From 60470d039a9a740fa0078734235d1d7514219abe Mon Sep 17 00:00:00 2001 From: Pasindu Date: Tue, 9 May 2017 08:33:17 +0530 Subject: [PATCH] Creating runtime permission policy for android devices --- .../DeviceManagementAdminService.java | 62 +++++++++++++++- .../DeviceManagementAdminServiceImpl.java | 74 +++++++++++-------- .../android/util/AndroidConstants.java | 6 ++ .../modules/business-controllers/policy.js | 1 - .../templates/android-policy-operations.hbs | 64 +++++++++++++++- .../src/main/resources/p2.inf | 50 ++++++------- .../main/resources/devicetypes/android.xml | 4 + pom.xml | 2 +- 8 files changed, 201 insertions(+), 62 deletions(-) diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/DeviceManagementAdminService.java b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/DeviceManagementAdminService.java index f3c3c72b1..0c2ba0c4e 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/DeviceManagementAdminService.java +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/DeviceManagementAdminService.java @@ -1646,7 +1646,67 @@ public interface DeviceManagementAdminService { "If a passcode policy has been set in EMM, the lock code should comply to the passcode policy.\t", required = true) LockCodeBeanWrapper lockCodeBeanWrapper); - +/* + @POST + @Path("/set-runtime-permission-policy") + @ApiOperation( + consumes = MediaType.APPLICATION_JSON, + httpMethod = "POST", + value = "Setting a Runtime Permission Policy on Android Devices", + notes = "Set a runtime permission policy on Android devices.", + response = Activity.class, + tags = "Android Device Management Administrative Service", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:set-runtime-permission-policy") + }) + } + ) + @ApiResponses(value = { + @ApiResponse( + code = 201, + message = "Created. \n Successfully scheduled the set runtime permission policy operation.", + response = Activity.class, + responseHeaders = { + @ResponseHeader( + name = "Content-Location", + description = "URL of the activity instance that refers to the scheduled operation."), + @ResponseHeader( + name = "Content-Type", + description = "Content type of the body"), + @ResponseHeader( + name = "ETag", + description = "Entity Tag of the response resource.\n" + + "Used by caches, or in conditional requests."), + @ResponseHeader( + name = "Last-Modified", + description = "Date and time the resource was last modified.\n" + + "Used by caches, or in conditional requests.")}), + @ApiResponse( + code = 303, + message = "See Other. \n The source can be retrieved from the URL specified in the location header.", + responseHeaders = { + @ResponseHeader( + name = "Content-Location", + description = "The Source URL of the document.")}), + @ApiResponse( + code = 400, + message = "Bad Request. \n Invalid request or validation error."), + @ApiResponse( + code = 415, + message = "Unsupported media type. \n The entity of the request was in a not supported format."), + @ApiResponse( + code = 500, + message = "Internal Server Error. \n " + + "Server error occurred while adding a new set runtime permission policy operation.") + }) + Response setRuntimePermissionPolicy( + @ApiParam( + name = "runtimePermissionPolicy", + value = "The properties required to set a runtime permission policy.", + required = true) + RuntimePermissionPolicyBeanWrapper runtimePermissionPolicyBeanWrapper); +*/ @POST @Path("/set-password-policy") @ApiOperation( diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/impl/DeviceManagementAdminServiceImpl.java b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/impl/DeviceManagementAdminServiceImpl.java index 22182b5b1..7dd02b81a 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/impl/DeviceManagementAdminServiceImpl.java +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/impl/DeviceManagementAdminServiceImpl.java @@ -27,37 +27,8 @@ import org.wso2.carbon.device.mgt.common.operation.mgt.Operation; import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException; import org.wso2.carbon.device.mgt.core.operation.mgt.CommandOperation; import org.wso2.carbon.device.mgt.core.operation.mgt.ProfileOperation; -import org.wso2.carbon.mdm.services.android.bean.ApplicationInstallation; -import org.wso2.carbon.mdm.services.android.bean.ApplicationUninstallation; -import org.wso2.carbon.mdm.services.android.bean.ApplicationUpdate; -import org.wso2.carbon.mdm.services.android.bean.BlacklistApplications; -import org.wso2.carbon.mdm.services.android.bean.Camera; -import org.wso2.carbon.mdm.services.android.bean.DeviceEncryption; -import org.wso2.carbon.mdm.services.android.bean.DeviceLock; -import org.wso2.carbon.mdm.services.android.bean.ErrorResponse; -import org.wso2.carbon.mdm.services.android.bean.LockCode; -import org.wso2.carbon.mdm.services.android.bean.Notification; -import org.wso2.carbon.mdm.services.android.bean.PasscodePolicy; -import org.wso2.carbon.mdm.services.android.bean.UpgradeFirmware; -import org.wso2.carbon.mdm.services.android.bean.Vpn; -import org.wso2.carbon.mdm.services.android.bean.WebClip; -import org.wso2.carbon.mdm.services.android.bean.Wifi; -import org.wso2.carbon.mdm.services.android.bean.WipeData; -import org.wso2.carbon.mdm.services.android.bean.wrapper.ApplicationInstallationBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.ApplicationUninstallationBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.ApplicationUpdateBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.BlacklistApplicationsBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.CameraBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.DeviceLockBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.EncryptionBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.LockCodeBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.NotificationBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.PasswordPolicyBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.UpgradeFirmwareBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.VpnBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.WebClipBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.WifiBeanWrapper; -import org.wso2.carbon.mdm.services.android.bean.wrapper.WipeDataBeanWrapper; +import org.wso2.carbon.mdm.services.android.bean.*; +import org.wso2.carbon.mdm.services.android.bean.wrapper.*; import org.wso2.carbon.mdm.services.android.exception.BadRequestException; import org.wso2.carbon.mdm.services.android.exception.UnexpectedServerErrorException; import org.wso2.carbon.mdm.services.android.services.DeviceManagementAdminService; @@ -937,7 +908,48 @@ public class DeviceManagementAdminServiceImpl implements DeviceManagementAdminSe new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(errorMessage).build()); } } +/* + @POST + @Path("/set-runtime-permission-policy") + @Override + public Response setRuntimePermissionPolicy(RuntimePermissionPolicyBeanWrapper runtimePermissionPolicyBeanWrapper){ + if (log.isDebugEnabled()) { + log.debug("Invoking 'runtime permission policy' operation"); + } + + try { + if (runtimePermissionPolicyBeanWrapper == null || runtimePermissionPolicyBeanWrapper.getOperation() == null) { + String errorMessage = "The payload of the change runtime permission policy operation is incorrect"; + log.error(errorMessage); + throw new BadRequestException( + new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); + } + RuntimePermissionPolicy runtimePermissionPolicy = runtimePermissionPolicyBeanWrapper.getOperation(); + ProfileOperation operation = new ProfileOperation(); + operation.setCode(AndroidConstants.OperationCodes.RUNTIME_PERMISSION_POLICY); + operation.setType(Operation.Type.PROFILE); + operation.setPayLoad(runtimePermissionPolicy.toJSON()); + return AndroidAPIUtils.getOperationResponse(runtimePermissionPolicyBeanWrapper.getDeviceIDs(), + operation); + } catch (InvalidDeviceException e) { + String errorMessage = "Invalid Device Identifiers found."; + log.error(errorMessage, e); + throw new BadRequestException( + new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); + } catch (OperationManagementException e) { + String errorMessage = "Issue in retrieving operation management service instance"; + log.error(errorMessage, e); + throw new UnexpectedServerErrorException( + new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(errorMessage).build()); + } catch (DeviceManagementException e) { + String errorMessage = "Issue in retrieving device management service instance"; + log.error(errorMessage, e); + throw new UnexpectedServerErrorException( + new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(errorMessage).build()); + } + } +*/ @POST @Path("/set-password-policy") @Override diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/util/AndroidConstants.java b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/util/AndroidConstants.java index c1e09b4c0..7e62e5906 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/util/AndroidConstants.java +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/util/AndroidConstants.java @@ -79,6 +79,7 @@ public final class AndroidConstants { public static final String WIFI = "WIFI"; public static final String CAMERA = "CAMERA"; public static final String DEVICE_MUTE = "DEVICE_MUTE"; + public static final String RUNTIME_PERMISSION_POLICY = "RUNTIME_PERMISSION_POLICY"; public static final String PASSCODE_POLICY = "PASSCODE_POLICY"; public static final String DEVICE_INFO = "DEVICE_INFO"; public static final String ENTERPRISE_WIPE = "ENTERPRISE_WIPE"; @@ -104,6 +105,11 @@ public final class AndroidConstants { public static final String WORK_PROFILE = "WORK_PROFILE"; } + public final class RuntimePermissionType { + public static final String PERMISSION_POLICY_PROMPT = "PERMISSION_POLICY_PROMPT"; + public static final String PERMISSION_POLICY_AUTO_GRANT = "PERMISSION_POLICY_AUTO_GRANT"; + public static final String PERMISSION_POLICY_AUTO_DENY = "PERMISSION_POLICY_AUTO_DENY"; + } public final class StatusCodes { private StatusCodes() { throw new AssertionError(); diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/android-web-agent/app/modules/business-controllers/policy.js b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/android-web-agent/app/modules/business-controllers/policy.js index 00b82116c..50cfdc864 100755 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/android-web-agent/app/modules/business-controllers/policy.js +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/android-web-agent/app/modules/business-controllers/policy.js @@ -1,4 +1,3 @@ -/* * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. * * WSO2 Inc. licenses this file to you under the Apache License, diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.policy-wizard/public/templates/android-policy-operations.hbs b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.policy-wizard/public/templates/android-policy-operations.hbs index cc5660001..6f21c8a10 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.policy-wizard/public/templates/android-policy-operations.hbs +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.policy-wizard/public/templates/android-policy-operations.hbs @@ -88,6 +88,18 @@ class="fw fw-success"> + + + + + + Runtime Permission Policy (COSU) + + + + @@ -271,8 +283,6 @@ - -
@@ -1221,6 +1231,56 @@
+ +
+ +
+
Password Policy Set passcode policy + + Runtime Permission Policy + Set runtime permission + Configure VPN Configure VPN settings diff --git a/pom.xml b/pom.xml index bbfd90470..d97930b23 100644 --- a/pom.xml +++ b/pom.xml @@ -1128,7 +1128,7 @@ 1.1.1 - 2.0.58 + 2.0.62-SNAPSHOT [2.0.0, 3.0.0)