Hi Franceso,
I do not have much experience with AOP but I experimented with it and added
a section to [2] to establish some logic to run after [1] as you suggested.
I am able to intercept any updates made to privileges after
that ApplicationLogic.update method has returned.
Here is the code block I added to [2]:
@AfterReturning(pointcut = "execution(*
org.apache.syncope.core.logic.ApplicationLogic.update(..))",
returning = "retVal")
public void after(Object retVal) throws Throwable {
LOG.info("After logic cut executed for jointPoint
ApplicationUpdate: "+ retVal.toString());
}
While this seems like a feasible solution, I had to override
*org.apache.syncope.core.logic.LogicInvocationHandler* in my project as
suggested here
<http://syncope.apache.org/docs/reference-guide.html#customization>.
I now have the following questions:
(a.) Ideally, I'd like to avoid managing upstream code and only extend
upstream logic with customizations. However, it is my understanding that an
Aspect can not extend a concrete Aspect such as LogicInvocationHandler. Do
you have suggestions on a workaround? Is there a way I can register
multiple Aspects in logicContext.xml bean initialization?
(b.) Longer term, do you think there is merit in having an issue track
having a ApplicationTO tracked as an EntityTOType or having some mechanism
to support LogicActions on Applications?
Regards,
[1]
https://github.com/apache/syncope/blob/syncope-2.1.6/core/logic/src/main/java/org/apache/syncope/core/logic/ApplicationLogic.java#L85
[2]
https://github.com/apache/syncope/blob/syncope-2.1.6/core/logic/src/main/java/org/apache/syncope/core/logic/LogicInvocationHandler.java#L55
Anmol
On Wed, 2 Sep 2020 at 12:45, Francesco Chicchiriccò <[email protected]>
wrote:
> On 01/09/20 19:04, anmols wrote:
> > Hello SMEs,
> >
> > I am new to Apache Syncope and I'm planning to use it for users and
> > permissions management for third-party applications.
> >
> > I am trying to model permissions for these applications as privileges
> that
> > are associated with roles assigned to a set to users/groups as described
> > here <http://syncope.apache.org/docs/2.1/reference-guide.html#privileges>
> .
> >
> > I want to trigger some custom logic every time that:
> > a.) A user gets added to/updated with/deleted from a role assignment.
> > b.) A privilege that is associated with certain role(s) gets updated.
> >
> > I am able to do (a.) using a custom implementation of LogicActions as
> > described here
> > <http://syncope.apache.org/docs/2.1/reference-guide.html#logicactions>
> in
> > the reference doc.
> >
> > I am wondering what is the best way to achieve (b.), i.e. how can I
> receive
> > a notification if the privileges for an application are updated such
> that I
> > can execute some custom logic?
> >
> > I read through the Notification
> > <http://syncope.apache.org/docs/2.1/reference-guide.html#notifications>
>
> > mechanism that is oriented towards sending emails but could not find an
> > appropriate entry point.
> >
> > I think I'm essentially looking for a LogicActions like hook for
> third-party
> > application privileges.
>
> Hi Anmol,
> it seems you went quite some far, good! :-)
>
> As you have already found out, there is no (yet?) "standard" and clean way
> to achieve (b).
>
> If you have some confidence with AOP, the first thing coming to my mind
> would be to define a logic cut around method [1], similar to what [2] does,
> but more retailed to [1].
>
> Does it sound as feasible?
> Regards.
>
> [1]
> https://github.com/apache/syncope/blob/syncope-2.1.6/core/logic/src/main/java/org/apache/syncope/core/logic/ApplicationLogic.java#L85
> [2]
> https://github.com/apache/syncope/blob/syncope-2.1.6/core/logic/src/main/java/org/apache/syncope/core/logic/LogicInvocationHandler.java#L55
>
> --
> Francesco Chicchiriccò
>
> Tirasa - Open Source Excellence
> http://www.tirasa.net/
>
> Member at The Apache Software Foundation
> Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
> http://home.apache.org/~ilgrosso/
>
>
--
- Anmol
