From b7e0580112f6e138054a706a6f918b367c3695e6 Mon Sep 17 00:00:00 2001
From: nipuni <nipuni@entgra.io>
Date: Mon, 21 Oct 2024 13:48:27 +0530
Subject: [PATCH 1/3] Fix missing commit by moving transaction commit after
 metadata update.

---
 .../core/metadata/mgt/DeviceStatusManagementServiceImpl.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/metadata/mgt/DeviceStatusManagementServiceImpl.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/metadata/mgt/DeviceStatusManagementServiceImpl.java
index 351ba5a63f..c04e5deae8 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/metadata/mgt/DeviceStatusManagementServiceImpl.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/metadata/mgt/DeviceStatusManagementServiceImpl.java
@@ -151,9 +151,9 @@ public class DeviceStatusManagementServiceImpl implements DeviceStatusManagement
             if (metadataDAO.isExist(tenantId, MetadataConstants.IS_DEVICE_STATUS_CHECK_META_KEY)) {
                 // Add default device status check metadata entries
                 metadataDAO.updateMetadata(tenantId, constructDeviceStatusCheckMetadata(isChecked));
+                MetadataManagementDAOFactory.commitTransaction();
                 return true;
             }
-            MetadataManagementDAOFactory.commitTransaction();
         } catch (MetadataManagementDAOException e) {
             MetadataManagementDAOFactory.rollbackTransaction();
             String msg = "Error occurred while updating device status check metadata entry.";

From 8f47c448bdf0d5e140ed0e0f3269cbed89f7c186 Mon Sep 17 00:00:00 2001
From: Rajitha Kumara <rajithakumaraprog@gmail.com>
Date: Thu, 17 Oct 2024 23:58:56 +0530
Subject: [PATCH 2/3] Fix login issues in sub tenants

---
 .../ui/request/interceptor/LoginHandler.java  | 33 +++++++++++++++++--
 1 file changed, 31 insertions(+), 2 deletions(-)

diff --git a/components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/LoginHandler.java b/components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/LoginHandler.java
index 6a97630e99..e699bc7675 100644
--- a/components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/LoginHandler.java
+++ b/components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/LoginHandler.java
@@ -37,6 +37,8 @@ import org.apache.hc.core5.http.HttpStatus;
 import org.apache.hc.core5.http.NameValuePair;
 import org.apache.hc.core5.http.io.support.ClassicRequestBuilder;
 import org.apache.hc.core5.http.message.BasicNameValuePair;
+import org.w3c.dom.Document;
+import org.xml.sax.SAXException;
 
 import javax.servlet.annotation.MultipartConfig;
 import javax.servlet.annotation.WebServlet;
@@ -44,6 +46,10 @@ import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import java.io.File;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Base64;
@@ -61,6 +67,8 @@ public class LoginHandler extends HttpServlet {
     private static String uiConfigUrl;
     private static String iotCoreUrl;
     private static String kmManagerUrl;
+    private static String adminUsername;
+    private static String adminPassword;
 
     @Override
     protected void doPost(HttpServletRequest req, HttpServletResponse resp) {
@@ -87,14 +95,14 @@ public class LoginHandler extends HttpServlet {
             LoginCache loginCache = HandlerUtil.getLoginCache(httpSession);
             OAuthAppCacheKey oAuthAppCacheKey = new OAuthAppCacheKey(applicationName, username);
             OAuthApp oAuthApp = loginCache.getOAuthAppCache(oAuthAppCacheKey);
-
             if (oAuthApp == null) {
+                initializeAdminCredentials();
                 ArrayList<String> supportedGrantTypes = new ArrayList<>();
                 supportedGrantTypes.add(HandlerConstants.PASSWORD_GRANT_TYPE);
                 supportedGrantTypes.add(HandlerConstants.REFRESH_TOKEN_GRANT_TYPE);
                 ClassicHttpRequest apiRegEndpoint = ClassicRequestBuilder.post(gatewayUrl + HandlerConstants.APP_REG_ENDPOINT)
                         .setEntity(HandlerUtil.constructAppRegPayload(tags, applicationName,
-                                username, password, null, supportedGrantTypes))
+                                adminUsername, adminPassword, null, supportedGrantTypes))
                         .setHeader(org.apache.hc.core5.http.HttpHeaders.CONTENT_TYPE,
                                 org.apache.hc.core5.http.ContentType.APPLICATION_JSON.toString())
                         .setHeader(org.apache.hc.core5.http.HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + Base64.getEncoder().encodeToString((username + HandlerConstants.COLON + password).getBytes()))
@@ -143,6 +151,10 @@ public class LoginHandler extends HttpServlet {
             log.error("Error occurred while sending the response into the socket. ", e);
         } catch (JsonSyntaxException e) {
             log.error("Error occurred while parsing the response. ", e);
+        } catch (ParserConfigurationException e) {
+            log.error("Error while creating the document builder. ");
+        } catch (SAXException e) {
+            log.error("Error while parsing xml file. ", e);
         } catch (LoginException e) {
             log.error("Error occurred while getting token data. ", e);
         }
@@ -251,4 +263,21 @@ public class LoginHandler extends HttpServlet {
                 .build();
         return HandlerUtil.execute(tokenEndpoint);
     }
+
+    /**
+     * Initialize the admin credential variables
+     *
+     * @throws ParserConfigurationException - Throws when error occur during initializing the document builder
+     * @throws IOException                  - Throws when error occur during document parsing
+     * @throws SAXException                 - Throws when error occur during document parsing
+     */
+    private void initializeAdminCredentials() throws ParserConfigurationException, IOException, SAXException {
+        File userMgtConf = new File("repository/conf/user-mgt.xml");
+        DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
+        DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
+        Document doc = dBuilder.parse(userMgtConf);
+
+        adminUsername = doc.getElementsByTagName("UserName").item(0).getTextContent();
+        adminPassword = doc.getElementsByTagName("Password").item(0).getTextContent();
+    }
 }

From 0e82c9c304117468a97fce39bd9fd98bccc7cebd Mon Sep 17 00:00:00 2001
From: Subodhinie <subodhinie@entgra.io>
Date: Wed, 23 Oct 2024 16:57:32 +0530
Subject: [PATCH 3/3] Remove unused windows os updates scopes

---
 .../src/main/resources/conf/mdm-ui-config.xml                    | 1 -
 1 file changed, 1 deletion(-)

diff --git a/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml b/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml
index 45c3ebe581..31350a1f6f 100644
--- a/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml
+++ b/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml
@@ -392,7 +392,6 @@
         <Scope>win:ops:os-updates-info</Scope>
         <Scope>win:microsoft-store:search</Scope>
         <Scope>win:updates:read</Scope>
-        <Scope>win:update:modify</Scope>
         <Scope>admin:tenant:view</Scope>
         <Scope>dm:admin:devices:usage:view</Scope>
         <Scope>and:ops:clear-app</Scope>