Commiting permission-scope mapping improvements

revert-70aa11f8
Milan Perera 8 years ago
parent a0c842c6c6
commit dd353e1bfb

@ -79,7 +79,7 @@
javax.servlet, javax.servlet,
javax.xml.*, javax.xml.*,
javax.xml.parsers;version="${javax.xml.parsers.import.pkg.version}";resolution:=optional, javax.xml.parsers;version="${javax.xml.parsers.import.pkg.version}";resolution:=optional,
org.apache.commons.lang, org.apache.commons.lang
</Import-Package> </Import-Package>
<Embed-Dependency> <Embed-Dependency>
scribe;scope=compile|runtime;inline=false; scribe;scope=compile|runtime;inline=false;

@ -1,42 +0,0 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.apimgt.annotations.api;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* This class is the representation of custom developed Permission annotation.
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface Permission {
/**
* Represents the permission name.
* @return Returns permission name.
*/
String name();
/**
* Represents the permission string.
* @return Returns permission string.
*/
String permission();
}

@ -1,21 +1,3 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.annotations.api; package org.wso2.carbon.apimgt.annotations.api;
import java.lang.annotation.ElementType; import java.lang.annotation.ElementType;
@ -24,28 +6,18 @@ import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target; import java.lang.annotation.Target;
/** /**
* This class is the representation of custom developed Permission annotation. * This class is the representation of custom developed Scopes annotation.
*/ */
@Target(ElementType.METHOD) @Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME) @Retention(RetentionPolicy.RUNTIME)
public @interface Scope { public @interface Scope {
/**
* Represents the scope key which should be unique.
* @return Returns scope key.
*/
String key();
/**
* Represents the scope name.
* @return Returns scope name.
*/
String name(); String name();
/**
* Represents the scope description.
* @return Returns scope description.
*/
String description(); String description();
String key();
String[] permissions();
} }

@ -0,0 +1,35 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.annotations.api;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* This class is the representation of custom developed Scopes annotation.
*/
@Target(ElementType.TYPE)
@Retention(RetentionPolicy.RUNTIME)
public @interface Scopes {
Scope[] scopes();
}

@ -16,10 +16,12 @@
package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util; package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.SwaggerDefinition; import io.swagger.annotations.SwaggerDefinition;
import org.apache.catalina.core.StandardContext; import org.apache.catalina.core.StandardContext;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.model.Scope;
import org.wso2.carbon.apimgt.webapp.publisher.APIPublisherUtil; import org.wso2.carbon.apimgt.webapp.publisher.APIPublisherUtil;
import org.wso2.carbon.apimgt.webapp.publisher.config.APIResource; import org.wso2.carbon.apimgt.webapp.publisher.config.APIResource;
import org.wso2.carbon.apimgt.webapp.publisher.config.APIResourceConfiguration; import org.wso2.carbon.apimgt.webapp.publisher.config.APIResourceConfiguration;
@ -37,9 +39,7 @@ import java.net.URI;
import java.net.URL; import java.net.URL;
import java.security.AccessController; import java.security.AccessController;
import java.security.PrivilegedAction; import java.security.PrivilegedAction;
import java.util.ArrayList; import java.util.*;
import java.util.List;
import java.util.Set;
public class AnnotationProcessor { public class AnnotationProcessor {
@ -58,9 +58,13 @@ public class AnnotationProcessor {
private static final String SWAGGER_ANNOTATIONS_EXTENSIONS = "extensions"; private static final String SWAGGER_ANNOTATIONS_EXTENSIONS = "extensions";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES = "properties"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES = "properties";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_NAME = "name"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_NAME = "name";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION = "description";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_KEY = "key";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS = "permissions";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VERSION = "version"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VERSION = "version";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_CONTEXT = "context"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_CONTEXT = "context";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VALUE = "value"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VALUE = "value";
private static final String ANNOTATIONS_SCOPES = "scopes";
private StandardContext context; private StandardContext context;
@ -75,6 +79,10 @@ public class AnnotationProcessor {
private Class<io.swagger.annotations.Tag> tagClass; private Class<io.swagger.annotations.Tag> tagClass;
private Class<io.swagger.annotations.Extension> extensionClass; private Class<io.swagger.annotations.Extension> extensionClass;
private Class<io.swagger.annotations.ExtensionProperty> extensionPropertyClass; private Class<io.swagger.annotations.ExtensionProperty> extensionPropertyClass;
private Class<io.swagger.annotations.ApiOperation> apiOperation;
private Class<org.wso2.carbon.apimgt.annotations.api.Scope> scopeClass;
private Class<org.wso2.carbon.apimgt.annotations.api.Scopes> scopesClass;
private Map<String, Scope> apiScopes;
public AnnotationProcessor(final StandardContext context) { public AnnotationProcessor(final StandardContext context) {
servletContext = context.getServletContext(); servletContext = context.getServletContext();
@ -91,7 +99,13 @@ public class AnnotationProcessor {
extensionClass = (Class<io.swagger.annotations.Extension>)classLoader extensionClass = (Class<io.swagger.annotations.Extension>)classLoader
.loadClass((io.swagger.annotations.Extension.class.getName())); .loadClass((io.swagger.annotations.Extension.class.getName()));
extensionPropertyClass = (Class<io.swagger.annotations.ExtensionProperty>)classLoader extensionPropertyClass = (Class<io.swagger.annotations.ExtensionProperty>)classLoader
.loadClass((io.swagger.annotations.ExtensionProperty.class.getName())); .loadClass(io.swagger.annotations.ExtensionProperty.class.getName());
scopeClass = (Class<org.wso2.carbon.apimgt.annotations.api.Scope>) classLoader
.loadClass(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName());
scopesClass = (Class<org.wso2.carbon.apimgt.annotations.api.Scopes>) classLoader
.loadClass(org.wso2.carbon.apimgt.annotations.api.Scopes.class.getName());
apiOperation = (Class<io.swagger.annotations.ApiOperation>)classLoader
.loadClass((io.swagger.annotations.ApiOperation.class.getName()));
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
log.error("An error has occurred while loading classes ", e); log.error("An error has occurred while loading classes ", e);
} }
@ -127,6 +141,7 @@ public class AnnotationProcessor {
} }
try { try {
apiResourceConfig = processAPIAnnotation(swaggerDefinition); apiResourceConfig = processAPIAnnotation(swaggerDefinition);
apiScopes = processAPIScopes(swaggerDefinition);
if(apiResourceConfig != null){ if(apiResourceConfig != null){
String rootContext = servletContext.getContextPath(); String rootContext = servletContext.getContextPath();
pathClazzMethods = pathClazz.getMethods(); pathClazzMethods = pathClazz.getMethods();
@ -158,7 +173,7 @@ public class AnnotationProcessor {
} catch (ClassNotFoundException e1) { } catch (ClassNotFoundException e1) {
String msg = "Failed to load service class " + className + " for publishing APIs." + String msg = "Failed to load service class " + className + " for publishing APIs." +
" This API will not be published."; " This API will not be published.";
log.error(msg); log.error(msg, e1);
} catch (RuntimeException e) { } catch (RuntimeException e) {
log.error("Unexpected error has been occurred while publishing "+ className log.error("Unexpected error has been occurred while publishing "+ className
+"hence, this API will not be published."); +"hence, this API will not be published.");
@ -174,6 +189,37 @@ public class AnnotationProcessor {
return apiResourceConfigs; return apiResourceConfigs;
} }
private Map<String,Scope> processAPIScopes(Annotation annotation) throws Throwable {
Map<String, Scope> scopes = new HashMap<>();
InvocationHandler methodHandler = Proxy.getInvocationHandler(annotation);
Annotation[] annotatedScopes = (Annotation[]) methodHandler.invoke(annotation, scopesClass
.getMethod(ANNOTATIONS_SCOPES, null), null);
Scope scope;
String permissions[];
StringBuilder aggregatedPermissions = new StringBuilder();
for(int i=0; i<annotatedScopes.length; i++){
methodHandler = Proxy.getInvocationHandler(annotatedScopes[i]);
scope = new Scope();
scope.setName(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_NAME), annotatedScopes[i], STRING));
scope.setDescription(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION), annotatedScopes[i], STRING));
scope.setKey(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_KEY), annotatedScopes[i], STRING));
permissions = (String[])methodHandler.invoke(annotatedScopes[i], scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS, null),null);
for (String permission : permissions) {
aggregatedPermissions.append(permission);
aggregatedPermissions.append(" ");
}
scope.setRoles(aggregatedPermissions.toString());
scopes.put(scope.getKey(), scope);
}
return scopes;
}
/** /**
* Get Resources for each API * Get Resources for each API
* *
@ -211,6 +257,9 @@ public class AnnotationProcessor {
Annotation producesAnno = method.getAnnotation(producesClass); Annotation producesAnno = method.getAnnotation(producesClass);
resource.setProduces(invokeMethod(producesClassMethods[0], producesAnno, STRING_ARR)); resource.setProduces(invokeMethod(producesClassMethods[0], producesAnno, STRING_ARR));
} }
if (annotations[i].annotationType().getName().equals(ApiOperation.class.getName())) {
resource.setScope(this.getScope(annotations[i]));
}
} }
resourceList.add(resource); resourceList.add(resource);
} }
@ -375,4 +424,24 @@ public class AnnotationProcessor {
throw new RuntimeException(e); throw new RuntimeException(e);
} }
} }
private Scope getScope(Annotation currentMethod) throws Throwable {
InvocationHandler methodHandler = Proxy.getInvocationHandler(currentMethod);
Annotation[] extensions = (Annotation[]) methodHandler.invoke(currentMethod,
apiOperation.getMethod(SWAGGER_ANNOTATIONS_EXTENSIONS, null), null);
methodHandler = Proxy.getInvocationHandler(extensions[0]);
Annotation[] properties = (Annotation[])methodHandler.invoke(extensions[0], extensionClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES,null), null);
for (Annotation property : properties) {
methodHandler = Proxy.getInvocationHandler(property);
String scopeKey = (String) methodHandler.invoke(property, extensionPropertyClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_VALUE, null),null);
if (scopeKey.isEmpty()) {
return null;
}
return apiScopes.get(scopeKey);
}
return null;
}
} }

@ -1,18 +1,9 @@
package org.wso2.carbon.certificate.mgt.jaxrs.api; package org.wso2.carbon.certificate.mgt.jaxrs.api;
import io.swagger.annotations.Api; import io.swagger.annotations.*;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.AuthorizationScope;
import io.swagger.annotations.Extension;
import io.swagger.annotations.ExtensionProperty;
import io.swagger.annotations.Info;
import io.swagger.annotations.SwaggerDefinition;
import io.swagger.annotations.Tag;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.apimgt.annotations.api.Scopes;
import org.wso2.carbon.certificate.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.certificate.mgt.jaxrs.beans.ErrorResponse;
import javax.ws.rs.Consumes; import javax.ws.rs.Consumes;
@ -45,8 +36,19 @@ import javax.ws.rs.core.Response;
"related operations.") "related operations.")
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
@Scopes(scopes = {
@Scope(
name = "Sign CSR",
description = "Sign CSR",
key = "cdmf:sign-csr",
permissions = {"/certificate-mgt/sign-csr"}
)
}
)
public interface CertificateMgtService { public interface CertificateMgtService {
String SCOPE = "scope";
/** /**
* Sign the client's certificate signing request and save it in the database. * Sign the client's certificate signing request and save it in the database.
* *
@ -64,12 +66,10 @@ public interface CertificateMgtService {
value = "Process a given CSR and return signed certificates.", value = "Process a given CSR and return signed certificates.",
notes = "This will return a signed certificate upon a given CSR.", notes = "This will return a signed certificate upon a given CSR.",
tags = "Device Management", tags = "Device Management",
authorizations = { extensions = {
@Authorization( @Extension(properties = {
value="permission", @ExtensionProperty(name = SCOPE, value = "cdmf:sign-csr")
scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/manage", })
description = "Sign CSR") }
)
} }
) )
@ApiResponses( @ApiResponses(
@ -87,7 +87,6 @@ public interface CertificateMgtService {
message = "Internal Server Error. \n Error occurred while retrieving signed certificate.", message = "Internal Server Error. \n Error occurred while retrieving signed certificate.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "certificate:sign-csr", name = "Sign CSR", description = "")
Response getSignedCertFromCSR( Response getSignedCertFromCSR(
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",

@ -1,18 +1,8 @@
package org.wso2.carbon.certificate.mgt.cert.jaxrs.api; package org.wso2.carbon.certificate.mgt.cert.jaxrs.api;
import io.swagger.annotations.SwaggerDefinition; import io.swagger.annotations.*;
import io.swagger.annotations.Info; import org.wso2.carbon.apimgt.annotations.api.Scope;
import io.swagger.annotations.ExtensionProperty; import org.wso2.carbon.apimgt.annotations.api.Scopes;
import io.swagger.annotations.Extension;
import io.swagger.annotations.Tag;
import io.swagger.annotations.Api;
import io.swagger.annotations.AuthorizationScope;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.ResponseHeader;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse;
@ -39,10 +29,27 @@ import javax.ws.rs.core.Response;
) )
@Api(value = "Certificate Management", description = "This API includes all the certificate management related operations") @Api(value = "Certificate Management", description = "This API includes all the certificate management related operations")
@Path("/admin/certificates") @Path("/admin/certificates")
@Scopes(scopes = {
@Scope(
name = "Manage certificates",
description = "",
key = "cdmf:manage-certificate",
permissions = {"/device-mgt/certificates/manage"}
),
@Scope(
name = "View certificate",
description = "",
key = "cdmf:view-certificate",
permissions = {"/device-mgt/certificates/view"}
)
}
)
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
public interface CertificateManagementAdminService { public interface CertificateManagementAdminService {
String SCOPE = "scope";
/** /**
* Save a list of certificates and relevant information in the database. * Save a list of certificates and relevant information in the database.
* *
@ -58,12 +65,10 @@ public interface CertificateManagementAdminService {
value = "Adding a new SSL certificate", value = "Adding a new SSL certificate",
notes = "Add a new SSL certificate to the client end database.\n", notes = "Add a new SSL certificate to the client end database.\n",
tags = "Certificate Management", tags = "Certificate Management",
authorizations = { extensions = {
@Authorization( @Extension(properties = {
value="permission", @ExtensionProperty(name = SCOPE, value = "cdmf:manage-certificate")
scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/manage", })
description = "Manage certificates") }
)
} }
) )
@ApiResponses( @ApiResponses(
@ -129,12 +134,10 @@ public interface CertificateManagementAdminService {
value = "Getting Details of an SSL Certificate", value = "Getting Details of an SSL Certificate",
notes = "Get the client side SSL certificate details.", notes = "Get the client side SSL certificate details.",
tags = "Certificate Management", tags = "Certificate Management",
authorizations = { extensions = {
@Authorization( @Extension(properties = {
value="permission", @ExtensionProperty(name = SCOPE, value = "cdmf:view-certificate")
scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/view", })
description = "View certificates") }
)
} }
) )
@ApiResponses(value = { @ApiResponses(value = {
@ -202,12 +205,10 @@ public interface CertificateManagementAdminService {
+ "view all the certificate details, it is not feasible to show all the details on one " + "view all the certificate details, it is not feasible to show all the details on one "
+ "page. Therefore, the details are paginated.", + "page. Therefore, the details are paginated.",
tags = "Certificate Management", tags = "Certificate Management",
authorizations = { extensions = {
@Authorization( @Extension(properties = {
value="permission", @ExtensionProperty(name = SCOPE, value = "cdmf:view-certificate")
scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/view", })
description = "View certificates") }
)
} }
) )
@ApiResponses(value = { @ApiResponses(value = {
@ -283,12 +284,10 @@ public interface CertificateManagementAdminService {
value = "Deleting an SSL Certificate", value = "Deleting an SSL Certificate",
notes = "Delete an SSL certificate that's on the client end.", notes = "Delete an SSL certificate that's on the client end.",
tags = "Certificate Management", tags = "Certificate Management",
authorizations = { extensions = {
@Authorization( @Extension(properties = {
value="permission", @ExtensionProperty(name = SCOPE, value = "cdmf:manage-certificate")
scopes = { @AuthorizationScope(scope = "/device-mgt/certificates/manage", })
description = "Manage certificates") }
)
} }
) )
@ApiResponses(value = { @ApiResponses(value = {

@ -18,22 +18,13 @@
*/ */
package org.wso2.carbon.device.mgt.jaxrs.service.api; package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.SwaggerDefinition; import io.swagger.annotations.*;
import io.swagger.annotations.Info; import org.wso2.carbon.apimgt.annotations.api.Scope;
import io.swagger.annotations.ExtensionProperty; import org.wso2.carbon.apimgt.annotations.api.Scopes;
import io.swagger.annotations.Extension;
import io.swagger.annotations.Tag;
import io.swagger.annotations.Api;
import io.swagger.annotations.AuthorizationScope;
import io.swagger.annotations.Authorization;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.ResponseHeader;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList; import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import javax.validation.constraints.Size; import javax.validation.constraints.Size;
import javax.ws.rs.*; import javax.ws.rs.*;
@ -61,6 +52,16 @@ import javax.ws.rs.core.Response;
@Path("/activities") @Path("/activities")
@Api(value = "Activity Info Provider", description = "Activity related information manipulation. For example" + @Api(value = "Activity Info Provider", description = "Activity related information manipulation. For example" +
" operation details and responses from devices.") " operation details and responses from devices.")
@Scopes(
scopes = {
@Scope(
name = "Get activities",
description = "Get activities",
key = "cdmf:get-activity",
permissions = {"/device-mgt/devices/owning-device/view"}
)
}
)
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
public interface ActivityInfoProviderService { public interface ActivityInfoProviderService {
@ -74,12 +75,10 @@ public interface ActivityInfoProviderService {
notes = "Retrieve the details of a specific activity/operation, such as the meta information of " + notes = "Retrieve the details of a specific activity/operation, such as the meta information of " +
"an operation, including the responses from the devices.", "an operation, including the responses from the devices.",
tags = "Activity Info Provider", tags = "Activity Info Provider",
authorizations = { extensions = {
@Authorization( @Extension(properties = {
value="permission", @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity")
scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view" })
, description = "View Activities") }
)
} }
) )
@ApiResponses(value = { @ApiResponses(value = {
@ -149,12 +148,10 @@ public interface ActivityInfoProviderService {
notes = "Get the details of the operations/activities executed by the server on the devices registered" + notes = "Get the details of the operations/activities executed by the server on the devices registered" +
" with WSO2 EMM, during a defined time period.", " with WSO2 EMM, during a defined time period.",
tags = "Activity Info Provider", tags = "Activity Info Provider",
authorizations = { extensions = {
@Authorization( @Extension(properties = {
value="permission", @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity")
scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view" })
, description = "View Activities") }
)
} }
) )
@ApiResponses(value = { @ApiResponses(value = {

@ -31,8 +31,11 @@ import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.ResponseHeader; import io.swagger.annotations.ResponseHeader;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.apimgt.annotations.api.Scopes;
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration; import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import javax.ws.rs.*; import javax.ws.rs.*;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
@ -61,6 +64,21 @@ import javax.ws.rs.core.Response;
"through this API.") "through this API.")
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
@Scopes(scopes = {
@Scope(
name = "View configurations",
description = "",
key = "cdmf:view-configuration",
permissions = {"/device-mgt/platform-configurations/view"}
),
@Scope(
name = "Manage configurations",
description = "",
key = "cdmf:manage-configuration",
permissions = {"/device-mgt/platform-configurations/manage"}
)
}
)
public interface ConfigurationManagementService { public interface ConfigurationManagementService {
@GET @GET
@ -72,11 +90,10 @@ public interface ConfigurationManagementService {
"General platform configurations include the settings on how often the device need to be monitored. " + "General platform configurations include the settings on how often the device need to be monitored. " +
"Using this REST API you can get the general platform level configurations.", "Using this REST API you can get the general platform level configurations.",
tags = "Configuration Management", tags = "Configuration Management",
authorizations = { extensions = {
@Authorization( @Extension(properties = {
value="permission", @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:view-configuration")
scopes = { @AuthorizationScope(scope = "/device-mgt/platform-configurations/view", description = "View Configurations") } })
)
} }
) )
@ApiResponses( @ApiResponses(
@ -132,11 +149,10 @@ public interface ConfigurationManagementService {
"General platform configurations include the settings on how often the the device need to be monitored." + "General platform configurations include the settings on how often the the device need to be monitored." +
"Using this REST API you can update the general platform level configurations.", "Using this REST API you can update the general platform level configurations.",
tags = "Configuration Management", tags = "Configuration Management",
authorizations = { extensions = {
@Authorization( @Extension(properties = {
value="permission", @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-configuration")
scopes = { @AuthorizationScope(scope = "/device-mgt/platform-configurations/manage", description = "Manage configurations") } })
)
} }
) )
@ApiResponses( @ApiResponses(

@ -19,20 +19,11 @@
package org.wso2.carbon.device.mgt.jaxrs.service.api; package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.SwaggerDefinition; import io.swagger.annotations.*;
import io.swagger.annotations.Info;
import io.swagger.annotations.ExtensionProperty;
import io.swagger.annotations.Extension;
import io.swagger.annotations.Tag;
import io.swagger.annotations.Api;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import javax.ws.rs.GET;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
/** /**
* Device Analytics Dashboard related REST-APIs. This can be used to obtain device related analytics. * Device Analytics Dashboard related REST-APIs. This can be used to obtain device related analytics.
@ -68,70 +59,70 @@ public interface Dashboard {
String PAGINATION_ENABLED = "pagination-enabled"; String PAGINATION_ENABLED = "pagination-enabled";
String START_INDEX = "start"; String START_INDEX = "start";
String RESULT_COUNT = "length"; String RESULT_COUNT = "length";
//
@GET // @GET
@Path("device-count-overview") // @Path("device-count-overview")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view") // @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getOverviewDeviceCounts(); // Response getOverviewDeviceCounts();
//
@GET // @GET
@Path("device-counts-by-potential-vulnerabilities") // @Path("device-counts-by-potential-vulnerabilities")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view") // @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getDeviceCountsByPotentialVulnerabilities(); // Response getDeviceCountsByPotentialVulnerabilities();
//
@GET // @GET
@Path("non-compliant-device-counts-by-features") // @Path("non-compliant-device-counts-by-features")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view") // @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getNonCompliantDeviceCountsByFeatures(@QueryParam(START_INDEX) int startIndex, // Response getNonCompliantDeviceCountsByFeatures(@QueryParam(START_INDEX) int startIndex,
@QueryParam(RESULT_COUNT) int resultCount); // @QueryParam(RESULT_COUNT) int resultCount);
//
@GET // @GET
@Path("device-counts-by-groups") // @Path("device-counts-by-groups")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view") // @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getDeviceCountsByGroups(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus, // Response getDeviceCountsByGroups(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus,
@QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability, // @QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability,
@QueryParam(PLATFORM) String platform, // @QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership); // @QueryParam(OWNERSHIP) String ownership);
//
@GET // @GET
@Path("feature-non-compliant-device-counts-by-groups") // @Path("feature-non-compliant-device-counts-by-groups")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view") // @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getFeatureNonCompliantDeviceCountsByGroups(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode, // Response getFeatureNonCompliantDeviceCountsByGroups(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode,
@QueryParam(PLATFORM) String platform, // @QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership); // @QueryParam(OWNERSHIP) String ownership);
@GET // @GET
@Path("filtered-device-count-over-total") // @Path("filtered-device-count-over-total")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view") // @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getFilteredDeviceCountOverTotal(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus, // Response getFilteredDeviceCountOverTotal(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus,
@QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability, // @QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability,
@QueryParam(PLATFORM) String platform, // @QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership); // @QueryParam(OWNERSHIP) String ownership);
//
@GET // @GET
@Path("feature-non-compliant-device-count-over-total") // @Path("feature-non-compliant-device-count-over-total")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view") // @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getFeatureNonCompliantDeviceCountOverTotal(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode, // Response getFeatureNonCompliantDeviceCountOverTotal(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode,
@QueryParam(PLATFORM) String platform, // @QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership); // @QueryParam(OWNERSHIP) String ownership);
//
@GET // @GET
@Path("devices-with-details") // @Path("devices-with-details")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view") // @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getDevicesWithDetails(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus, // Response getDevicesWithDetails(@QueryParam(CONNECTIVITY_STATUS) String connectivityStatus,
@QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability, // @QueryParam(POTENTIAL_VULNERABILITY) String potentialVulnerability,
@QueryParam(PLATFORM) String platform, // @QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership, // @QueryParam(OWNERSHIP) String ownership,
@QueryParam(PAGINATION_ENABLED) String paginationEnabled, // @QueryParam(PAGINATION_ENABLED) String paginationEnabled,
@QueryParam(START_INDEX) int startIndex, // @QueryParam(START_INDEX) int startIndex,
@QueryParam(RESULT_COUNT) int resultCount); // @QueryParam(RESULT_COUNT) int resultCount);
//
@GET // @GET
@Path("feature-non-compliant-devices-with-details") // @Path("feature-non-compliant-devices-with-details")
@Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view") // @Permission(name = "View Dashboard", permission = "/device-mgt/dashboard/view")
Response getFeatureNonCompliantDevicesWithDetails(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode, // Response getFeatureNonCompliantDevicesWithDetails(@QueryParam(NON_COMPLIANT_FEATURE_CODE) String nonCompliantFeatureCode,
@QueryParam(PLATFORM) String platform, // @QueryParam(PLATFORM) String platform,
@QueryParam(OWNERSHIP) String ownership, // @QueryParam(OWNERSHIP) String ownership,
@QueryParam(PAGINATION_ENABLED) String paginationEnabled, // @QueryParam(PAGINATION_ENABLED) String paginationEnabled,
@QueryParam(START_INDEX) int startIndex, // @QueryParam(START_INDEX) int startIndex,
@QueryParam(RESULT_COUNT) int resultCount); // @QueryParam(RESULT_COUNT) int resultCount);
} }

@ -19,7 +19,6 @@
package org.wso2.carbon.device.mgt.jaxrs.service.api.admin; package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;

@ -22,7 +22,6 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ApiResponses;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult; import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult;
import org.wso2.carbon.device.mgt.jaxrs.beans.AuthorizationRequest; import org.wso2.carbon.device.mgt.jaxrs.beans.AuthorizationRequest;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;

@ -24,8 +24,11 @@ import io.swagger.jaxrs.config.ReaderListener;
import io.swagger.models.Swagger; import io.swagger.models.Swagger;
import io.swagger.models.auth.OAuth2Definition; import io.swagger.models.auth.OAuth2Definition;
import io.swagger.models.auth.SecuritySchemeDefinition; import io.swagger.models.auth.SecuritySchemeDefinition;
import org.wso2.carbon.device.mgt.jaxrs.beans.Scope;
import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.List;
import java.util.Map; import java.util.Map;
@SwaggerDefinition( @SwaggerDefinition(
@ -54,6 +57,7 @@ public class SecurityDefinitionConfigurator implements ReaderListener {
schemes.put(TOKEN_AUTH_SCHEME, tokenScheme); schemes.put(TOKEN_AUTH_SCHEME, tokenScheme);
swagger.setSecurityDefinitions(schemes); swagger.setSecurityDefinitions(schemes);
//TODO: Have to add wso2-scopes to swagger definition from here
} }
} }

@ -27,6 +27,7 @@ public class Constants {
public static final String USER_CLAIM_FIRST_NAME = "http://wso2.org/claims/givenname"; public static final String USER_CLAIM_FIRST_NAME = "http://wso2.org/claims/givenname";
public static final String USER_CLAIM_LAST_NAME = "http://wso2.org/claims/lastname"; public static final String USER_CLAIM_LAST_NAME = "http://wso2.org/claims/lastname";
public static final String PRIMARY_USER_STORE = "PRIMARY"; public static final String PRIMARY_USER_STORE = "PRIMARY";
public static final String SCOPE = "scope";
public final class ErrorMessages { public final class ErrorMessages {
private ErrorMessages () { throw new AssertionError(); } private ErrorMessages () { throw new AssertionError(); }

@ -23,6 +23,7 @@ import io.swagger.models.Swagger;
import org.apache.catalina.core.StandardContext; import org.apache.catalina.core.StandardContext;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.model.Scope;
import org.wso2.carbon.device.mgt.common.permission.mgt.Permission; import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
import javax.servlet.ServletContext; import javax.servlet.ServletContext;
@ -38,10 +39,7 @@ import java.net.URI;
import java.net.URL; import java.net.URL;
import java.security.AccessController; import java.security.AccessController;
import java.security.PrivilegedAction; import java.security.PrivilegedAction;
import java.util.ArrayList; import java.util.*;
import java.util.List;
import java.util.Set;
import java.util.StringTokenizer;
public class AnnotationProcessor { public class AnnotationProcessor {
@ -56,11 +54,14 @@ public class AnnotationProcessor {
private static final String STRING_ARR = "string_arr"; private static final String STRING_ARR = "string_arr";
private static final String STRING = "string"; private static final String STRING = "string";
private static final String SWAGGER_ANNOTATIONS_AUTHORIZATIONS = "authorizations"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES = "properties";
private static final String SWAGGER_ANNOTATIONS_PERMISSION = "permission"; private static final String SWAGGER_ANNOTATIONS_EXTENSIONS = "extensions";
private static final String SWAGGER_ANNOTATIONS_SCOPES = "scopes"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VALUE = "value";
private static final String SWAGGER_ANNOTATIONS_SCOPE = "scope"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_NAME = "name";
private static final String SWAGGER_ANNOTATIONS_DESCRIPTION = "description"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION = "description";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_KEY = "key";
private static final String SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS = "permissions";
private static final String ANNOTATIONS_SCOPES = "scopes";
private StandardContext context; private StandardContext context;
private Method[] pathClazzMethods; private Method[] pathClazzMethods;
@ -74,6 +75,11 @@ public class AnnotationProcessor {
private Class<io.swagger.annotations.ApiOperation> apiOperation; private Class<io.swagger.annotations.ApiOperation> apiOperation;
private Class<io.swagger.annotations.Authorization> authorizationClass; private Class<io.swagger.annotations.Authorization> authorizationClass;
private Class<io.swagger.annotations.AuthorizationScope> authorizationScopeClass; private Class<io.swagger.annotations.AuthorizationScope> authorizationScopeClass;
private Class<io.swagger.annotations.Extension> extensionClass;
private Class<io.swagger.annotations.ExtensionProperty> extensionPropertyClass;
private Class<org.wso2.carbon.apimgt.annotations.api.Scope> scopeClass;
private Class<org.wso2.carbon.apimgt.annotations.api.Scopes> scopesClass;
private Map<String, Scope> apiScopes;
public AnnotationProcessor(final StandardContext context) { public AnnotationProcessor(final StandardContext context) {
@ -90,6 +96,15 @@ public class AnnotationProcessor {
.loadClass((io.swagger.annotations.Authorization.class.getName())); .loadClass((io.swagger.annotations.Authorization.class.getName()));
authorizationScopeClass = (Class<io.swagger.annotations.AuthorizationScope>)classLoader authorizationScopeClass = (Class<io.swagger.annotations.AuthorizationScope>)classLoader
.loadClass((io.swagger.annotations.AuthorizationScope.class.getName())); .loadClass((io.swagger.annotations.AuthorizationScope.class.getName()));
extensionClass = (Class<io.swagger.annotations.Extension>)classLoader
.loadClass((io.swagger.annotations.Extension.class.getName()));
extensionPropertyClass = (Class<io.swagger.annotations.ExtensionProperty>)classLoader
.loadClass(io.swagger.annotations.ExtensionProperty.class.getName());
scopeClass = (Class<org.wso2.carbon.apimgt.annotations.api.Scope>) classLoader
.loadClass(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName());
scopesClass = (Class<org.wso2.carbon.apimgt.annotations.api.Scopes>) classLoader
.loadClass(org.wso2.carbon.apimgt.annotations.api.Scopes.class.getName());
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
log.error("An error has occurred while loading classes ", e); log.error("An error has occurred while loading classes ", e);
} }
@ -135,6 +150,7 @@ public class AnnotationProcessor {
try { try {
clazz = classLoader.loadClass(className); clazz = classLoader.loadClass(className);
Annotation apiAnno = clazz.getAnnotation(apiClazz); Annotation apiAnno = clazz.getAnnotation(apiClazz);
apiScopes = processAPIScopes(apiAnno);
List<Permission> resourceList; List<Permission> resourceList;
if (apiAnno != null) { if (apiAnno != null) {
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
@ -165,7 +181,9 @@ public class AnnotationProcessor {
} }
} }
} catch (ClassNotFoundException e) { } catch (ClassNotFoundException e) {
log.error("Error when passing the api annotation for device type apis."); log.error("Error when passing the api annotation for device type apis.", e);
} catch (Throwable e) {
log.error("Error when passing the scopes annotation for device type apis.", e);
} }
return apiPermissions; return apiPermissions;
} }
@ -342,28 +360,53 @@ public class AnnotationProcessor {
private void setPermission(Annotation currentMethod, Permission permission) throws Throwable { private void setPermission(Annotation currentMethod, Permission permission) throws Throwable {
InvocationHandler methodHandler = Proxy.getInvocationHandler(currentMethod); InvocationHandler methodHandler = Proxy.getInvocationHandler(currentMethod);
Annotation[] authorizations = (Annotation[]) methodHandler.invoke(currentMethod Annotation[] extensions = (Annotation[]) methodHandler.invoke(currentMethod,
, apiOperation.getMethod(SWAGGER_ANNOTATIONS_AUTHORIZATIONS,null),null); apiOperation.getMethod(SWAGGER_ANNOTATIONS_EXTENSIONS, null), null);
for(int i=0; i<authorizations.length; i++){ methodHandler = Proxy.getInvocationHandler(extensions[0]);
methodHandler = Proxy.getInvocationHandler(authorizations[i]); Annotation[] properties = (Annotation[])methodHandler.invoke(extensions[0], extensionClass
String value =(String)methodHandler.invoke(authorizations[i], authorizationClass.getMethod("value", null) .getMethod(SWAGGER_ANNOTATIONS_PROPERTIES,null), null);
,null); Scope scope;
if(SWAGGER_ANNOTATIONS_PERMISSION.equals(value)){ for (Annotation property : properties) {
Annotation[] scopes =(Annotation[])methodHandler.invoke(authorizations[i], authorizationClass methodHandler = Proxy.getInvocationHandler(property);
.getMethod(SWAGGER_ANNOTATIONS_SCOPES, null),null); String scopeKey = (String) methodHandler.invoke(property, extensionPropertyClass
String[] scopesList = new String[scopes.length]; .getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_VALUE, null),null);
String[] descriptions = new String[scopes.length]; if (!scopeKey.isEmpty()) {
for(int j=0; j<scopes.length; j++){ scope = apiScopes.get(scopeKey);
methodHandler = Proxy.getInvocationHandler(scopes[j]); permission.setName(scope.getName());
scopesList[j] = (String)methodHandler.invoke(authorizations[j], authorizationScopeClass //TODO: currently permission tree supports only adding one permission per API point.
.getMethod(SWAGGER_ANNOTATIONS_SCOPE, null),null); permission.setPath(scope.getRoles().split(" ")[0]);
descriptions[j] = (String)methodHandler.invoke(authorizations[j], authorizationScopeClass }
.getMethod(SWAGGER_ANNOTATIONS_DESCRIPTION, null),null); }
} }
//todo currently permission tree supports only adding one permission per API point.
permission.setName(descriptions[0]); private Map<String,Scope> processAPIScopes(Annotation annotation) throws Throwable {
permission.setPath(scopesList[0]); Map<String, Scope> scopes = new HashMap<>();
InvocationHandler methodHandler = Proxy.getInvocationHandler(annotation);
Annotation[] annotatedScopes = (Annotation[]) methodHandler.invoke(annotation, scopesClass
.getMethod(ANNOTATIONS_SCOPES, null), null);
Scope scope;
String permissions[];
StringBuilder aggregatedPermissions = new StringBuilder();
for(int i=0; i<annotatedScopes.length; i++){
methodHandler = Proxy.getInvocationHandler(annotatedScopes[i]);
scope = new Scope();
scope.setName(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_NAME), annotatedScopes[i], STRING));
scope.setDescription(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION), annotatedScopes[i], STRING));
scope.setKey(invokeMethod(scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_KEY), annotatedScopes[i], STRING));
permissions = (String[])methodHandler.invoke(annotatedScopes[i], scopeClass
.getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS, null),null);
for (String permission : permissions) {
aggregatedPermissions.append(permission);
aggregatedPermissions.append(" ");
} }
scope.setRoles(aggregatedPermissions.toString());
scopes.put(scope.getKey(), scope);
} }
return scopes;
} }
} }

@ -1812,7 +1812,7 @@
<!-- Carbon Identity --> <!-- Carbon Identity -->
<carbon.identity.framework.version>5.2.2</carbon.identity.framework.version> <carbon.identity.framework.version>5.2.2</carbon.identity.framework.version>
<identity.inbound.auth.oauth.version>5.1.3</identity.inbound.auth.oauth.version> <identity.inbound.auth.oauth.version>5.2.7</identity.inbound.auth.oauth.version>
<identity.inbound.auth.saml.version>5.1.1</identity.inbound.auth.saml.version> <identity.inbound.auth.saml.version>5.1.1</identity.inbound.auth.saml.version>
<!-- Carbon Multi-tenancy --> <!-- Carbon Multi-tenancy -->
@ -1837,7 +1837,7 @@
<commons-lang.wso2.osgi.version.range>[2.6.0,3.0.0)</commons-lang.wso2.osgi.version.range> <commons-lang.wso2.osgi.version.range>[2.6.0,3.0.0)</commons-lang.wso2.osgi.version.range>
<!-- Carbon API Management --> <!-- Carbon API Management -->
<carbon.api.mgt.version>6.0.5</carbon.api.mgt.version> <carbon.api.mgt.version>6.1.2-SNAPSHOT</carbon.api.mgt.version>
<carbon.api.mgt.version.range>(5.0.0,7.0.0]</carbon.api.mgt.version.range> <carbon.api.mgt.version.range>(5.0.0,7.0.0]</carbon.api.mgt.version.range>
<!-- Carbon Analytics Commons --> <!-- Carbon Analytics Commons -->

Loading…
Cancel
Save