Merge pull request #575 from GPrathap/master

fixing permission issue when viewing device analytics dashboard
revert-70aa11f8
Rasika Perera 8 years ago committed by GitHub
commit d1c34706f2

@ -62,6 +62,7 @@
</Private-Package>
<Export-Package>
org.wso2.carbon.device.mgt.analytics.dashboard,
org.wso2.carbon.device.mgt.analytics.dashboard.util,
org.wso2.carbon.device.mgt.analytics.dashboard.exception,
org.wso2.carbon.device.mgt.analytics.dashboard.bean
</Export-Package>

@ -47,7 +47,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data.
*/
@SuppressWarnings("unused")
DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet)
DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException;
/**
@ -64,7 +64,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data.
*/
@SuppressWarnings("unused")
DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet)
DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet, String userName)
throws InvalidFeatureCodeValueException, DataAccessLayerException;
/**
@ -74,7 +74,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data.
*/
@SuppressWarnings("unused")
DeviceCountByGroup getTotalDeviceCount() throws DataAccessLayerException;
DeviceCountByGroup getTotalDeviceCount(String userName) throws DataAccessLayerException;
/**
* This method is used to get device counts classified by connectivity statuses.
@ -83,7 +83,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data.
*/
@SuppressWarnings("unused")
List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses() throws DataAccessLayerException;
List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses(String userName) throws DataAccessLayerException;
/**
* This method is used to get device counts classified by potential vulnerabilities.
@ -92,7 +92,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data.
*/
@SuppressWarnings("unused")
List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities() throws DataAccessLayerException;
List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities(String userName) throws DataAccessLayerException;
/**
* This method is used to get non-compliant device counts classified by individual features.
@ -105,7 +105,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data.
*/
@SuppressWarnings("unused")
PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount) throws
PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName) throws
InvalidStartIndexValueException, InvalidResultCountValueException, DataAccessLayerException;
/**
@ -122,7 +122,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data.
*/
@SuppressWarnings("unused")
List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet)
List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException;
/**
@ -139,7 +139,7 @@ public interface GadgetDataService {
*/
@SuppressWarnings("unused")
List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException,
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException;
/**
@ -156,7 +156,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data.
*/
@SuppressWarnings("unused")
List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet)
List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException;
/**
@ -174,7 +174,7 @@ public interface GadgetDataService {
*/
@SuppressWarnings("unused")
List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException,
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException;
/**
@ -196,7 +196,7 @@ public interface GadgetDataService {
* @throws InvalidResultCountValueException This can occur if resultCount value is lesser than its minimum (5).
*/
@SuppressWarnings("unused")
PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount)
PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException,
InvalidStartIndexValueException, InvalidResultCountValueException;
@ -220,7 +220,7 @@ public interface GadgetDataService {
*/
@SuppressWarnings("unused")
PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet,
int startIndex, int resultCount) throws InvalidFeatureCodeValueException,
int startIndex, int resultCount, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException, InvalidStartIndexValueException,
InvalidResultCountValueException;
@ -238,7 +238,7 @@ public interface GadgetDataService {
* executing SQL query and retrieving data.
*/
@SuppressWarnings("unused")
List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet)
List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException;
/**
@ -255,7 +255,7 @@ public interface GadgetDataService {
*/
@SuppressWarnings("unused")
List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException,
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException;
}

@ -18,13 +18,16 @@
package org.wso2.carbon.device.mgt.analytics.dashboard.dao;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.BasicFilterSet;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceWithDetails;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceCountByGroup;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.ExtendedFilterSet;
import org.wso2.carbon.device.mgt.analytics.dashboard.exception.InvalidFeatureCodeValueException;
import org.wso2.carbon.device.mgt.analytics.dashboard.exception.InvalidPotentialVulnerabilityValueException;
import org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil;
import java.sql.Connection;
@ -36,40 +39,39 @@ import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import static org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil.getAuthenticatedUser;
import static org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil.getAuthenticatedUserTenantDomainId;
public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceDAO {
private static final Log log = LogFactory.getLog(AbstractGadgetDataServiceDAO.class);
@Override
public DeviceCountByGroup getTotalDeviceCount() throws SQLException {
public DeviceCountByGroup getTotalDeviceCount(String userName) throws SQLException {
int totalDeviceCount;
try {
totalDeviceCount = this.getFilteredDeviceCount(null);
totalDeviceCount = this.getFilteredDeviceCount(null, userName);
} catch (InvalidPotentialVulnerabilityValueException e) {
throw new AssertionError(e);
}
DeviceCountByGroup deviceCountByGroup = new DeviceCountByGroup();
deviceCountByGroup.setGroup("total");
deviceCountByGroup.setDisplayNameForGroup("Total");
deviceCountByGroup.setDeviceCount(totalDeviceCount);
return deviceCountByGroup;
}
@Override
public DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet)
public DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException {
int filteredDeviceCount = this.getFilteredDeviceCount(extendedFilterSet);
int filteredDeviceCount = this.getFilteredDeviceCount(extendedFilterSet, userName);
DeviceCountByGroup deviceCountByGroup = new DeviceCountByGroup();
deviceCountByGroup.setGroup("filtered");
deviceCountByGroup.setDisplayNameForGroup("Filtered");
deviceCountByGroup.setDeviceCount(filteredDeviceCount);
return deviceCountByGroup;
}
private int getFilteredDeviceCount(ExtendedFilterSet extendedFilterSet)
private int getFilteredDeviceCount(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException {
Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet);
@ -77,24 +79,37 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
int filteredDeviceCount = 0;
try {
String sql;
con = this.getConnection();
String sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ?";
if (APIUtil.isDeviceAdminUser()) {
sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO WHERE TENANT_ID = ?";
} else {
sql = "SELECT COUNT(POLICY__INFO.DEVICE_ID) AS DEVICE_COUNT FROM "
+ GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO INNER JOIN" +
" DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND " +
" POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? ";
}
// appending filters to support advanced filtering options
// [1] appending filter columns
if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) {
sql = sql + " AND " + column + " = ?";
sql = sql + " AND POLICY__INFO." + column + " = ? ";
}
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt = con.prepareStatement(sql);
stmt.setInt(1, tenantId);
int index = 2;
if (!APIUtil.isDeviceAdminUser()) {
stmt.setString(2, userName);
index = 3;
}
if (filters != null && filters.values().size() > 0) {
int i = 2;
int i = index;
for (Object value : filters.values()) {
if (value instanceof Integer) {
stmt.setInt(i, (Integer) value);
@ -110,6 +125,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
while (rs.next()) {
filteredDeviceCount = rs.getInt("DEVICE_COUNT");
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
@ -118,7 +136,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
@Override
public DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException {
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) {
throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty.");
@ -129,25 +147,39 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
int filteredDeviceCount = 0;
try {
String sql;
con = this.getConnection();
String sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? AND FEATURE_CODE = ?";
if (APIUtil.isDeviceAdminUser()) {
sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO WHERE TENANT_ID =" +
" ? AND FEATURE_CODE = ?";
} else {
sql = "SELECT COUNT(FEATURE_INFO.DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID AND " +
"FEATURE_INFO.TENANT_ID = ? AND FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? ";
}
// appending filters to support advanced filtering options
// [1] appending filter columns
if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) {
sql = sql + " AND " + column + " = ?";
sql = sql + " AND FEATURE_INFO." + column + " = ?";
}
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt.setInt(1, tenantId);
stmt.setString(2, featureCode);
int index = 3;
if (!APIUtil.isDeviceAdminUser()) {
stmt.setString(3, userName);
index = 4;
}
if (filters != null && filters.values().size() > 0) {
int i = 3;
int i = index;
for (Object value : filters.values()) {
if (value instanceof Integer) {
stmt.setInt(i, (Integer) value);
@ -163,6 +195,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
while (rs.next()) {
filteredDeviceCount = rs.getInt("DEVICE_COUNT");
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
@ -176,20 +211,32 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
}
@Override
public List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses() throws SQLException {
public List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses(String userName) throws SQLException {
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> deviceCountsByConnectivityStatuses = new ArrayList<>();
try {
String sql;
con = this.getConnection();
String sql = "SELECT CONNECTIVITY_STATUS, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " +
if (APIUtil.isDeviceAdminUser()) {
sql = "SELECT CONNECTIVITY_STATUS, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 +
" WHERE TENANT_ID = ? GROUP BY CONNECTIVITY_STATUS";
} else {
sql = "SELECT POLICY__INFO.CONNECTIVITY_STATUS AS CONNECTIVITY_STATUS, " +
"COUNT(POLICY__INFO.DEVICE_ID) AS DEVICE_COUNT FROM "
+ GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO " +
"INNER JOIN DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID " +
" AND POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? GROUP BY POLICY__INFO.CONNECTIVITY_STATUS";
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt.setInt(1, tenantId);
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
}
// executing query
rs = stmt.executeQuery();
// fetching query results
@ -201,6 +248,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
deviceCountByConnectivityStatus.setDeviceCount(rs.getInt("DEVICE_COUNT"));
deviceCountsByConnectivityStatuses.add(deviceCountByConnectivityStatus);
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
@ -208,7 +258,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
}
@Override
public List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities() throws SQLException {
public List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities(String userName) throws SQLException {
// getting non-compliant device count
DeviceCountByGroup nonCompliantDeviceCount = new DeviceCountByGroup();
nonCompliantDeviceCount.setGroup(GadgetDataServiceDAOConstants.PotentialVulnerability.NON_COMPLIANT);
@ -230,10 +280,10 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
private int getNonCompliantDeviceCount() throws SQLException {
ExtendedFilterSet extendedFilterSet = new ExtendedFilterSet();
extendedFilterSet.setPotentialVulnerability(GadgetDataServiceDAOConstants.
PotentialVulnerability.NON_COMPLIANT);
extendedFilterSet.setPotentialVulnerability(GadgetDataServiceDAOConstants.PotentialVulnerability.NON_COMPLIANT);
try {
return this.getFilteredDeviceCount(extendedFilterSet);
String userName = getAuthenticatedUser();
return this.getFilteredDeviceCount(extendedFilterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) {
throw new AssertionError(e);
}
@ -244,14 +294,15 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
extendedFilterSet.setPotentialVulnerability(GadgetDataServiceDAOConstants.
PotentialVulnerability.UNMONITORED);
try {
return this.getFilteredDeviceCount(extendedFilterSet);
String userName = getAuthenticatedUser();
return this.getFilteredDeviceCount(extendedFilterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) {
throw new AssertionError(e);
}
}
@Override
public List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet)
public List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException {
Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet);
@ -259,7 +310,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> filteredDeviceCountsByPlatforms = new ArrayList<>();
try {
con = this.getConnection();
@ -268,16 +319,30 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
// [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? ";
advancedSqlFiltering = advancedSqlFiltering + " AND POLICY__INFO." + column + " = ? ";
}
}
if (APIUtil.isDeviceAdminUser()) {
sql = "SELECT PLATFORM, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ? " + advancedSqlFiltering + "GROUP BY PLATFORM";
DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO WHERE TENANT_ID = ? " + advancedSqlFiltering +
" GROUP BY PLATFORM";
} else {
sql = "SELECT POLICY__INFO.PLATFORM, COUNT(POLICY__INFO.DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND " +
"POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? " + advancedSqlFiltering + " GROUP BY " +
"POLICY__INFO.PLATFORM";
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt.setInt(1, tenantId);
int index = 2;
if (!APIUtil.isDeviceAdminUser()) {
stmt.setString(2, userName);
index = 3;
}
if (filters != null && filters.values().size() > 0) {
int i = 2;
int i = index;
for (Object value : filters.values()) {
if (value instanceof Integer) {
stmt.setInt(i, (Integer) value);
@ -298,6 +363,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceCountByPlatform.setDeviceCount(rs.getInt("DEVICE_COUNT"));
filteredDeviceCountsByPlatforms.add(filteredDeviceCountByPlatform);
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
@ -307,7 +375,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
@Override
public List<DeviceCountByGroup>
getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException {
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) {
throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty.");
@ -318,7 +386,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> filteredDeviceCountsByPlatforms = new ArrayList<>();
try {
con = this.getConnection();
@ -327,18 +395,32 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
// [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? ";
advancedSqlFiltering = advancedSqlFiltering + " AND FEATURE_INFO." + column + " = ? ";
}
}
if (APIUtil.isDeviceAdminUser()) {
sql = "SELECT PLATFORM, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? AND FEATURE_CODE = ? " +
DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO WHERE TENANT_ID = ? AND FEATURE_CODE = ? " +
advancedSqlFiltering + " GROUP BY PLATFORM";
} else {
sql = "SELECT FEATURE_INFO.PLATFORM, COUNT(FEATURE_INFO.DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID " +
" AND FEATURE_INFO.TENANT_ID = ? AND FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? " +
advancedSqlFiltering + " GROUP BY FEATURE_INFO.PLATFORM";
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt.setInt(1, tenantId);
stmt.setString(2, featureCode);
int index = 3;
if (!APIUtil.isDeviceAdminUser()) {
stmt.setString(3, userName);
index = 4;
}
if (filters != null && filters.values().size() > 0) {
int i = 3;
int i = index;
for (Object value : filters.values()) {
if (value instanceof Integer) {
stmt.setInt(i, (Integer) value);
@ -359,6 +441,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceCountByPlatform.setDeviceCount(rs.getInt("DEVICE_COUNT"));
filteredDeviceCountsByPlatforms.add(filteredDeviceCountByPlatform);
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
@ -366,7 +451,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
}
@Override
public List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet)
public List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException {
Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet);
@ -374,7 +459,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> filteredDeviceCountsByOwnershipTypes = new ArrayList<>();
try {
con = this.getConnection();
@ -383,17 +468,29 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
// [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? ";
advancedSqlFiltering = advancedSqlFiltering + " AND POLICY__INFO." + column + " = ? ";
}
}
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT OWNERSHIP, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ? " +
DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO WHERE TENANT_ID = ? " +
advancedSqlFiltering + "GROUP BY OWNERSHIP";
}else{
sql = "SELECT POLICY__INFO.OWNERSHIP, COUNT(POLICY__INFO.DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND POLICY__INFO.TENANT_ID" +
" = ? AND ENR_DB.OWNER = ? " + advancedSqlFiltering + " GROUP BY POLICY__INFO.OWNERSHIP";
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt.setInt(1, tenantId);
int index = 2;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
index = 3;
}
if (filters != null && filters.values().size() > 0) {
int i = 2;
int i = index;
for (Object value : filters.values()) {
if (value instanceof Integer) {
stmt.setInt(i, (Integer) value);
@ -414,6 +511,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceCountByOwnershipType.setDeviceCount(rs.getInt("DEVICE_COUNT"));
filteredDeviceCountsByOwnershipTypes.add(filteredDeviceCountByOwnershipType);
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
@ -423,7 +523,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
@Override
public List<DeviceCountByGroup>
getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException {
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) {
throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty.");
@ -434,7 +534,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> filteredDeviceCountsByOwnershipTypes = new ArrayList<>();
try {
con = this.getConnection();
@ -443,18 +543,31 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
// [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? ";
advancedSqlFiltering = advancedSqlFiltering + " AND FEATURE_INFO." + column + " = ? ";
}
}
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT OWNERSHIP, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? AND FEATURE_CODE = ? " +
DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO WHERE TENANT_ID = ? AND FEATURE_CODE = ? " +
advancedSqlFiltering + "GROUP BY OWNERSHIP";
}else{
sql = "SELECT FEATURE_INFO.OWNERSHIP, COUNT(FEATURE_INFO.DEVICE_ID) AS DEVICE_COUNT FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID AND FEATURE_INFO.TENANT_ID " +
"= ? AND FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? " + advancedSqlFiltering
+ " GROUP BY FEATURE_INFO.OWNERSHIP";
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt.setInt(1, tenantId);
stmt.setString(2, featureCode);
int index = 3;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(3, userName);
index = 4;
}
if (filters != null && filters.values().size() > 0) {
int i = 3;
int i = index;
for (Object value : filters.values()) {
if (value instanceof Integer) {
stmt.setInt(i, (Integer) value);
@ -475,6 +588,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceCountByOwnershipType.setDeviceCount(rs.getInt("DEVICE_COUNT"));
filteredDeviceCountsByOwnershipTypes.add(filteredDeviceCountByOwnershipType);
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
@ -482,7 +598,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
}
@Override
public List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet)
public List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException {
Map<String, Object> filters = this.extractDatabaseFiltersFromBean(extendedFilterSet);
@ -490,25 +606,38 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>();
try {
con = this.getConnection();
String sql;
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ?";
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO WHERE TENANT_ID = ?";
}else{
sql = "SELECT POLICY__INFO.DEVICE_ID, POLICY__INFO.DEVICE_IDENTIFICATION, POLICY__INFO.PLATFORM," +
" POLICY__INFO.OWNERSHIP, POLICY__INFO.CONNECTIVITY_STATUS FROM "+
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1+" POLICY__INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND " +
"POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ?";
}
// appending filters to support advanced filtering options
// [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) {
sql = sql + " AND " + column + " = ?";
sql = sql + " AND POLICY__INFO." + column + " = ?";
}
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt.setInt(1, tenantId);
int index = 2;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
index = 3;
}
if (filters != null && filters.values().size() > 0) {
int i = 2;
int i = index;
for (Object value : filters.values()) {
if (value instanceof Integer) {
stmt.setInt(i, (Integer) value);
@ -531,6 +660,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS"));
filteredDevicesWithDetails.add(filteredDeviceWithDetails);
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
@ -539,7 +671,7 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
@Override
public List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException {
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) {
throw new InvalidFeatureCodeValueException("Feature code should not be either null or empty.");
@ -550,27 +682,40 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>();
try {
con = this.getConnection();
String sql;
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 +
" WHERE TENANT_ID = ? AND FEATURE_CODE = ?";
}else{
sql = "SELECT FEATURE_INFO.DEVICE_ID, FEATURE_INFO.DEVICE_IDENTIFICATION, FEATURE_INFO.PLATFORM, " +
"FEATURE_INFO.OWNERSHIP, FEATURE_INFO.CONNECTIVITY_STATUS FROM "+
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2+" FEATURE_INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID AND FEATURE_INFO.TENANT_ID" +
" = ? AND FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? ";
}
// appending filters to support advanced filtering options
// [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) {
sql = sql + " AND " + column + " = ?";
sql = sql + " AND FEATURE_INFO." + column + " = ?";
}
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt.setInt(1, tenantId);
stmt.setString(2, featureCode);
int index = 3;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(3, userName);
index = 4;
}
if (filters != null && filters.values().size() > 0) {
int i = 3;
int i = index;
for (Object value : filters.values()) {
if (value instanceof Integer) {
stmt.setInt(i, (Integer) value);
@ -593,6 +738,9 @@ public abstract class AbstractGadgetDataServiceDAO implements GadgetDataServiceD
filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS"));
filteredDevicesWithDetails.add(filteredDeviceWithDetails);
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}

@ -30,45 +30,45 @@ import java.util.List;
public interface GadgetDataServiceDAO {
DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet)
DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException;
DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet)
DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet, String userName)
throws InvalidFeatureCodeValueException, SQLException;
DeviceCountByGroup getTotalDeviceCount() throws SQLException;
DeviceCountByGroup getTotalDeviceCount(String userName) throws SQLException;
List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses() throws SQLException;
List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses(String userName) throws SQLException;
List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities() throws SQLException;
List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities(String userName) throws SQLException;
PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount) throws
PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName) throws
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException;
List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet)
List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException;
List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException;
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException;
List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet)
List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException;
List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException;
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException;
PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount)
PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException,
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException;
PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet,
int startIndex, int resultCount) throws InvalidFeatureCodeValueException,
int startIndex, int resultCount, String userName) throws InvalidFeatureCodeValueException,
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException;
List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet)
List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, SQLException;
List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException, SQLException;
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException, SQLException;
}

@ -18,7 +18,8 @@
package org.wso2.carbon.device.mgt.analytics.dashboard.dao.impl;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceWithDetails;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceCountByGroup;
import org.wso2.carbon.device.mgt.analytics.dashboard.bean.BasicFilterSet;
@ -26,7 +27,9 @@ import org.wso2.carbon.device.mgt.analytics.dashboard.bean.ExtendedFilterSet;
import org.wso2.carbon.device.mgt.analytics.dashboard.dao.AbstractGadgetDataServiceDAO;
import org.wso2.carbon.device.mgt.analytics.dashboard.dao.GadgetDataServiceDAOConstants;
import org.wso2.carbon.device.mgt.analytics.dashboard.exception.*;
import org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil;
import java.sql.Connection;
@ -37,10 +40,14 @@ import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import static org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil.getAuthenticatedUserTenantDomainId;
public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO {
private static final Log log = LogFactory.getLog(GenericGadgetDataServiceDAOImpl.class);
@Override
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount)
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName)
throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) {
@ -56,19 +63,33 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceCountByGroup> filteredNonCompliantDeviceCountsByFeatures = new ArrayList<>();
int totalRecordsCount = 0;
try {
String sql;
con = this.getConnection();
String sql = "SELECT FEATURE_CODE, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT FEATURE_CODE, COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? GROUP BY FEATURE_CODE " +
"ORDER BY DEVICE_COUNT DESC LIMIT ?, ?";
}else{
sql = "SELECT FEATURE_INFO.FEATURE_CODE, COUNT(FEATURE_INFO.DEVICE_ID) AS DEVICE_COUNT " +
"FROM "+GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2+" FEATURE_INFO INNER JOIN " +
"DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID AND " +
"FEATURE_INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? GROUP BY FEATURE_INFO.FEATURE_CODE ORDER BY" +
" DEVICE_COUNT DESC LIMIT ?, ?";
}
stmt = con.prepareStatement(sql);
stmt.setInt(1, tenantId);
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
stmt.setInt(3, startIndex);
stmt.setInt(4, resultCount);
}else{
stmt.setInt(2, startIndex);
stmt.setInt(3, resultCount);
}
// executing query
rs = stmt.executeQuery();
// fetching query results
@ -81,19 +102,30 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
filteredNonCompliantDeviceCountsByFeatures.add(filteredNonCompliantDeviceCountByFeature);
}
// fetching total records count
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT COUNT(FEATURE_CODE) AS NON_COMPLIANT_FEATURE_COUNT FROM (SELECT DISTINCT FEATURE_CODE FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ?) " +
"NON_COMPLIANT_FEATURE_CODE";
}else{
sql = "SELECT COUNT(FEATURE_CODE) AS NON_COMPLIANT_FEATURE_COUNT FROM (SELECT DISTINCT " +
"FEATURE_INFO.FEATURE_CODE FROM "+GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2
+" FEATURE_INFO INNER JOIN DM_ENROLMENT ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID " +
"AND FEATURE_INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? ) NON_COMPLIANT_FEATURE_CODE";
}
stmt = con.prepareStatement(sql);
stmt.setInt(1, tenantId);
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
}
// executing query
rs = stmt.executeQuery();
// fetching query results
while (rs.next()) {
totalRecordsCount = rs.getInt("NON_COMPLIANT_FEATURE_COUNT");
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
@ -105,7 +137,7 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
@Override
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex,
int resultCount) throws InvalidPotentialVulnerabilityValueException,
int resultCount, String userName) throws InvalidPotentialVulnerabilityValueException,
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) {
@ -123,7 +155,7 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>();
int totalRecordsCount = 0;
try {
@ -133,17 +165,31 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
// [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? ";
advancedSqlFiltering = advancedSqlFiltering + " AND POLICY__INFO." + column + " = ? ";
}
}
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ? " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO WHERE TENANT_ID = ? " +
advancedSqlFiltering + "ORDER BY DEVICE_ID ASC LIMIT ?, ?";
}else{
sql = "SELECT POLICY__INFO.DEVICE_ID, POLICY__INFO.DEVICE_IDENTIFICATION, POLICY__INFO.PLATFORM, " +
"POLICY__INFO.OWNERSHIP, POLICY__INFO.CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_1 + " POLICY__INFO INNER JOIN DM_ENROLMENT " +
"ENR_DB ON ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND " +
"POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? " + advancedSqlFiltering + " ORDER BY " +
"POLICY__INFO.DEVICE_ID ASC LIMIT ?,?";
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt.setInt(1, tenantId);
int index = 2;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
index = 3;
}
if (filters != null && filters.values().size() > 0) {
int i = 2;
int i = index;
for (Object value : filters.values()) {
if (value instanceof Integer) {
stmt.setInt(i, (Integer) value);
@ -155,8 +201,8 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
stmt.setInt(i, startIndex);
stmt.setInt(++i, resultCount);
} else {
stmt.setInt(2, startIndex);
stmt.setInt(3, resultCount);
stmt.setInt(3, startIndex);
stmt.setInt(4, resultCount);
}
// executing query
rs = stmt.executeQuery();
@ -171,20 +217,28 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS"));
filteredDevicesWithDetails.add(filteredDeviceWithDetails);
}
// fetching total records count
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_1 + " WHERE TENANT_ID = ?";
}else{
sql = "SELECT COUNT(POLICY__INFO.DEVICE_ID) AS DEVICE_COUNT FROM "+GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_1+" POLICY__INFO INNER JOIN DM_ENROLMENT ENR_DB ON " +
"ENR_DB.DEVICE_ID = POLICY__INFO.DEVICE_ID AND POLICY__INFO.TENANT_ID = ? AND ENR_DB.OWNER = ? ";
}
stmt = con.prepareStatement(sql);
stmt.setInt(1, tenantId);
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(2, userName);
}
// executing query
rs = stmt.executeQuery();
// fetching query results
while (rs.next()) {
totalRecordsCount = rs.getInt("DEVICE_COUNT");
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
@ -196,7 +250,7 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
@Override
public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet, int startIndex, int resultCount)
BasicFilterSet basicFilterSet, int startIndex, int resultCount, String userName)
throws InvalidFeatureCodeValueException, InvalidStartIndexValueException,
InvalidResultCountValueException, SQLException {
@ -219,7 +273,7 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
Connection con;
PreparedStatement stmt = null;
ResultSet rs = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
int tenantId = getAuthenticatedUserTenantDomainId();
List<DeviceWithDetails> filteredDevicesWithDetails = new ArrayList<>();
int totalRecordsCount = 0;
try {
@ -229,19 +283,34 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
// [1] appending filter columns, if exist
if (filters != null && filters.size() > 0) {
for (String column : filters.keySet()) {
advancedSqlFiltering = advancedSqlFiltering + "AND " + column + " = ? ";
advancedSqlFiltering = advancedSqlFiltering + "AND FEATURE_INFO." + column + " = ? ";
}
}
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT DEVICE_ID, DEVICE_IDENTIFICATION, PLATFORM, OWNERSHIP, CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 +
" WHERE TENANT_ID = ? AND FEATURE_CODE = ? " + advancedSqlFiltering +
" FEATURE_INFO WHERE TENANT_ID = ? AND FEATURE_CODE = ? " + advancedSqlFiltering +
"ORDER BY DEVICE_ID ASC LIMIT ?, ?";
}else{
sql = "SELECT FEATURE_INFO.DEVICE_ID, FEATURE_INFO.DEVICE_IDENTIFICATION, FEATURE_INFO.PLATFORM, " +
"FEATURE_INFO.OWNERSHIP, FEATURE_INFO.CONNECTIVITY_STATUS FROM " +
GadgetDataServiceDAOConstants.DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO INNER JOIN DM_ENROLMENT " +
"ENR_DB ON ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID " +
" AND FEATURE_INFO.TENANT_ID = ? AND FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? " +
advancedSqlFiltering + " ORDER BY DEVICE_ID ASC LIMIT ?,?";
}
stmt = con.prepareStatement(sql);
// [2] appending filter column values, if exist
stmt.setInt(1, tenantId);
stmt.setString(2, featureCode);
int index = 3;
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(3, userName);
index = 4;
}
if (filters != null && filters.values().size() > 0) {
int i = 3;
int i = index;
for (Object value : filters.values()) {
if (value instanceof Integer) {
stmt.setInt(i, (Integer) value);
@ -253,8 +322,8 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
stmt.setInt(i, startIndex);
stmt.setInt(++i, resultCount);
} else {
stmt.setInt(3, startIndex);
stmt.setInt(4, resultCount);
stmt.setInt(index, startIndex);
stmt.setInt(++index, resultCount);
}
// executing query
rs = stmt.executeQuery();
@ -269,21 +338,30 @@ public class GenericGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDA
filteredDeviceWithDetails.setConnectivityStatus(rs.getString("CONNECTIVITY_STATUS"));
filteredDevicesWithDetails.add(filteredDeviceWithDetails);
}
// fetching total records count
if(APIUtil.isDeviceAdminUser()){
sql = "SELECT COUNT(DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_2 + " WHERE TENANT_ID = ? AND FEATURE_CODE = ?";
}else{
sql = "SELECT COUNT(FEATURE_INFO.DEVICE_ID) AS DEVICE_COUNT FROM " + GadgetDataServiceDAOConstants.
DatabaseView.DEVICES_VIEW_2 + " FEATURE_INFO INNER JOIN DM_ENROLMENT ENR_DB ON " +
"ENR_DB.DEVICE_ID = FEATURE_INFO.DEVICE_ID AND FEATURE_INFO.TENANT_ID = ? AND " +
"FEATURE_INFO.FEATURE_CODE = ? AND ENR_DB.OWNER = ? ";
}
stmt = con.prepareStatement(sql);
stmt.setInt(1, tenantId);
stmt.setString(2, featureCode);
if(!APIUtil.isDeviceAdminUser()){
stmt.setString(3, userName);
}
// executing query
rs = stmt.executeQuery();
// fetching query results
while (rs.next()) {
totalRecordsCount = rs.getInt("DEVICE_COUNT");
}
} catch (DeviceAccessAuthorizationException e) {
String msg = "Error occurred while checking device access authorization";
log.error(msg, e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}

@ -40,7 +40,7 @@ import java.util.Map;
public class MSSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO {
@Override
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount)
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName)
throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) {
@ -104,7 +104,7 @@ public class MSSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO
}
@Override
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount)
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException,
InvalidStartIndexValueException,
InvalidResultCountValueException,
@ -198,7 +198,7 @@ public class MSSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO
@Override
public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet, int startIndex, int resultCount)
BasicFilterSet basicFilterSet, int startIndex, int resultCount, String userName)
throws InvalidFeatureCodeValueException, InvalidStartIndexValueException,
InvalidResultCountValueException, SQLException {

@ -40,7 +40,7 @@ import java.util.Map;
public class OracleGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO {
@Override
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount)
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName)
throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) {
@ -105,7 +105,7 @@ public class OracleGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO
}
@Override
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount)
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException, InvalidStartIndexValueException,
InvalidResultCountValueException, SQLException {
@ -197,7 +197,7 @@ public class OracleGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO
@Override
public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet,
int startIndex, int resultCount) throws InvalidFeatureCodeValueException,
int startIndex, int resultCount, String userName) throws InvalidFeatureCodeValueException,
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) {

@ -40,7 +40,7 @@ import java.util.Map;
public class PostgreSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServiceDAO {
@Override
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount)
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName)
throws InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (startIndex < GadgetDataServiceDAOConstants.Pagination.MIN_START_INDEX) {
@ -105,7 +105,7 @@ public class PostgreSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServic
}
@Override
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount)
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException, InvalidStartIndexValueException,
InvalidResultCountValueException, SQLException {
@ -198,7 +198,7 @@ public class PostgreSQLGadgetDataServiceDAOImpl extends AbstractGadgetDataServic
@Override
public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet,
int startIndex, int resultCount) throws InvalidFeatureCodeValueException,
int startIndex, int resultCount, String userName) throws InvalidFeatureCodeValueException,
InvalidStartIndexValueException, InvalidResultCountValueException, SQLException {
if (featureCode == null || featureCode.isEmpty()) {

@ -36,13 +36,14 @@ import java.util.List;
public class GadgetDataServiceImpl implements GadgetDataService {
@Override
public DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet)
public DeviceCountByGroup getDeviceCount(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException {
DeviceCountByGroup filteredDeviceCount;
try {
GadgetDataServiceDAOFactory.openConnection();
filteredDeviceCount = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getDeviceCount(extendedFilterSet);
getDeviceCount(extendedFilterSet, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -53,13 +54,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
}
@Override
public DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet)
public DeviceCountByGroup getFeatureNonCompliantDeviceCount(String featureCode, BasicFilterSet basicFilterSet, String userName)
throws InvalidFeatureCodeValueException, DataAccessLayerException {
DeviceCountByGroup featureNonCompliantDeviceCount;
try {
GadgetDataServiceDAOFactory.openConnection();
featureNonCompliantDeviceCount = GadgetDataServiceDAOFactory.
getGadgetDataServiceDAO().getFeatureNonCompliantDeviceCount(featureCode, basicFilterSet);
getGadgetDataServiceDAO().getFeatureNonCompliantDeviceCount(featureCode, basicFilterSet, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -70,11 +71,11 @@ public class GadgetDataServiceImpl implements GadgetDataService {
}
@Override
public DeviceCountByGroup getTotalDeviceCount() throws DataAccessLayerException {
public DeviceCountByGroup getTotalDeviceCount(String userName) throws DataAccessLayerException {
DeviceCountByGroup totalDeviceCount;
try {
GadgetDataServiceDAOFactory.openConnection();
totalDeviceCount = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().getTotalDeviceCount();
totalDeviceCount = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().getTotalDeviceCount(userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -85,12 +86,12 @@ public class GadgetDataServiceImpl implements GadgetDataService {
}
@Override
public List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses() throws DataAccessLayerException {
public List<DeviceCountByGroup> getDeviceCountsByConnectivityStatuses(String userName) throws DataAccessLayerException {
List<DeviceCountByGroup> deviceCountsByConnectivityStatuses;
try {
GadgetDataServiceDAOFactory.openConnection();
deviceCountsByConnectivityStatuses = GadgetDataServiceDAOFactory.
getGadgetDataServiceDAO().getDeviceCountsByConnectivityStatuses();
getGadgetDataServiceDAO().getDeviceCountsByConnectivityStatuses(userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -101,12 +102,12 @@ public class GadgetDataServiceImpl implements GadgetDataService {
}
@Override
public List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities() throws DataAccessLayerException {
public List<DeviceCountByGroup> getDeviceCountsByPotentialVulnerabilities(String userName) throws DataAccessLayerException {
List<DeviceCountByGroup> deviceCountsByPotentialVulnerabilities;
try {
GadgetDataServiceDAOFactory.openConnection();
deviceCountsByPotentialVulnerabilities = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getDeviceCountsByPotentialVulnerabilities();
getDeviceCountsByPotentialVulnerabilities(userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -117,14 +118,14 @@ public class GadgetDataServiceImpl implements GadgetDataService {
}
@Override
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount)
public PaginationResult getNonCompliantDeviceCountsByFeatures(int startIndex, int resultCount, String userName)
throws InvalidStartIndexValueException, InvalidResultCountValueException,
DataAccessLayerException {
PaginationResult paginationResult;
try {
GadgetDataServiceDAOFactory.openConnection();
paginationResult = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getNonCompliantDeviceCountsByFeatures(startIndex, resultCount);
getNonCompliantDeviceCountsByFeatures(startIndex, resultCount, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -135,13 +136,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
}
@Override
public List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet)
public List<DeviceCountByGroup> getDeviceCountsByPlatforms(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException {
List<DeviceCountByGroup> deviceCountsByPlatforms;
try {
GadgetDataServiceDAOFactory.openConnection();
deviceCountsByPlatforms = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getDeviceCountsByPlatforms(extendedFilterSet);
getDeviceCountsByPlatforms(extendedFilterSet, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -153,13 +154,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
@Override
public List<DeviceCountByGroup> getFeatureNonCompliantDeviceCountsByPlatforms(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException,
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException {
List<DeviceCountByGroup> featureNonCompliantDeviceCountsByPlatforms;
try {
GadgetDataServiceDAOFactory.openConnection();
featureNonCompliantDeviceCountsByPlatforms = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getFeatureNonCompliantDeviceCountsByPlatforms(featureCode, basicFilterSet);
getFeatureNonCompliantDeviceCountsByPlatforms(featureCode, basicFilterSet, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -170,14 +171,14 @@ public class GadgetDataServiceImpl implements GadgetDataService {
}
@Override
public List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet)
public List<DeviceCountByGroup> getDeviceCountsByOwnershipTypes(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException,
DataAccessLayerException {
List<DeviceCountByGroup> deviceCountsByOwnershipTypes;
try {
GadgetDataServiceDAOFactory.openConnection();
deviceCountsByOwnershipTypes = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getDeviceCountsByOwnershipTypes(extendedFilterSet);
getDeviceCountsByOwnershipTypes(extendedFilterSet, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -189,13 +190,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
@Override
public List<DeviceCountByGroup>
getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode, BasicFilterSet basicFilterSet)
getFeatureNonCompliantDeviceCountsByOwnershipTypes(String featureCode, BasicFilterSet basicFilterSet, String userName)
throws InvalidFeatureCodeValueException, DataAccessLayerException {
List<DeviceCountByGroup> featureNonCompliantDeviceCountsByOwnershipTypes;
try {
GadgetDataServiceDAOFactory.openConnection();
featureNonCompliantDeviceCountsByOwnershipTypes = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getFeatureNonCompliantDeviceCountsByOwnershipTypes(featureCode, basicFilterSet);
getFeatureNonCompliantDeviceCountsByOwnershipTypes(featureCode, basicFilterSet, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -206,14 +207,14 @@ public class GadgetDataServiceImpl implements GadgetDataService {
}
@Override
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount)
public PaginationResult getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, int startIndex, int resultCount, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException,
InvalidStartIndexValueException, InvalidResultCountValueException {
PaginationResult paginationResult;
try {
GadgetDataServiceDAOFactory.openConnection();
paginationResult = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getDevicesWithDetails(extendedFilterSet, startIndex, resultCount);
getDevicesWithDetails(extendedFilterSet, startIndex, resultCount, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -225,14 +226,14 @@ public class GadgetDataServiceImpl implements GadgetDataService {
@Override
public PaginationResult getFeatureNonCompliantDevicesWithDetails(String featureCode, BasicFilterSet basicFilterSet,
int startIndex, int resultCount) throws InvalidFeatureCodeValueException,
int startIndex, int resultCount, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException, InvalidStartIndexValueException,
InvalidResultCountValueException {
PaginationResult paginationResult;
try {
GadgetDataServiceDAOFactory.openConnection();
paginationResult = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getFeatureNonCompliantDevicesWithDetails(featureCode, basicFilterSet, startIndex, resultCount);
getFeatureNonCompliantDevicesWithDetails(featureCode, basicFilterSet, startIndex, resultCount, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -243,13 +244,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
}
@Override
public List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet)
public List<DeviceWithDetails> getDevicesWithDetails(ExtendedFilterSet extendedFilterSet, String userName)
throws InvalidPotentialVulnerabilityValueException, DataAccessLayerException {
List<DeviceWithDetails> devicesWithDetails;
try {
GadgetDataServiceDAOFactory.openConnection();
devicesWithDetails = GadgetDataServiceDAOFactory.
getGadgetDataServiceDAO().getDevicesWithDetails(extendedFilterSet);
getGadgetDataServiceDAO().getDevicesWithDetails(extendedFilterSet, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);
@ -261,13 +262,13 @@ public class GadgetDataServiceImpl implements GadgetDataService {
@Override
public List<DeviceWithDetails> getFeatureNonCompliantDevicesWithDetails(String featureCode,
BasicFilterSet basicFilterSet) throws InvalidFeatureCodeValueException,
BasicFilterSet basicFilterSet, String userName) throws InvalidFeatureCodeValueException,
DataAccessLayerException {
List<DeviceWithDetails> featureNonCompliantDevicesWithDetails;
try {
GadgetDataServiceDAOFactory.openConnection();
featureNonCompliantDevicesWithDetails = GadgetDataServiceDAOFactory.getGadgetDataServiceDAO().
getFeatureNonCompliantDevicesWithDetails(featureCode, basicFilterSet);
getFeatureNonCompliantDevicesWithDetails(featureCode, basicFilterSet, userName);
} catch (SQLException e) {
throw new DataAccessLayerException("Error in either opening a database connection or " +
"accessing the database to fetch corresponding results.", e);

@ -0,0 +1,70 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.analytics.dashboard.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.user.api.UserStoreException;
import java.net.SocketException;
/**
* This class provides utility functions used by REST-API.
*/
public class APIUtil {
private static Log log = LogFactory.getLog(APIUtil.class);
public static String getAuthenticatedUser() {
PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
String username = threadLocalCarbonContext.getUsername();
String tenantDomain = threadLocalCarbonContext.getTenantDomain();
if (username.endsWith(tenantDomain)) {
return username.substring(0, username.lastIndexOf("@"));
}
return username;
}
public static int getAuthenticatedUserTenantDomainId() {
PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
return threadLocalCarbonContext.getTenantId();
}
public static boolean isDeviceAdminUser() throws DeviceAccessAuthorizationException {
return getDeviceAccessAuthorizationService().isDeviceAdminUser();
}
private static DeviceAccessAuthorizationService getDeviceAccessAuthorizationService() {
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
DeviceAccessAuthorizationService deviceAccessAuthorizationService =
(DeviceAccessAuthorizationService) ctx.getOSGiService(DeviceAccessAuthorizationService.class, null);
if (deviceAccessAuthorizationService == null) {
String msg = "DeviceAccessAuthorization service has not initialized.";
log.error(msg);
throw new IllegalStateException(msg);
}
return deviceAccessAuthorizationService;
}
}

@ -38,6 +38,8 @@ import javax.ws.rs.core.Response;
import java.util.ArrayList;
import java.util.List;
import static org.wso2.carbon.device.mgt.analytics.dashboard.util.APIUtil.getAuthenticatedUser;
/**
* This class consists of dashboard related REST APIs
* to be consumed by individual client gadgets such as
@ -82,7 +84,8 @@ public class DashboardImpl implements Dashboard {
// getting total device count
DeviceCountByGroup totalDeviceCount;
try {
totalDeviceCount = gadgetDataService.getTotalDeviceCount();
String userName = getAuthenticatedUser();
totalDeviceCount = gadgetDataService.getTotalDeviceCount(userName);
} catch (DataAccessLayerException e) {
log.error("An internal error occurred while trying to execute relevant data service function " +
"@ Dashboard API layer to retrieve total device count.", e);
@ -100,7 +103,8 @@ public class DashboardImpl implements Dashboard {
// getting device counts by connectivity statuses
List<DeviceCountByGroup> deviceCountsByConnectivityStatuses;
try {
deviceCountsByConnectivityStatuses = gadgetDataService.getDeviceCountsByConnectivityStatuses();
String userName = getAuthenticatedUser();
deviceCountsByConnectivityStatuses = gadgetDataService.getDeviceCountsByConnectivityStatuses(userName);
} catch (DataAccessLayerException e) {
log.error("An internal error occurred while trying to execute relevant data service function " +
"@ Dashboard API layer to retrieve device counts by connectivity statuses.", e);
@ -128,7 +132,8 @@ public class DashboardImpl implements Dashboard {
List<DeviceCountByGroup> deviceCountsByPotentialVulnerabilities;
try {
deviceCountsByPotentialVulnerabilities = gadgetDataService.getDeviceCountsByPotentialVulnerabilities();
String userName = getAuthenticatedUser();
deviceCountsByPotentialVulnerabilities = gadgetDataService.getDeviceCountsByPotentialVulnerabilities(userName);
} catch (DataAccessLayerException e) {
log.error("An internal error occurred while trying to execute relevant data service function " +
"@ Dashboard API layer to retrieve device counts by potential vulnerabilities.", e);
@ -158,8 +163,9 @@ public class DashboardImpl implements Dashboard {
PaginationResult paginationResult;
try {
String userName = getAuthenticatedUser();
paginationResult = gadgetDataService.
getNonCompliantDeviceCountsByFeatures(startIndex, resultCount);
getNonCompliantDeviceCountsByFeatures(startIndex, resultCount, userName);
} catch (InvalidStartIndexValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -210,7 +216,8 @@ public class DashboardImpl implements Dashboard {
// creating device-Counts-by-platforms Data Wrapper
List<DeviceCountByGroup> deviceCountsByPlatforms;
try {
deviceCountsByPlatforms = gadgetDataService.getDeviceCountsByPlatforms(filterSet);
String userName = getAuthenticatedUser();
deviceCountsByPlatforms = gadgetDataService.getDeviceCountsByPlatforms(filterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -232,7 +239,8 @@ public class DashboardImpl implements Dashboard {
// creating device-Counts-by-ownership-types Data Wrapper
List<DeviceCountByGroup> deviceCountsByOwnerships;
try {
deviceCountsByOwnerships = gadgetDataService.getDeviceCountsByOwnershipTypes(filterSet);
String userName = getAuthenticatedUser();
deviceCountsByOwnerships = gadgetDataService.getDeviceCountsByOwnershipTypes(filterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -274,8 +282,9 @@ public class DashboardImpl implements Dashboard {
// creating feature-non-compliant-device-Counts-by-platforms Data Wrapper
List<DeviceCountByGroup> featureNonCompliantDeviceCountsByPlatforms;
try {
String userName = getAuthenticatedUser();
featureNonCompliantDeviceCountsByPlatforms = gadgetDataService.
getFeatureNonCompliantDeviceCountsByPlatforms(nonCompliantFeatureCode, filterSet);
getFeatureNonCompliantDeviceCountsByPlatforms(nonCompliantFeatureCode, filterSet, userName);
} catch (InvalidFeatureCodeValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -299,8 +308,9 @@ public class DashboardImpl implements Dashboard {
// creating feature-non-compliant-device-Counts-by-ownership-types Data Wrapper
List<DeviceCountByGroup> featureNonCompliantDeviceCountsByOwnerships;
try {
String userName = getAuthenticatedUser();
featureNonCompliantDeviceCountsByOwnerships = gadgetDataService.
getFeatureNonCompliantDeviceCountsByOwnershipTypes(nonCompliantFeatureCode, filterSet);
getFeatureNonCompliantDeviceCountsByOwnershipTypes(nonCompliantFeatureCode, filterSet, userName);
} catch (InvalidFeatureCodeValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service function " +
@ -348,7 +358,8 @@ public class DashboardImpl implements Dashboard {
// creating filteredDeviceCount Data Wrapper
DeviceCountByGroup filteredDeviceCount;
try {
filteredDeviceCount = gadgetDataService.getDeviceCount(filterSet);
String userName = getAuthenticatedUser();
filteredDeviceCount = gadgetDataService.getDeviceCount(filterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -365,7 +376,8 @@ public class DashboardImpl implements Dashboard {
// creating TotalDeviceCount Data Wrapper
DeviceCountByGroup totalDeviceCount;
try {
totalDeviceCount = gadgetDataService.getTotalDeviceCount();
String userName = getAuthenticatedUser();
totalDeviceCount = gadgetDataService.getTotalDeviceCount(userName);
} catch (DataAccessLayerException e) {
log.error("An internal error occurred while trying to execute relevant data service function " +
"@ Dashboard API layer to retrieve the total device count over filtered.", e);
@ -405,8 +417,9 @@ public class DashboardImpl implements Dashboard {
// creating featureNonCompliantDeviceCount Data Wrapper
DeviceCountByGroup featureNonCompliantDeviceCount;
try {
String userName = getAuthenticatedUser();
featureNonCompliantDeviceCount = gadgetDataService.
getFeatureNonCompliantDeviceCount(nonCompliantFeatureCode, filterSet);
getFeatureNonCompliantDeviceCount(nonCompliantFeatureCode, filterSet, userName);
} catch (InvalidFeatureCodeValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service function " +
@ -423,7 +436,8 @@ public class DashboardImpl implements Dashboard {
// creating TotalDeviceCount Data Wrapper
DeviceCountByGroup totalDeviceCount;
try {
totalDeviceCount = gadgetDataService.getTotalDeviceCount();
String userName = getAuthenticatedUser();
totalDeviceCount = gadgetDataService.getTotalDeviceCount(userName);
} catch (DataAccessLayerException e) {
log.error("An internal error occurred while trying to execute relevant data service function " +
"@ Dashboard API layer to retrieve the total device count over filtered feature non-compliant.", e);
@ -477,8 +491,9 @@ public class DashboardImpl implements Dashboard {
PaginationResult paginationResult;
try {
String userName = getAuthenticatedUser();
paginationResult = gadgetDataService.
getDevicesWithDetails(filterSet, startIndex, resultCount);
getDevicesWithDetails(filterSet, startIndex, resultCount, userName);
} catch (InvalidPotentialVulnerabilityValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -530,7 +545,8 @@ public class DashboardImpl implements Dashboard {
List<DeviceWithDetails> devicesWithDetails;
try {
devicesWithDetails = gadgetDataService.getDevicesWithDetails(filterSet);
String userName = getAuthenticatedUser();
devicesWithDetails = gadgetDataService.getDevicesWithDetails(filterSet, userName);
} catch (InvalidPotentialVulnerabilityValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -591,9 +607,10 @@ public class DashboardImpl implements Dashboard {
PaginationResult paginationResult;
try {
String userName = getAuthenticatedUser();
paginationResult = gadgetDataService.
getFeatureNonCompliantDevicesWithDetails(nonCompliantFeatureCode,
filterSet, startIndex, resultCount);
filterSet, startIndex, resultCount, userName);
} catch (InvalidFeatureCodeValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " +
@ -648,8 +665,9 @@ public class DashboardImpl implements Dashboard {
List<DeviceWithDetails> featureNonCompliantDevicesWithDetails;
try {
String userName = getAuthenticatedUser();
featureNonCompliantDevicesWithDetails = gadgetDataService.
getFeatureNonCompliantDevicesWithDetails(nonCompliantFeatureCode, filterSet);
getFeatureNonCompliantDevicesWithDetails(nonCompliantFeatureCode, filterSet, userName);
} catch (InvalidFeatureCodeValueException e) {
log.error("Bad request and error occurred @ Gadget Data Service layer due to " +
"invalid (query) parameter value. This was while trying to execute relevant data service " +

Loading…
Cancel
Save