Merge pull request #575 from GPrathap/master

fixing permission issue when viewing device analytics dashboard
revert-70aa11f8
Rasika Perera 8 years ago committed by GitHub
commit d1c34706f2

@ -62,6 +62,7 @@
</Private-Package> </Private-Package>
<Export-Package> <Export-Package>
org.wso2.carbon.device.mgt.analytics.dashboard, org.wso2.carbon.device.mgt.analytics.dashboard,
org.wso2.carbon.device.mgt.analytics.dashboard.util,
org.wso2.carbon.device.mgt.analytics.dashboard.exception, org.wso2.carbon.device.mgt.analytics.dashboard.exception,
org.wso2.carbon.device.mgt.analytics.dashboard.bean org.wso2.carbon.device.mgt.analytics.dashboard.bean
</Export-Package> </Export-Package>

@ -47,7 +47,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data. * executing SQL query and retrieving data.
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet) DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException; throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException;
/** /**
@ -64,7 +64,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data. * executing SQL query and retrieving data.
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet) DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet, String userName)
throws InvalidFeatureCodeValueException, DataAccessLayerException; throws InvalidFeatureCodeValueException, DataAccessLayerException;
/** /**
@ -74,7 +74,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data. * executing SQL query and retrieving data.
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
DeviceCountByGroup getTotalDeviceCount() throws DataAccessLayerException; DeviceCountByGroup getTotalDeviceCount(String userName) throws DataAccessLayerException;
/** /**
* This method is used to get device counts classified by connectivity statuses. * This method is used to get device counts classified by connectivity statuses.
@ -83,7 +83,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data. * executing SQL query and retrieving data.
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses() throws DataAccessLayerException; List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses(String userName) throws DataAccessLayerException;
/** /**
* This method is used to get device counts classified by potential vulnerabilities. * This method is used to get device counts classified by potential vulnerabilities.
@ -92,7 +92,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data. * executing SQL query and retrieving data.
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities() throws DataAccessLayerException; List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities(String userName) throws DataAccessLayerException;
/** /**
* This method is used to get non-compliant device counts classified by individual features. * This method is used to get non-compliant device counts classified by individual features.
@ -105,7 +105,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data. * executing SQL query and retrieving data.
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount) throws PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName) throws
InvalidStartIndexValueException, InvalidResultCountValueException, DataAccessLayerException; InvalidStartIndexValueException, InvalidResultCountValueException, DataAccessLayerException;
/** /**
@ -122,7 +122,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data. * executing SQL query and retrieving data.
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet) List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException; throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException;
/** /**
@ -139,7 +139,7 @@ public interface GadgetDataService {
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode, List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException; DataAccessLayerException;
/** /**
@ -156,7 +156,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data. * executing SQL query and retrieving data.
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet) List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException; throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException;
/** /**
@ -174,7 +174,7 @@ public interface GadgetDataService {
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode, List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException; DataAccessLayerException;
/** /**
@ -196,7 +196,7 @@ public interface GadgetDataService {
* @throws InvalidResultCountValueException This can occur if resultCount value is lesser than its minimum (5). * @throws InvalidResultCountValueException This can occur if resultCount value is lesser than its minimum (5).
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount) PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException, throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException,
InvalidStartIndexValueException, InvalidResultCountValueException; InvalidStartIndexValueException, InvalidResultCountValueException;
@ -220,7 +220,7 @@ public interface GadgetDataService {
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet, PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet,
int startIndex, int resultCount) throws InvalidFeatureCodeValueException, int startIndex, int resultCount, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException, InvalidStartIndexValueException, DataAccessLayerException, InvalidStartIndexValueException,
InvalidResultCountValueException; InvalidResultCountValueException;
@ -238,7 +238,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data. * executing SQL query and retrieving data.
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet) List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException; throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException;
/** /**
@ -255,7 +255,7 @@ public interface GadgetDataService {
*/ */
@SuppressWarnings("unused") @SuppressWarnings("unused")
List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode, List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException; DataAccessLayerException;
} }

@ -18,13 +18,16 @@
package org.wso2.carbon.device.mgt.analytics.dashboard.dao; package org.wso2.carbon.device.mgt.analytics.dashboard.dao;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.BasicFilterSet; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.BasicFilterSet;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceWithDetails; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceWithDetails;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceCountByGroup; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceCountByGroup;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.ExtendedFilterSet; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.ExtendedFilterSet;
import org.wso2.carbon.device.mgt.analytics.dashboard.exception.InvalidFeatureCodeValueException; import org.wso2.carbon.device.mgt.analytics.dashboard.exception.InvalidFeatureCodeValueException;
import org.wso2.carbon.device.mgt.analytics.dashboard.exception.InvalidPotentialVulnerabilityValueException; import org.wso2.carbon.device.mgt.analytics.dashboard.exception.InvalidPotentialVulnerabilityValueException;
import org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil; import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil;
import java.sql.Connection; import java.sql.Connection;
@ -36,40 +39,39 @@ import java.util.LinkedHashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import static org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil.getAuthenticatedUser;
import static org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil.getAuthenticatedUserTenantDomainId;
public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceDAO { public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceDAO {
private static final Log log = LogFactory.getLog(AbstractGadgetDataServiceDAO.class);
@Override @Override
public DeviceCountByGroup getTotalDeviceCount() throws SQLException { public DeviceCountByGroup getTotalDeviceCount(String userName) throws SQLException {
int totalDeviceCount; int totalDeviceCount;
try { try {
totalDeviceCount = this.getFilteredDeviceCount(null); totalDeviceCount = this.getFilteredDeviceCount(null, userName);
} catch (InvalidPotentialVulnerabilityValueException e) { } catch (InvalidPotentialVulnerabilityValueException e) {
throw new AssertionError(e); throw new AssertionError(e);
} }
DeviceCountByGroup deviceCountByGroup = new DeviceCountByGroup(); DeviceCountByGroup deviceCountByGroup = new DeviceCountByGroup();
deviceCountByGroup.setGroup("total"); deviceCountByGroup.setGroup("total");
deviceCountByGroup.setDisplayNameForGroup("Total"); deviceCountByGroup.setDisplayNameForGroup("Total");
deviceCountByGroup.setDeviceCount(totalDeviceCount); deviceCountByGroup.setDeviceCount(totalDeviceCount);
return deviceCountByGroup; return deviceCountByGroup;
} }
@Override @Override
public DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet) public DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException { throws InvalidPotentialVulnerabilityValueException, SQLException {
int filteredDeviceCount = this.getFilteredDeviceCount(extendedFilterSet, userName);
int filteredDeviceCount = this.getFilteredDeviceCount(extendedFilterSet);
DeviceCountByGroup deviceCountByGroup = new DeviceCountByGroup(); DeviceCountByGroup deviceCountByGroup = new DeviceCountByGroup();
deviceCountByGroup.setGroup("filtered"); deviceCountByGroup.setGroup("filtered");
deviceCountByGroup.setDisplayNameForGroup("Filtered"); deviceCountByGroup.setDisplayNameForGroup("Filtered");
deviceCountByGroup.setDeviceCount(filteredDeviceCount); deviceCountByGroup.setDeviceCount(filteredDeviceCount);
return deviceCountByGroup; return deviceCountByGroup;
} }
private int getFilteredDeviceCount(ExtendedFilterSet extendedFilterSet) private int getFilteredDeviceCount(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException { throws InvalidPotentialVulnerabilityValueException, SQLException {
Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet); Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet);
@ -77,24 +79,37 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
int filteredDeviceCount = 0; int filteredDeviceCount = 0;
try { try {
String sql;
con = this.getConnection(); con = this.getConnection();
String sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + if (APIUtil.isDeviceAdminUser()) {
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ?"; sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO WHERE TENANT_ID = ?";
} else {
sql = "SELECT COUNT(POLICY__INFO.DEVICE_ID) AS DEVICE_COUNT FROM "
+ GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO INNER JOIN" +
" DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND " +
" POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? ";
}
// appending filters to support advanced filtering options // appending filters to support advanced filtering options
// [1] appending filter columns // [1] appending filter columns
if (filters != null && filters.size() > 0) { if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) { for (String column : filters.keySet()) {
sql = sql + " AND " + column + " = ?"; sql = sql + " AND POLICY__INFO." + column + " = ? ";
} }
} }
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt = con.prepareStatement(sql);
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
int index = 2;
if (!APIUtil.isDeviceAdminUser()) {
stmt.setString(2, userName);
index = 3;
}
if (filters != null && filters.values().size() > 0) { if (filters != null && filters.values().size() > 0) {
int i = 2; int i = index;
for (Object value : filters.values()) { for (Object value : filters.values()) {
if (value instanceof Integer) { if (value instanceof Integer) {
stmt.setInt(i, (Integer) value); stmt.setInt(i, (Integer) value);
@ -110,6 +125,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
while (rs.next()) { while (rs.next()) {
filteredDeviceCount = rs.getInt("DEVICE_COUNT"); filteredDeviceCount = rs.getInt("DEVICE_COUNT");
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }
@ -118,7 +136,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
@Override @Override
public DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, public DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException { BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) { if (featureCode == null || featureCode.isEmpty()) {
throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty."); throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty.");
@ -129,25 +147,39 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
int filteredDeviceCount = 0; int filteredDeviceCount = 0;
try { try {
String sql;
con = this.getConnection(); con = this.getConnection();
String sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + if (APIUtil.isDeviceAdminUser()) {
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? AND FEATURE_CODE = ?"; sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO WHERE TENANT_ID =" +
" ? AND FEATURE_CODE = ?";
} else {
sql = "SELECT COUNT(FEATURE_INFO.DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID AND " +
"FEATURE_INFO.TENANT_ID = ? AND FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? ";
}
// appending filters to support advanced filtering options // appending filters to support advanced filtering options
// [1] appending filter columns // [1] appending filter columns
if (filters != null && filters.size() > 0) { if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) { for (String column : filters.keySet()) {
sql = sql + " AND " + column + " = ?"; sql = sql + " AND FEATURE_INFO." + column + " = ?";
} }
} }
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
stmt.setString(2, featureCode); stmt.setString(2, featureCode);
int index = 3;
if (!APIUtil.isDeviceAdminUser()) {
stmt.setString(3, userName);
index = 4;
}
if (filters != null && filters.values().size() > 0) { if (filters != null && filters.values().size() > 0) {
int i = 3; int i = index;
for (Object value : filters.values()) { for (Object value : filters.values()) {
if (value instanceof Integer) { if (value instanceof Integer) {
stmt.setInt(i, (Integer) value); stmt.setInt(i, (Integer) value);
@ -163,6 +195,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
while (rs.next()) { while (rs.next()) {
filteredDeviceCount = rs.getInt("DEVICE_COUNT"); filteredDeviceCount = rs.getInt("DEVICE_COUNT");
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }
@ -176,20 +211,32 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
} }
@Override @Override
public List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses() throws SQLException { public List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses(String userName) throws SQLException {
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> deviceCountsByConnectivityStatuses = new ArrayList<>(); List<DeviceCountByGroup> deviceCountsByConnectivityStatuses = new ArrayList<>();
try { try {
String sql;
con = this.getConnection(); con = this.getConnection();
String sql = "SELECT CONNECTIVITY_STATUS, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + if (APIUtil.isDeviceAdminUser()) {
sql = "SELECT CONNECTIVITY_STATUS, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 +
" WHERE TENANT_ID = ? GROUP BY CONNECTIVITY_STATUS"; " WHERE TENANT_ID = ? GROUP BY CONNECTIVITY_STATUS";
} else {
sql = "SELECT POLICY__INFO.CONNECTIVITY_STATUS AS CONNECTIVITY_STATUS, " +
"COUNT(POLICY__INFO.DEVICE_ID) AS DEVICE_COUNT FROM "
+ GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO " +
"INNER JOIN DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID " +
" AND POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? GROUP BY POLICY__INFO.CONNECTIVITY_STATUS";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
}
// executing query // executing query
rs = stmt.executeQuery(); rs = stmt.executeQuery();
// fetching query results // fetching query results
@ -201,6 +248,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
deviceCountByConnectivityStatus.setDeviceCount(rs.getInt("DEVICE_COUNT")); deviceCountByConnectivityStatus.setDeviceCount(rs.getInt("DEVICE_COUNT"));
deviceCountsByConnectivityStatuses.add(deviceCountByConnectivityStatus); deviceCountsByConnectivityStatuses.add(deviceCountByConnectivityStatus);
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }
@ -208,7 +258,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
} }
@Override @Override
public List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities() throws SQLException { public List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities(String userName) throws SQLException {
// getting non-compliant device count // getting non-compliant device count
DeviceCountByGroup nonCompliantDeviceCount = new DeviceCountByGroup(); DeviceCountByGroup nonCompliantDeviceCount = new DeviceCountByGroup();
nonCompliantDeviceCount.setGroup(GadgetDataServiceDAOConstants.PotentialVulnerability.NON_COMPLIANT); nonCompliantDeviceCount.setGroup(GadgetDataServiceDAOConstants.PotentialVulnerability.NON_COMPLIANT);
@ -230,10 +280,10 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
private int getNonCompliantDeviceCount() throws SQLException { private int getNonCompliantDeviceCount() throws SQLException {
ExtendedFilterSet extendedFilterSet = new ExtendedFilterSet(); ExtendedFilterSet extendedFilterSet = new ExtendedFilterSet();
extendedFilterSet.setPotentialVulnerability(GadgetDataServiceDAOConstants. extendedFilterSet.setPotentialVulnerability(GadgetDataServiceDAOConstants.PotentialVulnerability.NON_COMPLIANT);
PotentialVulnerability.NON_COMPLIANT);
try { try {
return this.getFilteredDeviceCount(extendedFilterSet); String userName = getAuthenticatedUser();
return this.getFilteredDeviceCount(extendedFilterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) { } catch (InvalidPotentialVulnerabilityValueException e) {
throw new AssertionError(e); throw new AssertionError(e);
} }
@ -244,14 +294,15 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
extendedFilterSet.setPotentialVulnerability(GadgetDataServiceDAOConstants. extendedFilterSet.setPotentialVulnerability(GadgetDataServiceDAOConstants.
PotentialVulnerability.UNMONITORED); PotentialVulnerability.UNMONITORED);
try { try {
return this.getFilteredDeviceCount(extendedFilterSet); String userName = getAuthenticatedUser();
return this.getFilteredDeviceCount(extendedFilterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) { } catch (InvalidPotentialVulnerabilityValueException e) {
throw new AssertionError(e); throw new AssertionError(e);
} }
} }
@Override @Override
public List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet) public List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException { throws InvalidPotentialVulnerabilityValueException, SQLException {
Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet); Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet);
@ -259,7 +310,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> filteredDeviceCountsByPlatforms = new ArrayList<>(); List<DeviceCountByGroup> filteredDeviceCountsByPlatforms = new ArrayList<>();
try { try {
con = this.getConnection(); con = this.getConnection();
@ -268,16 +319,30 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
// [1] appending filter columns, if exist // [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) { if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) { for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? "; advancedSqlFiltering = advancedSqlFiltering + " AND POLICY__INFO." + column + " = ? ";
} }
} }
if (APIUtil.isDeviceAdminUser()) {
sql = "SELECT PLATFORM, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants. sql = "SELECT PLATFORM, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ? " + advancedSqlFiltering + "GROUP BY PLATFORM"; DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO WHERE TENANT_ID = ? " + advancedSqlFiltering +
" GROUP BY PLATFORM";
} else {
sql = "SELECT POLICY__INFO.PLATFORM, COUNT(POLICY__INFO.DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND " +
"POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? " + advancedSqlFiltering + " GROUP BY " +
"POLICY__INFO.PLATFORM";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
int index = 2;
if (!APIUtil.isDeviceAdminUser()) {
stmt.setString(2, userName);
index = 3;
}
if (filters != null && filters.values().size() > 0) { if (filters != null && filters.values().size() > 0) {
int i = 2; int i = index;
for (Object value : filters.values()) { for (Object value : filters.values()) {
if (value instanceof Integer) { if (value instanceof Integer) {
stmt.setInt(i, (Integer) value); stmt.setInt(i, (Integer) value);
@ -298,6 +363,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceCountByPlatform.setDeviceCount(rs.getInt("DEVICE_COUNT")); filteredDeviceCountByPlatform.setDeviceCount(rs.getInt("DEVICE_COUNT"));
filteredDeviceCountsByPlatforms.add(filteredDeviceCountByPlatform); filteredDeviceCountsByPlatforms.add(filteredDeviceCountByPlatform);
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }
@ -307,7 +375,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
@Override @Override
public List<DeviceCountByGroup> public List<DeviceCountByGroup>
getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode, getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException { BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) { if (featureCode == null || featureCode.isEmpty()) {
throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty."); throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty.");
@ -318,7 +386,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> filteredDeviceCountsByPlatforms = new ArrayList<>(); List<DeviceCountByGroup> filteredDeviceCountsByPlatforms = new ArrayList<>();
try { try {
con = this.getConnection(); con = this.getConnection();
@ -327,18 +395,32 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
// [1] appending filter columns, if exist // [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) { if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) { for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? "; advancedSqlFiltering = advancedSqlFiltering + " AND FEATURE_INFO." + column + " = ? ";
} }
} }
if (APIUtil.isDeviceAdminUser()) {
sql = "SELECT PLATFORM, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants. sql = "SELECT PLATFORM, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? AND FEATURE_CODE = ? " + DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO WHERE TENANT_ID = ? AND FEATURE_CODE = ? " +
advancedSqlFiltering + " GROUP BY PLATFORM"; advancedSqlFiltering + " GROUP BY PLATFORM";
} else {
sql = "SELECT FEATURE_INFO.PLATFORM, COUNT(FEATURE_INFO.DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID " +
" AND FEATURE_INFO.TENANT_ID = ? AND FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? " +
advancedSqlFiltering + " GROUP BY FEATURE_INFO.PLATFORM";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
stmt.setString(2, featureCode); stmt.setString(2, featureCode);
int index = 3;
if (!APIUtil.isDeviceAdminUser()) {
stmt.setString(3, userName);
index = 4;
}
if (filters != null && filters.values().size() > 0) { if (filters != null && filters.values().size() > 0) {
int i = 3; int i = index;
for (Object value : filters.values()) { for (Object value : filters.values()) {
if (value instanceof Integer) { if (value instanceof Integer) {
stmt.setInt(i, (Integer) value); stmt.setInt(i, (Integer) value);
@ -359,6 +441,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceCountByPlatform.setDeviceCount(rs.getInt("DEVICE_COUNT")); filteredDeviceCountByPlatform.setDeviceCount(rs.getInt("DEVICE_COUNT"));
filteredDeviceCountsByPlatforms.add(filteredDeviceCountByPlatform); filteredDeviceCountsByPlatforms.add(filteredDeviceCountByPlatform);
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }
@ -366,7 +451,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
} }
@Override @Override
public List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet) public List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException { throws InvalidPotentialVulnerabilityValueException, SQLException {
Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet); Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet);
@ -374,7 +459,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> filteredDeviceCountsByOwnershipTypes = new ArrayList<>(); List<DeviceCountByGroup> filteredDeviceCountsByOwnershipTypes = new ArrayList<>();
try { try {
con = this.getConnection(); con = this.getConnection();
@ -383,17 +468,29 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
// [1] appending filter columns, if exist // [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) { if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) { for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? "; advancedSqlFiltering = advancedSqlFiltering + " AND POLICY__INFO." + column + " = ? ";
} }
} }
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT OWNERSHIP, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants. sql = "SELECT OWNERSHIP, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ? " + DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO WHERE TENANT_ID = ? " +
advancedSqlFiltering + "GROUP BY OWNERSHIP"; advancedSqlFiltering + "GROUP BY OWNERSHIP";
}else{
sql = "SELECT POLICY__INFO.OWNERSHIP, COUNT(POLICY__INFO.DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND POLICY__INFO.TENANT_ID" +
" = ? AND ENR_DB.OWNER = ? " + advancedSqlFiltering + " GROUP BY POLICY__INFO.OWNERSHIP";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
int index = 2;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
index = 3;
}
if (filters != null && filters.values().size() > 0) { if (filters != null && filters.values().size() > 0) {
int i = 2; int i = index;
for (Object value : filters.values()) { for (Object value : filters.values()) {
if (value instanceof Integer) { if (value instanceof Integer) {
stmt.setInt(i, (Integer) value); stmt.setInt(i, (Integer) value);
@ -414,6 +511,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceCountByOwnershipType.setDeviceCount(rs.getInt("DEVICE_COUNT")); filteredDeviceCountByOwnershipType.setDeviceCount(rs.getInt("DEVICE_COUNT"));
filteredDeviceCountsByOwnershipTypes.add(filteredDeviceCountByOwnershipType); filteredDeviceCountsByOwnershipTypes.add(filteredDeviceCountByOwnershipType);
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }
@ -423,7 +523,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
@Override @Override
public List<DeviceCountByGroup> public List<DeviceCountByGroup>
getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode, getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException { BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) { if (featureCode == null || featureCode.isEmpty()) {
throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty."); throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty.");
@ -434,7 +534,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> filteredDeviceCountsByOwnershipTypes = new ArrayList<>(); List<DeviceCountByGroup> filteredDeviceCountsByOwnershipTypes = new ArrayList<>();
try { try {
con = this.getConnection(); con = this.getConnection();
@ -443,18 +543,31 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
// [1] appending filter columns, if exist // [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) { if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) { for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? "; advancedSqlFiltering = advancedSqlFiltering + " AND FEATURE_INFO." + column + " = ? ";
} }
} }
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT OWNERSHIP, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants. sql = "SELECT OWNERSHIP, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? AND FEATURE_CODE = ? " + DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO WHERE TENANT_ID = ? AND FEATURE_CODE = ? " +
advancedSqlFiltering + "GROUP BY OWNERSHIP"; advancedSqlFiltering + "GROUP BY OWNERSHIP";
}else{
sql = "SELECT FEATURE_INFO.OWNERSHIP, COUNT(FEATURE_INFO.DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID AND FEATURE_INFO.TENANT_ID " +
"= ? AND FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? " + advancedSqlFiltering
+ " GROUP BY FEATURE_INFO.OWNERSHIP";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
stmt.setString(2, featureCode); stmt.setString(2, featureCode);
int index = 3;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(3, userName);
index = 4;
}
if (filters != null && filters.values().size() > 0) { if (filters != null && filters.values().size() > 0) {
int i = 3; int i = index;
for (Object value : filters.values()) { for (Object value : filters.values()) {
if (value instanceof Integer) { if (value instanceof Integer) {
stmt.setInt(i, (Integer) value); stmt.setInt(i, (Integer) value);
@ -475,6 +588,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceCountByOwnershipType.setDeviceCount(rs.getInt("DEVICE_COUNT")); filteredDeviceCountByOwnershipType.setDeviceCount(rs.getInt("DEVICE_COUNT"));
filteredDeviceCountsByOwnershipTypes.add(filteredDeviceCountByOwnershipType); filteredDeviceCountsByOwnershipTypes.add(filteredDeviceCountByOwnershipType);
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }
@ -482,7 +598,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
} }
@Override @Override
public List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet) public List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException { throws InvalidPotentialVulnerabilityValueException, SQLException {
Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet); Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet);
@ -490,25 +606,38 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>(); List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>();
try { try {
con = this.getConnection(); con = this.getConnection();
String sql; String sql;
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " + sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ?"; GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO WHERE TENANT_ID = ?";
}else{
sql = "SELECT POLICY__INFO.DEVICE_ID, POLICY__INFO.DEVICE_IDENTIFICATION, POLICY__INFO.PLATFORM," +
" POLICY__INFO.OWNERSHIP, POLICY__INFO.CONNECTIVITY_STATUS FROM "+
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1+" POLICY__INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND " +
"POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ?";
}
// appending filters to support advanced filtering options // appending filters to support advanced filtering options
// [1] appending filter columns, if exist // [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) { if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) { for (String column : filters.keySet()) {
sql = sql + " AND " + column + " = ?"; sql = sql + " AND POLICY__INFO." + column + " = ?";
} }
} }
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
int index = 2;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
index = 3;
}
if (filters != null && filters.values().size() > 0) { if (filters != null && filters.values().size() > 0) {
int i = 2; int i = index;
for (Object value : filters.values()) { for (Object value : filters.values()) {
if (value instanceof Integer) { if (value instanceof Integer) {
stmt.setInt(i, (Integer) value); stmt.setInt(i, (Integer) value);
@ -531,6 +660,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS")); filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS"));
filteredDevicesWithDetails.add(filteredDeviceWithDetails); filteredDevicesWithDetails.add(filteredDeviceWithDetails);
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }
@ -539,7 +671,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
@Override @Override
public List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode, public List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException { BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) { if (featureCode == null || featureCode.isEmpty()) {
throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty."); throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty.");
@ -550,27 +682,40 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>(); List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>();
try { try {
con = this.getConnection(); con = this.getConnection();
String sql; String sql;
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " + sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 +
" WHERE TENANT_ID = ? AND FEATURE_CODE = ?"; " WHERE TENANT_ID = ? AND FEATURE_CODE = ?";
}else{
sql = "SELECT FEATURE_INFO.DEVICE_ID, FEATURE_INFO.DEVICE_IDENTIFICATION, FEATURE_INFO.PLATFORM, " +
"FEATURE_INFO.OWNERSHIP, FEATURE_INFO.CONNECTIVITY_STATUS FROM "+
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2+" FEATURE_INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID AND FEATURE_INFO.TENANT_ID" +
" = ? AND FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? ";
}
// appending filters to support advanced filtering options // appending filters to support advanced filtering options
// [1] appending filter columns, if exist // [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) { if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) { for (String column : filters.keySet()) {
sql = sql + " AND " + column + " = ?"; sql = sql + " AND FEATURE_INFO." + column + " = ?";
} }
} }
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
stmt.setString(2, featureCode); stmt.setString(2, featureCode);
int index = 3;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(3, userName);
index = 4;
}
if (filters != null && filters.values().size() > 0) { if (filters != null && filters.values().size() > 0) {
int i = 3; int i = index;
for (Object value : filters.values()) { for (Object value : filters.values()) {
if (value instanceof Integer) { if (value instanceof Integer) {
stmt.setInt(i, (Integer) value); stmt.setInt(i, (Integer) value);
@ -593,6 +738,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS")); filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS"));
filteredDevicesWithDetails.add(filteredDeviceWithDetails); filteredDevicesWithDetails.add(filteredDeviceWithDetails);
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }

@ -30,45 +30,45 @@ import java.util.List;
public interface GadgetDataServiceDAO { public interface GadgetDataServiceDAO {
DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet) DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException; throws InvalidPotentialVulnerabilityValueException, SQLException;
DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet) DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet, String userName)
throws InvalidFeatureCodeValueException, SQLException; throws InvalidFeatureCodeValueException, SQLException;
DeviceCountByGroup getTotalDeviceCount() throws SQLException; DeviceCountByGroup getTotalDeviceCount(String userName) throws SQLException;
List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses() throws SQLException; List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses(String userName) throws SQLException;
List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities() throws SQLException; List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities(String userName) throws SQLException;
PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount) throws PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName) throws
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException; InvalidStartIndexValueException, InvalidResultCountValueException, SQLException;
List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet) List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException; throws InvalidPotentialVulnerabilityValueException, SQLException;
List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode, List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException; BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException;
List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet) List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException; throws InvalidPotentialVulnerabilityValueException, SQLException;
List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode, List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException; BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException;
PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount) PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException, throws InvalidPotentialVulnerabilityValueException,
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException; InvalidStartIndexValueException, InvalidResultCountValueException, SQLException;
PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet, PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet,
int startIndex, int resultCount) throws InvalidFeatureCodeValueException, int startIndex, int resultCount, String userName) throws InvalidFeatureCodeValueException,
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException; InvalidStartIndexValueException, InvalidResultCountValueException, SQLException;
List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet) List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException; throws InvalidPotentialVulnerabilityValueException, SQLException;
List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode, List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException; BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException;
} }

@ -18,7 +18,8 @@
package org.wso2.carbon.device.mgt.analytics.dashboard.dao.impl; package org.wso2.carbon.device.mgt.analytics.dashboard.dao.impl;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceWithDetails; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceWithDetails;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceCountByGroup; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceCountByGroup;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.BasicFilterSet; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.BasicFilterSet;
@ -26,7 +27,9 @@ import org.wso2.carbon.device.mgt.analytics.dashboard.bean.ExtendedFilterSet;
import org.wso2.carbon.device.mgt.analytics.dashboard.dao.AbstractGadgetDataServiceDAO; import org.wso2.carbon.device.mgt.analytics.dashboard.dao.AbstractGadgetDataServiceDAO;
import org.wso2.carbon.device.mgt.analytics.dashboard.dao.GadgetDataServiceDAOConstants; import org.wso2.carbon.device.mgt.analytics.dashboard.dao.GadgetDataServiceDAOConstants;
import org.wso2.carbon.device.mgt.analytics.dashboard.exception.*; import org.wso2.carbon.device.mgt.analytics.dashboard.exception.*;
import org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil;
import org.wso2.carbon.device.mgt.common.PaginationResult; import org.wso2.carbon.device.mgt.common.PaginationResult;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil; import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil;
import java.sql.Connection; import java.sql.Connection;
@ -37,10 +40,14 @@ import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import static org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil.getAuthenticatedUserTenantDomainId;
public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO { public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO {
private static final Log log = LogFactory.getLog(GenericGadgetDataServiceDAOImpl.class);
@Override @Override
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount) public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName)
throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException { throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) { if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) {
@ -56,19 +63,33 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> filteredNonCompliantDeviceCountsByFeatures = new ArrayList<>(); List<DeviceCountByGroup> filteredNonCompliantDeviceCountsByFeatures = new ArrayList<>();
int totalRecordsCount = 0; int totalRecordsCount = 0;
try { try {
String sql;
con = this.getConnection(); con = this.getConnection();
String sql = "SELECT FEATURE_CODE, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants. if(APIUtil.isDeviceAdminUser()){
sql = "SELECT FEATURE_CODE, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? GROUP BY FEATURE_CODE " + DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? GROUP BY FEATURE_CODE " +
"ORDER BY DEVICE_COUNT DESC LIMIT ?, ?"; "ORDER BY DEVICE_COUNT DESC LIMIT ?, ?";
}else{
sql = "SELECT FEATURE_INFO.FEATURE_CODE, COUNT(FEATURE_INFO.DEVICE_ID) AS DEVICE_COUNT " +
"FROM "+GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2+" FEATURE_INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID AND " +
"FEATURE_INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? GROUP BY FEATURE_INFO.FEATURE_CODE ORDER BY" +
" DEVICE_COUNT DESC LIMIT ?, ?";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
stmt.setInt(3, startIndex);
stmt.setInt(4, resultCount);
}else{
stmt.setInt(2, startIndex); stmt.setInt(2, startIndex);
stmt.setInt(3, resultCount); stmt.setInt(3, resultCount);
}
// executing query // executing query
rs = stmt.executeQuery(); rs = stmt.executeQuery();
// fetching query results // fetching query results
@ -81,19 +102,30 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
filteredNonCompliantDeviceCountsByFeatures.add(filteredNonCompliantDeviceCountByFeature); filteredNonCompliantDeviceCountsByFeatures.add(filteredNonCompliantDeviceCountByFeature);
} }
// fetching total records count // fetching total records count
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT COUNT(FEATURE_CODE) AS NON_COMPLIANT_FEATURE_COUNT FROM (SELECT DISTINCT FEATURE_CODE FROM " + sql = "SELECT COUNT(FEATURE_CODE) AS NON_COMPLIANT_FEATURE_COUNT FROM (SELECT DISTINCT FEATURE_CODE FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ?) " + GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ?) " +
"NON_COMPLIANT_FEATURE_CODE"; "NON_COMPLIANT_FEATURE_CODE";
}else{
sql = "SELECT COUNT(FEATURE_CODE) AS NON_COMPLIANT_FEATURE_COUNT FROM (SELECT DISTINCT " +
"FEATURE_INFO.FEATURE_CODE FROM "+GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2
+" FEATURE_INFO INNER JOIN DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID " +
"AND FEATURE_INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? ) NON_COMPLIANT_FEATURE_CODE";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
}
// executing query // executing query
rs = stmt.executeQuery(); rs = stmt.executeQuery();
// fetching query results // fetching query results
while (rs.next()) { while (rs.next()) {
totalRecordsCount = rs.getInt("NON_COMPLIANT_FEATURE_COUNT"); totalRecordsCount = rs.getInt("NON_COMPLIANT_FEATURE_COUNT");
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }
@ -105,7 +137,7 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
@Override @Override
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex,
int resultCount) throws InvalidPotentialVulnerabilityValueException, int resultCount, String userName) throws InvalidPotentialVulnerabilityValueException,
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException { InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) { if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) {
@ -123,7 +155,7 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>(); List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>();
int totalRecordsCount = 0; int totalRecordsCount = 0;
try { try {
@ -133,17 +165,31 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
// [1] appending filter columns, if exist // [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) { if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) { for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? "; advancedSqlFiltering = advancedSqlFiltering + " AND POLICY__INFO." + column + " = ? ";
} }
} }
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " + sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ? " + GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO WHERE TENANT_ID = ? " +
advancedSqlFiltering + "ORDER BY DEVICE_ID ASC LIMIT ?, ?"; advancedSqlFiltering + "ORDER BY DEVICE_ID ASC LIMIT ?, ?";
}else{
sql = "SELECT POLICY__INFO.DEVICE_ID, POLICY__INFO.DEVICE_IDENTIFICATION, POLICY__INFO.PLATFORM, " +
"POLICY__INFO.OWNERSHIP, POLICY__INFO.CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO INNER JOIN DM_ENROLMENT " +
"ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND " +
"POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? " + advancedSqlFiltering + " ORDER BY " +
"POLICY__INFO.DEVICE_ID ASC LIMIT ?,?";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
int index = 2;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
index = 3;
}
if (filters != null && filters.values().size() > 0) { if (filters != null && filters.values().size() > 0) {
int i = 2; int i = index;
for (Object value : filters.values()) { for (Object value : filters.values()) {
if (value instanceof Integer) { if (value instanceof Integer) {
stmt.setInt(i, (Integer) value); stmt.setInt(i, (Integer) value);
@ -155,8 +201,8 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
stmt.setInt(i, startIndex); stmt.setInt(i, startIndex);
stmt.setInt(++i, resultCount); stmt.setInt(++i, resultCount);
} else { } else {
stmt.setInt(2, startIndex); stmt.setInt(3, startIndex);
stmt.setInt(3, resultCount); stmt.setInt(4, resultCount);
} }
// executing query // executing query
rs = stmt.executeQuery(); rs = stmt.executeQuery();
@ -171,20 +217,28 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS")); filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS"));
filteredDevicesWithDetails.add(filteredDeviceWithDetails); filteredDevicesWithDetails.add(filteredDeviceWithDetails);
} }
if(APIUtil.isDeviceAdminUser()){
// fetching total records count
sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants. sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ?"; DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ?";
}else{
sql = "SELECT COUNT(POLICY__INFO.DEVICE_ID) AS DEVICE_COUNT FROM "+GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_1+" POLICY__INFO INNER JOIN DM_ENROLMENT ENR_DB ON " +
"ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? ";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
}
// executing query // executing query
rs = stmt.executeQuery(); rs = stmt.executeQuery();
// fetching query results // fetching query results
while (rs.next()) { while (rs.next()) {
totalRecordsCount = rs.getInt("DEVICE_COUNT"); totalRecordsCount = rs.getInt("DEVICE_COUNT");
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }
@ -196,7 +250,7 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
@Override @Override
public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet, int startIndex, int resultCount) BasicFilterSet basicFilterSet, int startIndex, int resultCount, String userName)
throws InvalidFeatureCodeValueException, InvalidStartIndexValueException, throws InvalidFeatureCodeValueException, InvalidStartIndexValueException,
InvalidResultCountValueException, SQLException { InvalidResultCountValueException, SQLException {
@ -219,7 +273,7 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
Connection con; Connection con;
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>(); List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>();
int totalRecordsCount = 0; int totalRecordsCount = 0;
try { try {
@ -229,19 +283,34 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
// [1] appending filter columns, if exist // [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) { if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) { for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? "; advancedSqlFiltering = advancedSqlFiltering + "AND FEATURE_INFO." + column + " = ? ";
} }
} }
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " + sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 +
" WHERE TENANT_ID = ? AND FEATURE_CODE = ? " + advancedSqlFiltering + " FEATURE_INFO WHERE TENANT_ID = ? AND FEATURE_CODE = ? " + advancedSqlFiltering +
"ORDER BY DEVICE_ID ASC LIMIT ?, ?"; "ORDER BY DEVICE_ID ASC LIMIT ?, ?";
}else{
sql = "SELECT FEATURE_INFO.DEVICE_ID, FEATURE_INFO.DEVICE_IDENTIFICATION, FEATURE_INFO.PLATFORM, " +
"FEATURE_INFO.OWNERSHIP, FEATURE_INFO.CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO INNER JOIN DM_ENROLMENT " +
"ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID " +
" AND FEATURE_INFO.TENANT_ID = ? AND FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? " +
advancedSqlFiltering + " ORDER BY DEVICE_ID ASC LIMIT ?,?";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist // [2] appending filter column values, if exist
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
stmt.setString(2, featureCode); stmt.setString(2, featureCode);
int index = 3;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(3, userName);
index = 4;
}
if (filters != null && filters.values().size() > 0) { if (filters != null && filters.values().size() > 0) {
int i = 3; int i = index;
for (Object value : filters.values()) { for (Object value : filters.values()) {
if (value instanceof Integer) { if (value instanceof Integer) {
stmt.setInt(i, (Integer) value); stmt.setInt(i, (Integer) value);
@ -253,8 +322,8 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
stmt.setInt(i, startIndex); stmt.setInt(i, startIndex);
stmt.setInt(++i, resultCount); stmt.setInt(++i, resultCount);
} else { } else {
stmt.setInt(3, startIndex); stmt.setInt(index, startIndex);
stmt.setInt(4, resultCount); stmt.setInt(++index, resultCount);
} }
// executing query // executing query
rs = stmt.executeQuery(); rs = stmt.executeQuery();
@ -269,21 +338,30 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS")); filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS"));
filteredDevicesWithDetails.add(filteredDeviceWithDetails); filteredDevicesWithDetails.add(filteredDeviceWithDetails);
} }
if(APIUtil.isDeviceAdminUser()){
// fetching total records count
sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants. sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? AND FEATURE_CODE = ?"; DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? AND FEATURE_CODE = ?";
}else{
sql = "SELECT COUNT(FEATURE_INFO.DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO INNER JOIN DM_ENROLMENT ENR_DB ON " +
"ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID AND FEATURE_INFO.TENANT_ID = ? AND " +
"FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? ";
}
stmt = con.prepareStatement(sql); stmt = con.prepareStatement(sql);
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
stmt.setString(2, featureCode); stmt.setString(2, featureCode);
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(3, userName);
}
// executing query // executing query
rs = stmt.executeQuery(); rs = stmt.executeQuery();
// fetching query results // fetching query results
while (rs.next()) { while (rs.next()) {
totalRecordsCount = rs.getInt("DEVICE_COUNT"); totalRecordsCount = rs.getInt("DEVICE_COUNT");
} }
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally { } finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs); DeviceManagementDAOUtil.cleanupResources(stmt, rs);
} }

@ -40,7 +40,7 @@ import java.util.Map;
public class MSSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO { public class MSSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO {
@Override @Override
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount) public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName)
throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException { throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) { if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) {
@ -104,7 +104,7 @@ public class MSSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO
} }
@Override @Override
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount) public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException, throws InvalidPotentialVulnerabilityValueException,
InvalidStartIndexValueException, InvalidStartIndexValueException,
InvalidResultCountValueException, InvalidResultCountValueException,
@ -198,7 +198,7 @@ public class MSSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO
@Override @Override
public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet, int startIndex, int resultCount) BasicFilterSet basicFilterSet, int startIndex, int resultCount, String userName)
throws InvalidFeatureCodeValueException, InvalidStartIndexValueException, throws InvalidFeatureCodeValueException, InvalidStartIndexValueException,
InvalidResultCountValueException, SQLException { InvalidResultCountValueException, SQLException {

@ -40,7 +40,7 @@ import java.util.Map;
public class OracleGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO { public class OracleGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO {
@Override @Override
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount) public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName)
throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException { throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) { if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) {
@ -105,7 +105,7 @@ public class OracleGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO
} }
@Override @Override
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount) public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException, InvalidStartIndexValueException, throws InvalidPotentialVulnerabilityValueException, InvalidStartIndexValueException,
InvalidResultCountValueException, SQLException { InvalidResultCountValueException, SQLException {
@ -197,7 +197,7 @@ public class OracleGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO
@Override @Override
public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet, public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet,
int startIndex, int resultCount) throws InvalidFeatureCodeValueException, int startIndex, int resultCount, String userName) throws InvalidFeatureCodeValueException,
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException { InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) { if (featureCode == null || featureCode.isEmpty()) {

@ -40,7 +40,7 @@ import java.util.Map;
public class PostgreSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO { public class PostgreSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO {
@Override @Override
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount) public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName)
throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException { throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) { if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) {
@ -105,7 +105,7 @@ public class PostgreSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServic
} }
@Override @Override
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount) public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException, InvalidStartIndexValueException, throws InvalidPotentialVulnerabilityValueException, InvalidStartIndexValueException,
InvalidResultCountValueException, SQLException { InvalidResultCountValueException, SQLException {
@ -198,7 +198,7 @@ public class PostgreSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServic
@Override @Override
public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet, public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet,
int startIndex, int resultCount) throws InvalidFeatureCodeValueException, int startIndex, int resultCount, String userName) throws InvalidFeatureCodeValueException,
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException { InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) { if (featureCode == null || featureCode.isEmpty()) {

@ -36,13 +36,14 @@ import java.util.List;
public class GadgetDataServiceImpl implements GadgetDataService { public class GadgetDataServiceImpl implements GadgetDataService {
@Override @Override
public DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet) public DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException { throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException {
DeviceCountByGroup filteredDeviceCount; DeviceCountByGroup filteredDeviceCount;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
filteredDeviceCount = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO(). filteredDeviceCount = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getDeviceCount(extendedFilterSet); getDeviceCount(extendedFilterSet, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -53,13 +54,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
} }
@Override @Override
public DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet) public DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet, String userName)
throws InvalidFeatureCodeValueException, DataAccessLayerException { throws InvalidFeatureCodeValueException, DataAccessLayerException {
DeviceCountByGroup featureNonCompliantDeviceCount; DeviceCountByGroup featureNonCompliantDeviceCount;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
featureNonCompliantDeviceCount = GadgetDataServiceDAOFactory. featureNonCompliantDeviceCount = GadgetDataServiceDAOFactory.
getGadgetDataServiceDAO().getFeatureNonCompliantDeviceCount(featureCode, basicFilterSet); getGadgetDataServiceDAO().getFeatureNonCompliantDeviceCount(featureCode, basicFilterSet, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -70,11 +71,11 @@ public class GadgetDataServiceImpl implements GadgetDataService {
} }
@Override @Override
public DeviceCountByGroup getTotalDeviceCount() throws DataAccessLayerException { public DeviceCountByGroup getTotalDeviceCount(String userName) throws DataAccessLayerException {
DeviceCountByGroup totalDeviceCount; DeviceCountByGroup totalDeviceCount;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
totalDeviceCount = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().getTotalDeviceCount(); totalDeviceCount = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().getTotalDeviceCount(userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -85,12 +86,12 @@ public class GadgetDataServiceImpl implements GadgetDataService {
} }
@Override @Override
public List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses() throws DataAccessLayerException { public List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses(String userName) throws DataAccessLayerException {
List<DeviceCountByGroup> deviceCountsByConnectivityStatuses; List<DeviceCountByGroup> deviceCountsByConnectivityStatuses;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
deviceCountsByConnectivityStatuses = GadgetDataServiceDAOFactory. deviceCountsByConnectivityStatuses = GadgetDataServiceDAOFactory.
getGadgetDataServiceDAO().getDeviceCountsByConnectivityStatuses(); getGadgetDataServiceDAO().getDeviceCountsByConnectivityStatuses(userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -101,12 +102,12 @@ public class GadgetDataServiceImpl implements GadgetDataService {
} }
@Override @Override
public List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities() throws DataAccessLayerException { public List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities(String userName) throws DataAccessLayerException {
List<DeviceCountByGroup> deviceCountsByPotentialVulnerabilities; List<DeviceCountByGroup> deviceCountsByPotentialVulnerabilities;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
deviceCountsByPotentialVulnerabilities = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO(). deviceCountsByPotentialVulnerabilities = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getDeviceCountsByPotentialVulnerabilities(); getDeviceCountsByPotentialVulnerabilities(userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -117,14 +118,14 @@ public class GadgetDataServiceImpl implements GadgetDataService {
} }
@Override @Override
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount) public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName)
throws InvalidStartIndexValueException, InvalidResultCountValueException, throws InvalidStartIndexValueException, InvalidResultCountValueException,
DataAccessLayerException { DataAccessLayerException {
PaginationResult paginationResult; PaginationResult paginationResult;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
paginationResult = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO(). paginationResult = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getNonCompliantDeviceCountsByFeatures(startIndex, resultCount); getNonCompliantDeviceCountsByFeatures(startIndex, resultCount, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -135,13 +136,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
} }
@Override @Override
public List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet) public List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException { throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException {
List<DeviceCountByGroup> deviceCountsByPlatforms; List<DeviceCountByGroup> deviceCountsByPlatforms;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
deviceCountsByPlatforms = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO(). deviceCountsByPlatforms = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getDeviceCountsByPlatforms(extendedFilterSet); getDeviceCountsByPlatforms(extendedFilterSet, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -153,13 +154,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
@Override @Override
public List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode, public List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException { DataAccessLayerException {
List<DeviceCountByGroup> featureNonCompliantDeviceCountsByPlatforms; List<DeviceCountByGroup> featureNonCompliantDeviceCountsByPlatforms;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
featureNonCompliantDeviceCountsByPlatforms = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO(). featureNonCompliantDeviceCountsByPlatforms = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getFeatureNonCompliantDeviceCountsByPlatforms(featureCode, basicFilterSet); getFeatureNonCompliantDeviceCountsByPlatforms(featureCode, basicFilterSet, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -170,14 +171,14 @@ public class GadgetDataServiceImpl implements GadgetDataService {
} }
@Override @Override
public List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet) public List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, throws InvalidPotentialVulnerabilityValueException,
DataAccessLayerException { DataAccessLayerException {
List<DeviceCountByGroup> deviceCountsByOwnershipTypes; List<DeviceCountByGroup> deviceCountsByOwnershipTypes;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
deviceCountsByOwnershipTypes = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO(). deviceCountsByOwnershipTypes = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getDeviceCountsByOwnershipTypes(extendedFilterSet); getDeviceCountsByOwnershipTypes(extendedFilterSet, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -189,13 +190,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
@Override @Override
public List<DeviceCountByGroup> public List<DeviceCountByGroup>
getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode, BasicFilterSet basicFilterSet) getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode, BasicFilterSet basicFilterSet, String userName)
throws InvalidFeatureCodeValueException, DataAccessLayerException { throws InvalidFeatureCodeValueException, DataAccessLayerException {
List<DeviceCountByGroup> featureNonCompliantDeviceCountsByOwnershipTypes; List<DeviceCountByGroup> featureNonCompliantDeviceCountsByOwnershipTypes;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
featureNonCompliantDeviceCountsByOwnershipTypes = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO(). featureNonCompliantDeviceCountsByOwnershipTypes = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getFeatureNonCompliantDeviceCountsByOwnershipTypes(featureCode, basicFilterSet); getFeatureNonCompliantDeviceCountsByOwnershipTypes(featureCode, basicFilterSet, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -206,14 +207,14 @@ public class GadgetDataServiceImpl implements GadgetDataService {
} }
@Override @Override
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount) public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException, throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException,
InvalidStartIndexValueException, InvalidResultCountValueException { InvalidStartIndexValueException, InvalidResultCountValueException {
PaginationResult paginationResult; PaginationResult paginationResult;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
paginationResult = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO(). paginationResult = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getDevicesWithDetails(extendedFilterSet, startIndex, resultCount); getDevicesWithDetails(extendedFilterSet, startIndex, resultCount, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -225,14 +226,14 @@ public class GadgetDataServiceImpl implements GadgetDataService {
@Override @Override
public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet, public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet,
int startIndex, int resultCount) throws InvalidFeatureCodeValueException, int startIndex, int resultCount, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException, InvalidStartIndexValueException, DataAccessLayerException, InvalidStartIndexValueException,
InvalidResultCountValueException { InvalidResultCountValueException {
PaginationResult paginationResult; PaginationResult paginationResult;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
paginationResult = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO(). paginationResult = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getFeatureNonCompliantDevicesWithDetails(featureCode, basicFilterSet, startIndex, resultCount); getFeatureNonCompliantDevicesWithDetails(featureCode, basicFilterSet, startIndex, resultCount, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -243,13 +244,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
} }
@Override @Override
public List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet) public List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException { throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException {
List<DeviceWithDetails> devicesWithDetails; List<DeviceWithDetails> devicesWithDetails;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
devicesWithDetails = GadgetDataServiceDAOFactory. devicesWithDetails = GadgetDataServiceDAOFactory.
getGadgetDataServiceDAO().getDevicesWithDetails(extendedFilterSet); getGadgetDataServiceDAO().getDevicesWithDetails(extendedFilterSet, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);
@ -261,13 +262,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
@Override @Override
public List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode, public List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException { DataAccessLayerException {
List<DeviceWithDetails> featureNonCompliantDevicesWithDetails; List<DeviceWithDetails> featureNonCompliantDevicesWithDetails;
try { try {
GadgetDataServiceDAOFactory.openConnection(); GadgetDataServiceDAOFactory.openConnection();
featureNonCompliantDevicesWithDetails = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO(). featureNonCompliantDevicesWithDetails = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getFeatureNonCompliantDevicesWithDetails(featureCode, basicFilterSet); getFeatureNonCompliantDevicesWithDetails(featureCode, basicFilterSet, userName);
} catch (SQLException e) { } catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " + throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e); "accessing the database to fetch corresponding results.", e);

@ -0,0 +1,70 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.analytics.dashboard.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.user.api.UserStoreException;
import java.net.SocketException;
/**
* This class provides utility functions used by REST-API.
*/
public class APIUtil {
private static Log log = LogFactory.getLog(APIUtil.class);
public static String getAuthenticatedUser() {
PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
String username = threadLocalCarbonContext.getUsername();
String tenantDomain = threadLocalCarbonContext.getTenantDomain();
if (username.endsWith(tenantDomain)) {
return username.substring(0, username.lastIndexOf("@"));
}
return username;
}
public static int getAuthenticatedUserTenantDomainId() {
PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
return threadLocalCarbonContext.getTenantId();
}
public static boolean isDeviceAdminUser() throws DeviceAccessAuthorizationException {
return getDeviceAccessAuthorizationService().isDeviceAdminUser();
}
private static DeviceAccessAuthorizationService getDeviceAccessAuthorizationService() {
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
DeviceAccessAuthorizationService deviceAccessAuthorizationService =
(DeviceAccessAuthorizationService) ctx.getOSGiService(DeviceAccessAuthorizationService.class, null);
if (deviceAccessAuthorizationService == null) {
String msg = "DeviceAccessAuthorization service has not initialized.";
log.error(msg);
throw new IllegalStateException(msg);
}
return deviceAccessAuthorizationService;
}
}

@ -38,6 +38,8 @@ import javax.ws.rs.core.Response;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import static org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil.getAuthenticatedUser;
/** /**
* This class consists of dashboard related REST APIs * This class consists of dashboard related REST APIs
* to be consumed by individual client gadgets such as * to be consumed by individual client gadgets such as
@ -82,7 +84,8 @@ public class DashboardImpl implements Dashboard {
// getting total device count // getting total device count
DeviceCountByGroup totalDeviceCount; DeviceCountByGroup totalDeviceCount;
try { try {
totalDeviceCount = gadgetDataService.getTotalDeviceCount(); String userName = getAuthenticatedUser();
totalDeviceCount = gadgetDataService.getTotalDeviceCount(userName);
} catch (DataAccessLayerException e) { } catch (DataAccessLayerException e) {
log.error("An internal error occurred while trying to execute relevant data service function " + log.error("An internal error occurred while trying to execute relevant data service function " +
"@ Dashboard API layer to retrieve total device count.", e); "@ Dashboard API layer to retrieve total device count.", e);
@ -100,7 +103,8 @@ public class DashboardImpl implements Dashboard {
// getting device counts by connectivity statuses // getting device counts by connectivity statuses
List<DeviceCountByGroup> deviceCountsByConnectivityStatuses; List<DeviceCountByGroup> deviceCountsByConnectivityStatuses;
try { try {
deviceCountsByConnectivityStatuses = gadgetDataService.getDeviceCountsByConnectivityStatuses(); String userName = getAuthenticatedUser();
deviceCountsByConnectivityStatuses = gadgetDataService.getDeviceCountsByConnectivityStatuses(userName);
} catch (DataAccessLayerException e) { } catch (DataAccessLayerException e) {
log.error("An internal error occurred while trying to execute relevant data service function " + log.error("An internal error occurred while trying to execute relevant data service function " +
"@ Dashboard API layer to retrieve device counts by connectivity statuses.", e); "@ Dashboard API layer to retrieve device counts by connectivity statuses.", e);
@ -128,7 +132,8 @@ public class DashboardImpl implements Dashboard {
List<DeviceCountByGroup> deviceCountsByPotentialVulnerabilities; List<DeviceCountByGroup> deviceCountsByPotentialVulnerabilities;
try { try {
deviceCountsByPotentialVulnerabilities = gadgetDataService.getDeviceCountsByPotentialVulnerabilities(); String userName = getAuthenticatedUser();
deviceCountsByPotentialVulnerabilities = gadgetDataService.getDeviceCountsByPotentialVulnerabilities(userName);
} catch (DataAccessLayerException e) { } catch (DataAccessLayerException e) {
log.error("An internal error occurred while trying to execute relevant data service function " + log.error("An internal error occurred while trying to execute relevant data service function " +
"@ Dashboard API layer to retrieve device counts by potential vulnerabilities.", e); "@ Dashboard API layer to retrieve device counts by potential vulnerabilities.", e);
@ -158,8 +163,9 @@ public class DashboardImpl implements Dashboard {
PaginationResult paginationResult; PaginationResult paginationResult;
try { try {
String userName = getAuthenticatedUser();
paginationResult = gadgetDataService. paginationResult = gadgetDataService.
getNonCompliantDeviceCountsByFeatures(startIndex, resultCount); getNonCompliantDeviceCountsByFeatures(startIndex, resultCount, userName);
} catch (InvalidStartIndexValueException e) { } catch (InvalidStartIndexValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " + "invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -210,7 +216,8 @@ public class DashboardImpl implements Dashboard {
// creating device-Counts-by-platforms Data Wrapper // creating device-Counts-by-platforms Data Wrapper
List<DeviceCountByGroup> deviceCountsByPlatforms; List<DeviceCountByGroup> deviceCountsByPlatforms;
try { try {
deviceCountsByPlatforms = gadgetDataService.getDeviceCountsByPlatforms(filterSet); String userName = getAuthenticatedUser();
deviceCountsByPlatforms = gadgetDataService.getDeviceCountsByPlatforms(filterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) { } catch (InvalidPotentialVulnerabilityValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " + "invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -232,7 +239,8 @@ public class DashboardImpl implements Dashboard {
// creating device-Counts-by-ownership-types Data Wrapper // creating device-Counts-by-ownership-types Data Wrapper
List<DeviceCountByGroup> deviceCountsByOwnerships; List<DeviceCountByGroup> deviceCountsByOwnerships;
try { try {
deviceCountsByOwnerships = gadgetDataService.getDeviceCountsByOwnershipTypes(filterSet); String userName = getAuthenticatedUser();
deviceCountsByOwnerships = gadgetDataService.getDeviceCountsByOwnershipTypes(filterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) { } catch (InvalidPotentialVulnerabilityValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " + "invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -274,8 +282,9 @@ public class DashboardImpl implements Dashboard {
// creating feature-non-compliant-device-Counts-by-platforms Data Wrapper // creating feature-non-compliant-device-Counts-by-platforms Data Wrapper
List<DeviceCountByGroup> featureNonCompliantDeviceCountsByPlatforms; List<DeviceCountByGroup> featureNonCompliantDeviceCountsByPlatforms;
try { try {
String userName = getAuthenticatedUser();
featureNonCompliantDeviceCountsByPlatforms = gadgetDataService. featureNonCompliantDeviceCountsByPlatforms = gadgetDataService.
getFeatureNonCompliantDeviceCountsByPlatforms(nonCompliantFeatureCode, filterSet); getFeatureNonCompliantDeviceCountsByPlatforms(nonCompliantFeatureCode, filterSet, userName);
} catch (InvalidFeatureCodeValueException e) { } catch (InvalidFeatureCodeValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " + "invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -299,8 +308,9 @@ public class DashboardImpl implements Dashboard {
// creating feature-non-compliant-device-Counts-by-ownership-types Data Wrapper // creating feature-non-compliant-device-Counts-by-ownership-types Data Wrapper
List<DeviceCountByGroup> featureNonCompliantDeviceCountsByOwnerships; List<DeviceCountByGroup> featureNonCompliantDeviceCountsByOwnerships;
try { try {
String userName = getAuthenticatedUser();
featureNonCompliantDeviceCountsByOwnerships = gadgetDataService. featureNonCompliantDeviceCountsByOwnerships = gadgetDataService.
getFeatureNonCompliantDeviceCountsByOwnershipTypes(nonCompliantFeatureCode, filterSet); getFeatureNonCompliantDeviceCountsByOwnershipTypes(nonCompliantFeatureCode, filterSet, userName);
} catch (InvalidFeatureCodeValueException e) { } catch (InvalidFeatureCodeValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service function " + "invalid (query) parameter value. This was while trying to execute relevant data service function " +
@ -348,7 +358,8 @@ public class DashboardImpl implements Dashboard {
// creating filteredDeviceCount Data Wrapper // creating filteredDeviceCount Data Wrapper
DeviceCountByGroup filteredDeviceCount; DeviceCountByGroup filteredDeviceCount;
try { try {
filteredDeviceCount = gadgetDataService.getDeviceCount(filterSet); String userName = getAuthenticatedUser();
filteredDeviceCount = gadgetDataService.getDeviceCount(filterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) { } catch (InvalidPotentialVulnerabilityValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " + "invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -365,7 +376,8 @@ public class DashboardImpl implements Dashboard {
// creating TotalDeviceCount Data Wrapper // creating TotalDeviceCount Data Wrapper
DeviceCountByGroup totalDeviceCount; DeviceCountByGroup totalDeviceCount;
try { try {
totalDeviceCount = gadgetDataService.getTotalDeviceCount(); String userName = getAuthenticatedUser();
totalDeviceCount = gadgetDataService.getTotalDeviceCount(userName);
} catch (DataAccessLayerException e) { } catch (DataAccessLayerException e) {
log.error("An internal error occurred while trying to execute relevant data service function " + log.error("An internal error occurred while trying to execute relevant data service function " +
"@ Dashboard API layer to retrieve the total device count over filtered.", e); "@ Dashboard API layer to retrieve the total device count over filtered.", e);
@ -405,8 +417,9 @@ public class DashboardImpl implements Dashboard {
// creating featureNonCompliantDeviceCount Data Wrapper // creating featureNonCompliantDeviceCount Data Wrapper
DeviceCountByGroup featureNonCompliantDeviceCount; DeviceCountByGroup featureNonCompliantDeviceCount;
try { try {
String userName = getAuthenticatedUser();
featureNonCompliantDeviceCount = gadgetDataService. featureNonCompliantDeviceCount = gadgetDataService.
getFeatureNonCompliantDeviceCount(nonCompliantFeatureCode, filterSet); getFeatureNonCompliantDeviceCount(nonCompliantFeatureCode, filterSet, userName);
} catch (InvalidFeatureCodeValueException e) { } catch (InvalidFeatureCodeValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service function " + "invalid (query) parameter value. This was while trying to execute relevant data service function " +
@ -423,7 +436,8 @@ public class DashboardImpl implements Dashboard {
// creating TotalDeviceCount Data Wrapper // creating TotalDeviceCount Data Wrapper
DeviceCountByGroup totalDeviceCount; DeviceCountByGroup totalDeviceCount;
try { try {
totalDeviceCount = gadgetDataService.getTotalDeviceCount(); String userName = getAuthenticatedUser();
totalDeviceCount = gadgetDataService.getTotalDeviceCount(userName);
} catch (DataAccessLayerException e) { } catch (DataAccessLayerException e) {
log.error("An internal error occurred while trying to execute relevant data service function " + log.error("An internal error occurred while trying to execute relevant data service function " +
"@ Dashboard API layer to retrieve the total device count over filtered feature non-compliant.", e); "@ Dashboard API layer to retrieve the total device count over filtered feature non-compliant.", e);
@ -477,8 +491,9 @@ public class DashboardImpl implements Dashboard {
PaginationResult paginationResult; PaginationResult paginationResult;
try { try {
String userName = getAuthenticatedUser();
paginationResult = gadgetDataService. paginationResult = gadgetDataService.
getDevicesWithDetails(filterSet, startIndex, resultCount); getDevicesWithDetails(filterSet, startIndex, resultCount, userName);
} catch (InvalidPotentialVulnerabilityValueException e) { } catch (InvalidPotentialVulnerabilityValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " + "invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -530,7 +545,8 @@ public class DashboardImpl implements Dashboard {
List<DeviceWithDetails> devicesWithDetails; List<DeviceWithDetails> devicesWithDetails;
try { try {
devicesWithDetails = gadgetDataService.getDevicesWithDetails(filterSet); String userName = getAuthenticatedUser();
devicesWithDetails = gadgetDataService.getDevicesWithDetails(filterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) { } catch (InvalidPotentialVulnerabilityValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " + "invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -591,9 +607,10 @@ public class DashboardImpl implements Dashboard {
PaginationResult paginationResult; PaginationResult paginationResult;
try { try {
String userName = getAuthenticatedUser();
paginationResult = gadgetDataService. paginationResult = gadgetDataService.
getFeatureNonCompliantDevicesWithDetails(nonCompliantFeatureCode, getFeatureNonCompliantDevicesWithDetails(nonCompliantFeatureCode,
filterSet, startIndex, resultCount); filterSet, startIndex, resultCount, userName);
} catch (InvalidFeatureCodeValueException e) { } catch (InvalidFeatureCodeValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " + "invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -648,8 +665,9 @@ public class DashboardImpl implements Dashboard {
List<DeviceWithDetails> featureNonCompliantDevicesWithDetails; List<DeviceWithDetails> featureNonCompliantDevicesWithDetails;
try { try {
String userName = getAuthenticatedUser();
featureNonCompliantDevicesWithDetails = gadgetDataService. featureNonCompliantDevicesWithDetails = gadgetDataService.
getFeatureNonCompliantDevicesWithDetails(nonCompliantFeatureCode, filterSet); getFeatureNonCompliantDevicesWithDetails(nonCompliantFeatureCode, filterSet, userName);
} catch (InvalidFeatureCodeValueException e) { } catch (InvalidFeatureCodeValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " + log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " + "invalid (query) parameter value. This was while trying to execute relevant data service " +

Loading…
Cancel
Save