From de2c10b013f3b03c67f4bf4f4031111665b5ff48 Mon Sep 17 00:00:00 2001
From: DedunuKarunarathne
 <46235093+DedunuKarunarathne@users.noreply.github.com>
Date: Fri, 10 Jan 2025 11:02:42 +0530
Subject: [PATCH] Fix role based filtering on query result of DSS is not
 working

Implemented the getUserRoles function to return roles of a given user to ensure  the correct functionality of role based filtering on query result of DSS.
Fixes: https://github.com/wso2/product-micro-integrator/issues/3861
---
 .../pom.xml                                   | 10 +++++
 .../integrator/dataservices/core/DBUtils.java | 38 ++++---------------
 2 files changed, 17 insertions(+), 31 deletions(-)

diff --git a/components/data/data-services/org.wso2.micro.integrator.dataservices.core/pom.xml b/components/data/data-services/org.wso2.micro.integrator.dataservices.core/pom.xml
index ba38c74121..fbb96d406a 100644
--- a/components/data/data-services/org.wso2.micro.integrator.dataservices.core/pom.xml
+++ b/components/data/data-services/org.wso2.micro.integrator.dataservices.core/pom.xml
@@ -151,6 +151,16 @@
             <groupId>org.wso2.ei</groupId>
             <artifactId>org.wso2.micro.integrator.dataservices.sql.driver</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.ei</groupId>
+            <artifactId>org.wso2.micro.integrator.security</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId> org.apache.synapse</groupId>
+                    <artifactId>synapse-core</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
         <dependency>
             <groupId>org.wso2.orbit.org.webharvest</groupId>
             <artifactId>webharvest-core</artifactId>
diff --git a/components/data/data-services/org.wso2.micro.integrator.dataservices.core/src/main/java/org/wso2/micro/integrator/dataservices/core/DBUtils.java b/components/data/data-services/org.wso2.micro.integrator.dataservices.core/src/main/java/org/wso2/micro/integrator/dataservices/core/DBUtils.java
index 3df3e405ad..f4795ae15d 100644
--- a/components/data/data-services/org.wso2.micro.integrator.dataservices.core/src/main/java/org/wso2/micro/integrator/dataservices/core/DBUtils.java
+++ b/components/data/data-services/org.wso2.micro.integrator.dataservices.core/src/main/java/org/wso2/micro/integrator/dataservices/core/DBUtils.java
@@ -61,6 +61,8 @@
 import org.wso2.micro.integrator.dataservices.core.engine.ParamValue;
 import org.wso2.micro.integrator.dataservices.core.internal.DataServicesDSComponent;
 import org.wso2.micro.integrator.ndatasource.core.utils.DataSourceUtils;
+import org.wso2.micro.integrator.security.MicroIntegratorSecurityUtils;
+import org.wso2.micro.integrator.security.user.api.UserStoreException;
 import org.wso2.securevault.SecretResolver;
 import org.wso2.securevault.SecretResolverFactory;
 
@@ -326,37 +328,11 @@ public static String getCurrentContextUsername(DataService dataService) {
      * @throws DataServiceFault
      */
     public static String[] getUserRoles(String username) throws DataServiceFault {
-//    	RealmService realmService = DataServicesDSComponent.getRealmService();
-//        RegistryService registryService = DataServicesDSComponent.getRegistryService();
-//        String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
-//        int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
-//        try {
-//            if (tenantId < MultitenantConstants.SUPER_TENANT_ID) {
-//                tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
-//            }
-//            if (tenantId < MultitenantConstants.SUPER_TENANT_ID) {
-//                /* the tenant doesn't exist. */
-//                log.error("The tenant doesn't exist. Tenant domain:" + tenantDomain);
-//                throw new DataServiceFault("Access Denied. You are not authorized.");
-//            }
-//            if (tenantId != MultitenantConstants.SUPER_TENANT_ID){ //tenant space users can't access super tenant
-//                username = MultitenantUtils.getTenantAwareUsername(username);
-//            }
-//            if (!realmService.getTenantManager().isTenantActive(tenantId)) {
-//                /* the tenant is not active. */
-//                log.error("The tenant is not active. Tenant domain:" + tenantDomain);
-//                throw new DataServiceFault("The tenant is not active. Tenant domain:"
-//                        + tenantDomain);
-//            }
-//            UserRealm realm = registryService.getUserRealm(tenantId);
-//            String roles[] = realm.getUserStoreManager().getRoleListOfUser(username);
-//            return roles;
-//        } catch (Exception e) {
-//            String msg = "Error in retrieving the realm for the tenant id: " + tenantId
-//                    + ", username: " + username + ". " + e.getMessage();
-//            throw new DataServiceFault(msg);
-//        }
-        return new String[0];
+        try {
+            return MicroIntegratorSecurityUtils.getUserStoreManager().getRoleListOfUser(username);
+        } catch (UserStoreException e) {
+            throw new DataServiceFault(e, "Error while getting the user role");
+        }
     }