From dec2950f6ec126b30500e14d4475a8707478bfc4 Mon Sep 17 00:00:00 2001 From: Megala Date: Sun, 13 Nov 2016 19:21:15 +0530 Subject: [PATCH 1/4] Adding additional configurations for app-conf --- .../resources/jaggeryapps/devicemgt/app/conf/app-conf.json | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/app-conf.json b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/app-conf.json index b26d93b60c..d3e82ad570 100644 --- a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/app-conf.json +++ b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/app-conf.json @@ -32,8 +32,10 @@ "identityProviderUrl" : "https://localhost:9443/samlsso", "acs": "https://localhost:9443/emm/uuf/sso/acs", "identityAlias": "wso2carbon", - "responseSigningEnabled" : "true", - "useTenantKey": false + "responseSigningEnabled" : true, + "validateAssertionValidityPeriod": true, + "validateAudienceRestriction": true, + "assertionSigningEnabled": true } }, "generalConfig" : { From 57e46525f8161923e0d0cde74d77db7b2f65b9e5 Mon Sep 17 00:00:00 2001 From: Megala Date: Tue, 15 Nov 2016 10:25:33 +0530 Subject: [PATCH 2/4] Changing the dashboard menu to be only visible for super-tenant users --- .../app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js index b7aba2e890..34500e2064 100644 --- a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js +++ b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js @@ -30,6 +30,8 @@ function onRequest(context) { var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var mdmProps = require("/app/modules/conf-reader/main.js")["conf"]; var constants = require("/app/modules/constants.js"); + var carbon = require("carbon"); + var superTenant = carbon.server.superTenant; var links = { "user-mgt": [], "role-mgt": [], @@ -55,7 +57,10 @@ function onRequest(context) { permissions["LIST_CERTIFICATES"] = userModule.isAuthorized("/permission/admin/device-mgt/certificates/view"); permissions["CONFIG_MGT_PERMITTED"] = (permissions["LIST_PLATFORM_CONFIGURATIONS"] || permissions["LIST_CERTIFICATES"]); permissions["LIST_NOTIFICATIONS"] = userModule.isAuthorized("/permission/admin/device-mgt/notifications/view"); - permissions["VIEW_DASHBOARD"] = userModule.isAuthorized("/permission/admin/device-mgt/dashboard/view"); + + // Restricting the dashboard menu only for super-tenant users + permissions["VIEW_DASHBOARD"] = userModule.isAuthorized("/permission/admin/device-mgt/dashboard/view") && + (viewModel["currentUser"].domain == superTenant.domain); viewModel["permissions"] = permissions; viewModel["appContext"] = mdmProps["appContext"]; From 6d3fbc422ff68d19635a10188ab5bd2203af1713 Mon Sep 17 00:00:00 2001 From: Megala Date: Tue, 15 Nov 2016 22:59:12 +0530 Subject: [PATCH 3/4] Adding link for the dashboard in tenant mode --- .../app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.hbs | 2 +- .../app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.hbs b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.hbs index 6420510a6b..80d6026fc4 100644 --- a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.hbs +++ b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.hbs @@ -75,7 +75,7 @@ {{/if}} {{#if permissions.VIEW_DASHBOARD}} -
  • +
  • Device Management Dashboard
  • {{/if}} diff --git a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js index 34500e2064..41615c6a68 100644 --- a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js +++ b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js @@ -59,8 +59,7 @@ function onRequest(context) { permissions["LIST_NOTIFICATIONS"] = userModule.isAuthorized("/permission/admin/device-mgt/notifications/view"); // Restricting the dashboard menu only for super-tenant users - permissions["VIEW_DASHBOARD"] = userModule.isAuthorized("/permission/admin/device-mgt/dashboard/view") && - (viewModel["currentUser"].domain == superTenant.domain); + permissions["VIEW_DASHBOARD"] = userModule.isAuthorized("/permission/admin/device-mgt/dashboard/view"); viewModel["permissions"] = permissions; viewModel["appContext"] = mdmProps["appContext"]; From 3ff394902e108226a59d7248733d707baf6731ad Mon Sep 17 00:00:00 2001 From: Megala Date: Tue, 15 Nov 2016 23:04:51 +0530 Subject: [PATCH 4/4] Removing unnecessary require statements --- .../app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js | 4 ---- 1 file changed, 4 deletions(-) diff --git a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js index 41615c6a68..b7aba2e890 100644 --- a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js +++ b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/devicemgt/app/units/mdm.unit.ui.navbar.nav-menu/nav-menu.js @@ -30,8 +30,6 @@ function onRequest(context) { var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var mdmProps = require("/app/modules/conf-reader/main.js")["conf"]; var constants = require("/app/modules/constants.js"); - var carbon = require("carbon"); - var superTenant = carbon.server.superTenant; var links = { "user-mgt": [], "role-mgt": [], @@ -57,8 +55,6 @@ function onRequest(context) { permissions["LIST_CERTIFICATES"] = userModule.isAuthorized("/permission/admin/device-mgt/certificates/view"); permissions["CONFIG_MGT_PERMITTED"] = (permissions["LIST_PLATFORM_CONFIGURATIONS"] || permissions["LIST_CERTIFICATES"]); permissions["LIST_NOTIFICATIONS"] = userModule.isAuthorized("/permission/admin/device-mgt/notifications/view"); - - // Restricting the dashboard menu only for super-tenant users permissions["VIEW_DASHBOARD"] = userModule.isAuthorized("/permission/admin/device-mgt/dashboard/view"); viewModel["permissions"] = permissions;