ashvini
/
device-mgt-core
forked from community/device-mgt-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commiting permission-scope mapping improvements

Browse Source
revert-70aa11f8
Milan Perera 8 years ago
parent a0c842c6c6
commit dd353e1bfb
16 changed files with 365 additions and 283 deletions
Show Stats Download Patch File Download Diff File

2
components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/pom.xml
Unescape View File

@ -79,7 +79,7 @@
javax.servlet,
javax.xml.*,
javax.xml.parsers;version="${javax.xml.parsers.import.pkg.version}";resolution:=optional,
org.apache.commons.lang,
org.apache.commons.lang
</Import-Package>
<Embed-Dependency>
scribe;scope=compile|runtime;inline=false;

42
components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Permission.java
Unescape View File

@ -1,42 +0,0 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.apimgt.annotations.api;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* This class is the representation of custom developed Permission annotation.
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface Permission {
/**
* Represents the permission name.
* @return Returns permission name.
*/
String name();
/**
* Represents the permission string.
* @return Returns permission string.
*/
String permission();
}

38
components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scope.java
Unescape View File

@ -1,21 +1,3 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.annotations.api;
import java.lang.annotation.ElementType;
@ -24,28 +6,18 @@ import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* This class is the representation of custom developed Permission annotation.
* This class is the representation of custom developed Scopes annotation.
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface Scope {
/**
* Represents the scope key which should be unique.
* @return Returns scope key.
*/
String key();
/**
* Represents the scope name.
* @return Returns scope name.
*/
String name();
/**
* Represents the scope description.
* @return Returns scope description.
*/
String description();
String key();
String[] permissions();
}

35
components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scopes.java
Unescape View File

@ -0,0 +1,35 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.annotations.api;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* This class is the representation of custom developed Scopes annotation.
*/
@Target(ElementType.TYPE)
@Retention(RetentionPolicy.RUNTIME)
public @interface Scopes {
Scope[] scopes();
}

79
components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java
Unescape View File

@ -16,10 +16,12 @@
package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.SwaggerDefinition;
import org.apache.catalina.core.StandardContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.model.Scope;
import org.wso2.carbon.apimgt.webapp.publisher.APIPublisherUtil;
import org.wso2.carbon.apimgt.webapp.publisher.config.APIResource;
import org.wso2.carbon.apimgt.webapp.publisher.config.APIResourceConfiguration;
@ -37,9 +39,7 @@ import java.net.URI;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.*;
public class AnnotationProcessor {
@ -58,9 +58,13 @@ public class AnnotationProcessor {
private static final String SWAGGER_ANNOTATIONS_EXTENSIONS = "extensions";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES = "properties";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_NAME = "name";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION = "description";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_KEY = "key";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS = "permissions";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VERSION = "version";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_CONTEXT = "context";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VALUE = "value";
private static final String ANNOTATIONS_SCOPES = "scopes";
private StandardContext context;
@ -75,6 +79,10 @@ public class AnnotationProcessor {
private Class<io.swagger.annotations.Tag> tagClass;
private Class<io.swagger.annotations.Extension> extensionClass;
private Class<io.swagger.annotations.ExtensionProperty> extensionPropertyClass;
private Class<io.swagger.annotations.ApiOperation> apiOperation;
private Class<org.wso2.carbon.apimgt.annotations.api.Scope> scopeClass;
private Class<org.wso2.carbon.apimgt.annotations.api.Scopes> scopesClass;
private Map<String, Scope> apiScopes;
public AnnotationProcessor(final StandardContext context) {
servletContext = context.getServletContext();
@ -91,7 +99,13 @@ public class AnnotationProcessor {
extensionClass = (Class<io.swagger.annotations.Extension>)classLoader
.loadClass((io.swagger.annotations.Extension.class.getName()));
extensionPropertyClass = (Class<io.swagger.annotations.ExtensionProperty>)classLoader
.loadClass((io.swagger.annotations.ExtensionProperty.class.getName()));
.loadClass(io.swagger.annotations.ExtensionProperty.class.getName());
scopeClass = (Class<org.wso2.carbon.apimgt.annotations.api.Scope>) classLoader
.loadClass(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName());
scopesClass = (Class<org.wso2.carbon.apimgt.annotations.api.Scopes>) classLoader
.loadClass(org.wso2.carbon.apimgt.annotations.api.Scopes.class.getName());
apiOperation = (Class<io.swagger.annotations.ApiOperation>)classLoader
.loadClass((io.swagger.annotations.ApiOperation.class.getName()));
} catch (ClassNotFoundException e) {
log.error("An error has occurred while loading classes ", e);
}
@ -127,6 +141,7 @@ public class AnnotationProcessor {
}
try {
apiResourceConfig = processAPIAnnotation(swaggerDefinition);
apiScopes = processAPIScopes(swaggerDefinition);
if(apiResourceConfig != null){
String rootContext = servletContext.getContextPath();
pathClazzMethods = pathClazz.getMethods();
@ -158,7 +173,7 @@ public class AnnotationProcessor {
} catch (ClassNotFoundException e1) {
String msg = "Failed to load service class " + className + " for publishing APIs." +
" This API will not be published.";
log.error(msg);
log.error(msg, e1);
} catch (RuntimeException e) {
log.error("Unexpected error has been occurred while publishing "+ className
+"hence, this API will not be published.");
@ -174,6 +189,37 @@ public class AnnotationProcessor {
return apiResourceConfigs;
}
private Map<String,Scope> processAPIScopes(Annotation annotation) throws Throwable {
Map<String, Scope> scopes = new HashMap<>();
InvocationHandler methodHandler = Proxy.getInvocationHandler(annotation);
Annotation[] annotatedScopes = (Annotation[]) methodHandler.invoke(annotation, scopesClass
.getMethod(ANNOTATIONS_SCOPES, null), null);
Scope scope;
String permissions[];
StringBuilder aggregatedPermissions = new StringBuilder();
for(int i=0; i<annotatedScopes.length; i++){
methodHandler = Proxy.getInvocationHandler(annotatedScopes[i]);
scope = new Scope();
scope.setName(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_NAME), annotatedScopes[i], STRING));
scope.setDescription(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION), annotatedScopes[i], STRING));
scope.setKey(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_KEY), annotatedScopes[i], STRING));
permissions = (String[])methodHandler.invoke(annotatedScopes[i], scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS, null),null);
for (String permission : permissions) {
aggregatedPermissions.append(permission);
aggregatedPermissions.append(" ");
}
scope.setRoles(aggregatedPermissions.toString());
scopes.put(scope.getKey(), scope);
}
return scopes;
}
/**
* Get Resources for each API
*
@ -211,6 +257,9 @@ public class AnnotationProcessor {
Annotation producesAnno = method.getAnnotation(producesClass);
resource.setProduces(invokeMethod(producesClassMethods[0], producesAnno, STRING_ARR));
}
if (annotations[i].annotationType().getName().equals(ApiOperation.class.getName())) {
resource.setScope(this.getScope(annotations[i]));
}
}
resourceList.add(resource);
}
@ -375,4 +424,24 @@ public class AnnotationProcessor {
throw new RuntimeException(e);
}
}
private Scope getScope(Annotation currentMethod) throws Throwable {
InvocationHandler methodHandler = Proxy.getInvocationHandler(currentMethod);
Annotation[] extensions = (Annotation[]) methodHandler.invoke(currentMethod,
apiOperation.getMethod(SWAGGER_ANNOTATIONS_EXTENSIONS, null), null);
methodHandler = Proxy.getInvocationHandler(extensions[0]);
Annotation[] properties = (Annotation[])methodHandler.invoke(extensions[0], extensionClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES,null), null);
for (Annotation property : properties) {
methodHandler = Proxy.getInvocationHandler(property);
String scopeKey = (String) methodHandler.invoke(property, extensionPropertyClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_VALUE, null),null);
if (scopeKey.isEmpty()) {
return null;
}
return apiScopes.get(scopeKey);
}
return null;
}
}

37
components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java
Unescape View File

@ -1,18 +1,9 @@
package org.wso2.carbon.certificate.mgt.jaxrs.api;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.AuthorizationScope;
import io.swagger.annotations.Extension;
import io.swagger.annotations.ExtensionProperty;
import io.swagger.annotations.Info;
import io.swagger.annotations.SwaggerDefinition;
import io.swagger.annotations.Tag;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.apimgt.annotations.api.Scopes;
import org.wso2.carbon.certificate.mgt.jaxrs.beans.ErrorResponse;
import javax.ws.rs.Consumes;
@ -45,8 +36,19 @@ import javax.ws.rs.core.Response;
"related operations.")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@Scopes(scopes = {
@Scope(
name = "Sign CSR",
description = "Sign CSR",
key = "cdmf:sign-csr",
permissions = {"/certificate-mgt/sign-csr"}
)
}
)
public interface CertificateMgtService {
String SCOPE = "scope";
/**
* Sign the client's certificate signing request and save it in the database.
*
@ -64,12 +66,10 @@ public interface CertificateMgtService {
value = "Process a given CSR and return signed certificates.",
notes = "This will return a signed certificate upon a given CSR.",
tags = "Device Management",
authorizations = {
@Authorization(
value="permission",
scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/manage",
description = "Sign CSR") }
)
extensions = {
@Extension(properties = {
@ExtensionProperty(name = SCOPE, value = "cdmf:sign-csr")
})
}
)
@ApiResponses(
@ -87,7 +87,6 @@ public interface CertificateMgtService {
message = "Internal Server Error. \n Error occurred while retrieving signed certificate.",
response = ErrorResponse.class)
})
@Scope(key = "certificate:sign-csr", name = "Sign CSR", description = "")
Response getSignedCertFromCSR(
@ApiParam(
name = "If-Modified-Since",

73
components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java
Unescape View File

@ -1,18 +1,8 @@
package org.wso2.carbon.certificate.mgt.cert.jaxrs.api;
import io.swagger.annotations.SwaggerDefinition;
import io.swagger.annotations.Info;
import io.swagger.annotations.ExtensionProperty;
import io.swagger.annotations.Extension;
import io.swagger.annotations.Tag;
import io.swagger.annotations.Api;
import io.swagger.annotations.AuthorizationScope;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.ResponseHeader;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.apimgt.annotations.api.Scopes;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse;
@ -39,10 +29,27 @@ import javax.ws.rs.core.Response;
)
@Api(value = "Certificate Management", description = "This API includes all the certificate management related operations")
@Path("/admin/certificates")
@Scopes(scopes = {
@Scope(
name = "Manage certificates",
description = "",
key = "cdmf:manage-certificate",
permissions = {"/device-mgt/certificates/manage"}
),
@Scope(
name = "View certificate",
description = "",
key = "cdmf:view-certificate",
permissions = {"/device-mgt/certificates/view"}
)
}
)
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public interface CertificateManagementAdminService {
String SCOPE = "scope";
/**
* Save a list of certificates and relevant information in the database.
*
@ -58,12 +65,10 @@ public interface CertificateManagementAdminService {
value = "Adding a new SSL certificate",
notes = "Add a new SSL certificate to the client end database.\n",
tags = "Certificate Management",
authorizations = {
@Authorization(
value="permission",
scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/manage",
description = "Manage certificates") }
)
extensions = {
@Extension(properties = {
@ExtensionProperty(name = SCOPE, value = "cdmf:manage-certificate")
})
}
)
@ApiResponses(
@ -129,12 +134,10 @@ public interface CertificateManagementAdminService {
value = "Getting Details of an SSL Certificate",
notes = "Get the client side SSL certificate details.",
tags = "Certificate Management",
authorizations = {
@Authorization(
value="permission",
scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/view",
description = "View certificates") }
)
extensions = {
@Extension(properties = {
@ExtensionProperty(name = SCOPE, value = "cdmf:view-certificate")
})
}
)
@ApiResponses(value = {
@ -202,12 +205,10 @@ public interface CertificateManagementAdminService {
+ "view all the certificate details, it is not feasible to show all the details on one "
+ "page. Therefore, the details are paginated.",
tags = "Certificate Management",
authorizations = {
@Authorization(
value="permission",
scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/view",
description = "View certificates") }
)
extensions = {
@Extension(properties = {
@ExtensionProperty(name = SCOPE, value = "cdmf:view-certificate")
})
}
)
@ApiResponses(value = {
@ -283,12 +284,10 @@ public interface CertificateManagementAdminService {
value = "Deleting an SSL Certificate",
notes = "Delete an SSL certificate that's on the client end.",
tags = "Certificate Management",
authorizations = {
@Authorization(
value="permission",
scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/manage",
description = "Manage certificates") }
)
extensions = {
@Extension(properties = {
@ExtensionProperty(name = SCOPE, value = "cdmf:manage-certificate")
})
}
)
@ApiResponses(value = {

47
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java
Unescape View File

@ -18,22 +18,13 @@
*/
package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.SwaggerDefinition;
import io.swagger.annotations.Info;
import io.swagger.annotations.ExtensionProperty;
import io.swagger.annotations.Extension;
import io.swagger.annotations.Tag;
import io.swagger.annotations.Api;
import io.swagger.annotations.AuthorizationScope;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.ResponseHeader;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.apimgt.annotations.api.Scopes;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
@ -61,6 +52,16 @@ import javax.ws.rs.core.Response;
@Path("/activities")
@Api(value = "Activity Info Provider", description = "Activity related information manipulation. For example" +
" operation details and responses from devices.")
@Scopes(
scopes = {
@Scope(
name = "Get activities",
description = "Get activities",
key = "cdmf:get-activity",
permissions = {"/device-mgt/devices/owning-device/view"}
)
}
)
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public interface ActivityInfoProviderService {
@ -74,12 +75,10 @@ public interface ActivityInfoProviderService {
notes = "Retrieve the details of a specific activity/operation, such as the meta information of " +
"an operation, including the responses from the devices.",
tags = "Activity Info Provider",
authorizations = {
@Authorization(
value="permission",
scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view"
, description = "View Activities") }
)
extensions = {
@Extension(properties = {
@ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity")
})
}
)
@ApiResponses(value = {
@ -149,12 +148,10 @@ public interface ActivityInfoProviderService {
notes = "Get the details of the operations/activities executed by the server on the devices registered" +
" with WSO2 EMM, during a defined time period.",
tags = "Activity Info Provider",
authorizations = {
@Authorization(
value="permission",
scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view"
, description = "View Activities") }
)
extensions = {
@Extension(properties = {
@ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity")
})
}
)
@ApiResponses(value = {

36
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java
Unescape View File

@ -31,8 +31,11 @@ import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.ResponseHeader;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.apimgt.annotations.api.Scopes;
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
@ -61,6 +64,21 @@ import javax.ws.rs.core.Response;
"through this API.")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@Scopes(scopes = {
@Scope(
name = "View configurations",
description = "",
key = "cdmf:view-configuration",
permissions = {"/device-mgt/platform-configurations/view"}
),
@Scope(
name = "Manage configurations",
description = "",
key = "cdmf:manage-configuration",
permissions = {"/device-mgt/platform-configurations/manage"}
)
}
)
public interface ConfigurationManagementService {
@GET
@ -72,11 +90,10 @@ public interface ConfigurationManagementService {
"General platform configurations include the settings on how often the device need to be monitored. " +
"Using this REST API you can get the general platform level configurations.",
tags = "Configuration Management",
authorizations = {
@Authorization(
value="permission",
scopes = { @AuthorizationScope(scope = "/device-mgt/platform-configurations/view", description = "View Configurations") }
)
extensions = {
@Extension(properties = {
@ExtensionProperty(name = Constants.SCOPE, value = "cdmf:view-configuration")
})
}
)
@ApiResponses(
@ -132,11 +149,10 @@ public interface ConfigurationManagementService {
"General platform configurations include the settings on how often the the device need to be monitored." +
"Using this REST API you can update the general platform level configurations.",
tags = "Configuration Management",
authorizations = {
@Authorization(
value="permission",
scopes = { @AuthorizationScope(scope = "/device-mgt/platform-configurations/manage", description = "Manage configurations") }
)
extensions = {
@Extension(properties = {
@ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-configuration")
})
}
)
@ApiResponses(

143
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java
Unescape View File

@ -19,20 +19,11 @@
package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.SwaggerDefinition;
import io.swagger.annotations.Info;
import io.swagger.annotations.ExtensionProperty;
import io.swagger.annotations.Extension;
import io.swagger.annotations.Tag;
import io.swagger.annotations.Api;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import io.swagger.annotations.*;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
/**
* Device Analytics Dashboard related REST-APIs. This can be used to obtain device related analytics.
@ -68,70 +59,70 @@ public interface Dashboard {
String PAGINATION_ENABLED = "pagination-enabled";
String START_INDEX = "start";
String RESULT_COUNT = "length";
@GET
@Path("device-count-overview")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getOverviewDeviceCounts();
@GET
@Path("device-counts-by-potential-vulnerabilities")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getDeviceCountsByPotentialVulnerabilities();
@GET
@Path("non-compliant-device-counts-by-features")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getNonCompliantDeviceCountsByFeatures(@QueryParam(START_INDEX) int startIndex,
@QueryParam(RESULT_COUNT) int resultCount);
@GET
@Path("device-counts-by-groups")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getDeviceCountsByGroups(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus,
@QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability,
@QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership);
@GET
@Path("feature-non-compliant-device-counts-by-groups")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getFeatureNonCompliantDeviceCountsByGroups(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode,
@QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership);
@GET
@Path("filtered-device-count-over-total")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getFilteredDeviceCountOverTotal(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus,
@QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability,
@QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership);
@GET
@Path("feature-non-compliant-device-count-over-total")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getFeatureNonCompliantDeviceCountOverTotal(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode,
@QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership);
@GET
@Path("devices-with-details")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getDevicesWithDetails(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus,
@QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability,
@QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership,
@QueryParam(PAGINATION_ENABLED) String paginationEnabled,
@QueryParam(START_INDEX) int startIndex,
@QueryParam(RESULT_COUNT) int resultCount);
@GET
@Path("feature-non-compliant-devices-with-details")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getFeatureNonCompliantDevicesWithDetails(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode,
@QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership,
@QueryParam(PAGINATION_ENABLED) String paginationEnabled,
@QueryParam(START_INDEX) int startIndex,
@QueryParam(RESULT_COUNT) int resultCount);
//
// @GET
// @Path("device-count-overview")
// @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
// Response getOverviewDeviceCounts();
//
// @GET
// @Path("device-counts-by-potential-vulnerabilities")
// @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
// Response getDeviceCountsByPotentialVulnerabilities();
//
// @GET
// @Path("non-compliant-device-counts-by-features")
// @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
// Response getNonCompliantDeviceCountsByFeatures(@QueryParam(START_INDEX) int startIndex,
// @QueryParam(RESULT_COUNT) int resultCount);
//
// @GET
// @Path("device-counts-by-groups")
// @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
// Response getDeviceCountsByGroups(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus,
// @QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability,
// @QueryParam(PLATFORM) String platform,
// @QueryParam(OWNERSHIP) String ownership);
//
// @GET
// @Path("feature-non-compliant-device-counts-by-groups")
// @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
// Response getFeatureNonCompliantDeviceCountsByGroups(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode,
// @QueryParam(PLATFORM) String platform,
// @QueryParam(OWNERSHIP) String ownership);
// @GET
// @Path("filtered-device-count-over-total")
// @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
// Response getFilteredDeviceCountOverTotal(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus,
// @QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability,
// @QueryParam(PLATFORM) String platform,
// @QueryParam(OWNERSHIP) String ownership);
//
// @GET
// @Path("feature-non-compliant-device-count-over-total")
// @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
// Response getFeatureNonCompliantDeviceCountOverTotal(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode,
// @QueryParam(PLATFORM) String platform,
// @QueryParam(OWNERSHIP) String ownership);
//
// @GET
// @Path("devices-with-details")
// @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
// Response getDevicesWithDetails(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus,
// @QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability,
// @QueryParam(PLATFORM) String platform,
// @QueryParam(OWNERSHIP) String ownership,
// @QueryParam(PAGINATION_ENABLED) String paginationEnabled,
// @QueryParam(START_INDEX) int startIndex,
// @QueryParam(RESULT_COUNT) int resultCount);
//
// @GET
// @Path("feature-non-compliant-devices-with-details")
// @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
// Response getFeatureNonCompliantDevicesWithDetails(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode,
// @QueryParam(PLATFORM) String platform,
// @QueryParam(OWNERSHIP) String ownership,
// @QueryParam(PAGINATION_ENABLED) String paginationEnabled,
// @QueryParam(START_INDEX) int startIndex,
// @QueryParam(RESULT_COUNT) int resultCount);
}

1
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java
Unescape View File

@ -19,7 +19,6 @@
package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;

1
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAccessAuthorizationAdminService.java
Unescape View File

@ -22,7 +22,6 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult;
import org.wso2.carbon.device.mgt.jaxrs.beans.AuthorizationRequest;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;

4
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/swagger/extension/SecurityDefinitionConfigurator.java
Unescape View File

@ -24,8 +24,11 @@ import io.swagger.jaxrs.config.ReaderListener;
import io.swagger.models.Swagger;
import io.swagger.models.auth.OAuth2Definition;
import io.swagger.models.auth.SecuritySchemeDefinition;
import org.wso2.carbon.device.mgt.jaxrs.beans.Scope;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@SwaggerDefinition(
@ -54,6 +57,7 @@ public class SecurityDefinitionConfigurator implements ReaderListener {
schemes.put(TOKEN_AUTH_SCHEME, tokenScheme);
swagger.setSecurityDefinitions(schemes);
//TODO: Have to add wso2-scopes to swagger definition from here
}
}

1
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java
Unescape View File

@ -27,6 +27,7 @@ public class Constants {
public static final String USER_CLAIM_FIRST_NAME = "http://wso2.org/claims/givenname";
public static final String USER_CLAIM_LAST_NAME = "http://wso2.org/claims/lastname";
public static final String PRIMARY_USER_STORE = "PRIMARY";
public static final String SCOPE = "scope";
public final class ErrorMessages {
private ErrorMessages () { throw new AssertionError(); }

105
components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java
Unescape View File

@ -23,6 +23,7 @@ import io.swagger.models.Swagger;
import org.apache.catalina.core.StandardContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.model.Scope;
import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
import javax.servlet.ServletContext;
@ -38,10 +39,7 @@ import java.net.URI;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.*;
public class AnnotationProcessor {
@ -56,11 +54,14 @@ public class AnnotationProcessor {
private static final String STRING_ARR = "string_arr";
private static final String STRING = "string";
private static final String SWAGGER_ANNOTATIONS_AUTHORIZATIONS = "authorizations";
private static final String SWAGGER_ANNOTATIONS_PERMISSION = "permission";
private static final String SWAGGER_ANNOTATIONS_SCOPES = "scopes";
private static final String SWAGGER_ANNOTATIONS_SCOPE = "scope";
private static final String SWAGGER_ANNOTATIONS_DESCRIPTION = "description";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES = "properties";
private static final String SWAGGER_ANNOTATIONS_EXTENSIONS = "extensions";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VALUE = "value";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_NAME = "name";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION = "description";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_KEY = "key";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS = "permissions";
private static final String ANNOTATIONS_SCOPES = "scopes";
private StandardContext context;
private Method[] pathClazzMethods;
@ -74,6 +75,11 @@ public class AnnotationProcessor {
private Class<io.swagger.annotations.ApiOperation> apiOperation;
private Class<io.swagger.annotations.Authorization> authorizationClass;
private Class<io.swagger.annotations.AuthorizationScope> authorizationScopeClass;
private Class<io.swagger.annotations.Extension> extensionClass;
private Class<io.swagger.annotations.ExtensionProperty> extensionPropertyClass;
private Class<org.wso2.carbon.apimgt.annotations.api.Scope> scopeClass;
private Class<org.wso2.carbon.apimgt.annotations.api.Scopes> scopesClass;
private Map<String, Scope> apiScopes;
public AnnotationProcessor(final StandardContext context) {
@ -90,6 +96,15 @@ public class AnnotationProcessor {
.loadClass((io.swagger.annotations.Authorization.class.getName()));
authorizationScopeClass = (Class<io.swagger.annotations.AuthorizationScope>)classLoader
.loadClass((io.swagger.annotations.AuthorizationScope.class.getName()));
extensionClass = (Class<io.swagger.annotations.Extension>)classLoader
.loadClass((io.swagger.annotations.Extension.class.getName()));
extensionPropertyClass = (Class<io.swagger.annotations.ExtensionProperty>)classLoader
.loadClass(io.swagger.annotations.ExtensionProperty.class.getName());
scopeClass = (Class<org.wso2.carbon.apimgt.annotations.api.Scope>) classLoader
.loadClass(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName());
scopesClass = (Class<org.wso2.carbon.apimgt.annotations.api.Scopes>) classLoader
.loadClass(org.wso2.carbon.apimgt.annotations.api.Scopes.class.getName());
} catch (ClassNotFoundException e) {
log.error("An error has occurred while loading classes ", e);
}
@ -135,6 +150,7 @@ public class AnnotationProcessor {
try {
clazz = classLoader.loadClass(className);
Annotation apiAnno = clazz.getAnnotation(apiClazz);
apiScopes = processAPIScopes(apiAnno);
List<Permission> resourceList;
if (apiAnno != null) {
if (log.isDebugEnabled()) {
@ -165,7 +181,9 @@ public class AnnotationProcessor {
}
}
} catch (ClassNotFoundException e) {
log.error("Error when passing the api annotation for device type apis.");
log.error("Error when passing the api annotation for device type apis.", e);
} catch (Throwable e) {
log.error("Error when passing the scopes annotation for device type apis.", e);
}
return apiPermissions;
}
@ -342,28 +360,53 @@ public class AnnotationProcessor {
private void setPermission(Annotation currentMethod, Permission permission) throws Throwable {
InvocationHandler methodHandler = Proxy.getInvocationHandler(currentMethod);
Annotation[] authorizations = (Annotation[]) methodHandler.invoke(currentMethod
, apiOperation.getMethod(SWAGGER_ANNOTATIONS_AUTHORIZATIONS,null),null);
for(int i=0; i<authorizations.length; i++){
methodHandler = Proxy.getInvocationHandler(authorizations[i]);
String value =(String)methodHandler.invoke(authorizations[i], authorizationClass.getMethod("value", null)
,null);
if(SWAGGER_ANNOTATIONS_PERMISSION.equals(value)){
Annotation[] scopes =(Annotation[])methodHandler.invoke(authorizations[i], authorizationClass
.getMethod(SWAGGER_ANNOTATIONS_SCOPES, null),null);
String[] scopesList = new String[scopes.length];
String[] descriptions = new String[scopes.length];
for(int j=0; j<scopes.length; j++){
methodHandler = Proxy.getInvocationHandler(scopes[j]);
scopesList[j] = (String)methodHandler.invoke(authorizations[j], authorizationScopeClass
.getMethod(SWAGGER_ANNOTATIONS_SCOPE, null),null);
descriptions[j] = (String)methodHandler.invoke(authorizations[j], authorizationScopeClass
.getMethod(SWAGGER_ANNOTATIONS_DESCRIPTION, null),null);
}
//todo currently permission tree supports only adding one permission per API point.
permission.setName(descriptions[0]);
permission.setPath(scopesList[0]);
Annotation[] extensions = (Annotation[]) methodHandler.invoke(currentMethod,
apiOperation.getMethod(SWAGGER_ANNOTATIONS_EXTENSIONS, null), null);
methodHandler = Proxy.getInvocationHandler(extensions[0]);
Annotation[] properties = (Annotation[])methodHandler.invoke(extensions[0], extensionClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES,null), null);
Scope scope;
for (Annotation property : properties) {
methodHandler = Proxy.getInvocationHandler(property);
String scopeKey = (String) methodHandler.invoke(property, extensionPropertyClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_VALUE, null),null);
if (!scopeKey.isEmpty()) {
scope = apiScopes.get(scopeKey);
permission.setName(scope.getName());
//TODO: currently permission tree supports only adding one permission per API point.
permission.setPath(scope.getRoles().split(" ")[0]);
}
}
}
private Map<String,Scope> processAPIScopes(Annotation annotation) throws Throwable {
Map<String, Scope> scopes = new HashMap<>();
InvocationHandler methodHandler = Proxy.getInvocationHandler(annotation);
Annotation[] annotatedScopes = (Annotation[]) methodHandler.invoke(annotation, scopesClass
.getMethod(ANNOTATIONS_SCOPES, null), null);
Scope scope;
String permissions[];
StringBuilder aggregatedPermissions = new StringBuilder();
for(int i=0; i<annotatedScopes.length; i++){
methodHandler = Proxy.getInvocationHandler(annotatedScopes[i]);
scope = new Scope();
scope.setName(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_NAME), annotatedScopes[i], STRING));
scope.setDescription(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION), annotatedScopes[i], STRING));
scope.setKey(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_KEY), annotatedScopes[i], STRING));
permissions = (String[])methodHandler.invoke(annotatedScopes[i], scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS, null),null);
for (String permission : permissions) {
aggregatedPermissions.append(permission);
aggregatedPermissions.append(" ");
}
scope.setRoles(aggregatedPermissions.toString());
scopes.put(scope.getKey(), scope);
}
return scopes;
}
}

4
pom.xml
Unescape View File

@ -1812,7 +1812,7 @@
<!-- Carbon Identity -->
<carbon.identity.framework.version>5.2.2</carbon.identity.framework.version>
<identity.inbound.auth.oauth.version>5.1.3</identity.inbound.auth.oauth.version>
<identity.inbound.auth.oauth.version>5.2.7</identity.inbound.auth.oauth.version>
<identity.inbound.auth.saml.version>5.1.1</identity.inbound.auth.saml.version>
<!-- Carbon Multi-tenancy -->
@ -1837,7 +1837,7 @@
<commons-lang.wso2.osgi.version.range>[2.6.0,3.0.0)</commons-lang.wso2.osgi.version.range>
<!-- Carbon API Management -->
<carbon.api.mgt.version>6.0.5</carbon.api.mgt.version>
<carbon.api.mgt.version>6.1.2-SNAPSHOT</carbon.api.mgt.version>
<carbon.api.mgt.version.range>(5.0.0,7.0.0]</carbon.api.mgt.version.range>
<!-- Carbon Analytics Commons -->

Write Preview
Loading…
Cancel
Save