diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/pom.xml b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/pom.xml index a0630232dc..08359dc162 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/pom.xml +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/pom.xml @@ -175,7 +175,6 @@ org.wso2.carbon org.wso2.carbon.user.core - 4.4.3 org.wso2.carbon.registry diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java index cc4df75cb5..d53c367450 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java @@ -172,6 +172,11 @@ public interface RoleManagementService { required = true, defaultValue = "Engineer") @PathParam("roleName") String roleName, + @ApiParam( + name = "user-store", + value = "The name of the user store from which you wish to get the permission of role.", + required = false) + @QueryParam("user-store") String userStoreName, @ApiParam( name = "If-Modified-Since", value = "Checks if the requested variant was modified, since the specified date-time." + @@ -237,6 +242,11 @@ public interface RoleManagementService { required = true, defaultValue = "admin") @PathParam("roleName") String roleName, + @ApiParam( + name = "user-store", + value = "The name of the user store which the particular of role resides in", + required = false) + @QueryParam("user-store") String userStoreName, @ApiParam( name = "If-Modified-Since", value = "Checks if the requested variant was modified, since the specified date-time." + @@ -355,7 +365,12 @@ public interface RoleManagementService { value = "The properties required to update a role.\n" + "NOTE: Don't change the role and the permissions of the admin user. " + "If you want to try out this API by updating all the properties, create a new role and update the properties accordingly.", - required = true) RoleInfo role); + required = true) RoleInfo role, + @ApiParam( + name = "user-store", + value = "The name of the user store which the particular role resides in.", + required = false) + @QueryParam("user-store") String userStoreName); @DELETE @Path("/{roleName}") @@ -389,7 +404,12 @@ public interface RoleManagementService { value = "The name of the role that needs to de deleted.\n" + "NOTE: Don't delete the admin role", required = true) - @PathParam("roleName") String roleName); + @PathParam("roleName") String roleName, + @ApiParam( + name = "user-store", + value = "The name of the user store which the particular role resides in.", + required = false) + @QueryParam("user-store") String userStoreName); @PUT @Path("/{roleName}/users") @@ -449,6 +469,11 @@ public interface RoleManagementService { required = true, defaultValue = "admin") @PathParam("roleName") String roleName, + @ApiParam( + name = "user-store", + value = "The name of the user store which the particular role resides in.", + required = false) + @QueryParam("user-store") String userStoreName, @ApiParam( name = "users", value = "Define the users that belong to the role.\n" + diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java index 08fb287d20..06569d21cf 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java @@ -457,6 +457,11 @@ public interface UserManagementService { value = "Provide a character or a few character in the user name", required = true) @QueryParam("filter") String filter, + @ApiParam( + name = "domain", + value = "The user store domain which the user names should be fetched from", + required = false) + @QueryParam("domain") String domain, @ApiParam( name = "If-Modified-Since", value = "Checks if the requested variant was modified, since the specified date-time\n." + diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java index bfc767b8cd..29db06c3d0 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java @@ -22,17 +22,13 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.CarbonConstants; import org.wso2.carbon.base.MultitenantConstants; -import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException; -import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; -import org.wso2.carbon.device.mgt.jaxrs.beans.Scope; import org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService; import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.FilteringUtil; import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil; import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils; -import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtUtil; import org.wso2.carbon.device.mgt.jaxrs.util.SetReferenceTransformer; import org.wso2.carbon.user.api.*; import org.wso2.carbon.user.core.common.AbstractUserStoreManager; @@ -43,12 +39,16 @@ import org.wso2.carbon.user.mgt.common.UserAdminException; import javax.ws.rs.*; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; +import java.io.UnsupportedEncodingException; import java.net.URI; import java.net.URISyntaxException; +import java.net.URLEncoder; import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import static org.wso2.carbon.device.mgt.jaxrs.util.Constants.PRIMARY_USER_STORE; + @Path("/roles") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) @@ -56,7 +56,6 @@ public class RoleManagementServiceImpl implements RoleManagementService { private static final String API_BASE_PATH = "/roles"; private static final Log log = LogFactory.getLog(RoleManagementServiceImpl.class); - private static final String PRIMARY_USER_STORE = "PRIMARY"; @GET @Override @@ -94,9 +93,11 @@ public class RoleManagementServiceImpl implements RoleManagementService { @GET @Path("/{roleName}/permissions") @Override - public Response getPermissionsOfRole( - @PathParam("roleName") String roleName, - @HeaderParam("If-Modified-Since") String ifModifiedSince) { + public Response getPermissionsOfRole(@PathParam("roleName") String roleName, + @QueryParam("user-store") String userStoreName, @HeaderParam("If-Modified-Since") String ifModifiedSince) { + if (userStoreName != null && !userStoreName.isEmpty()) { + roleName = userStoreName + "/" + roleName; + } RequestValidationUtil.validateRoleName(roleName); try { final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm(); @@ -164,11 +165,14 @@ public class RoleManagementServiceImpl implements RoleManagementService { @GET @Path("/{roleName}") @Override - public Response getRole(@PathParam("roleName") String roleName, - @HeaderParam("If-Modified-Since") String ifModifiedSince) { + public Response getRole(@PathParam("roleName") String roleName, @QueryParam("user-store") String userStoreName, + @HeaderParam("If-Modified-Since") String ifModifiedSince) { if (log.isDebugEnabled()) { log.debug("Getting the list of user roles"); } + if (userStoreName != null && !userStoreName.isEmpty()) { + roleName = userStoreName + "/" + roleName; + } RequestValidationUtil.validateRoleName(roleName); RoleInfo roleInfo = new RoleInfo(); try { @@ -229,9 +233,9 @@ public class RoleManagementServiceImpl implements RoleManagementService { userStoreManager.addRole(roleInfo.getRoleName(), roleInfo.getUsers(), permissions); //TODO fix what's returned in the entity - return Response.created(new URI(API_BASE_PATH + "/" + roleInfo.getRoleName())).entity( - "Role '" + roleInfo.getRoleName() + "' has " + - "successfully been added").build(); + return Response.created(new URI(API_BASE_PATH + "/" + URLEncoder.encode(roleInfo.getRoleName(), "UTF-8"))). + entity("Role '" + roleInfo.getRoleName() + "' has " + "successfully been" + + " added").build(); } catch (UserStoreException e) { String msg = "Error occurred while adding role '" + roleInfo.getRoleName() + "'"; log.error(msg, e); @@ -243,13 +247,22 @@ public class RoleManagementServiceImpl implements RoleManagementService { log.error(msg, e); return Response.serverError().entity( new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); + } catch (UnsupportedEncodingException e) { + String msg = "Error occurred while encoding role name"; + log.error(msg, e); + return Response.serverError().entity( + new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); } } @PUT @Path("/{roleName}") @Override - public Response updateRole(@PathParam("roleName") String roleName, RoleInfo roleInfo) { + public Response updateRole(@PathParam("roleName") String roleName, RoleInfo roleInfo, + @QueryParam("user-store") String userStoreName) { + if (userStoreName != null && !userStoreName.isEmpty()) { + roleName = userStoreName + "/" + roleName; + } RequestValidationUtil.validateRoleName(roleName); RequestValidationUtil.validateRoleDetails(roleInfo); try { @@ -306,7 +319,10 @@ public class RoleManagementServiceImpl implements RoleManagementService { @DELETE @Path("/{roleName}") @Override - public Response deleteRole(@PathParam("roleName") String roleName) { + public Response deleteRole(@PathParam("roleName") String roleName, @QueryParam("user-store") String userStoreName) { + if (userStoreName != null && !userStoreName.isEmpty()) { + roleName = userStoreName + "/" + roleName; + } RequestValidationUtil.validateRoleName(roleName); try { final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm(); @@ -337,7 +353,11 @@ public class RoleManagementServiceImpl implements RoleManagementService { @PUT @Path("/{roleName}/users") @Override - public Response updateUsersOfRole(@PathParam("roleName") String roleName, List users) { + public Response updateUsersOfRole(@PathParam("roleName") String roleName, + @QueryParam("user-store") String userStoreName, List users) { + if (userStoreName != null && !userStoreName.isEmpty()) { + roleName = userStoreName + "/" + roleName; + } RequestValidationUtil.validateRoleName(roleName); RequestValidationUtil.validateUsers(users); try { @@ -372,7 +392,11 @@ public class RoleManagementServiceImpl implements RoleManagementService { if (log.isDebugEnabled()) { log.debug("Getting the list of user roles"); } - roles = userStoreManager.getRoleNames(userStore+"/*", -1, false, true, true); + if (userStore.equals("all")) { + roles = userStoreManager.getRoleNames("*", -1, false, true, true); + } else { + roles = userStoreManager.getRoleNames(userStore + "/*", -1, false, true, true); + } // removing all internal roles, roles created for Service-providers and application related roles. List filteredRoles = new ArrayList<>(); for (String role : roles) { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java index 8ec2f898df..8fc57a0c89 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java @@ -21,6 +21,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.impl; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.eclipse.wst.common.uriresolver.internal.util.URIEncoder; import org.wso2.carbon.device.mgt.common.DeviceManagementException; import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService; import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo; @@ -36,6 +37,7 @@ import org.wso2.carbon.user.api.UserStoreManager; import javax.ws.rs.*; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; +import java.io.UnsupportedEncodingException; import java.net.URI; import java.net.URISyntaxException; import java.security.SecureRandom; @@ -85,7 +87,8 @@ public class UserManagementServiceImpl implements UserManagementService { if (log.isDebugEnabled()) { log.debug("User by username: " + userInfo.getUsername() + " was found."); } - return Response.created(new URI(API_BASE_PATH + "/" + userInfo.getUsername())).entity( + return Response.created(new URI(API_BASE_PATH + "/" + URIEncoder.encode(userInfo.getUsername(), "UTF-8"))) + .entity( createdUserInfo).build(); } catch (UserStoreException e) { String msg = "Error occurred while trying to add user '" + userInfo.getUsername() + "' to the " + @@ -99,6 +102,12 @@ public class UserManagementServiceImpl implements UserManagementService { log.error(msg, e); return Response.serverError().entity( new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); + } catch (UnsupportedEncodingException e) { + String msg = "Error occurred while encoding username in the URI for the newly created user " + + userInfo.getUsername(); + log.error(msg, e); + return Response.serverError().entity( + new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); } } @@ -353,28 +362,32 @@ public class UserManagementServiceImpl implements UserManagementService { @GET @Path("/search/usernames") @Override - public Response getUserNames(@QueryParam("filter") String filter, @HeaderParam("If-Modified-Since") String timestamp, + public Response getUserNames(@QueryParam("filter") String filter, @QueryParam("domain") String domain, + @HeaderParam("If-Modified-Since") String timestamp, @QueryParam("offset") int offset, @QueryParam("limit") int limit) { if (log.isDebugEnabled()) { log.debug("Getting the list of users with all user-related information using the filter : " + filter); } + String userStoreDomain = Constants.PRIMARY_USER_STORE; + if (domain != null && !domain.isEmpty()) { + userStoreDomain = domain; + } List userList; try { UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager(); - String[] users = userStoreManager.listUsers(filter + "*", -1); - userList = new ArrayList<>(users.length); + String[] users = userStoreManager.listUsers(userStoreDomain + "/*", -1); + userList = new ArrayList<>(); UserInfo user; for (String username : users) { - user = new UserInfo(); - user.setUsername(username); - user.setEmailAddress(getClaimValue(username, Constants.USER_CLAIM_EMAIL_ADDRESS)); - user.setFirstname(getClaimValue(username, Constants.USER_CLAIM_FIRST_NAME)); - user.setLastname(getClaimValue(username, Constants.USER_CLAIM_LAST_NAME)); - userList.add(user); + if (username.contains(filter)) { + user = new UserInfo(); + user.setUsername(username); + user.setEmailAddress(getClaimValue(username, Constants.USER_CLAIM_EMAIL_ADDRESS)); + user.setFirstname(getClaimValue(username, Constants.USER_CLAIM_FIRST_NAME)); + user.setLastname(getClaimValue(username, Constants.USER_CLAIM_LAST_NAME)); + userList.add(user); + } } -// if (userList.size() <= 0) { -// return Response.status(Response.Status.NOT_FOUND).entity("No user is available to be retrieved").build(); -// } return Response.status(Response.Status.OK).entity(userList).build(); } catch (UserStoreException e) { String msg = "Error occurred while retrieving the list of users using the filter : " + filter; diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java index 451c58b178..d9981ba782 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java @@ -26,6 +26,7 @@ public class Constants { public static final String USER_CLAIM_EMAIL_ADDRESS = "http://wso2.org/claims/emailaddress"; public static final String USER_CLAIM_FIRST_NAME = "http://wso2.org/claims/givenname"; public static final String USER_CLAIM_LAST_NAME = "http://wso2.org/claims/lastname"; + public static final String PRIMARY_USER_STORE = "PRIMARY"; public final class ErrorMessages { private ErrorMessages () { throw new AssertionError(); } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js index eb7798a837..67743b3bc0 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js @@ -187,7 +187,7 @@ var userModule = function () { var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] + "/users/" + encodeURIComponent(username); if (domain) { - url += '?domain=' + domain; + url += '?domain=' + encodeURIComponent(domain); } var response = privateMethods.callBackend(url, constants["HTTP_GET"]); response["content"] = parse(response.content); @@ -217,7 +217,7 @@ var userModule = function () { var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] + "/users/" + encodeURIComponent(username) + "/roles"; if (domain) { - url += '?domain=' + domain; + url += '?domain=' + encodeURIComponent(domain); } var response = privateMethods.callBackend(url, constants["HTTP_GET"]); if (response.status == "success") { @@ -268,7 +268,7 @@ var userModule = function () { try { utility.startTenantFlow(carbonUser); var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] + - "/roles?offset=0&limit=100"; + "/roles?offset=0&limit=100&user-store=all"; var response = privateMethods.callBackend(url, constants["HTTP_GET"]); if (response.status == "success") { response.content = parse(response.content).roles; @@ -294,7 +294,7 @@ var userModule = function () { try { utility.startTenantFlow(carbonUser); var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] + - "/roles?offset=0&limit=1"; + "/roles?offset=0&limit=1&user-store=all"; return serviceInvokers.XMLHttp.get( url, function (responsePayload) { return parse(responsePayload["responseText"])["count"]; @@ -328,7 +328,7 @@ var userModule = function () { try { utility.startTenantFlow(carbonUser); var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] + - "/roles?user-store=" + userStore + "&limit=100"; + "/roles?user-store=" + encodeURIComponent(userStore) + "&limit=100"; var response = privateMethods.callBackend(url, constants["HTTP_GET"]); if (response.status == "success") { response.content = parse(response.content).roles; @@ -374,14 +374,22 @@ var userModule = function () { publicMethods.getRole = function (roleName) { var carbonUser = session.get(constants["USER_SESSION_KEY"]); var utility = require("/app/modules/utility.js")["utility"]; + var userStore; if (!carbonUser) { log.error("User object was not found in the session"); throw constants["ERRORS"]["USER_NOT_FOUND"]; } try { utility.startTenantFlow(carbonUser); + if (roleName.indexOf('/') > 0) { + userStore = roleName.substr(0, roleName.indexOf('/')); + roleName = roleName.substr(roleName.indexOf('/') + 1); + } var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] + "/roles/" + encodeURIComponent(roleName); + if (userStore) { + url += "?user-store=" + encodeURIComponent(userStore); + } var response = privateMethods.callBackend(url, constants["HTTP_GET"]); if (response.status == "success") { response.content = parse(response.content); diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/create.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/create.hbs index d3b2f15329..0bfdfe1d8f 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/create.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/create.hbs @@ -94,7 +94,8 @@ data-error-msg="{{roleNameRegExViolationErrorMsg}}" class="form-control" /> {{#if canViewUsers}} diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/public/js/bottomJs.js index 93f7817db9..2cb8292af7 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/public/js/bottomJs.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/public/js/bottomJs.js @@ -32,6 +32,7 @@ var validateInline = {}; var clearInline = {}; var apiBasePath = "/api/device-mgt/v1.0"; +var domain = $("#domain").val(); var enableInlineError = function (inputField, errorMsg, errorSign) { var fieldIdentifier = "#" + inputField; @@ -82,7 +83,8 @@ clearInline["role-name"] = function () { */ validateInline["role-name"] = function () { var roleNameInput = $("input#roleName"); - if (inputIsValid( roleNameInput.data("regex"), roleNameInput.val())) { + var roleName = roleNameInput.val(); + if (inputIsValid( roleNameInput.data("regex"), roleName) && roleName.indexOf("@") < 0 && roleName.indexOf("/") < 0) { disableInlineError("roleNameField", "roleNameEmpty", "roleNameError"); } else { enableInlineError("roleNameField", "roleNameEmpty", "roleNameError"); @@ -127,7 +129,8 @@ $(document).ready(function () { data: function (params) { var postData = {}; postData.requestMethod = "GET"; - postData.requestURL = "/api/device-mgt/v1.0/users/search/usernames?filter=" + params.term; + postData.requestURL = "/api/device-mgt/v1.0/users/search/usernames?filter=" + params.term + + "&domain=" + encodeURIComponent(domain); postData.requestPayload = null; return JSON.stringify(postData); }, @@ -170,7 +173,8 @@ $(document).ready(function () { if (!roleName) { $(errorMsg).text("Role name is a required field. It cannot be empty."); $(errorMsgWrapper).removeClass("hidden"); - } else if (!inputIsValid(roleNameInput.data("regex"), roleName)) { + } else if (!inputIsValid(roleNameInput.data("regex"), roleName) || roleName.indexOf("@") >= 0 || + roleName.indexOf("/") >= 0) { $(errorMsg).text(roleNameInput.data("error-msg")); $(errorMsgWrapper).removeClass("hidden"); } else if (!domain) { @@ -201,7 +205,8 @@ $(document).ready(function () { $("input#roleName").val(""); $("#domain").val("PRIMARY"); $("#users").val(""); - window.location.href = appContext + "/role/edit-permission/" + roleName; + window.location.href = appContext + "/role/edit-permission/?rolename=" + + encodeURIComponent(addRoleFormData.roleName); } }, function (jqXHR) { @@ -222,4 +227,12 @@ $(document).ready(function () { $(roleNameInputElement).blur(function() { validateInline["role-name"](); }); + + /* When the user store domain value is changed, the users who are assigned to that role should be removed, as + user and role can be mapped only if both are in same user store + */ + $("#domain").change(function () { + $("#users").select2("val", ""); + domain = $("#domain").val(); + }); }); \ No newline at end of file diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit.permission/permission.json b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit.permission/permission.json index a6e56c02a5..952c4abe20 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit.permission/permission.json +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit.permission/permission.json @@ -1,5 +1,5 @@ { "version": "1.0.0", - "uri": "/role/edit-permission/{+any}", + "uri": "/role/edit-permission/", "layout": "cdmf.layout.default" } \ No newline at end of file diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit/edit.json b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit/edit.json index 3efeeeb8e2..6959b98af0 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit/edit.json +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit/edit.json @@ -1,5 +1,5 @@ { "version": "1.0.0", - "uri": "/role/edit/{+any}", + "uri": "/role/edit/", "layout": "cdmf.layout.default" } \ No newline at end of file diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.roles/public/js/role-listing.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.roles/public/js/role-listing.js index 19056e28f6..4a6b44fbb8 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.roles/public/js/role-listing.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.roles/public/js/role-listing.js @@ -17,7 +17,7 @@ */ var loadRoleBasedActionURL = function (action, rolename) { - var href = $("#ast-container").data("app-context") + "role/" + action + "/" + rolename; + href = $("#ast-container").data("app-context") + "role/" + action + "/?rolename=" + encodeURIComponent(rolename); $(location).attr('href', href); }; @@ -188,7 +188,7 @@ function loadRoles() { "sorting": false }; - $('#role-grid').datatables_extended_serverside_paging(settings, '/api/device-mgt/v1.0/roles', dataFilter, columns, fnCreatedRow, null, options); + $('#role-grid').datatables_extended_serverside_paging(settings, '/api/device-mgt/v1.0/roles?user-store=all', dataFilter, columns, fnCreatedRow, null, options); loadingContent.hide(); } @@ -201,8 +201,15 @@ function loadRoles() { */ $("#role-grid").on("click", ".remove-role-link", function () { var role = $(this).data("role"); - var removeRoleAPI = apiBasePath + "/roles/" + role; - + var userStore; + if (role.indexOf('/') > 0) { + userStore = role.substr(0, role.indexOf('/')); + role = role.substr(role.indexOf('/') + 1); + } + var removeRoleAPI = apiBasePath + "/roles/" + encodeURIComponent(role); + if (userStore) { + removeRoleAPI += "?user-store=" + encodeURIComponent(userStore); + } $(modalPopupContent).html($('#remove-role-modal-content').html()); showPopup(); @@ -210,7 +217,10 @@ $("#role-grid").on("click", ".remove-role-link", function () { invokerUtil.delete( removeRoleAPI, function () { - $("#role-" + role).remove(); + if (userStore) { + role = userStore + '/' + role; + } + $('[id="role-' + role + '"]').remove(); $(modalPopupContent).html($('#remove-role-success-content').html()); $("a#remove-role-success-link").click(function () { hidePopup(); diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/public/js/bottomJs.js index 2071baf9f9..317cf435e4 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/public/js/bottomJs.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/public/js/bottomJs.js @@ -180,8 +180,7 @@ $("#userStore").change( str += $(this).text() + ""; }); if ($("#roles").length > 0) { - var getRolesAPI = deviceMgtAPIsBasePath + "/roles?user-store=" + str + "&limit=100"; - + var getRolesAPI = deviceMgtAPIsBasePath + "/roles?user-store=" + encodeURIComponent(str) + "&limit=100"; invokerUtil.get( getRolesAPI, function (data) { @@ -189,10 +188,10 @@ $("#userStore").change( if (data.errorMessage) { $(errorMsg).text("Selected user store prompted an error : " + data.errorMessage); $(errorMsgWrapper).removeClass("hidden"); - } else if (data["statusCode"] == 200) { + } else { $("#roles").empty(); - for (var i = 0; i < data.responseContent.length; i++) { - var newOption = $(''); + for (var i = 0; i < data.roles.length; i++) { + var newOption = $(''); $('#roles').append(newOption); } } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.edit/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.edit/public/js/bottomJs.js index 00357909e6..2ecada94ad 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.edit/public/js/bottomJs.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.edit/public/js/bottomJs.js @@ -236,7 +236,8 @@ $(document).ready(function () { } addUserFormData.roles = roles; username = username.substr(username.indexOf('/') + 1); - var addUserAPI = deviceMgtBasePath + "/users/" + username + "?domain=" + domain; + var addUserAPI = deviceMgtBasePath + "/users/" + encodeURIComponent(username) + "?domain=" + + encodeURIComponent(domain); invokerUtil.put( addUserAPI, diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js index d8dc9d4860..50f11a3df3 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js @@ -158,7 +158,7 @@ function resetPassword(username) { } var resetPasswordServiceURL = apiBasePath + "/admin/users/" + username + "/credentials"; if (domain) { - resetPasswordServiceURL += '?domain=' + domain; + resetPasswordServiceURL += '?domain=' + encodeURIComponent(domain); } invokerUtil.post( resetPasswordServiceURL, @@ -198,11 +198,10 @@ function removeUser(username) { domain = username.substr(0, username.indexOf('/')); username = username.substr(username.indexOf('/') + 1); } - var removeUserAPI = apiBasePath + "/users/" + username; + var removeUserAPI = apiBasePath + "/users/" + encodeURIComponent(username); if (domain) { - removeUserAPI += '?domain=' + domain; + removeUserAPI += '?domain=' + encodeURIComponent(domain); } - modalDialog.header("Remove User"); modalDialog.content("Do you really want to remove this user ?"); modalDialog.footer('
Remove ' + @@ -219,10 +218,9 @@ function removeUser(username) { function (data, textStatus, jqXHR) { if (jqXHR.status == 200) { if (domain) { - $("#user-" + domain + "\\/" + username).remove(); - } else { - $("#user-" + username).remove(); + username = domain + '/' + username; } + $('[id="user-' + username + '"]').remove(); // update modal-content with success message modalDialog.header("User Removed."); modalDialog.content("Done. User was successfully removed."); @@ -338,7 +336,8 @@ function loadUsers() { class: "text-right content-fill text-left-on-grid-view no-wrap", data: null, render: function (data, type, row, meta) { - var editbtn = ' ' + ' ' + diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.js index 5790f1b7ff..10d47721d7 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.js @@ -24,14 +24,6 @@ */ function onRequest(context) { var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; - var uri = request.getRequestURI(); - var uriMatcher = new URIMatcher(String(uri)); - var isMatched = uriMatcher.match("/{context}/role/edit-permission/{rolename}"); - - if (isMatched) { - var matchedElements = uriMatcher.elements(); - var roleName = matchedElements.rolename; - context["roleName"] = roleName; - } + context["roleName"] = request.getParameter("rolename"); return context; } \ No newline at end of file diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/public/js/bottomJs.js index 553f885773..c2fcf98d7f 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/public/js/bottomJs.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/public/js/bottomJs.js @@ -103,7 +103,15 @@ $(document).ready(function () { var listPartialSrc = $("#list-partial").attr("src"); var treeTemplateSrc = $("#tree-template").attr("src"); var roleName = $("#permissionList").data("currentrole"); + var userStore; + if (roleName.indexOf('/') > 0) { + userStore = roleName.substr(0, roleName.indexOf('/')); + roleName = roleName.substr(roleName.indexOf('/') + 1); + } var serviceUrl = apiBasePath + "/roles/" +encodeURIComponent(roleName)+"/permissions"; + if (userStore) { + serviceUrl += "?user-store=" + encodeURIComponent(userStore); + } $.registerPartial("list", listPartialSrc, function(){ $.template("treeTemplate", treeTemplateSrc, function (template) { invokerUtil.get(serviceUrl, @@ -146,13 +154,23 @@ $(document).ready(function () { */ $("button#update-permissions-btn").click(function() { var roleName = $("#permissionList").data("currentrole"); - var updateRolePermissionAPI = apiBasePath + "/roles/" + roleName; + var userStore; + if (roleName.indexOf('/') > 0) { + userStore = roleName.substr(0, roleName.indexOf('/')); + roleName = roleName.substr(roleName.indexOf('/') + 1); + } + var updateRolePermissionAPI = apiBasePath + "/roles/" + encodeURIComponent(roleName); var updateRolePermissionData = {}; var perms = []; $("#permissionList li input:checked").each(function(){ perms.push($(this).data("resourcepath")); }); - updateRolePermissionData.roleName = roleName; + if (userStore) { + updateRolePermissionAPI += "?user-store=" + encodeURIComponent(userStore); + updateRolePermissionData.roleName = userStore + "/" + roleName; + } else { + updateRolePermissionData.roleName = roleName; + } updateRolePermissionData.permissions = perms; invokerUtil.put( updateRolePermissionAPI, diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/edit.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/edit.js index ac21d0b696..9bca327597 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/edit.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/edit.js @@ -25,28 +25,29 @@ function onRequest(context) { var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var deviceMgtProps = require("/app/modules/conf-reader/main.js")["conf"]; - var uri = request.getRequestURI(); - var uriMatcher = new URIMatcher(String(uri)); - var isMatched = uriMatcher.match("/{context}/role/edit/{roleName}"); + var roleName = request.getParameter("rolename"); + var response; + var userStore; - if (isMatched) { - var matchedElements = uriMatcher.elements(); - var roleName = matchedElements["roleName"]; - var response = userModule.getRole(roleName); - if (response["status"] == "success") { - context["role"] = response["content"]; - } - var userStore; + if (roleName) { if (roleName.indexOf("/") > -1) { - userStore = roleName.substring(0, roleName.indexOf("/")); + userStore = roleName.substr(0, roleName.indexOf("/")); } else { userStore = "PRIMARY"; } + response = userModule.getRole(roleName); + if (response["status"] == "success") { + context["role"] = response["content"]; + } context["userStore"] = userStore; context["roleNameJSRegEx"] = deviceMgtProps["roleValidationConfig"]["roleNameJSRegEx"]; context["roleNameHelpText"] = deviceMgtProps["roleValidationConfig"]["roleNameHelpMsg"]; context["roleNameRegExViolationErrorMsg"] = deviceMgtProps["roleValidationConfig"]["roleNameRegExViolationErrorMsg"]; + roleName = context["role"]["roleName"]; + if (roleName.indexOf("/") > -1) { + context["role"]["roleName"] = roleName.substr(roleName.indexOf("/") + 1); + } return context; } else { //TODO: handle error scenario diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/public/js/bottomJs.js index e038c32592..7dae919969 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/public/js/bottomJs.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/public/js/bottomJs.js @@ -1,3 +1,21 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + /** * Checks if provided input is valid against RegEx input. * @@ -12,6 +30,7 @@ function inputIsValid(regExp, inputString) { var validateInline = {}; var clearInline = {}; +var domain = $("#domain").val(); var apiBasePath = "/api/device-mgt/v1.0"; @@ -112,7 +131,8 @@ $(document).ready(function () { data: function (params) { var postData = {}; postData.actionMethod = "GET"; - postData.actionUrl = apiBasePath + "/users/search/usernames?filter=" + params.term; + postData.actionUrl = apiBasePath + "/users/search/usernames?filter=" + params.term + "&domain=" + + encodeURIComponent(domain); postData.actionPayload = null; return JSON.stringify(postData); }, @@ -163,11 +183,11 @@ $(document).ready(function () { } else { var addRoleFormData = {}; addRoleFormData.roleName = roleName; + var addRoleAPI = apiBasePath + "/roles/" + encodeURIComponent(currentRoleName); if (domain != "PRIMARY"){ addRoleFormData.roleName = domain + "/" + roleName; + addRoleAPI = addRoleAPI + "?user-store=" + encodeURIComponent(domain); } - - var addRoleAPI = apiBasePath + "/roles/" + currentRoleName; invokerUtil.put( addRoleAPI, addRoleFormData, @@ -196,4 +216,12 @@ $(document).ready(function () { $("#rolename").blur(function() { validateInline["role-name"](); }); + + /* When the user store domain value is changed, the users who are assigned to that role should be removed, as + user and role can be mapped only if both are in same user store + */ + $("#domain").change(function () { + $("#users").select2("val", ""); + domain = $("#domain").val(); + }); }); \ No newline at end of file