merged with origin after resolving conflicts

merge-requests/7/head
ayyoob 8 years ago
commit 671d931d3e

@ -344,84 +344,8 @@ public interface CertificateManagementAdminService {
defaultValue = "12438035315552875930")
@PathParam("serialNumber") String serialNumber);
// /**
// * Verify IOS Certificate for the API security filter
// *
// * @param certificate to be verified as a String
// * @return Status of the certificate verification.
// */
// @POST
// @Path("/verify/ios")
// @ApiOperation(
// consumes = MediaType.APPLICATION_JSON,
// produces = MediaType.APPLICATION_JSON,
// httpMethod = "POST",
// value = "Verify IOS SSL certificate",
// notes = "Verify IOS Certificate for the API security filter.\n",
// tags = "Certificate Management")
// @ApiResponses(
// value = {
// @ApiResponse(
// code = 200,
// message = "Return the status of the IOS certificate verification.",
// responseHeaders = {
// @ResponseHeader(
// name = "Content-Type",
// description = "The content type of the body")}),
// @ApiResponse(
// code = 400,
// message = "Bad Request. \n Invalid request or validation error.",
// response = ErrorResponse.class)
// })
// Response verifyIOSCertificate(
// @ApiParam(
// name = "certificate",
// value = "The properties to verify certificate. It includes the following: \n" +
// "serial: The unique ID of the certificate. (optional) \n" +
// "pem: mdm-signature of the certificate",
// required = true) EnrollmentCertificate certificate);
//
// /**
// * Verify Android Certificate for the API security filter
// *
// * @param certificate to be verified as a String
// * @return Status of the certificate verification.
// */
// @POST
// @Path("/verify/android")
// @ApiOperation(
// consumes = MediaType.APPLICATION_JSON,
// produces = MediaType.APPLICATION_JSON,
// httpMethod = "POST",
// value = "Verify Android SSL certificate",
// notes = "Verify Android Certificate for the API security filter.\n",
// tags = "Certificate Management")
// @ApiResponses(
// value = {
// @ApiResponse(
// code = 200,
// message = "Return the status of the Android certificate verification.",
// responseHeaders = {
// @ResponseHeader(
// name = "Content-Type",
// description = "The content type of the body")}),
// @ApiResponse(
// code = 400,
// message = "Bad Request. \n Invalid request or validation error.",
// response = ErrorResponse.class)
// })
// Response verifyAndroidCertificate(
// @ApiParam(
// name = "certificate",
// value = "The properties to verify certificate. It includes the following: \n" +
// "serial: The unique ID of the certificate. (optional) \n" +
// "pem: pem String of the certificate",
// required = true) EnrollmentCertificate certificate);
//
/**
* Verify Android Certificate for the API security filter
* Verify Certificate for the API security filter
*
* @param certificate to be verified as a String
* @return Status of the certificate verification.
@ -432,19 +356,20 @@ public interface CertificateManagementAdminService {
consumes = MediaType.APPLICATION_JSON,
produces = MediaType.APPLICATION_JSON,
httpMethod = "POST",
value = "Verify Android SSL certificate",
notes = "Verify Android Certificate for the API security filter.\n",
value = "Verify SSL certificate",
notes = "Verify Certificate for the API security filter.\n",
tags = "Certificate Management",
extensions = {
@Extension(properties = {
@ExtensionProperty(name = SCOPE, value = "perm:admin:certificates:add")
})
@Extension(properties = {
@ExtensionProperty(name = SCOPE, value = "perm:admin:certificates:verify")
})
}
)
@ApiResponses(
value = {
@ApiResponse(
code = 200,
message = "Return the status of the Android certificate verification.",
message = "Return the status of the certificate verification.",
responseHeaders = {
@ResponseHeader(
name = "Content-Type",

@ -79,6 +79,12 @@ import javax.ws.rs.core.Response;
key = "perm:devices:details",
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Update the device specified by device id",
description = "Update the device specified by device id",
key = "perm:devices:update",
permissions = {"/device-mgt/devices/owning-device/view"}
),
@Scope(
name = "Delete the device specified by device id",
description = "Delete the device specified by device id",

@ -18,27 +18,36 @@
*/
package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.SwaggerDefinition;
import io.swagger.annotations.Info;
import io.swagger.annotations.ExtensionProperty;
import io.swagger.annotations.Extension;
import io.swagger.annotations.Tag;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.Extension;
import io.swagger.annotations.ExtensionProperty;
import io.swagger.annotations.Info;
import io.swagger.annotations.ResponseHeader;
import io.swagger.annotations.SwaggerDefinition;
import io.swagger.annotations.Tag;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.apimgt.annotations.api.Scopes;
import org.wso2.carbon.device.mgt.common.policy.mgt.Policy;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper;
import org.wso2.carbon.device.mgt.jaxrs.beans.PriorityUpdatedPolicyWrapper;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import org.wso2.carbon.device.mgt.common.policy.mgt.Policy;
import javax.validation.Valid;
import javax.ws.rs.*;
import javax.validation.constraints.Size;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.util.List;
@ -118,6 +127,12 @@ import java.util.List;
description = "Updating the Policy Priorities",
key = "perm:policies:priorities",
permissions = {"/device-mgt/policies/manage"}
),
@Scope(
name = "Fetching the Effective Policy",
description = "Fetching the Effective Policy",
key = "perm:policies:effective-policy",
permissions = {"/device-mgt/policies/view"}
)
}
)
@ -605,6 +620,69 @@ public interface PolicyManagementService {
@GET
@Path("/effective-policy/{deviceType}/{deviceId}")
Response getEffectivePolicy(@PathParam("deviceId") String deviceId, @PathParam("deviceType") String deviceType);
@ApiOperation(
consumes = MediaType.APPLICATION_JSON,
produces = MediaType.APPLICATION_JSON,
httpMethod = "GET",
value = "Getting the Effective Policy",
notes = "Retrieve the effective policy of a device using this API.",
tags = "Device Policy Management",
extensions = {
@Extension(properties = {
@ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:effective-policy")
})
}
)
@ApiResponses(
value = {
@ApiResponse(
code = 200,
message = "OK. \n Successfully fetched the policy.",
response = Policy.class,
responseHeaders = {
@ResponseHeader(
name = "Content-Type",
description = "The content type of the body"),
@ResponseHeader(
name = "ETag",
description = "Entity Tag of the response resource.\n" +
"Used by caches, or in conditional requests."),
@ResponseHeader(
name = "Last-Modified",
description = "Date and time the resource was last modified.\n" +
"Used by caches, or in conditional requests."),
}
),
@ApiResponse(
code = 304,
message = "Not Modified. \n Empty body because the client already has the latest version of the requested resource.\n"),
@ApiResponse(
code = 404,
message = "Not Found. \n A specified policy was not found.",
response = ErrorResponse.class),
@ApiResponse(
code = 406,
message = "Not Acceptable.\n The requested media type is not supported."),
@ApiResponse(
code = 500,
message = "Internal Server Error. \n Server error occurred while fetching the " +
"policy.",
response = ErrorResponse.class)
})
Response getEffectivePolicy(
@ApiParam(
name = "deviceType",
value = "The device type, such as ios, android or windows.",
required = true,
allowableValues = "android, ios, windows")
@PathParam("deviceType")
@Size(max = 45)
String deviceType,
@ApiParam(
name = "deviceId",
value = "The device identifier of the device you want ot get details.",
required = true)
@PathParam("deviceId")
@Size(max = 45)
String deviceId);
}

@ -771,11 +771,10 @@ public interface UserManagementService {
value = "Sending Enrollment Invitations to email address",
notes = "Send the a mail inviting recipients to enroll devices.",
tags = "User Management",
authorizations = {
@Authorization(
value = "permission",
scopes = {@AuthorizationScope(scope = "/device-mgt/users/invite", description = "Invite Users")}
)
extensions = {
@Extension(properties = {
@ExtensionProperty(name = Constants.SCOPE, value = "perm:users:send-invitation")
})
}
)
@ApiResponses(value = {

@ -376,7 +376,7 @@ public class PolicyManagementServiceImpl implements PolicyManagementService {
@GET
@Path("/effective-policy/{deviceType}/{deviceId}")
@Override
public Response getEffectivePolicy(@PathParam("deviceId") String deviceId, @PathParam("deviceType") String deviceType) {
public Response getEffectivePolicy(@PathParam("deviceType") String deviceType, @PathParam("deviceId") String deviceId) {
PolicyManagerService policyManagementService = DeviceMgtAPIUtils.getPolicyManagementService();
final Policy policy;
try {

@ -140,6 +140,7 @@
"perm:admin:certificates:details",
"perm:admin:certificates:view",
"perm:admin:certificates:add",
"perm:admin:certificates:verify",
"perm:admin"
],
"isOAuthEnabled" : true,

@ -28,6 +28,7 @@ var handlers = function () {
var tokenUtil = require("/app/modules/oauth/token-handler-utils.js")["utils"];
var constants = require("/app/modules/constants.js");
var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"];
var utility = require("/app/modules/utility.js")["utility"];
var publicMethods = {};
var privateMethods = {};
@ -49,6 +50,7 @@ var handlers = function () {
var tokenData;
// tokenPair will include current access token as well as current refresh token
var arrayOfScopes = devicemgtProps["scopes"];
arrayOfScopes = arrayOfScopes.concat(utility.getDeviceTypesScopesList());
var stringOfScopes = "";
arrayOfScopes.forEach(function (entry) {
stringOfScopes += entry + " ";
@ -78,19 +80,20 @@ var handlers = function () {
publicMethods["setupTokenPairBySamlGrantType"] = function (username, samlToken) {
if (!username || !samlToken) {
throw new Error("{/app/modules/oauth/token-handlers.js} Could not set up access token pair by " +
"saml grant type. Either username of logged in user, samlToken or both are missing " +
"as input - setupTokenPairByPasswordGrantType(x, y)");
"saml grant type. Either username of logged in user, samlToken or both are missing " +
"as input - setupTokenPairBySamlGrantType(x, y)");
} else {
privateMethods.setUpEncodedTenantBasedClientAppCredentials(username);
privateMethods.setUpEncodedTenantBasedWebSocketClientAppCredentials(username);
var encodedClientAppCredentials = session.get(constants["ENCODED_TENANT_BASED_CLIENT_APP_CREDENTIALS"]);
if (!encodedClientAppCredentials) {
throw new Error("{/app/modules/oauth/token-handlers.js} Could not set up access token pair " +
"by saml grant type. Encoded client credentials are " +
"missing - setupTokenPairByPasswordGrantType(x, y)");
"by saml grant type. Encoded client credentials are " +
"missing - setupTokenPairBySamlGrantType(x, y)");
} else {
var tokenData;
var arrayOfScopes = devicemgtProps["scopes"];
arrayOfScopes = arrayOfScopes.concat(utility.getDeviceTypesScopesList());
var stringOfScopes = "";
arrayOfScopes.forEach(function (entry) {
stringOfScopes += entry + " ";
@ -98,11 +101,11 @@ var handlers = function () {
// accessTokenPair will include current access token as well as current refresh token
tokenData = tokenUtil.
getTokenPairAndScopesBySAMLGrantType(samlToken, encodedClientAppCredentials, stringOfScopes);
getTokenPairAndScopesBySAMLGrantType(samlToken, encodedClientAppCredentials, stringOfScopes);
if (!tokenData) {
throw new Error("{/app/modules/oauth/token-handlers.js} Could not set up token " +
"pair by password grant type. Error in token " +
"retrieval - setupTokenPairByPasswordGrantType(x, y)");
"pair by password grant type. Error in token " +
"retrieval - setupTokenPairBySamlGrantType(x, y)");
} else {
var tokenPair = {};
tokenPair["accessToken"] = tokenData["accessToken"];

@ -125,5 +125,33 @@ utility = function () {
return null;
};
publicMethods.getDeviceTypesScopesList = function () {
var dirs = new File("/app/units/").listFiles();
var scopesList = [];
for (var i = 0; i < dirs.length; i++) {
var unitName = dirs[i].getName();
if (unitName.match(/^cdmf\.unit\.device\.type\..*\.type-view$/g)) {
var deviceTypeConfigFile = new File("/app/units/" + unitName + "/private/config.json");
if (deviceTypeConfigFile.isExists()) {
try {
deviceTypeConfigFile.open("r");
var config = deviceTypeConfigFile.readAll();
config = config.replace("%https.ip%", server.address("https"));
config = config.replace("%http.ip%", server.address("http"));
var deviceTypeConfig = parse(config);
if (deviceTypeConfig.deviceType && deviceTypeConfig.deviceType.scopes) {
scopesList = scopesList.concat(deviceTypeConfig.deviceType.scopes);
}
} catch (err) {
log.error("Error while reading device config file for `" + deviceType + "`: " + err);
} finally {
deviceTypeConfigFile.close();
}
}
}
}
return scopesList;
};
return publicMethods;
}();

Loading…
Cancel
Save