On 22/09/20 09:23, Anmol Sharma wrote: > Hi Francisco, > > I was able to verify that adding these annotations works and helps me > intercept the logic layer for application privilege updates.
Glad to hear this! > On Wed, Sep 9, 2020, 4:29 AM Francesco Chicchiriccò <ilgro...@apache.org > <mailto:ilgro...@apache.org>> wrote: > > Hi Anmol, > thanks for reporting the error message. So ,the simplest solution should > be to define your own class > > core/src/main/java/org/apache/syncope/core/logic/MyOwnCoolHandler.java > > not extending any other class. Ensure to annotate as > > @Aspect > @Component > > Essentially, you are defining an additional Aspect, which should not > interfere with LogicInvocationHandler. > > Please let me know if this approach works. > Regards. > > On 08/09/20 19:09, Anmol Sharma wrote: >> Hi Franceso, >> >> As I'd mentioned in my previous message, it is my understanding that an >> Aspect can not extend a concrete Aspect. I tried doing as you suggested and >> extended the /LogicInvocationHandler/ to /CustomLogicInvocationHandler/ and >> I see the following error: >> >> Caused by: org.springframework.beans.factory.BeanCreationException: >> Error creating bean with name >> 'org.springframework.transaction.annotation.AnnotationTransactionAttributeSource#0': >> BeanPostProcessor before instantiation of bean failed; *nested exception is >> org.springframework.aop.framework.AopConfigException*: >> [org.apache.syncope.core.logic.CustomLogicInvocationHandler] *cannot extend >> concrete aspect* [org.apache.syncope.core.logic.LogicInvocationHandler] >> >> Do you think there could be a workaround here or is hijacking >> /LogicInvocationHandler/ the only option under this circumstance? >> >> Thanks, >> Anmol >> >> On Sat, 5 Sep 2020 at 12:06, Francesco Chicchiriccò <ilgro...@apache.org >> <mailto:ilgro...@apache.org>> wrote: >> >> On 03/09/20 17:31, Anmol Sharma wrote: >>> Hi Franceso, >>> >>> I do not have much experience with AOP but I experimented with it >>> and added a section to [2] to establish some logic to run after [1] as you >>> suggested. I am able to intercept any updates made to privileges after that >>> ApplicationLogic.update method has returned. >>> >>> Here is the code block I added to [2]: >>> @AfterReturning(pointcut = "execution(* >>> org.apache.syncope.core.logic.ApplicationLogic.update(..))", returning = >>> "retVal") >>> public void after(Object retVal) throws Throwable { >>> LOG.info("After logic cut executed for jointPoint >>> ApplicationUpdate: "+ retVal.toString()); } >>> >>> While this seems like a feasible solution, I had to override >>> /org.apache.syncope.core.logic.LogicInvocationHandler/ in my project as >>> suggested here >>> <http://syncope.apache.org/docs/reference-guide.html#customization>. >>> >>> I now have the following questions: >>> (a.) Ideally, I'd like to avoid managing upstream code and only >>> extend upstream logic with customizations. However, it is my understanding >>> that an Aspect can not extend a concrete Aspect such as >>> LogicInvocationHandler. Do you have suggestions on a workaround? Is there a >>> way I can register multiple Aspects in logicContext.xml bean initialization? >> >> There is no need to hijack LogicInvocationHandler; just define your >> own >> >> >> core/src/main/java/org/apache/syncope/core/logic/MyOwnCoolHandler.java >> >> let it extend LogicInvocationHandler and ensure to set >> >> logicInvocationHandler=org.apache.syncope.core.logic.MyOwnCoolHandler >> >> in core/src/main/resources/logic.properties >> >>> (b.) Longer term, do you think there is merit in having an issue >>> track having a ApplicationTO tracked as an EntityTOType or having some >>> mechanism to support LogicActions on Applications? >> >> Honestly, this is the first time we hear such requirement, so I >> really don't know if this is going to happen anytime soon. >> >> Regards. >> >>> [1] >>> https://github.com/apache/syncope/blob/syncope-2.1.6/core/logic/src/main/java/org/apache/syncope/core/logic/ApplicationLogic.java#L85 >>> [2] >>> https://github.com/apache/syncope/blob/syncope-2.1.6/core/logic/src/main/java/org/apache/syncope/core/logic/LogicInvocationHandler.java#L55 >>> >>> Anmol >>> >>> On Wed, 2 Sep 2020 at 12:45, Francesco Chicchiriccò >>> <ilgro...@apache.org <mailto:ilgro...@apache.org>> wrote: >>> >>> On 01/09/20 19:04, anmols wrote: >>> > Hello SMEs, >>> > >>> > I am new to Apache Syncope and I'm planning to use it for >>> users and >>> > permissions management for third-party applications. >>> > >>> > I am trying to model permissions for these applications as >>> privileges that >>> > are associated with roles assigned to a set to users/groups >>> as described >>> > here >>> <http://syncope.apache.org/docs/2.1/reference-guide.html#privileges> . >>> > >>> > I want to trigger some custom logic every time that: >>> > a.) A user gets added to/updated with/deleted from a role >>> assignment. >>> > b.) A privilege that is associated with certain role(s) gets >>> updated. >>> > >>> > I am able to do (a.) using a custom implementation of >>> LogicActions as >>> > described here >>> > >>> <http://syncope.apache.org/docs/2.1/reference-guide.html#logicactions> in >>> > the reference doc. >>> > >>> > I am wondering what is the best way to achieve (b.), i.e. how >>> can I receive >>> > a notification if the privileges for an application are >>> updated such that I >>> > can execute some custom logic? >>> > >>> > I read through the Notification >>> > >>> <http://syncope.apache.org/docs/2.1/reference-guide.html#notifications> >>> > mechanism that is oriented towards sending emails but could >>> not find an >>> > appropriate entry point. >>> > >>> > I think I'm essentially looking for a LogicActions like hook >>> for third-party >>> > application privileges. >>> >>> Hi Anmol, >>> it seems you went quite some far, good! :-) >>> >>> As you have already found out, there is no (yet?) "standard" >>> and clean way to achieve (b). >>> >>> If you have some confidence with AOP, the first thing coming to >>> my mind would be to define a logic cut around method [1], similar to what >>> [2] does, but more retailed to [1]. >>> >>> Does it sound as feasible? >>> Regards. >>> >>> [1] >>> https://github.com/apache/syncope/blob/syncope-2.1.6/core/logic/src/main/java/org/apache/syncope/core/logic/ApplicationLogic.java#L85 >>> [2] >>> https://github.com/apache/syncope/blob/syncope-2.1.6/core/logic/src/main/java/org/apache/syncope/core/logic/LogicInvocationHandler.java#L55 >>> -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/
