Implemented scope management service

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/RoleInfo.java

@@ -20,27 +20,23 @@ package org.wso2.carbon.device.mgt.jaxrs.beans;
 
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
+import org.wso2.carbon.apimgt.api.model.Scope;
 import org.wso2.carbon.user.mgt.common.UIPermissionNode;
 
+import java.util.List;
+
 @ApiModel(value = "RoleInfo", description = "Role details including permission and the users in the roles are " +
         "wrapped here.")
 public class RoleInfo {
 
     @ApiModelProperty(name = "roleName", value = "The name of the role.", required = true)
     private String roleName;
-    @ApiModelProperty(name = "permissions", value = "Lists out all the permissions associated with roles.",
+    @ApiModelProperty(name = "scopes", value = "Lists out all the scopes associated with roles.",
-            required = true, dataType = "List[java.lang.String]")
+            required = true, dataType = "List[Scope]")
-    private String[] permissions;
+    private List<Scope> scopes;
     @ApiModelProperty(name = "users", value = "The list of users assigned to the selected role.",
             required = true, dataType = "List[java.lang.String]")
     private String[] users;
-    @ApiModelProperty(name = "permissionList", value = "This contain the following, " +
-            "\n resourcePath\tThe path related to the API.\n " +
-            "displayName\tThe name of the permission that is shown " +
-            "in the UI.\n" +
-            "nodeList\tLists out the nested permissions.",
-            required = true)
-    private UIPermissionNode permissionList;
 
     public String getRoleName() {
         return roleName;
@@ -50,12 +46,12 @@ public class RoleInfo {
         this.roleName = roleName;
     }
 
-    public String[] getPermissions() {
+    public List<Scope> getScopes() {
-        return permissions;
+        return scopes;
     }
 
-    public void setPermissions(String[] permissions) {
+    public void setScopes(List<Scope> scopes) {
-        this.permissions = permissions;
+        this.scopes = scopes;
     }
 
     public String[] getUsers() {
@@ -66,11 +62,4 @@ public class RoleInfo {
         this.users = users;
     }
 
-    public UIPermissionNode getPermissionList() {
-        return permissionList;
-    }
-
-    public void setPermissionList(UIPermissionNode permissionList) {
-        this.permissionList = permissionList;
-    }
 }

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java

@@ -21,6 +21,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
 import io.swagger.annotations.*;
 import org.wso2.carbon.apimgt.annotations.api.API;
 import org.wso2.carbon.apimgt.annotations.api.Permission;
+import org.wso2.carbon.apimgt.api.model.Scope;
 import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
 import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo;
 import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
@@ -106,16 +107,16 @@ public interface RoleManagementService {
             @QueryParam("limit") int limit);
 
     @GET
-    @Path("/{roleName}/permissions")
+    @Path("/scopes")
     @ApiOperation(
             produces = MediaType.APPLICATION_JSON,
             httpMethod = "GET",
-            value = "Getting permission details of a role.",
+            value = "Getting authorization scopes.",
             notes = "In an organization an individual is associated a with set of responsibilities based on their " +
-                    "role. In  EMM you are able to configure permissions based on the responsibilities carried " +
+                    "role. In  EMM you are able to configure scopes based on the responsibilities carried " +
-                    "out by a role. Therefore if you wish to retrieve the permission details of a role, you can do " +
+                    "out by a role. Therefore if you wish to retrieve the scopes details of roles, you can do " +
                     "so using this REST API.",
-            response = UIPermissionNode.class,
+            response = List.class,
             responseContainer = "List",
             tags = "Role Management"
     )
@@ -123,7 +124,7 @@ public interface RoleManagementService {
             value = {
                     @ApiResponse(
                             code = 200,
-                            message = "OK. \n Successfully fetched the permission list of the given role.",
+                            message = "OK. \n Successfully fetched the scopes list.",
                             response = UIPermissionNode.class,
                             responseContainer = "List",
                             responseHeaders = {
@@ -159,19 +160,63 @@ public interface RoleManagementService {
                             message = "Internal Server ErrorResponse. \n Server error occurred while fetching the permission list of the requested role.",
                             response = ErrorResponse.class)
             })
-    @Permission(scope = "role:view", roles = {"admin"})
+    @Permission(scope = "role:scope:read", roles = {"admin"})
-    Response getPermissionsOfRole(
+    Response getScopes(
-            @ApiParam(
-                    name = "roleName",
-                    value = "Name of the role.",
-                    required = true)
-            @PathParam("roleName") String roleName,
             @ApiParam(
                     name = "If-Modified-Since",
                     value = "Validates if the requested variant has not been modified since the time specified",
                     required = false)
             @HeaderParam("If-Modified-Since") String ifModifiedSince);
 
+    @PUT
+    @Path("/scopes")
+    @ApiOperation(
+            produces = MediaType.APPLICATION_JSON,
+            httpMethod = "PUT",
+            value = "Updating authorization scopes.",
+            notes = "This REST API can be used to update the associated roles of the scopes",
+            tags = "Role Management"
+    )
+    @ApiResponses(value = {
+            @ApiResponse(
+                    code = 200,
+                    message = "OK. \n Scopes has been updated successfully",
+                    responseHeaders = {
+                            @ResponseHeader(
+                                    name = "Content-Type",
+                                    description = "Content type of the body"),
+                            @ResponseHeader(
+                                    name = "ETag",
+                                    description = "Entity Tag of the response resource.\n" +
+                                            "Used by caches, or in conditional requests."),
+                            @ResponseHeader(
+                                    name = "Last-Modified",
+                                    description = "Date and time the resource has been modified the last time.\n" +
+                                            "Used by caches, or in conditional requests.")}),
+            @ApiResponse(
+                    code = 400,
+                    message = "Bad Request. \n Invalid request or validation error.",
+                    response = ErrorResponse.class),
+            @ApiResponse(
+                    code = 404,
+                    message = "Not Found. \n Scopes to be updated does not exist.",
+                    response = ErrorResponse.class),
+            @ApiResponse(
+                    code = 415,
+                    message = "Unsupported media type. \n The entity of the request was in a not supported format.",
+                    response = ErrorResponse.class),
+            @ApiResponse(
+                    code = 500,
+                    message = "Internal Server Error. \n Server error occurred while updating the scopes.",
+                    response = ErrorResponse.class)
+    })
+    @Permission(scope = "role:scope:write", roles = {"admin"})
+    Response updateScopes(
+            @ApiParam(
+                    name = "Scopes",
+                    value = "List of scopes to be updated",
+                    required = true) List<Scope> scopes);
+
     @GET
     @Path("/{roleName}")
     @ApiOperation(
@@ -375,7 +420,11 @@ public interface RoleManagementService {
                     name = "roleName",
                     value = "Name of the role to de deleted.",
                     required = true)
-            @PathParam("roleName") String roleName);
+            @PathParam("roleName") String roleName,
+            @ApiParam(
+                    name = "role",
+                    value = "Details about the role to be added.",
+                    required = true) RoleInfo role);
 
     @PUT
     @Path("/{roleName}/users")

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java

@@ -21,7 +21,10 @@ package org.wso2.carbon.device.mgt.jaxrs.service.impl;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.CarbonConstants;
+import org.wso2.carbon.apimgt.api.model.Scope;
 import org.wso2.carbon.base.MultitenantConstants;
+import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException;
+import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
 import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
 import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo;
 import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
@@ -79,64 +82,47 @@ public class RoleManagementServiceImpl implements RoleManagementService {
     }
 
     @GET
-    @Path("/{roleName}/permissions")
+    @Path("/scopes")
     @Override
-    public Response getPermissionsOfRole(
+    public Response getScopes(
-            @PathParam("roleName") String roleName,
             @HeaderParam("If-Modified-Since") String ifModifiedSince) {
-        RequestValidationUtil.validateRoleName(roleName);
-        try {
-            final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
-            if (!userRealm.getUserStoreManager().isExistingRole(roleName)) {
-                return Response.status(Response.Status.NOT_FOUND).entity(new ErrorResponse.ErrorResponseBuilder().setMessage(
-                        "No role exists with the name '" + roleName + "'").build()).build();
-            }
 
-            final UIPermissionNode rolePermissions = this.getUIPermissionNode(roleName, userRealm);
+        List<Scope> scopes = new ArrayList<>();
-            if (rolePermissions == null) {
+        try {
-                if (log.isDebugEnabled()) {
+            ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
-                    log.debug("No permissions found for the role '" + roleName + "'");
+            if (scopeManagementService == null) {
-                }
+                log.error("Scope management service initialization is failed, hence scopes will not be retrieved");
+            } else {
+                scopes = scopeManagementService.getAllScopes();
             }
-            return Response.status(Response.Status.OK).entity(rolePermissions).build();
+            return Response.status(Response.Status.OK).entity(scopes).build();
-        } catch (UserAdminException e) {
+        } catch (ScopeManagementException e) {
-            String msg = "Error occurred while retrieving the permissions of role '" + roleName + "'";
+            String msg = "Error occurred while retrieving the scopes";
-            log.error(msg, e);
-            return Response.serverError().entity(
-                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
-        } catch (UserStoreException e) {
-            String msg = "Error occurred while retrieving the underlying user realm attached to the " +
-                    "current logged in user";
             log.error(msg, e);
             return Response.serverError().entity(
                     new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
         }
     }
 
-    private UIPermissionNode getUIPermissionNode(String roleName, UserRealm userRealm)
+    @PUT
-            throws UserAdminException {
+    @Path("/scopes")
-        org.wso2.carbon.user.core.UserRealm userRealmCore = null;
+    @Override
-        if (userRealm instanceof org.wso2.carbon.user.core.UserRealm) {
+    public Response updateScopes(List<Scope> scopes) {
-            userRealmCore = (org.wso2.carbon.user.core.UserRealm) userRealm;
+        RequestValidationUtil.validateScopes(scopes);
-        }
+        try {
-        final UserRealmProxy userRealmProxy = new UserRealmProxy(userRealmCore);
+            ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
-        final UIPermissionNode rolePermissions =
+            if (scopeManagementService == null) {
-                userRealmProxy.getRolePermissions(roleName, MultitenantConstants.SUPER_TENANT_ID);
+                log.error("Scope management service initialization is failed, hence scopes will not be retrieved");
-        UIPermissionNode[] deviceMgtPermissions = new UIPermissionNode[2];
+            } else {
-
+                scopeManagementService.updateScopes(scopes);
-        for (UIPermissionNode permissionNode : rolePermissions.getNodeList()) {
-            if (permissionNode.getResourcePath().equals("/permission/admin")) {
-                for (UIPermissionNode node : permissionNode.getNodeList()) {
-                    if (node.getResourcePath().equals("/permission/admin/device-mgt")) {
-                        deviceMgtPermissions[0] = node;
-                    } else if (node.getResourcePath().equals("/permission/admin/login")) {
-                        deviceMgtPermissions[1] = node;
-                    }
-                }
             }
+            return Response.status(Response.Status.OK).entity(scopes).build();
+        } catch (ScopeManagementException e) {
+            String msg = "Error occurred while updating the scopes";
+            log.error(msg, e);
+            return Response.serverError().entity(
+                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
         }
-        rolePermissions.setNodeList(deviceMgtPermissions);
-        return rolePermissions;
     }
 
     @GET
@@ -151,7 +137,6 @@ public class RoleManagementServiceImpl implements RoleManagementService {
         RoleInfo roleInfo = new RoleInfo();
         try {
             final UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
-            final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
             if (!userStoreManager.isExistingRole(roleName)) {
                 return Response.status(Response.Status.NOT_FOUND).entity(
                         new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" +
@@ -159,16 +144,9 @@ public class RoleManagementServiceImpl implements RoleManagementService {
             }
             roleInfo.setRoleName(roleName);
             roleInfo.setUsers(userStoreManager.getUserListOfRole(roleName));
-            // Get the permission nodes and hand picking only device management and login perms
-            final UIPermissionNode rolePermissions = this.getUIPermissionNode(roleName, userRealm);
-            List<String> permList = new ArrayList<>();
-            this.iteratePermissions(rolePermissions, permList);
-            roleInfo.setPermissionList(rolePermissions);
-            String[] permListAr = new String[permList.size()];
-            roleInfo.setPermissions(permList.toArray(permListAr));
 
             return Response.status(Response.Status.OK).entity(roleInfo).build();
-        } catch (UserStoreException | UserAdminException e) {
+        } catch (UserStoreException e) {
             String msg = "Error occurred while retrieving the user role '" + roleName + "'";
             log.error(msg, e);
             return Response.serverError().entity(
@@ -176,35 +154,18 @@ public class RoleManagementServiceImpl implements RoleManagementService {
         }
     }
 
-    private List<String> iteratePermissions(UIPermissionNode uiPermissionNode, List<String> list) {
-        for (UIPermissionNode permissionNode : uiPermissionNode.getNodeList()) {
-            list.add(permissionNode.getResourcePath());
-            if (permissionNode.getNodeList() != null && permissionNode.getNodeList().length > 0) {
-                iteratePermissions(permissionNode, list);
-            }
-        }
-        return list;
-    }
-
     @POST
     @Override
     public Response addRole(RoleInfo roleInfo) {
         RequestValidationUtil.validateRoleDetails(roleInfo);
         RequestValidationUtil.validateRoleName(roleInfo.getRoleName());
+
         try {
             UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
             if (log.isDebugEnabled()) {
                 log.debug("Persisting the role in the underlying user store");
             }
-            Permission[] permissions = null;
+            userStoreManager.addRole(roleInfo.getRoleName(), roleInfo.getUsers(), null);
-            if (roleInfo.getPermissions() != null && roleInfo.getPermissions().length > 0) {
-                permissions = new Permission[roleInfo.getPermissions().length];
-                for (int i = 0; i < permissions.length; i++) {
-                    String permission = roleInfo.getPermissions()[i];
-                    permissions[i] = new Permission(permission, CarbonConstants.UI_PERMISSION_ACTION);
-                }
-            }
-            userStoreManager.addRole(roleInfo.getRoleName(), roleInfo.getUsers(), permissions);
 
             //TODO fix what's returned in the entity
             return Response.created(new URI(API_BASE_PATH + "/" + roleInfo.getRoleName())).entity(
@@ -260,14 +221,12 @@ public class RoleManagementServiceImpl implements RoleManagementService {
                 userStoreManager.updateUserListOfRole(newRoleName, usersToDelete, usersToAdd);
             }
 
-            if (roleInfo.getPermissions() != null) {
+            if (roleInfo.getScopes() != null) {
-                // Delete all authorizations for the current role before authorizing the permission tree
+                ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
-                authorizationManager.clearRoleAuthorization(roleName);
+                if (scopeManagementService == null) {
-                if (roleInfo.getPermissions().length > 0) {
+                    log.error("Scope management service initialization is failed, hence scopes will not be updated");
-                    for (int i = 0; i < roleInfo.getPermissions().length; i++) {
+                } else {
-                        String permission = roleInfo.getPermissions()[i];
+                    scopeManagementService.updateScopes(roleInfo.getScopes());
-                        authorizationManager.authorizeRole(roleName, permission, CarbonConstants.UI_PERMISSION_ACTION);
-                    }
                 }
             }
             //TODO: Need to send the updated role information in the entity back to the client
@@ -278,14 +237,21 @@ public class RoleManagementServiceImpl implements RoleManagementService {
             log.error(msg, e);
             return Response.serverError().entity(
                     new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
+        } catch (ScopeManagementException e) {
+            String msg = "Error occurred while updating scopes of role '" + roleName + "'";
+            log.error(msg, e);
+            return Response.serverError().entity(
+                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
         }
     }
 
     @DELETE
     @Path("/{roleName}")
     @Override
-    public Response deleteRole(@PathParam("roleName") String roleName) {
+    public Response deleteRole(@PathParam("roleName") String roleName, RoleInfo roleInfo) {
         RequestValidationUtil.validateRoleName(roleName);
+        RequestValidationUtil.validateScopes(roleInfo.getScopes());
+
         try {
             final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
             final UserStoreManager userStoreManager = userRealm.getUserStoreManager();
@@ -303,12 +269,25 @@ public class RoleManagementServiceImpl implements RoleManagementService {
             // Delete all authorizations for the current role before deleting
             authorizationManager.clearRoleAuthorization(roleName);
 
+            //updating scopes
+            ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
+            if (scopeManagementService == null) {
+                log.error("Scope management service initialization is failed, hence scopes will not be updated");
+            } else {
+                scopeManagementService.updateScopes(roleInfo.getScopes());
+            }
+
             return Response.status(Response.Status.OK).build();
         } catch (UserStoreException e) {
             String msg = "Error occurred while deleting the role '" + roleName + "'";
             log.error(msg, e);
             return Response.serverError().entity(
                     new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
+        } catch (ScopeManagementException e) {
+            String msg = "Error occurred while updating scopes of role '" + roleName + "'";
+            log.error(msg, e);
+            return Response.serverError().entity(
+                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
         }
     }
 

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/util/RequestValidationUtil.java

@@ -18,6 +18,7 @@
  */
 package org.wso2.carbon.device.mgt.jaxrs.service.impl.util;
 
+import org.wso2.carbon.apimgt.api.model.Scope;
 import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
 import org.wso2.carbon.device.mgt.common.notification.mgt.Notification;
@@ -312,4 +313,12 @@ public class RequestValidationUtil {
         }
     }
 
+    public static void validateScopes(List<Scope> scopes) {
+        if (scopes == null || scopes.isEmpty()) {
+            throw new InputValidationException(
+                    new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage("Scope details of the request body" +
+                            " is incorrect or empty").build());
+        }
+    }
+
 }

components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java

@@ -28,6 +28,7 @@ import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationEntry;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
 import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfigurationManagementService;
 import org.wso2.carbon.device.mgt.common.notification.mgt.NotificationManagementService;
+import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
 import org.wso2.carbon.device.mgt.core.app.mgt.ApplicationManagementProviderService;
 import org.wso2.carbon.device.mgt.core.device.details.mgt.DeviceInformationManager;
 import org.wso2.carbon.device.mgt.core.search.mgt.SearchManagerService;
@@ -248,6 +249,16 @@ public class DeviceMgtAPIUtils {
         return gadgetDataService;
     }
 
+    public static ScopeManagementService getScopeManagementService() {
+        PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+        ScopeManagementService scopeManagementService =
+                (ScopeManagementService) ctx.getOSGiService(ScopeManagementService.class, null);
+        if (scopeManagementService == null) {
+            throw new IllegalStateException("Scope Management Service has not been initialized.");
+        }
+        return scopeManagementService;
+    }
+
     public static int getTenantId(String tenantDomain) throws DeviceManagementException {
         RealmService realmService =
                 (RealmService) PrivilegedCarbonContext.getThreadLocalCarbonContext().getOSGiService(RealmService.class, null);

components/device-mgt/org.wso2.carbon.device.mgt.common/pom.xml

@@ -68,6 +68,10 @@
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-annotations</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon.apimgt</groupId>
+            <artifactId>org.wso2.carbon.apimgt.api</artifactId>
+        </dependency>
     </dependencies>
 
 </project>

components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementException.java

@@ -0,0 +1,57 @@
+/*
+* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package org.wso2.carbon.device.mgt.common.scope.mgt;
+
+/**
+ * This exception is used to throw when there is an issue in scope management service.
+ */
+public class ScopeManagementException extends Exception {
+
+    private static final long serialVersionUID = -315127931137779899L;
+
+    private String errorMessage;
+
+    public String getErrorMessage() {
+        return errorMessage;
+    }
+
+    public void setErrorMessage(String errorMessage) {
+        this.errorMessage = errorMessage;
+    }
+
+    public ScopeManagementException(String msg, Exception nestedEx) {
+        super(msg, nestedEx);
+        setErrorMessage(msg);
+    }
+
+    public ScopeManagementException(String message, Throwable cause) {
+        super(message, cause);
+        setErrorMessage(message);
+    }
+
+    public ScopeManagementException(String msg) {
+        super(msg);
+        setErrorMessage(msg);
+    }
+
+    public ScopeManagementException() {
+        super();
+    }
+
+    public ScopeManagementException(Throwable cause) {
+        super(cause);
+    }
+}

components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementService.java

@@ -0,0 +1,45 @@
+/*
+*  Copyright (c) 2016 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+*
+*  WSO2 Inc. licenses this file to you under the Apache License,
+*  Version 2.0 (the "License"); you may not use this file except
+*  in compliance with the License.
+*  You may obtain a copy of the License at
+*
+*    http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing,
+* software distributed under the License is distributed on an
+* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+* KIND, either express or implied.  See the License for the
+* specific language governing permissions and limitations
+* under the License.
+*/
+
+package org.wso2.carbon.device.mgt.common.scope.mgt;
+
+import java.util.List;
+import org.wso2.carbon.apimgt.api.model.Scope;
+
+/**
+ * This interface contains the basic operations related to scope management.
+ */
+public interface ScopeManagementService {
+
+    /**
+     * This method is used to update the given list of scopes.
+     *
+     * @param scopes List of scopes to be updated.
+     * @throws ScopeManagementException
+     */
+    void updateScopes(List<Scope> scopes) throws ScopeManagementException;
+
+    /**
+     * This method is used to retrieve all the scopes.
+     *
+     * @return List of scopes.
+     * @throws ScopeManagementException
+     */
+    List<Scope> getAllScopes() throws ScopeManagementException;
+
+}

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementDataHolder.java

@@ -18,6 +18,7 @@
 
 package org.wso2.carbon.device.mgt.core.internal;
 
+import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
 import org.wso2.carbon.device.mgt.common.app.mgt.ApplicationManager;
 import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
 import org.wso2.carbon.device.mgt.common.license.mgt.LicenseManager;
@@ -56,6 +57,16 @@ public class DeviceManagementDataHolder {
     private EmailSenderService emailSenderService;
     private PushNotificationProviderRepository pushNotificationProviderRepository;
 
+    public APIManagerConfiguration getApiManagerConfiguration() {
+        return apiManagerConfiguration;
+    }
+
+    public void setApiManagerConfiguration(APIManagerConfiguration apiManagerConfiguration) {
+        this.apiManagerConfiguration = apiManagerConfiguration;
+    }
+
+    private APIManagerConfiguration apiManagerConfiguration;
+
     private DeviceManagementDataHolder() {}
 
     public static DeviceManagementDataHolder getInstance() {

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java

@@ -21,6 +21,7 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.osgi.framework.BundleContext;
 import org.osgi.service.component.ComponentContext;
+import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
 import org.wso2.carbon.apimgt.impl.APIManagerConfigurationService;
 import org.wso2.carbon.device.mgt.common.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.app.mgt.ApplicationManagementException;
@@ -30,6 +31,7 @@ import org.wso2.carbon.device.mgt.common.notification.mgt.NotificationManagement
 import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
 import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManager;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
+import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
 import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService;
 import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
 import org.wso2.carbon.device.mgt.core.DeviceManagementPluginRepository;
@@ -50,6 +52,8 @@ import org.wso2.carbon.device.mgt.core.operation.mgt.OperationManagerImpl;
 import org.wso2.carbon.device.mgt.core.operation.mgt.dao.OperationManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionManagerServiceImpl;
 import org.wso2.carbon.device.mgt.core.push.notification.mgt.PushNotificationProviderRepository;
+import org.wso2.carbon.device.mgt.core.scope.mgt.ScopeManagementServiceImpl;
+import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOFactory;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
 import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl;
 import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
@@ -59,8 +63,10 @@ import org.wso2.carbon.email.sender.core.service.EmailSenderService;
 import org.wso2.carbon.ndatasource.core.DataSourceService;
 import org.wso2.carbon.registry.core.service.RegistryService;
 import org.wso2.carbon.user.core.service.RealmService;
+import org.wso2.carbon.utils.CarbonUtils;
 import org.wso2.carbon.utils.ConfigurationContextService;
 
+import java.io.File;
 import java.util.ArrayList;
 import java.util.List;
 
@@ -117,6 +123,9 @@ public class DeviceManagementServiceComponent {
     private static List<DeviceManagementService> deviceManagers = new ArrayList<>();
     private static List<DeviceManagerStartupListener> startupListeners = new ArrayList<>();
     private DeviceManagementPluginRepository pluginRepository = new DeviceManagementPluginRepository();
+    private static final String APIM_CONFIGURATION_PATH = CarbonUtils.getCarbonHome() + File.separator + "repository" +
+            File.separator + "conf" + File.separator + "api-manager.xml";
+    private static final String DATA_SOURCE_NAME = "DataSourceName";
 
     public static void registerPluginInitializationListener(PluginInitializationListener listener) {
         synchronized (LOCK) {
@@ -149,12 +158,19 @@ public class DeviceManagementServiceComponent {
                     DeviceConfigurationManager.getInstance().getDeviceManagementConfig();
 
             DataSourceConfig dsConfig = config.getDeviceManagementConfigRepository().getDataSourceConfig();
+
+            APIManagerConfiguration apiManagerConfiguration = new APIManagerConfiguration();
+            apiManagerConfiguration.load(APIM_CONFIGURATION_PATH);
+            DeviceManagementDataHolder.getInstance().setApiManagerConfiguration(apiManagerConfiguration);
+
             DeviceManagementDAOFactory.init(dsConfig);
             GroupManagementDAOFactory.init(dsConfig);
             NotificationManagementDAOFactory.init(dsConfig);
-
             OperationManagementDAOFactory.init(dsConfig);
 
+            String apiManagerDataSource = apiManagerConfiguration.getFirstProperty(DATA_SOURCE_NAME);
+            ScopeManagementDAOFactory.init(apiManagerDataSource);
+
             /* Initialize Operation Manager */
             this.initOperationsManager();
 
@@ -227,10 +243,9 @@ public class DeviceManagementServiceComponent {
                 = new NotificationManagementServiceImpl();
         bundleContext.registerService(NotificationManagementService.class.getName(), notificationManagementService, null);
 
-        /* Registering PermissionManager Service */
+        /* Registering Scope Management Service */
-        PermissionManagerService permissionManagerService
+        ScopeManagementService scopeManagementService = new ScopeManagementServiceImpl();
-                = PermissionManagerServiceImpl.getInstance();
+        bundleContext.registerService(ScopeManagementService.class.getName(), scopeManagementService, null);
-        bundleContext.registerService(PermissionManagerService.class.getName(), permissionManagerService, null);
 
         /* Registering DeviceAccessAuthorization Service */
         DeviceAccessAuthorizationService deviceAccessAuthorizationService = new DeviceAccessAuthorizationServiceImpl();

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/ScopeManagementServiceImpl.java

@@ -0,0 +1,78 @@
+/*
+*  Copyright (c) 2016 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+*
+*  WSO2 Inc. licenses this file to you under the Apache License,
+*  Version 2.0 (the "License"); you may not use this file except
+*  in compliance with the License.
+*  You may obtain a copy of the License at
+*
+*    http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing,
+* software distributed under the License is distributed on an
+* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+* KIND, either express or implied.  See the License for the
+* specific language governing permissions and limitations
+* under the License.
+*/
+
+package org.wso2.carbon.device.mgt.core.scope.mgt;
+
+import org.wso2.carbon.apimgt.api.model.Scope;
+import org.wso2.carbon.device.mgt.common.TransactionManagementException;
+import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException;
+import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
+import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAO;
+import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOException;
+import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOFactory;
+
+import java.lang.annotation.Inherited;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * This is an implementation of a Scope Management Service.
+ */
+public class ScopeManagementServiceImpl implements ScopeManagementService {
+
+    private ScopeManagementDAO scopeManagementDAO;
+
+    public ScopeManagementServiceImpl() {
+        this.scopeManagementDAO = ScopeManagementDAOFactory.getScopeManagementDAO();
+    }
+
+    @Override
+    public void updateScopes(List<Scope> scopes) throws ScopeManagementException {
+        try{
+            ScopeManagementDAOFactory.beginTransaction();
+            scopeManagementDAO.updateScopes(scopes);
+            ScopeManagementDAOFactory.commitTransaction();
+        } catch (TransactionManagementException e) {
+            ScopeManagementDAOFactory.rollbackTransaction();
+            throw new ScopeManagementException("Transactional error occurred while adding the scopes.", e);
+        } catch (ScopeManagementDAOException e) {
+            ScopeManagementDAOFactory.rollbackTransaction();
+            throw new ScopeManagementException("Error occurred while adding the scopes to database.", e);
+        } finally {
+            ScopeManagementDAOFactory.closeConnection();
+        }
+    }
+
+    @Override
+    public List<Scope> getAllScopes() throws ScopeManagementException {
+        List<Scope> scopes = new ArrayList<>();
+        try{
+            ScopeManagementDAOFactory.openConnection();
+            scopes = scopeManagementDAO.getAllScopes();
+        } catch (SQLException e) {
+            throw new ScopeManagementException("SQL error occurred while adding scopes to database.", e);
+        } catch (ScopeManagementDAOException e) {
+            throw new ScopeManagementException("Error occurred while adding scopes to database.", e);
+        } finally {
+            ScopeManagementDAOFactory.closeConnection();
+        }
+        return scopes;
+    }
+
+}

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAO.java

@@ -0,0 +1,46 @@
+/*
+*  Copyright (c) 2016 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+*
+*  WSO2 Inc. licenses this file to you under the Apache License,
+*  Version 2.0 (the "License"); you may not use this file except
+*  in compliance with the License.
+*  You may obtain a copy of the License at
+*
+*    http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing,
+* software distributed under the License is distributed on an
+* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+* KIND, either express or implied.  See the License for the
+* specific language governing permissions and limitations
+* under the License.
+*/
+
+package org.wso2.carbon.device.mgt.core.scope.mgt.dao;
+
+import org.wso2.carbon.apimgt.api.model.Scope;
+
+import java.util.List;
+
+/**
+ * This interface contains the basic database operations related to scope management.
+ */
+public interface ScopeManagementDAO {
+
+    /**
+     * This method is used to update the list of scopes.
+     *
+     * @param scopes List of scopes to be updated.
+     * @throws ScopeManagementDAOException
+     */
+    void updateScopes(List<Scope> scopes) throws ScopeManagementDAOException;
+
+    /**
+     * This method is used to retrieve all the scopes.
+     *
+     * @return List of scopes.
+     * @throws ScopeManagementDAOException
+     */
+    List<Scope> getAllScopes() throws ScopeManagementDAOException;
+
+}

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAOException.java

@@ -0,0 +1,57 @@
+/*
+*  Copyright (c) 2016 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+*
+*  WSO2 Inc. licenses this file to you under the Apache License,
+*  Version 2.0 (the "License"); you may not use this file except
+*  in compliance with the License.
+*  You may obtain a copy of the License at
+*
+*    http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing,
+* software distributed under the License is distributed on an
+* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+* KIND, either express or implied.  See the License for the
+* specific language governing permissions and limitations
+* under the License.
+*/
+package org.wso2.carbon.device.mgt.core.scope.mgt.dao;
+
+public class ScopeManagementDAOException extends Exception {
+
+    private static final long serialVersionUID = -315127931137771199L;
+
+    private String errorMessage;
+
+    public String getErrorMessage() {
+        return errorMessage;
+    }
+
+    public void setErrorMessage(String errorMessage) {
+        this.errorMessage = errorMessage;
+    }
+
+    public ScopeManagementDAOException(String msg, Exception nestedEx) {
+        super(msg, nestedEx);
+        setErrorMessage(msg);
+    }
+
+    public ScopeManagementDAOException(String message, Throwable cause) {
+        super(message, cause);
+        setErrorMessage(message);
+    }
+
+    public ScopeManagementDAOException(String msg) {
+        super(msg);
+        setErrorMessage(msg);
+    }
+
+    public ScopeManagementDAOException() {
+        super();
+    }
+
+    public ScopeManagementDAOException(Throwable cause) {
+        super(cause);
+    }
+
+}

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAOFactory.java

@@ -0,0 +1,139 @@
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.device.mgt.core.scope.mgt.dao;
+
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.device.mgt.common.IllegalTransactionStateException;
+import org.wso2.carbon.device.mgt.common.TransactionManagementException;
+import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil;
+import org.wso2.carbon.device.mgt.core.scope.mgt.dao.impl.ScopeManagementDAOImpl;
+
+import javax.sql.DataSource;
+import java.sql.Connection;
+import java.sql.SQLException;
+
+public class ScopeManagementDAOFactory {
+
+    private static final Log log = LogFactory.getLog(ScopeManagementDAOFactory.class);
+    private static DataSource dataSource;
+    private static String databaseEngine;
+    private static ThreadLocal<Connection> currentConnection = new ThreadLocal<Connection>();
+
+    public static ScopeManagementDAO getScopeManagementDAO() {
+        return new ScopeManagementDAOImpl();
+    }
+
+    public static void init(String dataSourceName) {
+        dataSource = resolveDataSource(dataSourceName);
+        try {
+            databaseEngine = dataSource.getConnection().getMetaData().getDatabaseProductName();
+        } catch (SQLException e) {
+            log.error("Error occurred while retrieving config.datasource connection", e);
+        }
+    }
+
+    public static void beginTransaction() throws TransactionManagementException {
+        try {
+            Connection conn = dataSource.getConnection();
+            conn.setAutoCommit(false);
+            currentConnection.set(conn);
+        } catch (SQLException e) {
+            throw new TransactionManagementException(
+                    "Error occurred while retrieving config.datasource connection", e);
+        }
+    }
+
+    public static void openConnection() throws SQLException {
+        currentConnection.set(dataSource.getConnection());
+    }
+
+    public static Connection getConnection() throws SQLException {
+        if (currentConnection.get() == null) {
+            throw new IllegalTransactionStateException("No connection is associated with the current transaction. " +
+                    "This might have ideally caused by not properly initiating the transaction via " +
+                    "'beginTransaction'/'openConnection' methods");
+        }
+        return currentConnection.get();
+    }
+
+    public static void closeConnection() {
+        Connection con = currentConnection.get();
+        if (con != null) {
+            try {
+                con.close();
+            } catch (SQLException e) {
+                log.error("Error occurred while close the connection");
+            }
+            currentConnection.remove();
+        }
+    }
+
+    public static void commitTransaction() {
+        try {
+            Connection conn = currentConnection.get();
+            if (conn != null) {
+                conn.commit();
+            } else {
+                if (log.isDebugEnabled()) {
+                    log.debug("Datasource connection associated with the current thread is null, hence commit " +
+                            "has not been attempted");
+                }
+            }
+        } catch (SQLException e) {
+            log.error("Error occurred while committing the transaction", e);
+        }
+    }
+
+    public static void rollbackTransaction() {
+        try {
+            Connection conn = currentConnection.get();
+            if (conn != null) {
+                conn.rollback();
+            } else {
+                if (log.isDebugEnabled()) {
+                    log.debug("Datasource connection associated with the current thread is null, hence rollback " +
+                            "has not been attempted");
+                }
+            }
+        } catch (SQLException e) {
+            log.error("Error occurred while roll-backing the transaction", e);
+        }
+    }
+
+    /**
+     * Resolve data source from the data source name.
+     *
+     * @param dataSourceName data source name
+     * @return data source resolved from the data source definition
+     */
+    private static DataSource resolveDataSource(String dataSourceName) {
+        DataSource dataSource;
+        if (dataSourceName == null || dataSourceName.isEmpty()) {
+            throw new RuntimeException("Scope Management Repository data source configuration is null and " +
+                    "thus, is not initialized");
+        }
+        if (log.isDebugEnabled()) {
+            log.debug("Initializing Scope Management Repository data source using the JNDI Lookup Definition");
+        }
+        dataSource = DeviceManagementDAOUtil.lookupDataSource(dataSourceName, null);
+        return dataSource;
+    }
+
+}

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAOUtil.java

@@ -0,0 +1,57 @@
+/*
+ *   Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ *   WSO2 Inc. licenses this file to you under the Apache License,
+ *   Version 2.0 (the "License"); you may not use this file except
+ *   in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.wso2.carbon.device.mgt.core.scope.mgt.dao;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Statement;
+
+public class ScopeManagementDAOUtil {
+
+    private static final Log log = LogFactory.getLog(ScopeManagementDAOUtil.class);
+
+    public static void cleanupResources(Statement stmt, ResultSet rs) {
+        if (rs != null) {
+            try {
+                rs.close();
+            } catch (SQLException e) {
+                log.warn("Error occurred while closing the result set", e);
+            }
+        }
+        if (stmt != null) {
+            try {
+                stmt.close();
+            } catch (SQLException e) {
+                log.warn("Error occurred while closing the statement", e);
+            }
+        }
+    }
+    public static void cleanupResources(Statement stmt) {
+        if (stmt != null) {
+            try {
+                stmt.close();
+            } catch (SQLException e) {
+                log.warn("Error occurred while closing the statement", e);
+            }
+        }
+    }
+}

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/impl/ScopeManagementDAOImpl.java

@@ -0,0 +1,96 @@
+/*
+*  Copyright (c) 2016 WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+*
+*  WSO2 Inc. licenses this file to you under the Apache License,
+*  Version 2.0 (the "License"); you may not use this file except
+*  in compliance with the License.
+*  You may obtain a copy of the License at
+*
+*    http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing,
+* software distributed under the License is distributed on an
+* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+* KIND, either express or implied.  See the License for the
+* specific language governing permissions and limitations
+* under the License.
+*/
+
+package org.wso2.carbon.device.mgt.core.scope.mgt.dao.impl;
+
+import org.wso2.carbon.apimgt.api.model.Scope;
+import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAO;
+import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOException;
+import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOFactory;
+import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOUtil;
+
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+
+public class ScopeManagementDAOImpl implements ScopeManagementDAO {
+
+    @Override
+    public void updateScopes(List<Scope> scopes) throws ScopeManagementDAOException {
+        Connection conn;
+        PreparedStatement stmt = null;
+        ResultSet rs = null;
+
+        try {
+            conn = this.getConnection();
+            String sql = "UPDATE IDN_OAUTH2_SCOPE SET ROLES=? WHERE SCOPE_KEY=?";
+            stmt = conn.prepareStatement(sql);
+
+            // creating a batch request
+            for (Scope scope : scopes) {
+                stmt.setString(1, scope.getRoles());
+                stmt.setString(2, scope.getKey());
+                stmt.addBatch();
+            }
+            stmt.executeBatch();
+        } catch (SQLException e) {
+            throw new ScopeManagementDAOException("Error occurred while updating the details of the scopes.", e);
+        } finally {
+            ScopeManagementDAOUtil.cleanupResources(stmt, rs);
+        }
+
+    }
+
+
+    public List<Scope> getAllScopes() throws ScopeManagementDAOException {
+        Connection conn;
+        PreparedStatement stmt = null;
+        ResultSet rs = null;
+        List<Scope> scopes = new ArrayList<>();
+        Scope scope;
+
+        try {
+            conn = this.getConnection();
+            String sql = "SELECT * FROM IDN_OAUTH2_SCOPE";
+            stmt = conn.prepareStatement(sql);
+            rs = stmt.executeQuery();
+
+            if (rs.next()) {
+                scope = new Scope();
+                scope.setKey(rs.getString("SCOPE_KEY"));
+                scope.setName(rs.getString("NAME"));
+                scope.setDescription(rs.getString("DESCRIPTION"));
+                scope.setRoles(rs.getString("ROLES"));
+                scopes.add(scope);
+            }
+            return scopes;
+        } catch (SQLException e) {
+            throw new ScopeManagementDAOException("Error occurred while fetching the details of the scopes.", e);
+        } finally {
+            ScopeManagementDAOUtil.cleanupResources(stmt, rs);
+        }
+    }
+
+    private Connection getConnection() throws SQLException {
+        return ScopeManagementDAOFactory.getConnection();
+    }
+
+}