Fixes wso2/product-apim#5452 Sample API issue and adding review comments

malinthaprasan · Sep 2, 2019 · 717ca88 · 717ca88
1 parent 656e6ca
commit 717ca88
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 23 deletions.
diff --git a/...1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ApisApiServiceImpl.java b/...1/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/v1/impl/ApisApiServiceImpl.java
@@ -1525,11 +1525,14 @@ public Response apisApiIdSwaggerPut(String apiId, String apiDefinition, String i
             Set<Scope> scopes = oasParser.getScopes(apiDefinition);
             //validating scope roles
             for (Scope scope : scopes) {
-                for (String aRole : scope.getRoles().split(",")) {
-                    boolean isValidRole = APIUtil.isRoleNameExist(RestApiUtil.getLoggedInUsername(), aRole);
-                    if (!isValidRole) {
-                        String error = "Role '" + aRole + "' Does not exist.";
-                        RestApiUtil.handleBadRequest(error, log);
+                String roles = scope.getRoles();
+                if (roles != null) {
+                    for (String aRole : roles.split(",")) {
+                        boolean isValidRole = APIUtil.isRoleNameExist(RestApiUtil.getLoggedInUsername(), aRole);
+                        if (!isValidRole) {
+                            String error = "Role '" + aRole + "' Does not exist.";
+                            RestApiUtil.handleBadRequest(error, log);
+                        }
                     }
                 }
             }

diff --git a/.../org/wso2/carbon/apimgt/rest/api/util/interceptors/SubscriberRegistrationInterceptor.java b/.../org/wso2/carbon/apimgt/rest/api/util/interceptors/SubscriberRegistrationInterceptor.java
@@ -36,6 +36,7 @@
 public class SubscriberRegistrationInterceptor extends AbstractPhaseInterceptor {
 
     private static final Log logger = LogFactory.getLog(SubscriberRegistrationInterceptor.class);
+    private static final String LOCK_POSTFIX = "_SubscriberRegistration";
 
     public SubscriberRegistrationInterceptor() {
         //We will use PRE_INVOKE phase as we need to process message before hit actual service
@@ -73,7 +74,7 @@ public void handleMessage(Message message) {
             APIConsumer apiConsumer = RestApiUtil.getLoggedInUserConsumer();
             Subscriber subscriber = apiConsumer.getSubscriber(username);
             if (subscriber == null) {
-                synchronized (this) {
+                synchronized (username + LOCK_POSTFIX) {
                     subscriber = apiConsumer.getSubscriber(username);
                     if (subscriber == null) {
                         try {

diff --git a/...esources/publisher-new/source/src/app/components/Apis/Listing/SampleAPI/SamplePetStore.js b/...esources/publisher-new/source/src/app/components/Apis/Listing/SampleAPI/SamplePetStore.js
@@ -40,7 +40,6 @@ const getSwagger = policyLevel => ({
                         description: 'Unsupported Media Type. The entity of the request was in a not supported format.',
                     },
                 },
-                security: [{ pizzashack_auth: ['write:order', 'read:order'] }],
             },
         },
         '/menu': {
@@ -68,7 +67,6 @@ const getSwagger = policyLevel => ({
                         description: 'Not Acceptable. The requested media type is not supported',
                     },
                 },
-                security: [{ pizzashack_auth: ['read:menu'] }],
             },
         },
         '/order/{orderId}': {
@@ -123,7 +121,6 @@ const getSwagger = policyLevel => ({
                             'of the preconditions is not met.',
                     },
                 },
-                security: [{ pizzashack_auth: ['write:order', 'read:order'] }],
             },
             get: {
                 'x-auth-type': 'Application & Application User',
@@ -159,7 +156,6 @@ const getSwagger = policyLevel => ({
                         description: 'Not Acceptable. The requested media type is not supported',
                     },
                 },
-                security: [{ pizzashack_auth: ['write:order', 'read:order'] }],
             },
             delete: {
                 'x-auth-type': 'Application & Application User',
@@ -190,25 +186,12 @@ const getSwagger = policyLevel => ({
                             ' preconditions is not met.',
                     },
                 },
-                security: [{ pizzashack_auth: ['write:order', 'read:order'] }],
             },
         },
     },
     schemes: ['https'],
     produces: ['application/json'],
     swagger: '2.0',
-    securityDefinitions: {
-        pizzashack_auth: {
-            type: 'oauth2',
-            authorizationUrl: 'http://wso2.swagger.io/api/oauth/dialog',
-            flow: 'implicit',
-            scopes: {
-                'write:order': 'modify order in your account',
-                'read:order': 'read your order',
-                'read:menu': 'read your menu',
-            },
-        },
-    },
     definitions: {
         ErrorListItem: {
             title: 'Description of individual errors that may have occored during a request.',