Adding capability for policies to be added/removed automatically when devices are added/removed from a group

merge-requests/598/head
Ace 4 years ago
parent 42ec923700
commit 3ea16eaf7d

@ -36,6 +36,7 @@ import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.exceptions.InvalidConfigurationException;
import org.wso2.carbon.device.mgt.common.operation.mgt.Operation;
import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
import org.wso2.carbon.device.mgt.common.policy.mgt.Policy;
import org.wso2.carbon.device.mgt.common.policy.mgt.monitor.ComplianceFeature;
import org.wso2.carbon.device.mgt.common.policy.mgt.monitor.PolicyComplianceException;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
@ -50,6 +51,9 @@ import org.wso2.carbon.event.stream.stub.EventStreamAdminServiceStub;
import org.wso2.carbon.event.stream.stub.types.EventStreamAttributeDto;
import org.wso2.carbon.event.stream.stub.types.EventStreamDefinitionDto;
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
import org.wso2.carbon.policy.mgt.common.PolicyAdministratorPoint;
import org.wso2.carbon.policy.mgt.common.PolicyEvaluationException;
import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
import org.wso2.carbon.user.api.UserStoreException;
import javax.validation.Valid;
@ -95,6 +99,13 @@ public class DeviceAgentServiceImpl implements DeviceAgentService {
device.getEnrolmentInfo().setDateOfEnrolment(System.currentTimeMillis());
device.getEnrolmentInfo().setDateOfLastUpdate(System.currentTimeMillis());
boolean status = dms.enrollDevice(device);
PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
List<DeviceIdentifier> deviceIdentifierList = new ArrayList<>();
DeviceIdentifier deviceId = new DeviceIdentifier(device.getDeviceIdentifier(), device.getType());
deviceIdentifierList.add(deviceId);
Policy effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceId);
pap.addPolicyToDevice(deviceIdentifierList, effectivePolicy);
pap.publishChanges();
return Response.status(Response.Status.OK).entity(status).build();
} catch (DeviceManagementException e) {
String msg = "Error occurred while enrolling the device, which carries the id '" +
@ -104,6 +115,12 @@ public class DeviceAgentServiceImpl implements DeviceAgentService {
} catch (InvalidConfigurationException e) {
log.error("failed to add operation", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
} catch (PolicyManagementException e) {
log.error("failed to add designated policies against newly enrolled device.", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
} catch (PolicyEvaluationException e) {
log.error("failed while retrieving policies for newly enrolled device.", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
}

@ -25,15 +25,19 @@ import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.exceptions.DeviceNotFoundException;
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
import org.wso2.carbon.device.mgt.common.GroupPaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.exceptions.DeviceNotFoundException;
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup;
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants;
import org.wso2.carbon.device.mgt.common.group.mgt.GroupAlreadyExistException;
import org.wso2.carbon.device.mgt.common.group.mgt.GroupManagementException;
import org.wso2.carbon.device.mgt.common.group.mgt.RoleDoesNotExistException;
import org.wso2.carbon.device.mgt.common.group.mgt.GroupNotExistException;
import org.wso2.carbon.device.mgt.common.group.mgt.RoleDoesNotExistException;
import org.wso2.carbon.device.mgt.common.policy.mgt.Policy;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceGroupList;
import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList;
@ -42,6 +46,9 @@ import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
import org.wso2.carbon.device.mgt.jaxrs.service.api.GroupManagementService;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.policy.mgt.common.PolicyAdministratorPoint;
import org.wso2.carbon.policy.mgt.common.PolicyEvaluationException;
import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
import javax.ws.rs.core.Response;
import java.util.ArrayList;
@ -259,6 +266,17 @@ public class GroupManagementServiceImpl implements GroupManagementService {
public Response addDevicesToGroup(int groupId, List<DeviceIdentifier> deviceIdentifiers) {
try {
DeviceMgtAPIUtils.getGroupManagementProviderService().addDevices(groupId, deviceIdentifiers);
PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
Policy effectivePolicy = null;
for(DeviceIdentifier deviceIdentifier : deviceIdentifiers) {
Device device = dms.getDevice(deviceIdentifier, false);
if(!device.getEnrolmentInfo().getStatus().equals(EnrolmentInfo.Status.REMOVED)) {
effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceIdentifier);
pap.addPolicyToDevice(deviceIdentifiers, effectivePolicy);
}
}
pap.publishChanges();
return Response.status(Response.Status.OK).build();
} catch (GroupManagementException e) {
String msg = "Error occurred while adding devices to group.";
@ -266,6 +284,15 @@ public class GroupManagementServiceImpl implements GroupManagementService {
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (DeviceNotFoundException e) {
return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();
} catch (PolicyManagementException e) {
log.error("Error occurred while adding policies against device(s).", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
} catch (PolicyEvaluationException e) {
log.error("Error occurred while retrieving policies against device(s).", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
} catch (DeviceManagementException e) {
log.error("Error occurred while retrieving device information.", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
}
@ -273,6 +300,17 @@ public class GroupManagementServiceImpl implements GroupManagementService {
public Response removeDevicesFromGroup(int groupId, List<DeviceIdentifier> deviceIdentifiers) {
try {
DeviceMgtAPIUtils.getGroupManagementProviderService().removeDevice(groupId, deviceIdentifiers);
PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
Policy effectivePolicy = null;
for(DeviceIdentifier deviceIdentifier : deviceIdentifiers) {
Device device = dms.getDevice(deviceIdentifier, false);
if(!device.getEnrolmentInfo().getStatus().equals(EnrolmentInfo.Status.REMOVED)) {
effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceIdentifier);
pap.addPolicyToDevice(deviceIdentifiers, effectivePolicy);
}
}
pap.publishChanges();
return Response.status(Response.Status.OK).build();
} catch (GroupManagementException e) {
String msg = "Error occurred while removing devices from group.";
@ -280,6 +318,15 @@ public class GroupManagementServiceImpl implements GroupManagementService {
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (DeviceNotFoundException e) {
return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();
}catch (PolicyManagementException e) {
log.error("Error occurred while adding policies against device(s).", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
} catch (PolicyEvaluationException e) {
log.error("Error occurred while retrieving policies against device(s).", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
} catch (DeviceManagementException e) {
log.error("Error occurred while retrieving device information.", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
}
@ -290,6 +337,10 @@ public class GroupManagementServiceImpl implements GroupManagementService {
deviceIdentifiers.add(deviceToGroupsAssignment.getDeviceIdentifier());
GroupManagementProviderService service = DeviceMgtAPIUtils.getGroupManagementProviderService();
List<DeviceGroup> deviceGroups = service.getGroups(deviceToGroupsAssignment.getDeviceIdentifier(), false);
PolicyAdministratorPoint pap = DeviceMgtAPIUtils.getPolicyManagementService().getPAP();
DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
Device device = null;
Policy effectivePolicy = null;
for (DeviceGroup group : deviceGroups) {
Integer groupId = group.getGroupId();
if (deviceToGroupsAssignment.getDeviceGroupIds().contains(groupId)) {
@ -300,7 +351,12 @@ public class GroupManagementServiceImpl implements GroupManagementService {
}
for (int groupId : deviceToGroupsAssignment.getDeviceGroupIds()) {
DeviceMgtAPIUtils.getGroupManagementProviderService().addDevices(groupId, deviceIdentifiers);
for (DeviceIdentifier deviceIdentifier : deviceIdentifiers) {
effectivePolicy = DeviceMgtAPIUtils.getPolicyManagementService().getPEP().getEffectivePolicy(deviceIdentifier);
pap.addPolicyToDevice(deviceIdentifiers, effectivePolicy);
}
}
pap.publishChanges();
return Response.status(Response.Status.OK).build();
} catch (GroupManagementException e) {
String msg = "Error occurred while assigning device to groups.";
@ -308,6 +364,12 @@ public class GroupManagementServiceImpl implements GroupManagementService {
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (DeviceNotFoundException e) {
return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();
} catch (PolicyManagementException e) {
log.error("Failed to add policies for device assigned to group.", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
} catch (PolicyEvaluationException e) {
log.error("Failed while retrieving policies device assigned to group.", e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
}
@ -325,4 +387,4 @@ public class GroupManagementServiceImpl implements GroupManagementService {
}
}
}
}

@ -93,6 +93,7 @@ public class DeviceAgentServiceTest {
private static final String AUTHENTICATED_USER = "admin";
private static final String MONITOR_OPERATION = "POLICY_MONITOR";
private static Device demoDevice;
private PolicyManagerService policyManagerService;
@ObjectFactory
public IObjectFactory getObjectFactory() {
@ -108,6 +109,7 @@ public class DeviceAgentServiceTest {
this.deviceAgentService = new DeviceAgentServiceImpl();
this.deviceAccessAuthorizationService = Mockito.mock(DeviceAccessAuthorizationServiceImpl.class,
Mockito.RETURNS_MOCKS);
this.policyManagerService = Mockito.mock(PolicyManagerService.class, Mockito.RETURNS_MOCKS);
this.privilegedCarbonContext = Mockito.mock(PrivilegedCarbonContext.class, Mockito.RETURNS_MOCKS);
this.eventStreamAdminServiceStub = Mockito.mock(EventStreamAdminServiceStub.class, Mockito.RETURNS_MOCKS);
demoDevice = DeviceMgtAPITestHelper.generateDummyDevice(TEST_DEVICE_TYPE, TEST_DEVICE_IDENTIFIER);
@ -167,6 +169,8 @@ public class DeviceAgentServiceTest {
.toReturn(this.deviceManagementProviderService);
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getAuthenticatedUser"))
.toReturn(AUTHENTICATED_USER);
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getPolicyManagementService"))
.toReturn(policyManagerService);
EnrolmentInfo enrolmentInfo = demoDevice.getEnrolmentInfo();
enrolmentInfo.setStatus(EnrolmentInfo.Status.INACTIVE);
demoDevice.setEnrolmentInfo(enrolmentInfo);

@ -19,6 +19,7 @@
package org.wso2.carbon.device.mgt.jaxrs.service.impl;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PowerMockIgnore;
@ -42,10 +43,12 @@ import org.wso2.carbon.device.mgt.common.group.mgt.GroupAlreadyExistException;
import org.wso2.carbon.device.mgt.common.group.mgt.GroupManagementException;
import org.wso2.carbon.device.mgt.common.group.mgt.GroupNotExistException;
import org.wso2.carbon.device.mgt.common.group.mgt.RoleDoesNotExistException;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceToGroupsAssignment;
import org.wso2.carbon.device.mgt.jaxrs.service.api.GroupManagementService;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
import javax.ws.rs.core.Response;
import java.util.ArrayList;
@ -61,6 +64,8 @@ import java.util.List;
public class GroupManagementServiceImplTest {
private GroupManagementService groupManagementService;
private GroupManagementProviderService groupManagementProviderService;
private PolicyManagerService policyManagerService;
private DeviceManagementProviderService deviceManagementProviderService;
private PrivilegedCarbonContext context;
@ObjectFactory
@ -72,6 +77,8 @@ public class GroupManagementServiceImplTest {
public void init() {
groupManagementService = new GroupManagementServiceImpl();
groupManagementProviderService = Mockito.mock(GroupManagementProviderService.class);
this.policyManagerService = Mockito.mock(PolicyManagerService.class, Mockito.RETURNS_MOCKS);
this.deviceManagementProviderService = Mockito.mock(DeviceManagementProviderService.class, Mockito.RETURNS_MOCKS);
context = Mockito.mock(PrivilegedCarbonContext.class);
Mockito.doReturn("admin").when(context).getUsername();
}
@ -298,6 +305,10 @@ public class GroupManagementServiceImplTest {
public void testAddDevicesToGroup() throws GroupManagementException, DeviceNotFoundException {
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getGroupManagementProviderService"))
.toReturn(groupManagementProviderService);
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getPolicyManagementService"))
.toReturn(policyManagerService);
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
.toReturn(deviceManagementProviderService);
List<DeviceIdentifier> deviceIdentifiers = new ArrayList<>();
Mockito.doNothing().when(groupManagementProviderService).addDevices(1, deviceIdentifiers);
Mockito.doThrow(new GroupManagementException()).when(groupManagementProviderService).addDevices(2,
@ -319,6 +330,10 @@ public class GroupManagementServiceImplTest {
public void testRemoveDevicesFromGroup() throws GroupManagementException, DeviceNotFoundException {
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getGroupManagementProviderService"))
.toReturn(groupManagementProviderService);
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getPolicyManagementService"))
.toReturn(policyManagerService);
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
.toReturn(deviceManagementProviderService);
List<DeviceIdentifier> deviceIdentifiers = new ArrayList<>();
Mockito.doNothing().when(groupManagementProviderService).removeDevice(1, deviceIdentifiers);
Mockito.doThrow(new GroupManagementException()).when(groupManagementProviderService).removeDevice(2,
@ -357,6 +372,10 @@ public class GroupManagementServiceImplTest {
public void testUpdateDeviceAssigningToGroups() throws GroupManagementException, DeviceNotFoundException {
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getGroupManagementProviderService"))
.toReturn(groupManagementProviderService);
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getPolicyManagementService"))
.toReturn(policyManagerService);
PowerMockito.stub(PowerMockito.method(DeviceMgtAPIUtils.class, "getDeviceManagementService"))
.toReturn(deviceManagementProviderService);
Mockito.reset(groupManagementProviderService);
DeviceToGroupsAssignment deviceToGroupsAssignment = new DeviceToGroupsAssignment();
List<Integer> groupIds = new ArrayList<>();

Loading…
Cancel
Save