErrorMessage error = ErrorMessage.ERROR_INVALID_FILTER; + throw new IdleAccountIdentificationClientException(error.getCode(), error.getMessage(), + message); } } expression.add((ExpressionNode) node); @@ -375,7 +373,7 @@ private void setExpressionNodeList(Node node, List expression) private boolean validateExpressionNodes(List expressionNodes) throws IdleAccountIdentificationClientException { - if (expressionNodes.get(0).getAttributeValue().equals(IS_DISABLED)) { + if (IS_DISABLED.equals(expressionNodes.get(0).getAttributeValue())) { return true; }