Merge branch 'master' of https://github.com/wso2/carbon-device-mgt into theme-migration

revert-70aa11f8
Imesh Chandrasiri 8 years ago
commit 7a452d09ab

@ -32,7 +32,7 @@
<!-- Device related APIs --> <!-- Device related APIs -->
<Permission> <Permission>
<name>get certificate in the database</name> <name>get certificate in the database</name>
<path>/device-mgt/admin/certificate/GetSignCSR</path> <path>/device-mgt/certificate/GetSignCSR</path>
<url>/certificates/scep/signcsr</url> <url>/certificates/scep/signcsr</url>
<method>POST</method> <method>POST</method>
<scope>emm_admin</scope> <scope>emm_admin</scope>

@ -93,7 +93,7 @@ public interface ActivityInfoProviderService {
message = "Internal Server Error. \n Server error occurred while fetching activity data.", message = "Internal Server Error. \n Server error occurred while fetching activity data.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Activities", permission = "/device-mgt/activities/view") @Permission(name = "View Activities", permission = "/device-mgt/devices/owning/view")
Response getActivity( Response getActivity(
@ApiParam( @ApiParam(
name = "id", name = "id",
@ -154,7 +154,7 @@ public interface ActivityInfoProviderService {
message = "Internal Server Error. \n Server error occurred while fetching activity data.", message = "Internal Server Error. \n Server error occurred while fetching activity data.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Activities", permission = "/device-mgt/activities/view") @Permission(name = "View Activities", permission = "/device-mgt/devices/owning/view")
Response getActivities( Response getActivities(
@ApiParam( @ApiParam(
name = "since", name = "since",

@ -82,7 +82,7 @@ public interface ConfigurationManagementService {
"platform configuration.", "platform configuration.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Configurations", permission = "/device-mgt/configuration/view") @Permission(name = "View Configurations", permission = "/device-mgt/configurations/view")
Response getConfiguration( Response getConfiguration(
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",
@ -128,7 +128,7 @@ public interface ConfigurationManagementService {
"Server error occurred while modifying general platform configuration.", "Server error occurred while modifying general platform configuration.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "Manage configurations", permission = "/device-mgt/configuration/manage") @Permission(name = "Manage configurations", permission = "/device-mgt/configurations/manage")
Response updateConfiguration( Response updateConfiguration(
@ApiParam( @ApiParam(
name = "configuration", name = "configuration",

@ -93,7 +93,7 @@ public interface DeviceManagementService {
message = "Internal Server Error. \n Server error occurred while fetching the device list.", message = "Internal Server Error. \n Server error occurred while fetching the device list.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getDevices( Response getDevices(
@ApiParam( @ApiParam(
name = "name", name = "name",
@ -200,7 +200,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving information requested device.", "Server error occurred while retrieving information requested device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getDevice( Response getDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -282,7 +282,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving feature list of the device.", "Server error occurred while retrieving feature list of the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getFeaturesOfDevice( Response getFeaturesOfDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -358,7 +358,7 @@ public interface DeviceManagementService {
"Server error occurred while enrolling the device.", "Server error occurred while enrolling the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response searchDevices( Response searchDevices(
@ApiParam( @ApiParam(
name = "offset", name = "offset",
@ -437,7 +437,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving installed application list of the device.", "Server error occurred while retrieving installed application list of the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getInstalledApplications( Response getInstalledApplications(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -533,7 +533,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving operation list scheduled for the device.", "Server error occurred while retrieving operation list scheduled for the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getDeviceOperations( Response getDeviceOperations(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -631,7 +631,7 @@ public interface DeviceManagementService {
response = ErrorResponse.class) response = ErrorResponse.class)
} }
) )
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getEffectivePolicyOfDevice( Response getEffectivePolicyOfDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -683,7 +683,7 @@ public interface DeviceManagementService {
response = ErrorResponse.class) response = ErrorResponse.class)
} }
) )
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getComplianceDataOfDevice( Response getComplianceDataOfDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",

@ -79,7 +79,7 @@ public interface DeviceTypeManagementService {
response = ErrorResponse.class) response = ErrorResponse.class)
} }
) )
@Permission(name = "View Device Types", permission = "/device-mgt/devices/view") @Permission(name = "View Device Types", permission = "/device-mgt/devices/owning/view")
Response getDeviceTypes( Response getDeviceTypes(
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",

@ -82,7 +82,7 @@ public interface GroupManagementService {
// //
// @GET // @GET
// @Path("/{groupName}/devices") // @Path("/{groupName}/devices")
// @Permission(scope = "group-view", permissions = {"/permission/admin/device-mgt/admin/groups/roles"}) // @Permission(scope = "group-view", permissions = {"/permission/admin/device-mgt/groups/roles"})
// Response getDevicesOfGroup(@PathParam("groupName") String groupName, @QueryParam("offset") int offset, // Response getDevicesOfGroup(@PathParam("groupName") String groupName, @QueryParam("offset") int offset,
// @QueryParam("limit") int limit); // @QueryParam("limit") int limit);
// //

@ -86,7 +86,7 @@ public interface DeviceManagementAdminService {
message = "Internal Server Error. \n Server error occurred while fetching the device list.", message = "Internal Server Error. \n Server error occurred while fetching the device list.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/admin/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getDevicesByName( Response getDevicesByName(
@ApiParam( @ApiParam(
name = "name", name = "name",

@ -69,7 +69,7 @@ public interface UserManagementAdminService {
"Server error occurred while updating credentials of the user.", "Server error occurred while updating credentials of the user.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Users", permission = "/device-mgt/admin/users/view") @Permission(name = "View Users", permission = "/device-mgt/users/manage")
Response resetUserPassword( Response resetUserPassword(
@ApiParam( @ApiParam(
name = "username", name = "username",

@ -327,7 +327,9 @@ public class UserManagementServiceImpl implements UserManagementService {
try { try {
UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager(); UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
int userCount = userStoreManager.listUsers("*", -1).length; int userCount = userStoreManager.listUsers("*", -1).length;
return Response.status(Response.Status.OK).entity(userCount).build(); BasicUserInfoList result = new BasicUserInfoList();
result.setCount(userCount);
return Response.status(Response.Status.OK).entity(result).build();
} catch (UserStoreException e) { } catch (UserStoreException e) {
String msg = "Error occurred while retrieving the user count."; String msg = "Error occurred while retrieving the user count.";
log.error(msg, e); log.error(msg, e);

@ -45,334 +45,334 @@
</Permission> </Permission>
<Permission> <Permission>
<name>Devices</name> <name>Devices</name>
<path>/device-mgt/admin/devices</path> <path>/device-mgt/devices</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Device related APIs --> <!-- Device related APIs -->
<Permission> <Permission>
<name>List devices</name> <name>List devices</name>
<path>/device-mgt/admin/devices/List</path> <path>/device-mgt/devices/List</path>
<url>/devices</url> <url>/devices</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Search devices</name> <name>Search devices</name>
<path>/device-mgt/admin/devices/Search</path> <path>/device-mgt/devices/Search</path>
<url>/devices/search-devices</url> <url>/devices/search-devices</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device</name> <name>View device</name>
<path>/device-mgt/admin/devices/View</path> <path>/device-mgt/devices/View</path>
<url>/devices/*/*</url> <url>/devices/*/*</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device info</name> <name>View device info</name>
<path>/device-mgt/admin/devices/View</path> <path>/device-mgt/devices/View</path>
<url>/devices/*/*/info</url> <url>/devices/*/*/info</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device applications</name> <name>View device applications</name>
<path>/device-mgt/admin/devices/View-Applications</path> <path>/device-mgt/devices/View-Applications</path>
<url>/devices/*/*/applications</url> <url>/devices/*/*/applications</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device effective-policy</name> <name>View device effective-policy</name>
<path>/device-mgt/admin/devices/View-Active-Policy</path> <path>/device-mgt/devices/View-Active-Policy</path>
<url>/devices/*/*/effective-policy</url> <url>/devices/*/*/effective-policy</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View devices feature</name> <name>View devices feature</name>
<path>/device-mgt/admin/devices/View-Features</path> <path>/device-mgt/devices/View-Features</path>
<url>/devices/*/*/features</url> <url>/devices/*/*/features</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device operations</name> <name>View device operations</name>
<path>/device-mgt/admin/devices/View-Operations</path> <path>/device-mgt/devices/View-Operations</path>
<url>/devices/*/*/operations</url> <url>/devices/*/*/operations</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View Compliance Data</name> <name>View Compliance Data</name>
<path>/device-mgt/admin/devices/View-Compliance-Data</path> <path>/device-mgt/devices/View-Compliance-Data</path>
<url>/devices/*/*/compliance-data</url> <url>/devices/*/*/compliance-data</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>List all devices</name> <name>List all devices</name>
<path>/device-mgt/admin/devices/Admin-View</path> <path>/device-mgt/devices/Admin-View</path>
<url>/admin/devices</url> <url>/admin/devices</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device types</name> <name>View device types</name>
<path>/device-mgt/admin/devices/Admin-DeviceType-View</path> <path>/device-mgt/devices/Admin-DeviceType-View</path>
<url>/admin/device-types</url> <url>/admin/device-types</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- End of Device related APIs --> <!-- End of Device related APIs -->
<Permission> <Permission>
<name>Policies</name> <name>Policies</name>
<path>/device-mgt/admin/policies</path> <path>/device-mgt/policies</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Policy related APIs --> <!-- Policy related APIs -->
<Permission> <Permission>
<name>List policies</name> <name>List policies</name>
<path>/device-mgt/admin/policies/List</path> <path>/device-mgt/policies/List</path>
<url>/policies</url> <url>/policies</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Add Policy</name> <name>Add Policy</name>
<path>/device-mgt/admin/policies/Add</path> <path>/device-mgt/policies/Add</path>
<url>/policies</url> <url>/policies</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Activate policy</name> <name>Activate policy</name>
<path>/device-mgt/admin/policies/Activate-Policy</path> <path>/device-mgt/policies/Activate-Policy</path>
<url>/policies/activate-policy</url> <url>/policies/activate-policy</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Deactivate Policy</name> <name>Deactivate Policy</name>
<path>/device-mgt/admin/policies/Deactivate-Policy</path> <path>/device-mgt/policies/Deactivate-Policy</path>
<url>/policies/deactivate-policy</url> <url>/policies/deactivate-policy</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Remove Policy</name> <name>Remove Policy</name>
<path>/device-mgt/admin/policies/Remove</path> <path>/device-mgt/policies/Remove</path>
<url>/policies/remove-policy</url> <url>/policies/remove-policy</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View Policy</name> <name>View Policy</name>
<path>/device-mgt/admin/policies/View</path> <path>/device-mgt/policies/View</path>
<url>/policies/*</url> <url>/policies/*</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update Policy</name> <name>Update Policy</name>
<path>/device-mgt/admin/policies/Update</path> <path>/device-mgt/policies/Update</path>
<url>/policies/*</url> <url>/policies/*</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update Policy</name> <name>Update Policy</name>
<path>/device-mgt/admin/policies/Update</path> <path>/device-mgt/policies/Update</path>
<url>/policies/apply-changes</url> <url>/policies/apply-changes</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update Policy</name> <name>Update Policy</name>
<path>/device-mgt/admin/policies/Change-Priority</path> <path>/device-mgt/policies/Change-Priority</path>
<url>/policies/priorities</url> <url>/policies/priorities</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<!-- End of Policy related APIs --> <!-- End of Policy related APIs -->
<Permission> <Permission>
<name>Notifications</name> <name>Notifications</name>
<path>/device-mgt/admin/notifications</path> <path>/device-mgt/notifications</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Notification related APIs --> <!-- Notification related APIs -->
<Permission> <Permission>
<name>View notifications</name> <name>View notifications</name>
<path>/device-mgt/admin/notifications/View</path> <path>/device-mgt/notifications/View</path>
<url>/notifications</url> <url>/notifications</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Mark checked notifications</name> <name>Mark checked notifications</name>
<path>/device-mgt/admin/notifications/View</path> <path>/device-mgt/notifications/View</path>
<url>/notifications/*/mark-checked</url> <url>/notifications/*/mark-checked</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<!-- End of Notification related APIs --> <!-- End of Notification related APIs -->
<Permission> <Permission>
<name>Users</name> <name>Users</name>
<path>/device-mgt/admin/users</path> <path>/device-mgt/users</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- User related APIs --> <!-- User related APIs -->
<Permission> <Permission>
<name>List users</name> <name>List users</name>
<path>/device-mgt/admin/users/List</path> <path>/device-mgt/users/List</path>
<url>/users</url> <url>/users</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Add user</name> <name>Add user</name>
<path>/device-mgt/admin/users/Add</path> <path>/device-mgt/users/Add</path>
<url>/users</url> <url>/users</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>List users</name> <name>List users</name>
<path>/device-mgt/admin/users/Search</path> <path>/device-mgt/users/Search</path>
<url>/users/search/usernames</url> <url>/users/search/usernames</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Remove user</name> <name>Remove user</name>
<path>/device-mgt/admin/users/Remove</path> <path>/device-mgt/users/Remove</path>
<url>/users/*</url> <url>/users/*</url>
<method>DELETE</method> <method>DELETE</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View user</name> <name>View user</name>
<path>/device-mgt/admin/users/View</path> <path>/device-mgt/users/View</path>
<url>/users/*</url> <url>/users/*</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update user</name> <name>Update user</name>
<path>/device-mgt/admin/users/Update</path> <path>/device-mgt/users/Update</path>
<url>/users/*</url> <url>/users/*</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update user credentials</name> <name>Update user credentials</name>
<path>/device-mgt/admin/users/Change-Password</path> <path>/device-mgt/users/Change-Password</path>
<url>/users/*/credentials</url> <url>/users/*/credentials</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View assigned role</name> <name>View assigned role</name>
<path>/device-mgt/admin/roles/Assigned-Roles</path> <path>/device-mgt/roles/Assigned-Roles</path>
<url>/users/*/roles</url> <url>/users/*/roles</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Change any user credentials</name> <name>Change any user credentials</name>
<path>/device-mgt/admin/users/Change-Password-Any</path> <path>/device-mgt/users/Change-Password-Any</path>
<url>/admin/users/*/credentials</url> <url>/admin/users/*/credentials</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Send invitation mail</name> <name>Send invitation mail</name>
<path>/device-mgt/admin/users/Send-invitations</path> <path>/device-mgt/users/Send-invitations</path>
<url>/users/send-invitation</url> <url>/users/send-invitation</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<!-- End of User related APIs --> <!-- End of User related APIs -->
<Permission> <Permission>
<name>Roles</name> <name>Roles</name>
<path>/device-mgt/admin/roles</path> <path>/device-mgt/roles</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Role related APIs --> <!-- Role related APIs -->
<Permission> <Permission>
<name>List roles</name> <name>List roles</name>
<path>/device-mgt/admin/roles/List</path> <path>/device-mgt/roles/List</path>
<url>/roles</url> <url>/roles</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Add role</name> <name>Add role</name>
<path>/device-mgt/admin/roles/Add</path> <path>/device-mgt/roles/Add</path>
<url>/roles</url> <url>/roles</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Remove role</name> <name>Remove role</name>
<path>/device-mgt/admin/roles/Remove</path> <path>/device-mgt/roles/Remove</path>
<url>/roles/*</url> <url>/roles/*</url>
<method>DELETE</method> <method>DELETE</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View role</name> <name>View role</name>
<path>/device-mgt/admin/roles/View</path> <path>/device-mgt/roles/View</path>
<url>/roles/*</url> <url>/roles/*</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update role</name> <name>Update role</name>
<path>/device-mgt/admin/roles/Update</path> <path>/device-mgt/roles/Update</path>
<url>/roles/*</url> <url>/roles/*</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View role permissions</name> <name>View role permissions</name>
<path>/device-mgt/admin/roles/View-Permission</path> <path>/device-mgt/roles/View-Permission</path>
<url>/roles/*/permissions</url> <url>/roles/*/permissions</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Add Users to role</name> <name>Add Users to role</name>
<path>/device-mgt/admin/roles/Add-Users</path> <path>/device-mgt/roles/Add-Users</path>
<url>/roles/*/users</url> <url>/roles/*/users</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<!-- End of Role related APIs --> <!-- End of Role related APIs -->
<Permission> <Permission>
<name>Configurations</name> <name>Configurations</name>
<path>/device-mgt/admin/general-configs</path> <path>/device-mgt/general-configs</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Configuration related APIs --> <!-- Configuration related APIs -->
<Permission> <Permission>
<name>View configuration</name> <name>View configuration</name>
<path>/device-mgt/admin/general-configuration/View</path> <path>/device-mgt/general-configuration/View</path>
<url>/configuration</url> <url>/configuration</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update configuration</name> <name>Update configuration</name>
<path>/device-mgt/admin/general-configuration/Update</path> <path>/device-mgt/general-configuration/Update</path>
<url>/configuration</url> <url>/configuration</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<!-- End of Configuration related APIs --> <!-- End of Configuration related APIs -->
<Permission> <Permission>
<name>Activities</name> <name>Activities</name>
<path>/device-mgt/admin/activities</path> <path>/device-mgt/activities</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Activity related APIs --> <!-- Activity related APIs -->
<Permission> <Permission>
<name>View Activities</name> <name>View Activities</name>
<path>/device-mgt/admin/activities/View</path> <path>/device-mgt/devices/owning/view</path>
<url>/activities</url> <url>/activities</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View Activity Details</name> <name>View Activity Details</name>
<path>/device-mgt/admin/activities/View</path> <path>/device-mgt/devices/owning/view</path>
<url>/activities/*</url> <url>/activities/*</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- End of Activity related APIs --> <!-- End of Activity related APIs -->
<Permission> <Permission>
<name>Applications</name> <name>Applications</name>
<path>/device-mgt/admin/applications</path> <path>/device-mgt/applications</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Application related APIs --> <!-- Application related APIs -->
<Permission> <Permission>
<name>Install Applications</name> <name>Install Applications</name>
<path>/device-mgt/admin/application/Install</path> <path>/device-mgt/application/Install</path>
<url>/admin/applications/install-application</url> <url>/admin/applications/install-application</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Uninstall-Applications</name> <name>Uninstall-Applications</name>
<path>/device-mgt/admin/application/Uninstall</path> <path>/device-mgt/application/Uninstall</path>
<url>/admin/applications/uninstall-application</url> <url>/admin/applications/uninstall-application</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>

@ -67,7 +67,7 @@ public class DeviceGroupConstants {
public static class Permissions { public static class Permissions {
public static final String[] DEFAULT_ADMIN_PERMISSIONS = public static final String[] DEFAULT_ADMIN_PERMISSIONS =
{"/permission/device-mgt/admin/groups", "/permission/device-mgt/user/groups"}; {"/permission/device-mgt/groups", "/permission/device-mgt/user/groups"};
public static final String[] DEFAULT_OPERATOR_PERMISSIONS = public static final String[] DEFAULT_OPERATOR_PERMISSIONS =
{"/permission/device-mgt/user/groups/device_operation"}; {"/permission/device-mgt/user/groups/device_operation"};
public static final String[] DEFAULT_STATS_MONITOR_PERMISSIONS = public static final String[] DEFAULT_STATS_MONITOR_PERMISSIONS =

@ -47,7 +47,7 @@ import java.util.Map;
*/ */
public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthorizationService { public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthorizationService {
private final static String CDM_ADMIN_PERMISSION = "/device-mgt/admin"; private final static String CDM_ADMIN_PERMISSION = "/device-mgt/devices/any/permitted-actions-upon-owning-device";
private final static String CDM_ADMIN = "Device Management Administrator"; private final static String CDM_ADMIN = "Device Management Administrator";
private static Log log = LogFactory.getLog(DeviceAccessAuthorizationServiceImpl.class); private static Log log = LogFactory.getLog(DeviceAccessAuthorizationServiceImpl.class);
@ -246,7 +246,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
private boolean addAdminPermissionToRegistry() throws PermissionManagementException { private boolean addAdminPermissionToRegistry() throws PermissionManagementException {
Permission permission = new Permission(); Permission permission = new Permission();
permission.setName(CDM_ADMIN); permission.setName(CDM_ADMIN);
permission.setPath(CDM_ADMIN_PERMISSION); permission.setPath(PermissionUtils.getAbsolutePermissionPath(CDM_ADMIN_PERMISSION));
return PermissionUtils.putPermission(permission); return PermissionUtils.putPermission(permission);
} }

@ -152,7 +152,7 @@ if (!user) {
result = responsePayload.responseText; result = responsePayload.responseText;
}); });
} else if (uriMatcher.match("/{context}/api/devices/")) { } else if (uriMatcher.match("/{context}/api/devices/")) {
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/devices/list")) { if (userModule.isAuthorized("/permission/admin/device-mgt/devices/list")) {
result = deviceModule.listDevices(); result = deviceModule.listDevices();
} else { } else {
response.sendError(403); response.sendError(403);
@ -161,7 +161,7 @@ if (!user) {
elements = uriMatcher.elements(); elements = uriMatcher.elements();
deviceId = elements.deviceId; deviceId = elements.deviceId;
type = elements.type; type = elements.type;
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/devices/list")) { if (userModule.isAuthorized("/permission/admin/device-mgt/devices/list")) {
result = deviceModule.viewDevice(type, deviceId); result = deviceModule.viewDevice(type, deviceId);
}else { }else {
response.sendError(403); response.sendError(403);
@ -171,7 +171,7 @@ if (!user) {
deviceId = elements.deviceId; deviceId = elements.deviceId;
type = elements.type; type = elements.type;
operation = elements.operation; operation = elements.operation;
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/devices/operation")) { if (userModule.isAuthorized("/permission/admin/device-mgt/devices/operation")) {
result = deviceModule.performOperation(deviceId, operation, [], type); result = deviceModule.performOperation(deviceId, operation, [], type);
} else { } else {
response.sendError(403); response.sendError(403);

@ -98,7 +98,7 @@ if (uriMatcher.match("/{context}/api/user/authenticate")) {
/* /*
@Deprecated @Deprecated
*/ */
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/user/invite")) { if (userModule.isAuthorized("/permission/admin/device-mgt/user/invite")) {
elements = uriMatcher.elements(); elements = uriMatcher.elements();
username = elements.username; username = elements.username;
userModule.inviteUser(username); userModule.inviteUser(username);
@ -109,7 +109,7 @@ if (uriMatcher.match("/{context}/api/user/authenticate")) {
/* /*
@Deprecated @Deprecated
*/ */
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/user/add")) { if (userModule.isAuthorized("/permission/admin/device-mgt/user/add")) {
addUserFormData = request.getContent(); addUserFormData = request.getContent();
username = addUserFormData.username; username = addUserFormData.username;
firstname = addUserFormData.firstname; firstname = addUserFormData.firstname;
@ -160,7 +160,7 @@ if (uriMatcher.match("/{context}/api/user/authenticate")) {
/* /*
@Deprecated @Deprecated
*/ */
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/user/remove")) { if (userModule.isAuthorized("/permission/admin/device-mgt/user/remove")) {
elements = uriMatcher.elements(); elements = uriMatcher.elements();
username = elements.username; username = elements.username;
try { try {

@ -396,25 +396,25 @@ var userModule = function () {
publicMethods.getUIPermissions = function () { publicMethods.getUIPermissions = function () {
var permissions = {}; var permissions = {};
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/devices/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/devices/list")) {
permissions["LIST_DEVICES"] = true; permissions["LIST_DEVICES"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/devices/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/devices/list")) {
permissions["LIST_OWN_DEVICES"] = true; permissions["LIST_OWN_DEVICES"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/groups/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/groups/list")) {
permissions["LIST_ALL_GROUPS"] = true; permissions["LIST_ALL_GROUPS"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/groups/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/groups/list")) {
permissions["LIST_GROUPS"] = true; permissions["LIST_GROUPS"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/users/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/users/list")) {
permissions["LIST_USERS"] = true; permissions["LIST_USERS"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/roles/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/roles/list")) {
permissions["LIST_ROLES"] = true; permissions["LIST_ROLES"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/policies/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/policies/list")) {
permissions["LIST_ALL_POLICIES"] = true; permissions["LIST_ALL_POLICIES"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/policies/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/policies/list")) {
@ -426,28 +426,28 @@ var userModule = function () {
if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/groups/add")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/groups/add")) {
permissions["ADD_GROUP"] = true; permissions["ADD_GROUP"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/users/add")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/users/add")) {
permissions["ADD_USER"] = true; permissions["ADD_USER"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/users/remove")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/users/remove")) {
permissions["REMOVE_USER"] = true; permissions["REMOVE_USER"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/roles/add")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/roles/add")) {
permissions["ADD_ROLE"] = true; permissions["ADD_ROLE"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/policies/add")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/policies/add")) {
permissions["ADD_ADMIN_POLICY"] = true; permissions["ADD_ADMIN_POLICY"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/policies/add")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/policies/add")) {
permissions["ADD_POLICY"] = true; permissions["ADD_POLICY"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/policies/priority")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/policies/priority")) {
permissions["CHANGE_POLICY_PRIORITY"] = true; permissions["CHANGE_POLICY_PRIORITY"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/dashboard/view")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/dashboard/view")) {
permissions["VIEW_DASHBOARD"] = true; permissions["VIEW_DASHBOARD"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/platform-configs/view")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/platform-configs/view")) {
permissions["TENANT_CONFIGURATION"] = true; permissions["TENANT_CONFIGURATION"] = true;
} }

@ -45,9 +45,9 @@ var invokers = function () {
* If the token pair is not set in the session, this will return null. * If the token pair is not set in the session, this will return null.
*/ */
privateMethods.getAccessToken = function () { privateMethods.getAccessToken = function () {
var tokenPair = parse(session.get(constants["TOKEN_PAIR"])); var tokenPair = session.get(constants["TOKEN_PAIR"]);
if (tokenPair) { if (tokenPair) {
return tokenPair["accessToken"]; return parse(tokenPair)["accessToken"];
} else { } else {
return null; return null;
} }

@ -23,18 +23,20 @@
<i class="icon fw fw-home"></i> <i class="icon fw fw-home"></i>
</a> </a>
</li> </li>
<li>
<a href="{{@app.context}}/certificates">
Certificates
</a>
</li>
<li> <li>
<a href="{{@app.context}}/certificates/add"> <a href="{{@app.context}}/certificates/add">
<span class="fw-stack"> Add
<i class="fw fw-ring fw-stack-2x"></i>
<i class="fw fw-document fw-stack-1x"></i>
</span>
Add Certificate
</a> </a>
</li> </li>
{{/zone}} {{/zone}}
{{#zone "content"}} {{#zone "content"}}
{{#if isAuthorized}}
<!-- content/body --> <!-- content/body -->
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
@ -94,6 +96,14 @@
</div> </div>
</div> </div>
<!-- /content/body --> <!-- /content/body -->
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter Certificate Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "bottomJs"}} {{#zone "bottomJs"}}

@ -26,7 +26,8 @@ function onRequest(context) {
// var log = new Log("units/user-create/create.js"); // var log = new Log("units/user-create/create.js");
var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var mdmProps = require("/app/modules/conf-reader/main.js")["conf"]; var mdmProps = require("/app/modules/conf-reader/main.js")["conf"];
var viewModel = {};
viewModel.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/certificates/manage");
var response = userModule.getRolesByUserStore(); var response = userModule.getRolesByUserStore();
if (response["status"] == "success") { if (response["status"] == "success") {
viewModel["roles"] = response["content"]; viewModel["roles"] = response["content"];

@ -23,6 +23,15 @@
<i class="icon fw fw-home"></i> <i class="icon fw fw-home"></i>
</a> </a>
</li> </li>
<li>
<a href="{{@app.context}}/certificates">
Certificate
</a>
</li>
{{/zone}}
{{#zone "navbarActions"}}
{{#if removePermitted}}
<li> <li>
<a href="{{@app.context}}/certificates/add"> <a href="{{@app.context}}/certificates/add">
<span class="fw-stack"> <span class="fw-stack">
@ -32,6 +41,7 @@
Add Certificate Add Certificate
</a> </a>
</li> </li>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "content"}} {{#zone "content"}}

@ -38,6 +38,7 @@
{{/zone}} {{/zone}}
{{#zone "content"}} {{#zone "content"}}
{{#if canManage}}
<!-- content/body --> <!-- content/body -->
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
@ -96,6 +97,7 @@
Role name is required, should be in minimum 3 characters long and not include any whitespaces. Role name is required, should be in minimum 3 characters long and not include any whitespaces.
</label> </label>
</div> </div>
{{#if canViewUsers}}
<label class="wr-input-label"> <label class="wr-input-label">
User list User list
</label> </label>
@ -104,6 +106,7 @@
<!--suppress HtmlFormInputWithoutLabel --> <!--suppress HtmlFormInputWithoutLabel -->
<select id="users" class="form-control select2" multiple="multiple"></select> <select id="users" class="form-control select2" multiple="multiple"></select>
</div> </div>
{{/if}}
</div> </div>
</div> </div>
<br> <br>
@ -134,6 +137,14 @@
</div> </div>
</div> </div>
<!-- /content/body --> <!-- /content/body -->
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter Role Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "bottomJs"}} {{#zone "bottomJs"}}
{{js "js/bottomJs.js"}} {{js "js/bottomJs.js"}}

@ -20,16 +20,24 @@
* Returns the dynamic state to be populated by add-user page. * Returns the dynamic state to be populated by add-user page.
* *
* @param context Object that gets updated with the dynamic state of this page to be presented * @param context Object that gets updated with the dynamic state of this page to be presented
* @returns {*} A context object that returns the dynamic state of this page to be presented * @returns {*} A displayData object that returns the dynamic state of this page to be presented
*/ */
function onRequest(context) { function onRequest(context) {
var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var deviceMgtProps = require("/app/modules/conf-reader/main.js")["conf"]; var deviceMgtProps = require("/app/modules/conf-reader/main.js")["conf"];
var displayData = {};
context["userStores"] = userModule.getSecondaryUserStores(); displayData["userStores"] = userModule.getSecondaryUserStores();
context["roleNameJSRegEx"] = deviceMgtProps["roleValidationConfig"]["roleNameJSRegEx"]; displayData["roleNameJSRegEx"] = deviceMgtProps["roleValidationConfig"]["roleNameJSRegEx"];
context["roleNameHelpText"] = deviceMgtProps["roleValidationConfig"]["roleNameHelpMsg"]; displayData["roleNameHelpText"] = deviceMgtProps["roleValidationConfig"]["roleNameHelpMsg"];
context["roleNameRegExViolationErrorMsg"] = deviceMgtProps["roleValidationConfig"]["roleNameRegExViolationErrorMsg"]; displayData["roleNameRegExViolationErrorMsg"] = deviceMgtProps["roleValidationConfig"]["roleNameRegExViolationErrorMsg"];
return context; if (userModule.isAuthorized("/permission/admin/device-mgt/roles/manage")) {
displayData.canManage = true;
}
if (userModule.isAuthorized("/permission/admin/device-mgt/users/view")) {
displayData.canViewUsers = true;
}
return displayData;
} }

@ -51,7 +51,8 @@
<div id="user-create-error-msg" class="alert alert-danger hidden" role="alert"> <div id="user-create-error-msg" class="alert alert-danger hidden" role="alert">
<i class="icon fw fw-error"></i><span></span> <i class="icon fw fw-error"></i><span></span>
</div> </div>
<label class="wr-input-label" title="Select the domain of the user store from the drop-down given below. The domain of the default user store is PRIMARY"> <label class="wr-input-label"
title="Select the domain of the user store from the drop-down given below. The domain of the default user store is PRIMARY">
User Store Domain User Store Domain
<span class="wr-help-tip glyphicon glyphicon-question-sign"></span> <span class="wr-help-tip glyphicon glyphicon-question-sign"></span>
</label> </label>
@ -68,19 +69,25 @@
<span class="wr-help-tip glyphicon glyphicon-question-sign"></span> <span class="wr-help-tip glyphicon glyphicon-question-sign"></span>
</label> </label>
<div id="usernameInputField" class="form-group wr-input-control"> <div id="usernameInputField" class="form-group wr-input-control">
<input limit="{{charLimit}}" type="text" id="username" data-regex="{{usernameJSRegEx}}" data-errormsg="{{usernameRegExViolationErrorMsg}}" class="form-control"/> <input limit="{{charLimit}}" type="text" id="username"
data-regex="{{usernameJSRegEx}}"
data-errormsg="{{usernameRegExViolationErrorMsg}}" class="form-control"/>
<span class=" usernameError hidden glyphicon glyphicon-remove form-control-feedback"></span> <span class=" usernameError hidden glyphicon glyphicon-remove form-control-feedback"></span>
<label class="error usernameEmpty hidden" for="summary">This field is required. Username should be in minimum 3 characters long and do not include any whitespaces.</label> <label class="error usernameEmpty hidden" for="summary">This field is required.
Username should be in minimum 3 characters long and do not include any
whitespaces.</label>
</div> </div>
<label class="wr-input-label">First Name *</label> <label class="wr-input-label">First Name *</label>
<div id="firstNameField" class="form-group wr-input-control"> <div id="firstNameField" class="form-group wr-input-control">
<input type="text" id="firstname" data-regex="{{firstnameJSRegEx}}" data-errormsg="{{firstnameRegExViolationErrorMsg}}" class="form-control"/> <input type="text" id="firstname" data-regex="{{firstnameJSRegEx}}"
data-errormsg="{{firstnameRegExViolationErrorMsg}}" class="form-control"/>
<span class="glyphicon glyphicon-remove form-control-feedback hidden fnError"></span> <span class="glyphicon glyphicon-remove form-control-feedback hidden fnError"></span>
<label class=" hidden error fnError" for="summary">This field is required.</label> <label class=" hidden error fnError" for="summary">This field is required.</label>
</div> </div>
<label class="wr-input-label">Last Name *</label> <label class="wr-input-label">Last Name *</label>
<div id="lastNameField" class="form-group wr-input-control"> <div id="lastNameField" class="form-group wr-input-control">
<input type="text" id="lastname" data-regex="{{lastnameJSRegEx}}" data-errormsg="{{lastnameRegExViolationErrorMsg}}" class="form-control"/> <input type="text" id="lastname" data-regex="{{lastnameJSRegEx}}"
data-errormsg="{{lastnameRegExViolationErrorMsg}}" class="form-control"/>
<span class="glyphicon glyphicon-remove form-control-feedback hidden lnError"></span> <span class="glyphicon glyphicon-remove form-control-feedback hidden lnError"></span>
<label class=" hidden error lnError" for="summary">This field is required.</label> <label class=" hidden error lnError" for="summary">This field is required.</label>
</div> </div>
@ -91,13 +98,17 @@
<div id="emailField" class=" form-group wr-input-control"> <div id="emailField" class=" form-group wr-input-control">
<input type="email" id="emailAddress" class="form-control"/> <input type="email" id="emailAddress" class="form-control"/>
<span class="glyphicon glyphicon-remove form-control-feedback hidden emailError"></span> <span class="glyphicon glyphicon-remove form-control-feedback hidden emailError"></span>
<label class=" hidden error email-required" for="summary">This field is required.</label> <label class=" hidden error email-required" for="summary">This field is
<label class=" hidden error email-invalid" for="summary">Invalid Email Address.</label> required.</label>
<label class=" hidden error email-invalid" for="summary">Invalid Email
Address.</label>
</div> </div>
<label class="wr-input-label" title="Optional field that can have 0-to-many roles for the user"> <label class="wr-input-label"
title="Optional field that can have 0-to-many roles for the user">
User Roles User Roles
<span class="wr-help-tip glyphicon glyphicon-question-sign"></span> <span class="wr-help-tip glyphicon glyphicon-question-sign"></span>
</label> </label>
{{#if canViewRoles}}
<div class="wr-input-control"> <div class="wr-input-control">
<select id="roles" class="form-control select2" multiple="multiple"> <select id="roles" class="form-control select2" multiple="multiple">
{{#each roles}} {{#each roles}}
@ -105,6 +116,7 @@
{{/each}} {{/each}}
</select> </select>
</div> </div>
{{/if}}
</div> </div>
</div> </div>
<br> <br>
@ -128,7 +140,8 @@
<br>Please click <b>"Add Another User"</b>, if you wish to add another user or click <br>Please click <b>"Add Another User"</b>, if you wish to add another user or click
<b>"View User List"</b> to complete the process and go back to the user list. <b>"View User List"</b> to complete the process and go back to the user list.
<hr/> <hr/>
<button class="wr-btn" onclick="window.location.href='{{@app.context}}/users'">View User List</button> <button class="wr-btn" onclick="window.location.href='{{@app.context}}/users'">View User List
</button>
<a href="{{@app.context}}/user/add" class="cu-btn-inner"> <a href="{{@app.context}}/user/add" class="cu-btn-inner">
<span class="fw-stack"> <span class="fw-stack">
<i class="fw fw-ring fw-stack-2x"></i> <i class="fw fw-ring fw-stack-2x"></i>

@ -35,6 +35,9 @@ function onRequest() {
if (userModule.isAuthorized("/permission/admin/device-mgt/users/manage")) { if (userModule.isAuthorized("/permission/admin/device-mgt/users/manage")) {
page.canManage = true; page.canManage = true;
} }
if (userModule.isAuthorized("/permission/admin/device-mgt/roles/view")) {
page.canViewRoles = true;
}
var userStores = userModule.getSecondaryUserStores(); var userStores = userModule.getSecondaryUserStores();
page["userStores"] = userStores; page["userStores"] = userStores;
page["charLimit"] = devicemgtProps["usernameLength"]; page["charLimit"] = devicemgtProps["usernameLength"];

@ -17,6 +17,8 @@
}} }}
{{#zone "footer"}} {{#zone "footer"}}
<p> <p>
WSO2 Carbon Device Management Framework v.1.0.0 | &copy; 2015, <a href="http://wso2.com/" target="_blank"><i class="icon fw fw-wso2"></i> Inc</a>. (<a href="http://wso2.com/" target="_blank">http://www.wso2.org</a>) All Rights Reserved. <span class="hidden-xs">WSO2 Carbon Device Management Framework v1.1.3</span>
<span class="visible-xs-inline">WSO2 CDMF v1.1.3</span> | &copy; <script>document.write(new Date().getFullYear());</script>,
<a href="http://wso2.com/" target="_blank"><i class="icon fw fw-wso2"></i> Inc</a>. All Rights Reserved.
</p> </p>
{{/zone}} {{/zone}}

@ -26,6 +26,8 @@ function onRequest(context) {
var types = {}; var types = {};
types.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage"); types.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage");
types.isAuthorizedViewUsers = userModule.isAuthorized("/permission/admin/device-mgt/roles/view");
types.isAuthorizedViewRoles = userModule.isAuthorized("/permission/admin/device-mgt/users/view");
types["types"] = []; types["types"] = [];
var typesListResponse = deviceModule.getDeviceTypes(); var typesListResponse = deviceModule.getDeviceTypes();
if (typesListResponse["status"] == "success") { if (typesListResponse["status"] == "success") {

@ -27,7 +27,7 @@
</div> </div>
</div> </div>
<div class="container col-centered wr-content policy-message hidden"> <div class="col-centered wr-content policy-message hidden">
<div class="wr-form"> <div class="wr-form">
<h1 id="policy-message-page-wizard-title" class="page-sub-title">Policy is successfully <h1 id="policy-message-page-wizard-title" class="page-sub-title">Policy is successfully
re-configured.</h1> re-configured.</h1>
@ -48,7 +48,7 @@
</div> </div>
</div> </div>
<div class="container col-centered wr-content policy-naming hidden"> <div class="col-centered wr-content policy-naming hidden">
<div class="wr-form"> <div class="wr-form">
<h1 id="policy-naming-page-wizard-title" class="page-sub-title">EDIT POLICY</h1> <h1 id="policy-naming-page-wizard-title" class="page-sub-title">EDIT POLICY</h1>
<hr> <hr>
@ -107,7 +107,7 @@
</div> </div>
</div> </div>
<div class="container col-centered wr-content policy-criteria hidden"> <div class="col-centered wr-content policy-criteria hidden">
<div class="wr-form"> <div class="wr-form">
<h1 id="policy-criteria-page-wizard-title" class="page-sub-title">EDIT POLICY</h1> <h1 id="policy-criteria-page-wizard-title" class="page-sub-title">EDIT POLICY</h1>
<hr> <hr>
@ -204,7 +204,7 @@
</div> </div>
</div> </div>
<div class="container col-centered wr-content policy-profile"> <div class="col-centered wr-content policy-profile">
<div class="wr-form"> <div class="wr-form">
<h1 id="policy-profile-page-wizard-title" class="page-sub-title">EDIT POLICY</h1> <h1 id="policy-profile-page-wizard-title" class="page-sub-title">EDIT POLICY</h1>
<hr> <hr>

@ -21,6 +21,9 @@
<!-- content --> <!-- content -->
<div id="role-create-form" class="container col-centered wr-content"> <div id="role-create-form" class="container col-centered wr-content">
<div class="wr-form"> <div class="wr-form">
<div id="permission-add-error-msg" class="alert alert-danger hidden" role="alert">
<i class="icon fw fw-error"></i><span></span>
</div>
<p class="page-sub-title">Change Role permissions</p> <p class="page-sub-title">Change Role permissions</p>
<p>Please note that * sign represents required fields of data.</p> <p>Please note that * sign represents required fields of data.</p>
<div class="wr-steps hidden" id="role_wizard_header"> <div class="wr-steps hidden" id="role_wizard_header">

@ -30,6 +30,8 @@
*/ */
var modalPopup = ".modal"; var modalPopup = ".modal";
var modalPopupContent = modalPopup + " .modal-content"; var modalPopupContent = modalPopup + " .modal-content";
var errorMsgWrapper = "#permission-add-error-msg";
var errorMsg = "#permission-add-error-msg span";
var apiBasePath = "/api/device-mgt/v1.0"; var apiBasePath = "/api/device-mgt/v1.0";
@ -148,7 +150,8 @@ $(document).ready(function () {
var perms = []; var perms = [];
$("#permissionList li input:checked").each(function(){ $("#permissionList li input:checked").each(function(){
perms.push($(this).data("resourcepath")); perms.push($(this).data("resourcepath"));
}) });
updateRolePermissionData.roleName = roleName;
updateRolePermissionData.permissions = perms; updateRolePermissionData.permissions = perms;
invokerUtil.put( invokerUtil.put(
updateRolePermissionAPI, updateRolePermissionAPI,

@ -2824,9 +2824,13 @@ a.ast-type-item:hover {
opacity: 0.5; opacity: 0.5;
} }
.wr-btn:hover { .wr-btn:hover,a.wr-btn:hover {
color:#b3e7ff;
background-color: #16436D; background-color: #16436D;
} }
.wr-btn:active,a.wr-btn:active,.wr-btn:focus,a.wr-btn:focus {
color:#b3e7ff;
}
.wr-btn-grp { .wr-btn-grp {
margin-top: 40px; margin-top: 40px;

@ -23,7 +23,7 @@ import javax.xml.bind.annotation.XmlType;
* &lt;simpleType> * &lt;simpleType>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}string"> * &lt;restriction base="{http://www.w3.org/2001/XMLSchema}string">
* &lt;enumeration value="/permission/device-mgt/user/groups/device_operation"/> * &lt;enumeration value="/permission/device-mgt/user/groups/device_operation"/>
* &lt;enumeration value="/permission/device-mgt/admin/groups"/> * &lt;enumeration value="/permission/device-mgt/groups"/>
* &lt;enumeration value="/permission/device-mgt/user/groups"/> * &lt;enumeration value="/permission/device-mgt/user/groups"/>
* &lt;enumeration value="/permission/device-mgt/user/groups/device_monitor"/> * &lt;enumeration value="/permission/device-mgt/user/groups/device_monitor"/>
* &lt;/restriction> * &lt;/restriction>

@ -20,13 +20,16 @@ package org.wso2.carbon.policy.mgt.core.dao;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.common.DeviceManagementConstants;
import org.wso2.carbon.device.mgt.common.IllegalTransactionStateException; import org.wso2.carbon.device.mgt.common.IllegalTransactionStateException;
import org.wso2.carbon.device.mgt.common.UnsupportedDatabaseEngineException;
import org.wso2.carbon.policy.mgt.core.config.datasource.DataSourceConfig; import org.wso2.carbon.policy.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.policy.mgt.core.config.datasource.JNDILookupDefinition; import org.wso2.carbon.policy.mgt.core.config.datasource.JNDILookupDefinition;
import org.wso2.carbon.policy.mgt.core.dao.impl.FeatureDAOImpl;
import org.wso2.carbon.policy.mgt.core.dao.impl.MonitoringDAOImpl; import org.wso2.carbon.policy.mgt.core.dao.impl.MonitoringDAOImpl;
import org.wso2.carbon.policy.mgt.core.dao.impl.PolicyDAOImpl; import org.wso2.carbon.policy.mgt.core.dao.impl.PolicyDAOImpl;
import org.wso2.carbon.policy.mgt.core.dao.impl.ProfileDAOImpl; import org.wso2.carbon.policy.mgt.core.dao.impl.ProfileDAOImpl;
import org.wso2.carbon.policy.mgt.core.dao.impl.feature.GenericFeatureDAOImpl;
import org.wso2.carbon.policy.mgt.core.dao.impl.feature.SQLServerFeatureDAOImpl;
import org.wso2.carbon.policy.mgt.core.dao.util.PolicyManagementDAOUtil; import org.wso2.carbon.policy.mgt.core.dao.util.PolicyManagementDAOUtil;
import javax.sql.DataSource; import javax.sql.DataSource;
@ -38,15 +41,26 @@ import java.util.List;
public class PolicyManagementDAOFactory { public class PolicyManagementDAOFactory {
private static DataSource dataSource; private static DataSource dataSource;
private static String databaseEngine;
private static final Log log = LogFactory.getLog(PolicyManagementDAOFactory.class); private static final Log log = LogFactory.getLog(PolicyManagementDAOFactory.class);
private static ThreadLocal<Connection> currentConnection = new ThreadLocal<>(); private static ThreadLocal<Connection> currentConnection = new ThreadLocal<>();
public static void init(DataSourceConfig config) { public static void init(DataSourceConfig config) {
dataSource = resolveDataSource(config); dataSource = resolveDataSource(config);
try {
databaseEngine = dataSource.getConnection().getMetaData().getDatabaseProductName();
} catch (SQLException e) {
log.error("Error occurred while retrieving config.datasource connection", e);
}
} }
public static void init(DataSource dtSource) { public static void init(DataSource dtSource) {
dataSource = dtSource; dataSource = dtSource;
try {
databaseEngine = dataSource.getConnection().getMetaData().getDatabaseProductName();
} catch (SQLException e) {
log.error("Error occurred while retrieving config.datasource connection", e);
}
} }
public static PolicyDAO getPolicyDAO() { public static PolicyDAO getPolicyDAO() {
@ -58,7 +72,20 @@ public class PolicyManagementDAOFactory {
} }
public static FeatureDAO getFeatureDAO() { public static FeatureDAO getFeatureDAO() {
return new FeatureDAOImpl(); if (databaseEngine != null) {
switch (databaseEngine) {
case DeviceManagementConstants.DataBaseTypes.DB_TYPE_MSSQL:
return new SQLServerFeatureDAOImpl();
case DeviceManagementConstants.DataBaseTypes.DB_TYPE_ORACLE:
case DeviceManagementConstants.DataBaseTypes.DB_TYPE_POSTGRESQL:
case DeviceManagementConstants.DataBaseTypes.DB_TYPE_H2:
case DeviceManagementConstants.DataBaseTypes.DB_TYPE_MYSQL:
return new GenericFeatureDAOImpl();
default:
throw new UnsupportedDatabaseEngineException("Unsupported database engine : " + databaseEngine);
}
}
throw new IllegalStateException("Database engine has not initialized properly.");
} }
public static MonitoringDAO getMonitoringDAO() { public static MonitoringDAO getMonitoringDAO() {

@ -1,22 +1,22 @@
/* /*
* Copyright (c) 2015 WSO2 Inc. (http://www.wso2.org) All Rights Reserved. * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
* *
* WSO2 Inc. licenses this file to you under the Apache License, * WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except * Version 2.0 (the "License"); you may not use this file except
* in compliance with the License. * in compliance with the License.
* You may obtain a copy of the License at * you may obtain a copy of the License at
* *
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
* *
* Unless required by applicable law or agreed to in writing, * Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an * software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the * KIND, either express or implied. See the License for the
* specific language governing permissions and limitations * specific language governing permissions and limitations
* under the License. * under the License.
*/ */
package org.wso2.carbon.policy.mgt.core.dao.impl; package org.wso2.carbon.policy.mgt.core.dao.impl.feature;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
@ -40,9 +40,12 @@ import java.sql.SQLException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
public class FeatureDAOImpl implements FeatureDAO { /**
* Abstract implementation of FeatureDAO which holds generic SQL queries.
*/
public abstract class AbstractFeatureDAO implements FeatureDAO {
private static final Log log = LogFactory.getLog(FeatureDAOImpl.class); private static final Log log = LogFactory.getLog(AbstractFeatureDAO.class);
@Override @Override
public ProfileFeature addProfileFeature(ProfileFeature feature, int profileId) throws FeatureManagerDAOException { public ProfileFeature addProfileFeature(ProfileFeature feature, int profileId) throws FeatureManagerDAOException {
@ -55,52 +58,6 @@ public class FeatureDAOImpl implements FeatureDAO {
return null; return null;
} }
@Override
public List<ProfileFeature> addProfileFeatures(List<ProfileFeature> features, int profileId) throws
FeatureManagerDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet generatedKeys = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query = "INSERT INTO DM_PROFILE_FEATURES (PROFILE_ID, FEATURE_CODE, DEVICE_TYPE, CONTENT, " +
"TENANT_ID) VALUES (?, ?, ?, ?, ?)";
stmt = conn.prepareStatement(query, new String[] {"id"});
for (ProfileFeature feature : features) {
stmt.setInt(1, profileId);
stmt.setString(2, feature.getFeatureCode());
stmt.setString(3, feature.getDeviceType());
// if (conn.getMetaData().getDriverName().contains("H2")) {
// stmt.setBytes(4, PolicyManagerUtil.getBytes(feature.getContent()));
// } else {
stmt.setBytes(4, PolicyManagerUtil.getBytes(feature.getContent()));
//}
stmt.setInt(5, tenantId);
stmt.addBatch();
//Not adding the logic to check the size of the stmt and execute if the size records added is over 1000
}
stmt.executeBatch();
generatedKeys = stmt.getGeneratedKeys();
int i = 0;
while (generatedKeys.next()) {
features.get(i).setId(generatedKeys.getInt(1));
i++;
}
} catch (SQLException | IOException e) {
throw new FeatureManagerDAOException("Error occurred while adding the feature list to the database.", e);
} finally {
PolicyManagementDAOUtil.cleanupResources(stmt, generatedKeys);
}
return features;
}
@Override @Override
public List<ProfileFeature> updateProfileFeatures(List<ProfileFeature> features, int profileId) throws public List<ProfileFeature> updateProfileFeatures(List<ProfileFeature> features, int profileId) throws
FeatureManagerDAOException { FeatureManagerDAOException {
@ -381,5 +338,4 @@ public class FeatureDAOImpl implements FeatureDAO {
private Connection getConnection() throws FeatureManagerDAOException { private Connection getConnection() throws FeatureManagerDAOException {
return PolicyManagementDAOFactory.getConnection(); return PolicyManagementDAOFactory.getConnection();
} }
} }

@ -0,0 +1,93 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.policy.mgt.core.dao.impl.feature;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.policy.mgt.common.ProfileFeature;
import org.wso2.carbon.policy.mgt.core.dao.FeatureManagerDAOException;
import org.wso2.carbon.policy.mgt.core.dao.PolicyManagementDAOFactory;
import org.wso2.carbon.policy.mgt.core.dao.util.PolicyManagementDAOUtil;
import org.wso2.carbon.policy.mgt.core.util.PolicyManagerUtil;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.List;
/**
* FeatureDAO implementation for DB engines with ANSI SQL support.
*/
public final class GenericFeatureDAOImpl extends AbstractFeatureDAO {
private static final Log log = LogFactory.getLog(GenericFeatureDAOImpl.class);
@Override
public List<ProfileFeature> addProfileFeatures(List<ProfileFeature> features, int profileId) throws
FeatureManagerDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet generatedKeys = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query = "INSERT INTO DM_PROFILE_FEATURES (PROFILE_ID, FEATURE_CODE, DEVICE_TYPE, CONTENT, " +
"TENANT_ID) VALUES (?, ?, ?, ?, ?)";
stmt = conn.prepareStatement(query, new String[] {"id"});
for (ProfileFeature feature : features) {
stmt.setInt(1, profileId);
stmt.setString(2, feature.getFeatureCode());
stmt.setString(3, feature.getDeviceType());
// if (conn.getMetaData().getDriverName().contains("H2")) {
// stmt.setBytes(4, PolicyManagerUtil.getBytes(feature.getContent()));
// } else {
stmt.setBytes(4, PolicyManagerUtil.getBytes(feature.getContent()));
//}
stmt.setInt(5, tenantId);
stmt.addBatch();
//Not adding the logic to check the size of the stmt and execute if the size records added is over 1000
}
stmt.executeBatch();
generatedKeys = stmt.getGeneratedKeys();
int i = 0;
while (generatedKeys.next()) {
features.get(i).setId(generatedKeys.getInt(1));
i++;
}
} catch (SQLException | IOException e) {
throw new FeatureManagerDAOException("Error occurred while adding the feature list to the database.", e);
} finally {
PolicyManagementDAOUtil.cleanupResources(stmt, generatedKeys);
}
return features;
}
private Connection getConnection() throws FeatureManagerDAOException {
return PolicyManagementDAOFactory.getConnection();
}
}

@ -0,0 +1,94 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.policy.mgt.core.dao.impl.feature;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.policy.mgt.common.ProfileFeature;
import org.wso2.carbon.policy.mgt.core.dao.FeatureManagerDAOException;
import org.wso2.carbon.policy.mgt.core.dao.PolicyManagementDAOFactory;
import org.wso2.carbon.policy.mgt.core.dao.util.PolicyManagementDAOUtil;
import org.wso2.carbon.policy.mgt.core.util.PolicyManagerUtil;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.List;
/**
* FeatureDAO implementation for MSSQL DB engine.
*/
public final class SQLServerFeatureDAOImpl extends AbstractFeatureDAO {
private static final Log log = LogFactory.getLog(SQLServerFeatureDAOImpl.class);
@Override
public List<ProfileFeature> addProfileFeatures(List<ProfileFeature> features, int profileId) throws
FeatureManagerDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet generatedKeys = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query = "INSERT INTO DM_PROFILE_FEATURES (PROFILE_ID, FEATURE_CODE, DEVICE_TYPE, CONTENT, " +
"TENANT_ID) VALUES (?, ?, ?, ?, ?)";
stmt = conn.prepareStatement(query, new String[] {"id"});
for (ProfileFeature feature : features) {
stmt.setInt(1, profileId);
stmt.setString(2, feature.getFeatureCode());
stmt.setString(3, feature.getDeviceType());
// if (conn.getMetaData().getDriverName().contains("H2")) {
// stmt.setBytes(4, PolicyManagerUtil.getBytes(feature.getContent()));
// } else {
stmt.setBytes(4, PolicyManagerUtil.getBytes(feature.getContent()));
//}
stmt.setInt(5, tenantId);
stmt.addBatch();
//Not adding the logic to check the size of the stmt and execute if the size records added is over 1000
}
stmt.executeBatch();
// This logic has been commented out due to getGeneratedKeys method is not supported in MSSQL.
// generatedKeys = stmt.getGeneratedKeys();
// int i = 0;
//
// while (generatedKeys.next()) {
// features.get(i).setId(generatedKeys.getInt(1));
// i++;
// }
} catch (SQLException | IOException e) {
throw new FeatureManagerDAOException("Error occurred while adding the feature list to the database.", e);
} finally {
PolicyManagementDAOUtil.cleanupResources(stmt, generatedKeys);
}
return features;
}
private Connection getConnection() throws FeatureManagerDAOException {
return PolicyManagementDAOFactory.getConnection();
}
}
Loading…
Cancel
Save