From d63f2a3f24503229e8b0071a40414de41807bf5d Mon Sep 17 00:00:00 2001 From: Viranga Gunarathna Date: Thu, 12 Oct 2023 15:25:20 +0530 Subject: [PATCH] mapping permissions with scopes --- .../api/ActivityInfoProviderService.java | 2 +- .../jaxrs/service/api/DeviceAgentService.java | 16 +++++++------- .../api/DeviceEventManagementService.java | 4 ++-- .../service/api/DeviceManagementService.java | 18 +++++++-------- .../service/api/GroupManagementService.java | 12 +++++----- .../api/NotificationManagementService.java | 2 +- .../service/api/PolicyManagementService.java | 18 +++++++-------- .../service/api/RoleManagementService.java | 14 ++++++------ .../service/api/UserManagementService.java | 22 +++++++++---------- .../ApplicationManagementAdminService.java | 4 ++-- .../admin/DeviceManagementAdminService.java | 2 +- .../admin/GroupManagementAdminService.java | 2 +- .../api/admin/UserManagementAdminService.java | 4 ++-- .../mgt/core/DeviceManagementConstants.java | 3 ++- .../modules/business-controllers/device.js | 2 +- .../type-view.hbs | 2 +- 16 files changed, 64 insertions(+), 63 deletions(-) diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/ActivityInfoProviderService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/ActivityInfoProviderService.java index a1846536a1..b1fd4c9791 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/ActivityInfoProviderService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/ActivityInfoProviderService.java @@ -78,7 +78,7 @@ import java.util.List; description = "Get activities", key = "dm:activity:get", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/activities/view"} ) } ) diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceAgentService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceAgentService.java index 50f7c1e465..5e43b5e274 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceAgentService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceAgentService.java @@ -91,21 +91,21 @@ import java.util.Map; description = "Disenroll a device", key = "dm:device:disenroll", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/remove"} + permissions = {"/device-mgt/devices/owning-device/disenroll"} ), @Scope( name = "Publish Event", description = "publish device event", key = "dm:device:event:publish", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/event"} + permissions = {"/device-mgt/devices/owning-device/event/publish"} ), @Scope( name = "Getting Device Operation Details", description = "Getting Device Operation Details", - key = "dm:ops:view", + key = "dm:devices:ops:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/operations/view"} ) } ) @@ -394,7 +394,7 @@ public interface DeviceAgentService { tags = "Device Agent Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "dm:ops:view") + @ExtensionProperty(name = Constants.SCOPE, value = "dm:devices:ops:view") }) } ) @@ -453,7 +453,7 @@ public interface DeviceAgentService { tags = "Device Agent Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "dm:ops:view") + @ExtensionProperty(name = Constants.SCOPE, value = "dm:devices:ops:view") }) } ) @@ -511,7 +511,7 @@ public interface DeviceAgentService { tags = "Device Agent Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "dm:ops:view") + @ExtensionProperty(name = Constants.SCOPE, value = "dm:devices:ops:view") }) } ) @@ -630,7 +630,7 @@ public interface DeviceAgentService { tags = "Device Agent Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "dm:ops:view") + @ExtensionProperty(name = Constants.SCOPE, value = "dm:devices:ops:view") }) } ) diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceEventManagementService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceEventManagementService.java index 8d8ad05607..ab9bf2aa53 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceEventManagementService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceEventManagementService.java @@ -71,14 +71,14 @@ import java.util.List; description = "Add or Delete Event Definition for device type", key = "dm:device-type:event:modify", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/device-type/add"} + permissions = {"/device-mgt/devices/owning-device/event/modify"} ), @Scope( name = "Get Events Details of a Device Type", description = "Get Events Details of a Device Type", key = "dm:device-type:event:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/event/view"} ) } ) diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceManagementService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceManagementService.java index f4dd947cc2..eeb7caeeb3 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceManagementService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/DeviceManagementService.java @@ -99,63 +99,63 @@ import java.util.Map; description = "Getting Details of a Device", key = "dm:devices:details", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/details/view"} ), @Scope( name = "Update the device specified by device id", description = "Update the device specified by device id", key = "dm:devices:update", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/update"} ), @Scope( name = "Delete the device specified by device id", description = "Delete the device specified by device id", key = "dm:devices:delete", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/delete"} ), @Scope( name = "Getting Feature Details of a Device", description = "Getting Feature Details of a Device", key = "dm:devices:features:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/features/view"} ), @Scope( name = "Advanced Search for Devices", description = "Advanced Search for Devices", key = "dm:devices:search", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/search"} ), @Scope( name = "Getting Installed Application Details of a Device", description = "Getting Installed Application Details of a Device", key = "dm:devices:app:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/apps/view"} ), @Scope( name = "Getting Device Operation Details", description = "Getting Device Operation Details", key = "dm:devices:ops:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/operations/view"} ), @Scope( name = "Get the details of the policy that is enforced on a device.", description = "Get the details of the policy that is enforced on a device.", key = "dm:devices:policy:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/policies/view"} ), @Scope( name = "Getting Policy Compliance Details of a Device", description = "Getting Policy Compliance Details of a Device", key = "dm:devices:compliance:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/compliance/view"} ), @Scope( name = "Change device status.", diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/GroupManagementService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/GroupManagementService.java index 63ce185bfa..36c85323c6 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/GroupManagementService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/GroupManagementService.java @@ -91,7 +91,7 @@ import java.util.List; description = "Get the count of groups belongs to current user.", key = "gm:groups:count", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/groups/view"} + permissions = {"/device-mgt/groups/count"} ), @Scope( name = "Add new device group to the system.", @@ -105,7 +105,7 @@ import java.util.List; description = "View group specified", key = "gm:groups:groups-view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/groups/view"} + permissions = {"/device-mgt/groups/specified-groups/view"} ), @Scope( name = "Update a group", @@ -147,7 +147,7 @@ import java.util.List; description = "View list of device count in the device group", key = "gm:devices:count", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/groups/devices/view"} + permissions = {"/device-mgt/groups/devices/count"} ), @Scope( name = "Add devices to group", @@ -168,21 +168,21 @@ import java.util.List; description = "Assign devices to groups", key = "gm:devices:assign", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/groups/devices/add"} + permissions = {"/device-mgt/groups/devices/assign"} ), @Scope( name = "List of groups that have the device", description = "List of groups that have the device", key = "gm:groups:device:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/groups/devices/view"} + permissions = {"/device-mgt/groups/device-groups/view"} ), @Scope( name = "View whether the groups has relevant device types", description = "View whether the groups has relevant device types", key = "gm:devices-types:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/groups/device-types"} + permissions = {"/device-mgt/groups/device-types/view"} ) } ) diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/NotificationManagementService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/NotificationManagementService.java index 3dad471bc0..749791619f 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/NotificationManagementService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/NotificationManagementService.java @@ -80,7 +80,7 @@ import javax.ws.rs.core.Response; description = "Updating the Device Notification Status", key = "dm:notif:mark-checked", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/notifications/view"} + permissions = {"/device-mgt/notifications/update"} ) } ) diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/PolicyManagementService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/PolicyManagementService.java index bcdb180e3d..8cce7e92b3 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/PolicyManagementService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/PolicyManagementService.java @@ -79,7 +79,7 @@ import java.util.List; description = "Adding a Policy", key = "pm:policies:add", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/policies/manage"} + permissions = {"/device-mgt/policies/add"} ), @Scope( name = "Getting Details of Policies", @@ -93,56 +93,56 @@ import java.util.List; description = "Getting Details of a Policy", key = "pm:policies:details:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/policies/view"} + permissions = {"/device-mgt/policies/view-details"} ), @Scope( name = "Updating a Policy", description = "Updating a Policy", key = "pm:policies:update", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/policies/manage"} + permissions = {"/device-mgt/policies/update"} ), @Scope( name = "Removing Multiple Policies", description = "Removing Multiple Policies", key = "pm:policies:remove", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/policies/manage"} + permissions = {"/device-mgt/policies/remove"} ), @Scope( name = "Activating Policies", description = "Activating Policies", key = "pm:policies:activate", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/policies/manage"} + permissions = {"/device-mgt/policies/activate"} ), @Scope( name = "Deactivating Policies", description = "Deactivating Policies", key = "pm:policies:deactivate", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/policies/manage"} + permissions = {"/device-mgt/policies/deactivate"} ), @Scope( name = "Applying Changes on Policies", description = "Applying Changes on Policies", key = "pm:policies:change", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/policies/manage"} + permissions = {"/device-mgt/policies/apply-changes"} ), @Scope( name = "Updating the Policy Priorities", description = "Updating the Policy Priorities", key = "pm:policies:priorities:update", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/policies/manage"} + permissions = {"/device-mgt/policies/update-priority"} ), @Scope( name = "Fetching the Effective Policy", description = "Fetching the Effective Policy", key = "pm:policies:effective-policy", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/policies/view"} + permissions = {"/device-mgt/policies/view-effective-policy"} ) } ) diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/RoleManagementService.java index d0cee93215..9be614674f 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/RoleManagementService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/RoleManagementService.java @@ -60,49 +60,49 @@ import java.util.List; description = "Getting Permission Details of a Role", key = "rm:roles:permissions:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/roles/view"} + permissions = {"/device-mgt/roles/view-permissions"} ), @Scope( name = "Getting the List of Roles", description = "Getting the List of Roles", key = "rm:roles:details:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/roles/view"} + permissions = {"/device-mgt/roles/view-details"} ), @Scope( name = "Adding a Role", description = "Adding a Role", key = "rm:roles:add", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/roles/manage"} + permissions = {"/device-mgt/roles/add"} ), @Scope( name = "Adding a combined Role", description = "Adding a combined Role", key = "rm:roles:combined:add", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/roles/manage"} + permissions = {"/device-mgt/roles/combined-role/add"} ), @Scope( name = "Updating Role Details", description = "Updating Role Details", key = "rm:roles:update", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/roles/manage"} + permissions = {"/device-mgt/roles/update"} ), @Scope( name = "Deleting a Role", description = "Deleting a Role", key = "rm:roles:delete", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/roles/manage"} + permissions = {"/device-mgt/roles/delete"} ), @Scope( name = "Adding Users to a Role", description = "Adding Users to a Role", key = "rm:users:add", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/roles/manage"} + permissions = {"/device-mgt/roles/assign-user"} ) } ) diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/UserManagementService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/UserManagementService.java index ded3961a62..afa5fdfc08 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/UserManagementService.java @@ -82,35 +82,35 @@ import javax.ws.rs.core.Response; description = "Adding a User", key = "um:users:add", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/users/manage"} + permissions = {"/device-mgt/users/add"} ), @Scope( name = "Getting Details of a User", description = "Getting Details of a User", key = "um:users:details:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/users/view"} + permissions = {"/device-mgt/users/details/view"} ), @Scope( name = "Updating Details of a User", description = "Updating Details of a User", key = "um:users:update", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/users/manage"} + permissions = {"/device-mgt/users/update"} ), @Scope( name = "Deleting a User", description = "Deleting a User", key = "um:users:delete", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/users/manage"} + permissions = {"/device-mgt/users/delete"} ), @Scope( name = "Getting the Role Details of a User", description = "Getting the Role Details of a User", key = "um:roles:view", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/users/view"} + permissions = {"/device-mgt/users/roles/view"} ), @Scope( name = "Getting Details of Users", @@ -124,42 +124,42 @@ import javax.ws.rs.core.Response; description = "Getting the User Count", key = "um:users:count", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/users/view"} + permissions = {"/device-mgt/users/count"} ), @Scope( name = "Getting the User existence status", description = "Getting the User existence status", key = "um:users:is-exist", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/users/view"} + permissions = {"/device-mgt/users/existence/view"} ), @Scope( name = "Searching for a User Name", description = "Searching for a User Name", key = "um:users:search", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/users/view"} + permissions = {"/device-mgt/users/search"} ), @Scope( name = "Changing the User Password", description = "Adding a User", key = "um:users:cred:change", roles = {"Internal/devicemgt-user"}, - permissions = {"/login"} + permissions = {"/login/password/update"} ), @Scope( name = "Sending Enrollment Invitations to Users", description = "Sending Enrollment Invitations to Users", key = "um:users:invite", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/users/manage"} + permissions = {"/device-mgt/users/invite"} ), @Scope( name = "Get activities", description = "Get activities", key = "dm:activity:get", roles = {"Internal/devicemgt-user"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/devices/owning-device/activities/view"} ), @Scope( name = "Getting the Permissions of the User", diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/ApplicationManagementAdminService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/ApplicationManagementAdminService.java index 1cb5325dcc..211390180f 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/ApplicationManagementAdminService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/ApplicationManagementAdminService.java @@ -67,14 +67,14 @@ import javax.ws.rs.core.Response; description = "Installing an Application (Internal API)", key = "am:admin:app:install", roles = {"Internal/devicemgt-admin"}, - permissions = {"/device-mgt/applications/manage"} + permissions = {"/device-mgt/admin/applications/install"} ), @Scope( name = "Uninstalling an Application (Internal API)", description = "Uninstalling an Application (Internal API)", key = "am:admin:app:uninstall", roles = {"Internal/devicemgt-admin"}, - permissions = {"/device-mgt/applications/manage"} + permissions = {"/device-mgt/admin/applications/uninstall"} ) } ) diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/DeviceManagementAdminService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/DeviceManagementAdminService.java index 9ebef18d15..21eae81189 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/DeviceManagementAdminService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/DeviceManagementAdminService.java @@ -79,7 +79,7 @@ import java.util.List; description = "Getting Details of a Device", key = "dm:admin:devices:view", roles = {"Internal/devicemgt-admin"}, - permissions = {"/device-mgt/devices/owning-device/view"} + permissions = {"/device-mgt/admin/devices/view"} ), @Scope( name = "Update the Device Owner", diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/GroupManagementAdminService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/GroupManagementAdminService.java index cec3ce0237..7801afb3e3 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/GroupManagementAdminService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/GroupManagementAdminService.java @@ -84,7 +84,7 @@ import javax.ws.rs.core.Response; description = "", key = "gm:admin:groups:count", roles = {"Internal/devicemgt-admin"}, - permissions = {"/device-mgt/admin/groups/view"} + permissions = {"/device-mgt/admin/groups/count"} ), @Scope( name = "Add groups", diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/UserManagementAdminService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/UserManagementAdminService.java index 7e5e5ce232..a62341756e 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/UserManagementAdminService.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/api/admin/UserManagementAdminService.java @@ -53,14 +53,14 @@ import javax.ws.rs.core.Response; description = "View Users", key = "um:admin:users:view", roles = {"Internal/devicemgt-admin"}, - permissions = {"/device-mgt/users/manage"} + permissions = {"/device-mgt/admin/users/view"} ), @Scope( name = "Delete Users Device Information", description = "Delete users device details", key = "um:admin:users:remove", roles = {"Internal/devicemgt-admin"}, - permissions = {"/device-mgt/users/manage"} + permissions = {"/device-mgt/admin/users/delete"} ) } ) diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/DeviceManagementConstants.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/DeviceManagementConstants.java index ebf11e54ee..8fc2e2804a 100644 --- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/DeviceManagementConstants.java +++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/DeviceManagementConstants.java @@ -38,7 +38,7 @@ public final class DeviceManagementConstants { private ConfigurationManagement(){ throw new AssertionError(); } - public static final String SCOPES_FOR_TOKEN = "dm:ops:view dm:device:event:publish win:devices:enroll"; + public static final String SCOPES_FOR_TOKEN = "dm:devices:ops:view dm:device:event:publish win:devices:enroll"; public static final String IOT_GATEWAY_HOST = "iot.gateway.host"; public static final String IOT_GATEWAY_HTTPS_PORT = "iot.gateway.https.port"; public static final String IOT_CORE_HOST = "iot.core.host"; @@ -156,6 +156,7 @@ public final class DeviceManagementConstants { new Permission("/permission/admin/device-mgt/devices/enroll", "ui.execute"), new Permission("/permission/admin/device-mgt/devices/disenroll", "ui.execute"), new Permission("/permission/admin/device-mgt/devices/owning-device/view", "ui.execute"), + new Permission("/permission/admin/device-mgt/devices/owning-device/operations/view", "ui.execute"), new Permission("/permission/admin/device-mgt/metadata", "ui.execute"), new Permission("/permission/admin/manage/portal", "ui.execute") }; diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/device.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/device.js index 69995e840b..b01afcbf25 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/device.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/device.js @@ -409,7 +409,7 @@ deviceModule = function () { var jwtClient = JWTClientManagerService.getJWTClient(); // returning access token by JWT grant type var deviceScope = "device_" + type.replace(" ", "") + "_" + deviceId + " dm:device:enroll " + - "dm:device:disenroll dm:device:modify dm:ops:view dm:device:event:publish"; + "dm:device:disenroll dm:device:modify dm:devices:ops:view dm:device:event:publish"; var tokenInfo = jwtClient.getAccessToken(config.clientId, config.clientSecret, userName, deviceScope); config.accessToken = tokenInfo.getAccessToken(); diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.default.device.type.type-view/type-view.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.default.device.type.type-view/type-view.hbs index 410693a3b5..b94dd02644 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.default.device.type.type-view/type-view.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.default.device.type.type-view/type-view.hbs @@ -120,7 +120,7 @@ -d '{ "applicationName":"testme", "isAllowedToAllDomains":false, "tags":["device_agent"]}'
  • Generate Token

    - curl -k -d "grant_type=password&username=%username%&password=%password%&scope=dm:device:enroll dm:device:disenroll dm:device:modify dm:ops:view dm:device:event:publish" + curl -k -d "grant_type=password&username=%username%&password=%password%&scope=dm:device:enroll dm:device:disenroll dm:device:modify dm:devices:ops:view dm:device:event:publish" -H "Authorization: Basic Base64(client_id:client_secret)" -H "Content-Type: application/x-www-form-urlencoded" {{httpsGateway}}/token