On Fri, Sep 18, 2015 at 9:25 AM, Nuwan Dias <nuw...@wso2.com> wrote:
> Adding Jo
>
> On Thu, Sep 17, 2015 at 5:27 PM, Harshan Liyanage <hars...@wso2.com>
> wrote:
>
>> Hi,
>>
>> We have a requirement to automatically publish APIs when the EMM server
>> starts-up. We need to also add the scopes to APIs when its get published.
>> For that we are calling addAPI method if its a new API or updateAPI method
>> if that API already exists (in APIProvider implementation).
>>
>> This is working fine in the first server start-up. But when I restart the
>> EMM server all the added scopes to an API is lost from related database
>> tables. After analyzing the issue I've found out that the updateScopes
>> method in [1] deletes all existing scopes of an API and then adding the
>> updated scopes to the API using URI templates (api.getUriTemplates()). But
>> in addAPI method, it uses api.getScopes() to add the scope data to the
>> database. If I change the line
>> "addScopes(api.getUriTemplates(),apiId,tenantId);" to
>> "addScopes(api.getScopes(),apiId,tenantId);" this functionality works fine.
>> So is there a specific reason to populate scopes of a updated API using
>> api.getUriTemplates()?
>>
>
Well, IMO, if there's some change introduced to the "resources" as part of
the "update" event, then it might make sense to remove scopes, etc just to
make sure that the changes introduced wouldn't make it possible for people
who are not intended to have access to those, get access to them. If not,
this looks like a bug.
>
>> public void updateScopes(API api, int tenantId) throws
>> APIManagementException {
>>
>> Connection connection = null;
>> PreparedStatement prepStmt = null;
>> int apiId = -1;
>> String deleteScopes = "DELETE FROM IDN_OAUTH2_SCOPE WHERE SCOPE_ID IN (
>> SELECT SCOPE_ID FROM AM_API_SCOPES WHERE API_ID = ? )";
>> try {
>>
>> connection = APIMgtDBUtil.getConnection();
>>
>> connection.setAutoCommit(false);
>>
>> apiId = getAPIID(api.getId(),connection);
>>
>> if (apiId == -1) {
>>
>> //application addition has failed
>>
>> return;
>>
>> }
>>
>> prepStmt = connection.prepareStatement(deleteScopes);
>>
>> prepStmt.setInt(1,apiId);
>>
>> prepStmt.execute();
>>
>> prepStmt.close();
>>
>>
BTW, the above line seems redundant and inappropriate as prepStmt is anyway
closed in the finally block. ;). Also, there seem to be a few formatting
issues as well, which need to be fixed. ;)
> connection.commit();
>>
>> } catch (SQLException e) {
>>
>> handleException("Error while deleting Scopes for API : " +
>> api.getId().toString(), e);
>>
>> } finally {
>>
>> APIMgtDBUtil.closeAllConnections(prepStmt, connection, null);
>>
>> }
>> //addScopes(api.getScopes(),apiId,tenantId);
>> addScopes(api.getUriTemplates(),apiId,tenantId);
>>
>> }
>>
>> [1].
>> https://github.com/wso2/carbon-apimgt/blob/435163dd0f60058d8cfecbb0c4230984f0882fb6/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/dao/ApiMgtDAO.java
>>
>> Thanks,
>>
>> Harshan Liyanage
>> Software Engineer
>> Mobile: *+94724423048*
>> Email: hars...@wso2.com
>> Blog : http://harshanliyanage.blogspot.com/
>> *WSO2, Inc. :** wso2.com <http://wso2.com/>*
>> lean.enterprise.middleware.
>>
>
>
>
> --
> Nuwan Dias
>
> Technical Lead - WSO2, Inc. http://wso2.com
> email : nuw...@wso2.com
> Phone : +94 777 775 729
>
Cheers,
Prabath
--
Prabath Abeysekara
Technical Lead
WSO2 Inc.
Email: praba...@wso2.com
Mobile: +94774171471
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
