Return realm configs based on mgt permission

[AnuradhaSK]

Purpose

This pull request enhances the authorization logic in the ServerConfigManagementService#getConfigs method to ensure that only users with the appropriate permissions can view internal configuration details. The changes introduce user-specific authorization checks and handle sub-organization scenarios, improving security and compliance with organizational boundaries.

Authorization and Security Improvements:

• Added logic to determine if the current tenant is a sub-organization and to check user authorization for viewing internal configuration, using AuthzUtil.isUserAuthorized with the relevant permission (internal_org_config_view for sub-organizations, internal_config_view otherwise).
• Constructed an AuthenticatedUser object from the current context to use in permission checks, ensuring authorization is performed for the correct user.

Error Handling Enhancements:

• Updated error handling to catch IdentityOAuth2Exception and OrganizationManagementException during authorization checks, returning an internal server error if an exception occurs.

Dependency Additions:

• Imported AuthenticatedUser, IdentityOAuth2Exception, and AuthzUtil to support the new authorization logic. [1] [2]

Depends on

• Add isUserAuthorized method based on userId, resident org and accessing org wso2-extensions/identity-inbound-auth-oauth#2893

[wso2-engineering-bot]

Log Improvement Suggestion No: 1

Suggested change

	try {
	try {
	if (log.isDebugEnabled()) {
	log.debug("Getting server configurations for tenant: " + tenantDomain);
	}
	boolean isUerAuthorizedToViewInternalConfig;

[wso2-engineering-bot]

Log Improvement Suggestion No: 2

Suggested change

	isUerAuthorizedToViewInternalConfig =
	AuthzUtil.isUserAuthorized(user, Collections.singletonList("internal_config_view"));
	}
	isUerAuthorizedToViewInternalConfig =
	AuthzUtil.isUserAuthorized(user, Collections.singletonList("internal_config_view"));
	}
	if (log.isDebugEnabled()) {
	log.debug("User authorization status for viewing internal config: " + isUerAuthorizedToViewInternalConfig);
	}

[wso2-engineering-bot]

AI Agent Log Improvement Checklist

⚠️ Warning: AI-Generated Review Comments

• The log-related comments and suggestions in this review were generated by an AI tool to assist with identifying potential improvements. Purpose of reviewing the code for log improvements is to improve the troubleshooting capabilities of our products.
• Please make sure to manually review and validate all suggestions before applying any changes. Not every code suggestion would make sense or add value to our purpose. Therefore, you have the freedom to decide which of the suggestions are helpful.

✅ Before merging this pull request:

• Review all AI-generated comments for accuracy and relevance.
• Complete and verify the table below. We need your feedback to measure the accuracy of these suggestions and the value they add. If you are rejecting a certain code suggestion, please mention the reason briefly in the suggestion for us to capture it.

Comment	Accepted (Y/N)	Reason
#### Log Improvement Suggestion No: 1
#### Log Improvement Suggestion No: 2