Hey, I am writing a custom validator for the update of the attribute.
and I want to determin who is updating the attribute. if it is an Admin then it is allowed, if it is a normal user then it is not.
I can’t use the built-in feature in User Profile in the Admin Console because I want the user to determine the value of this attribute by the registration phase, but only an admin allowed to change it later on.
I just want to reach the user, I know how to determin wether it is Admin or not, but I need to reach its data first.
I couldn’t use the AuthenticationSession because it is always null with update.
Any suggestions?
Hi @Maha96 can you share some code snippet?
public ValidationContext validate(Object input, String inputHint, ValidationContext context,
ValidatorConfig config) {
LOGGER.debugv("Validate Unchangable {0}", inputHint);
AttributeContext attributeContext = ((UserProfileAttributeValidationContext) context).getAttributeContext();
UserModel user = attributeContext.getUser();
// Extract the current and updated attribute value
String currentValue = user.getFirstAttribute(inputHint);
String updatedValue = attributeContext.getAttribute().getValue().toString().replace("[", "").replace("]", "");
Entry<String, List<String>> unchangeableAttribute = attributeContext.getAttribute();
LOGGER.debugv("validate Unchangeable Attribute(): attribute unchangeable: {0} = {1}",
unchangeableAttribute.getKey(), unchangeableAttribute.getValue());
// Extract the configuration parameters
boolean isChangeableByAdmin = config.getBoolean(IS_CHANGEABLE_BY_ADMIN);
boolean isChangeableByUser = config.getBoolean(IS_CHANGEABLE_BY_USER);
// Check if the AccountType has changed
if (currentValue != null && !currentValue.equals(updatedValue)) {
// Determine if the user or admin is allowed to change the attribute
boolean isAdmin = isAdminUpdate(context.getSession().getContext().getRealm(), session);
if ((isAdmin && !isChangeableByAdmin) || (!isAdmin && !isChangeableByUser)) {
// Add a validation error if the change is not allowed
ValidationError validationError = new ValidationError(getId(), "user.attributes." + inputHint,
"You are not Allowed to change the " + inputHint);
context.addError(validationError);
LOGGER.debugv("validate(): added validation error: {0}", validationError.toString());
}
}
return context;
}
I want to write the method isAdminUpdate(context.getSession().getContext().getRealm(), session)
that tells me who did the update action, an admin or user, but I don’t seem to catch the user who did the action, I can only reach the user whom update was changed
when you change the attribute value, do you change it as admin role or do you impersonate the user who’s attribute value gonna be altered? @Maha96
please share the code for isAdminUpdate @Maha96