kamidu 8 years ago
commit 1c2d339fed

@ -647,7 +647,14 @@ public interface DeviceManagementService {
required = false,
defaultValue = "5")
@QueryParam("limit")
int limit);
int limit,
@ApiParam(
name = "owner",
value = "Provides the owner of the required device.",
required = true,
defaultValue = "")
@QueryParam("owner")
String owner);
@GET
@Path("/{type}/{id}/effective-policy")

@ -380,10 +380,13 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
@PathParam("id") @Size(max = 45) String id,
@HeaderParam("If-Modified-Since") String ifModifiedSince,
@QueryParam("offset") int offset,
@QueryParam("limit") int limit) {
@QueryParam("limit") int limit,
@QueryParam("owner") String owner) {
OperationList operationsList = new OperationList();
RequestValidationUtil.validateOwnerParameter(owner);
RequestValidationUtil.validatePaginationParameters(offset, limit);
PaginationRequest request = new PaginationRequest(offset, limit);
request.setOwner(owner);
PaginationResult result;
DeviceManagementProviderService dms;
try {

@ -345,4 +345,12 @@ public class RequestValidationUtil {
}
public static void validateOwnerParameter(String owner) {
if (owner == null || owner.isEmpty()) {
throw new InputValidationException(
new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage("Request parameter owner should" +
" be non empty.").build());
}
}
}

@ -307,14 +307,14 @@ public class OperationManagerImpl implements OperationManager {
throws OperationManagementException {
PaginationResult paginationResult = null;
List<Operation> operations = new ArrayList<>();
String owner = request.getOwner();
if (!isActionAuthorized(deviceId)) {
throw new OperationManagementException("User '" + getUser() + "' is not authorized to access the '" +
deviceId.getType() + "' device, which carries the identifier '" +
deviceId.getId() + "'");
deviceId.getId() + "' of owner '" + owner + "'" );
}
EnrolmentInfo enrolmentInfo = this.getEnrolmentInfo(deviceId);
EnrolmentInfo enrolmentInfo = this.getEnrolmentInfo(deviceId, owner);
if (enrolmentInfo == null) {
throw new OperationManagementException("Device not found for given device " +
"Identifier:" + deviceId.getId() + " and given type" +
@ -923,31 +923,33 @@ public class OperationManagerImpl implements OperationManager {
return enrolmentId;
}
private EnrolmentInfo getEnrolmentInfo(DeviceIdentifier deviceId) throws OperationManagementException {
EnrolmentInfo enrolmentInfo;
private EnrolmentInfo getEnrolmentInfo(DeviceIdentifier deviceId, String owner) throws OperationManagementException {
EnrolmentInfo enrolmentInfo = null;
try {
DeviceManagementDAOFactory.openConnection();
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
String user = this.getUser();
enrolmentInfo = deviceDAO.getEnrolment(deviceId, user, tenantId);
if (enrolmentInfo == null) {
DeviceManagementDAOFactory.openConnection();
if (this.isSameUser(user, owner)) {
enrolmentInfo = deviceDAO.getEnrolment(deviceId, owner, tenantId);
} else {
boolean isAdminUser = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isDeviceAdminUser();
if (isAdminUser) {
enrolmentInfo = deviceDAO.getEnrolment(deviceId, tenantId);
enrolmentInfo = deviceDAO.getEnrolment(deviceId, owner, tenantId);
}
//TODO : Add a check for group admin if this fails
}
} catch (DeviceManagementDAOException e) {
throw new OperationManagementException("Error occurred while retrieving enrollment data of '" +
deviceId.getType() + "' device carrying the identifier '" +
deviceId.getId() + "'", e);
deviceId.getId() + "' of owner '" + owner + "'", e);
} catch (SQLException e) {
throw new OperationManagementException(
"Error occurred while opening a connection to the data source", e);
} catch (DeviceAccessAuthorizationException e) {
throw new OperationManagementException("Error occurred while checking the device access permissions for '" +
deviceId.getType() + "' device carrying the identifier '" +
deviceId.getId() + "'", e);
deviceId.getId() + "' of owner '" + owner + "'", e);
} finally {
DeviceManagementDAOFactory.closeConnection();
}
@ -1021,4 +1023,8 @@ public class OperationManagerImpl implements OperationManager {
}
return false;
}
private boolean isSameUser(String user, String owner) {
return user.equalsIgnoreCase(owner);
}
}
Loading…
Cancel
Save