From 2cd5a0e65947e01ccb5fc4b0908f58f4f208afc0 Mon Sep 17 00:00:00 2001
From: kamidu <sachithp@wso2.com>
Date: Fri, 9 Sep 2016 11:13:37 +0530
Subject: [PATCH] Enable permission check according to the new permissions

---
 .../app/pages/cdmf.page.policies/policies.js  |   2 +-
 .../cdmf.page.policy.priority/priority.hbs    |  11 +-
 .../cdmf.page.policy.priority/priority.js     |   3 +
 .../units/cdmf.unit.policy.create/create.hbs  | 115 +++---
 .../units/cdmf.unit.policy.create/create.js   |   2 +
 .../app/units/cdmf.unit.policy.edit/edit.hbs  | 377 ++++++++++--------
 .../app/units/cdmf.unit.policy.edit/edit.js   |   8 +-
 .../app/units/cdmf.unit.policy.view/view.hbs  | 138 ++++---
 .../app/units/cdmf.unit.policy.view/view.js   |   1 +
 9 files changed, 362 insertions(+), 295 deletions(-)
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policies/policies.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policies/policies.js
index 884627e70e..a41d4cc69a 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policies/policies.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policies/policies.js
@@ -56,7 +56,7 @@ function onRequest(context) {
         page["noPolicy"] = true;
     }
 
-    if (userModule.isAuthorized("/permission/admin/device-mgt/policies/delete")) {
+    if (userModule.isAuthorized("/permission/admin/device-mgt/policies/manage")) {
         page.managePermitted = true;
     }
     return page;
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policy.priority/priority.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policy.priority/priority.hbs
index 7b1a0775fe..e526b7eaf4 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policy.priority/priority.hbs
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policy.priority/priority.hbs
@@ -38,5 +38,14 @@
 {{/zone}}
 
 {{#zone "content"}}
-    {{unit "cdmf.unit.policy.priority"}}
+    {{#if isAuthorized}}
+        {{unit "cdmf.unit.policy.priority"}}
+    {{else}}
+        <h1 class="page-sub-title">
+            Permission Denied
+        </h1>
+        <br>
+        You not authorized to enter Policy Management Section.
+        <br>
+    {{/if}}
 {{/zone}}
\ No newline at end of file
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policy.priority/priority.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policy.priority/priority.js
index ccc71cc150..76f53e8024 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policy.priority/priority.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policy.priority/priority.js
@@ -26,4 +26,7 @@ function onRequest(context){
             return options.fn(this);
         }
     });
+    var viewModel = {};
+    viewModel.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage");
+    return viewModel;
 }
\ No newline at end of file
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.hbs
index adfadb50ab..6ca4a63285 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.hbs
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.hbs
@@ -16,70 +16,79 @@
   under the License.
 }}
 {{#zone "content"}}
-    <div class="row">
-        <div class="col-md-12">
-            <div class="container col-centered wr-content policy-platform">
-                <div class="wr-form">
-                    <h1 id="policy-platform-page-wizard-title" class="page-sub-title">ADD POLICY</h1>
-                    <hr>
-                    <div id="policy-platform-wizard-steps" class="row wr-wizard">
-                        <div class="col-md-3 col-xs-3">
-                            <div class="itm-wiz itm-wiz-current" data-step="policy-platform">
-                                <div class="wiz-no">1</div>
-                                <div class="wiz-lbl hidden-xs"><span>Select a platform</span></div>
+    {{#if isAuthorized}}
+        <div class="row">
+            <div class="col-md-12">
+                <div class="container col-centered wr-content policy-platform">
+                    <div class="wr-form">
+                        <h1 id="policy-platform-page-wizard-title" class="page-sub-title">ADD POLICY</h1>
+                        <hr>
+                        <div id="policy-platform-wizard-steps" class="row wr-wizard">
+                            <div class="col-md-3 col-xs-3">
+                                <div class="itm-wiz itm-wiz-current" data-step="policy-platform">
+                                    <div class="wiz-no">1</div>
+                                    <div class="wiz-lbl hidden-xs"><span>Select a platform</span></div>
+                                </div>
+                                <br class="c-both"/>
                             </div>
-                            <br class="c-both" />
-                        </div>
-                        <div class="col-md-3 col-xs-3">
-                            <div class="itm-wiz" data-step="policy-profile">
-                                <div class="wiz-no">2</div>
-                                <div class="wiz-lbl hidden-xs"><span>Configure profile</span></div>
+                            <div class="col-md-3 col-xs-3">
+                                <div class="itm-wiz" data-step="policy-profile">
+                                    <div class="wiz-no">2</div>
+                                    <div class="wiz-lbl hidden-xs"><span>Configure profile</span></div>
+                                </div>
+                                <br class="c-both"/>
                             </div>
-                            <br class="c-both" />
-                        </div>
-                        <div class="col-md-3 col-xs-3">
-                            <div class="itm-wiz" data-step="policy-criteria">
-                                <div class="wiz-no">3</div>
-                                <div class="wiz-lbl hidden-xs"><span>Assign</span></div>
+                            <div class="col-md-3 col-xs-3">
+                                <div class="itm-wiz" data-step="policy-criteria">
+                                    <div class="wiz-no">3</div>
+                                    <div class="wiz-lbl hidden-xs"><span>Assign</span></div>
+                                </div>
+                                <br class="c-both"/>
                             </div>
-                            <br class="c-both" />
-                        </div>
-                        <div class="col-md-3 col-xs-3">
-                            <div class="itm-wiz" data-step="policy-naming">
-                                <div class="wiz-no">4</div>
-                                <div class="wiz-lbl hidden-xs"><span>Publish to devices</span></div>
+                            <div class="col-md-3 col-xs-3">
+                                <div class="itm-wiz" data-step="policy-naming">
+                                    <div class="wiz-no">4</div>
+                                    <div class="wiz-lbl hidden-xs"><span>Publish to devices</span></div>
+                                </div>
+                                <br class="c-both"/>
                             </div>
-                            <br class="c-both" />
                         </div>
-                    </div>
-                    <hr>
-                    <div class="row">
-                        <div class="col-lg-12">
-                            <h4>Step 1: Select a platform</h4>
-                            <br>
+                        <hr>
+                        <div class="row">
+                            <div class="col-lg-12">
+                                <h4>Step 1: Select a platform</h4>
+                                <br>
 
-                            <div class="row wr-tile-buttons-list">
-                                <div class="wr-input-control">
-                                    <ul class="tile-buttons row">
-                                        {{#each types}}
-                                            <li class="col-lg-4"
-                                                style="margin-top: 5px;margin-bottom: 5px;">
-                                                <a href="{{@app.context}}/policy/add/{{name}}"
-                                                   class="wizard-stepper">
-                                                    <img src="{{icon}}" width="50px"
-                                                         height="50px"><br><br>
-                                                    <b>{{label}}</b>
-                                                </a>
-                                            </li>
-                                        {{/each}}
-                                    </ul>
+                                <div class="row wr-tile-buttons-list">
+                                    <div class="wr-input-control">
+                                        <ul class="tile-buttons row">
+                                            {{#each types}}
+                                                <li class="col-lg-4"
+                                                    style="margin-top: 5px;margin-bottom: 5px;">
+                                                    <a href="{{@app.context}}/policy/add/{{name}}"
+                                                       class="wizard-stepper">
+                                                        <img src="{{icon}}" width="50px"
+                                                             height="50px"><br><br>
+                                                        <b>{{label}}</b>
+                                                    </a>
+                                                </li>
+                                            {{/each}}
+                                        </ul>
+                                    </div>
                                 </div>
                             </div>
                         </div>
                     </div>
                 </div>
+                <!-- content -->
             </div>
-            <!-- content -->
         </div>
-    </div>
+    {{else}}
+        <h1 class="page-sub-title">
+            Permission Denied
+        </h1>
+        <br>
+        You not authorized to enter Policy Management Section.
+        <br>
+    {{/if}}
 {{/zone}}
\ No newline at end of file
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.js
index 79d41eab85..3f6da52477 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.js
@@ -24,6 +24,8 @@ function onRequest(context) {
     var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
 
     var types = {};
+
+    types.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage");
     types["types"] = [];
     var typesListResponse = deviceModule.getDeviceTypes();
     if (typesListResponse["status"] == "success") {
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.edit/edit.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.edit/edit.hbs
index fbeb8f8eb3..f053c7beea 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.edit/edit.hbs
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.edit/edit.hbs
@@ -1,222 +1,255 @@
 {{#zone "content"}}
-    <div class="row">
-        <div class="col-md-12">
+    {{#if isAuthorized }}
+        <div class="row">
+            <div class="col-md-12">
 
-            <div class="wr-steps hidden">
-                <div class="col-md-3 col-xs-3">
-                    <div class="itm-wiz itm-wiz-current" data-step="policy-profile"><div class="wiz-no">1</div><div class="wiz-lbl hidden-xs"><span>Edit current profile</span></div></div>
-                    <br class="c-both" />
-                </div>
-                <div class="col-md-3 col-xs-3">
-                    <div class="itm-wiz" data-step="policy-criteria"><div class="wiz-no">2</div><div class="wiz-lbl hidden-xs"><span>Edit assignment groups</span></div></div>
-                    <br class="c-both" />
-                </div>
-                <div class="col-md-3 col-xs-3">
-                    <div class="itm-wiz" data-step="policy-naming"><div class="wiz-no">3</div><div class="wiz-lbl hidden-xs"><span>Republish to devices</span></div></div>
-                    <br class="c-both" />
+                <div class="wr-steps hidden">
+                    <div class="col-md-3 col-xs-3">
+                        <div class="itm-wiz itm-wiz-current" data-step="policy-profile">
+                            <div class="wiz-no">1</div>
+                            <div class="wiz-lbl hidden-xs"><span>Edit current profile</span></div>
+                        </div>
+                        <br class="c-both"/>
+                    </div>
+                    <div class="col-md-3 col-xs-3">
+                        <div class="itm-wiz" data-step="policy-criteria">
+                            <div class="wiz-no">2</div>
+                            <div class="wiz-lbl hidden-xs"><span>Edit assignment groups</span></div>
+                        </div>
+                        <br class="c-both"/>
+                    </div>
+                    <div class="col-md-3 col-xs-3">
+                        <div class="itm-wiz" data-step="policy-naming">
+                            <div class="wiz-no">3</div>
+                            <div class="wiz-lbl hidden-xs"><span>Republish to devices</span></div>
+                        </div>
+                        <br class="c-both"/>
+                    </div>
                 </div>
-            </div>
 
-            <div class="container col-centered wr-content policy-message hidden">
-                <div class="wr-form">
-                    <h1 id="policy-message-page-wizard-title" class="page-sub-title">Policy is successfully re-configured.</h1>
-                    <br>Please click <b>"Add Another Policy"</b>, if you wish to add another policy or click
-                    <b>"View policy list"</b> to complete the process and go back to the policy list.
-                    <hr>
-                    <button class="wr-btn wizard-stepper" data-current="policy-message" data-direct="/emm/policies/">
-                        View policy list
-                    </button>
-                    <a href="/emm/policies/add-policy" class="cu-btn-inner">
+                <div class="container col-centered wr-content policy-message hidden">
+                    <div class="wr-form">
+                        <h1 id="policy-message-page-wizard-title" class="page-sub-title">Policy is successfully
+                            re-configured.</h1>
+                        <br>Please click <b>"Add Another Policy"</b>, if you wish to add another policy or click
+                        <b>"View policy list"</b> to complete the process and go back to the policy list.
+                        <hr>
+                        <button class="wr-btn wizard-stepper" data-current="policy-message"
+                                data-direct="/emm/policies/">
+                            View policy list
+                        </button>
+                        <a href="/emm/policies/add-policy" class="cu-btn-inner">
                         <span class="fw-stack">
                             <i class="fw fw-ring fw-stack-2x"></i>
                             <i class="fw fw-add fw-stack-1x"></i>
                         </span>
-                        Add another policy
-                    </a>
+                            Add another policy
+                        </a>
+                    </div>
                 </div>
-            </div>
 
-            <div class="container col-centered wr-content policy-naming hidden">
-                <div class="wr-form">
-                    <h1 id="policy-naming-page-wizard-title" class="page-sub-title">EDIT POLICY</h1>
-                    <hr>
-                    <div id="policy-naming-wizard-steps" class="row wr-wizard"></div>
-                    <hr>
-                    <div class="row">
-                        <div class="col-lg-12">
-                            <h4 class="visible-xs">Step 3: Republish to devices</h4>
-                            <br>
-                            <div id="policy-naming-main-error-msg" class="alert alert-danger hidden" role="alert">
-                                <i class="icon fw fw-error"></i><span></span>
-                            </div>
-                            <div>
-                                <label class="wr-input-label">
-                                    Set a name * to your policy<br>
-                                    ( should be 1-to-30 characters long )
-                                </label>
-                                <div id="policy-name-field" class="form-group wr-input-control">
-                                    <div class="cus-col-50">
-                                        <input id="policy-name-input" class="form-control" type="text" value="" placeholder="[ Required field ]"/>
-                                    </div>
-                                    <br class="c-both"/>
-                                    <span class=" nameError hidden glyphicon glyphicon-remove form-control-feedback"></span>
-                                    <label class="error nameEmpty hidden" for="summary">Policy name is required & Should be be 1-to-30 characters long.</label>
+                <div class="container col-centered wr-content policy-naming hidden">
+                    <div class="wr-form">
+                        <h1 id="policy-naming-page-wizard-title" class="page-sub-title">EDIT POLICY</h1>
+                        <hr>
+                        <div id="policy-naming-wizard-steps" class="row wr-wizard"></div>
+                        <hr>
+                        <div class="row">
+                            <div class="col-lg-12">
+                                <h4 class="visible-xs">Step 3: Republish to devices</h4>
+                                <br>
+                                <div id="policy-naming-main-error-msg" class="alert alert-danger hidden" role="alert">
+                                    <i class="icon fw fw-error"></i><span></span>
                                 </div>
-                                <label class="wr-input-label">
-                                    Add a description
-                                </label>
-                                <div class="wr-input-control">
-                                    <div class="cus-col-50">
-                                        <textarea id="policy-description-input" class="form-control" rows="10" placeholder="[ Optional field ]"></textarea>
+                                <div>
+                                    <label class="wr-input-label">
+                                        Set a name * to your policy<br>
+                                        ( should be 1-to-30 characters long )
+                                    </label>
+                                    <div id="policy-name-field" class="form-group wr-input-control">
+                                        <div class="cus-col-50">
+                                            <input id="policy-name-input" class="form-control" type="text" value=""
+                                                   placeholder="[ Required field ]"/>
+                                        </div>
+                                        <br class="c-both"/>
+                                        <span class=" nameError hidden glyphicon glyphicon-remove form-control-feedback"></span>
+                                        <label class="error nameEmpty hidden" for="summary">Policy name is required &
+                                            Should be be 1-to-30 characters long.</label>
+                                    </div>
+                                    <label class="wr-input-label">
+                                        Add a description
+                                    </label>
+                                    <div class="wr-input-control">
+                                        <div class="cus-col-50">
+                                            <textarea id="policy-description-input" class="form-control" rows="10"
+                                                      placeholder="[ Optional field ]"></textarea>
+                                        </div>
+                                        <br class="c-both"/>
                                     </div>
-                                    <br class="c-both" />
                                 </div>
-                            </div>
-                            <div class="wr-input-control wr-btn-grp">
-                                <a href="#" class="wr-btn wizard-stepper" data-is-back-btn="true" data-current="policy-naming" data-next="policy-criteria">
-                                    Back
-                                </a>
-                                <a href="#" class="wr-btn wizard-stepper" data-current="policy-naming-publish" data-next="policy-message" data-validate="true">
-                                    Save & Publish
-                                </a>
-                                <a href="#" class="wr-btn wizard-stepper" data-current="policy-naming" data-next="policy-message" data-validate="true">
-                                    Save
-                                </a>
+                                <div class="wr-input-control wr-btn-grp">
+                                    <a href="#" class="wr-btn wizard-stepper" data-is-back-btn="true"
+                                       data-current="policy-naming" data-next="policy-criteria">
+                                        Back
+                                    </a>
+                                    <a href="#" class="wr-btn wizard-stepper" data-current="policy-naming-publish"
+                                       data-next="policy-message" data-validate="true">
+                                        Save & Publish
+                                    </a>
+                                    <a href="#" class="wr-btn wizard-stepper" data-current="policy-naming"
+                                       data-next="policy-message" data-validate="true">
+                                        Save
+                                    </a>
 
+                                </div>
                             </div>
                         </div>
                     </div>
                 </div>
-            </div>
 
-            <div class="container col-centered wr-content policy-criteria hidden">
-                <div class="wr-form">
-                    <h1 id="policy-criteria-page-wizard-title" class="page-sub-title">EDIT POLICY</h1>
-                    <hr>
-                    <div id="policy-criteria-wizard-steps" class="row wr-wizard"></div>
-                    <hr>
-                    <div class="row">
-                        <div class="col-lg-12">
-                            <h4 class="visible-xs">Step 2: Edit assignment groups</h4>
-                            <br>
-                            <div id="policy-criteria-main-error-msg" class="alert alert-danger hidden" role="alert">
-                                <i class="icon fw fw-error"></i><span></span>
-                            </div>
-                            <div>
-                                <label class="wr-input-label">
-                                    Set device ownership type
-                                </label>
-                                <div class="wr-input-control">
-                                    <div class="cus-col-50">
-                                        <select id="ownership-input" class="form-control">
-                                            <option value="ANY" selected>ANY</option>
-                                            <option value="BYOD">BYOD (Bring Your Own Device) </option>
-                                            <option value="COPE">COPE (Corporate-Owned, Personally Enabled)</option>
-                                        </select>
-                                    </div>
-                                    <br class="c-both" />
+                <div class="container col-centered wr-content policy-criteria hidden">
+                    <div class="wr-form">
+                        <h1 id="policy-criteria-page-wizard-title" class="page-sub-title">EDIT POLICY</h1>
+                        <hr>
+                        <div id="policy-criteria-wizard-steps" class="row wr-wizard"></div>
+                        <hr>
+                        <div class="row">
+                            <div class="col-lg-12">
+                                <h4 class="visible-xs">Step 2: Edit assignment groups</h4>
+                                <br>
+                                <div id="policy-criteria-main-error-msg" class="alert alert-danger hidden" role="alert">
+                                    <i class="icon fw fw-error"></i><span></span>
                                 </div>
-                                <div class="wr-input-control">
-                                    <label class="wr-input-control radio light">
-                                        <input id="user-roles-radio-btn" type="radio" name="select-users-radio-btn" class="select-users-radio" checked/>
-                                        <span class="helper">&nbsp;Set user role(s)</span>
+                                <div>
+                                    <label class="wr-input-label">
+                                        Set device ownership type
                                     </label>
-                                    <label class="wr-input-control radio light" rel="assetfilter">
-                                        <input id="users-radio-btn" type="radio" name="select-users-radio-btn" class="select-users-radio" />
-                                        <span class="helper">&nbsp;Set user(s)</span>
-                                    </label>
-                                </div>
-                                <div id="user-roles-select-field" class="select-users">
                                     <div class="wr-input-control">
                                         <div class="cus-col-50">
-                                            <select id="user-roles-input" class="form-control select2" multiple="multiple">
+                                            <select id="ownership-input" class="form-control">
                                                 <option value="ANY" selected>ANY</option>
-                                                {{#each roles}}
-                                                    <option>{{this}}</option>
-                                                {{/each}}
+                                                <option value="BYOD">BYOD (Bring Your Own Device)</option>
+                                                <option value="COPE">COPE (Corporate-Owned, Personally Enabled)</option>
                                             </select>
                                         </div>
-                                        <br class="c-both" />
+                                        <br class="c-both"/>
                                     </div>
-                                </div>
-                                <div id="users-select-field" class="select-users">
+                                    <div class="wr-input-control">
+                                        <label class="wr-input-control radio light">
+                                            <input id="user-roles-radio-btn" type="radio" name="select-users-radio-btn"
+                                                   class="select-users-radio" checked/>
+                                            <span class="helper">&nbsp;Set user role(s)</span>
+                                        </label>
+                                        <label class="wr-input-control radio light" rel="assetfilter">
+                                            <input id="users-radio-btn" type="radio" name="select-users-radio-btn"
+                                                   class="select-users-radio"/>
+                                            <span class="helper">&nbsp;Set user(s)</span>
+                                        </label>
+                                    </div>
+                                    <div id="user-roles-select-field" class="select-users">
+                                        <div class="wr-input-control">
+                                            <div class="cus-col-50">
+                                                <select id="user-roles-input" class="form-control select2"
+                                                        multiple="multiple">
+                                                    <option value="ANY" selected>ANY</option>
+                                                    {{#each roles}}
+                                                        <option>{{this}}</option>
+                                                    {{/each}}
+                                                </select>
+                                            </div>
+                                            <br class="c-both"/>
+                                        </div>
+                                    </div>
+                                    <div id="users-select-field" class="select-users">
+                                        <div class="wr-input-control">
+                                            <div class="cus-col-50">
+                                                <select id="users-input" class="form-control select2"
+                                                        multiple="multiple">
+                                                    <option value="ANY" selected>ANY</option>
+                                                    {{#each users}}
+                                                        <option>{{username}}</option>
+                                                    {{/each}}
+                                                </select>
+                                            </div>
+                                            <br class="c-both"/>
+                                        </div>
+                                    </div>
+                                    <br>
+                                    <label class="wr-input-label" title="">
+                                        Set an action upon non-compliance
+                                    </label>
                                     <div class="wr-input-control">
                                         <div class="cus-col-50">
-                                            <select id="users-input" class="form-control select2" multiple="multiple">
-                                                <option value="ANY" selected>ANY</option>
-                                                {{#each users}}
-                                                    <option>{{username}}</option>
-                                                {{/each}}
+                                            <select id="action-input" class="form-control">
+                                                <option value="enforce" data-action="enforce" selected>Enforce</option>
+                                                <option value="warn" data-action="warn">Warn</option>
+                                                <option value="monitor" data-action="monitor">Monitor</option>
                                             </select>
                                         </div>
-                                        <br class="c-both" />
+                                        <br class="c-both"/>
                                     </div>
                                 </div>
-                                <br>
-                                <label class="wr-input-label" title="">
-                                    Set an action upon non-compliance
-                                </label>
-                                <div class="wr-input-control">
-                                    <div class="cus-col-50">
-                                        <select id="action-input" class="form-control">
-                                            <option value="enforce" data-action="enforce" selected>Enforce</option>
-                                            <option value="warn" data-action="warn">Warn</option>
-                                            <option value="monitor" data-action="monitor">Monitor</option>
-                                        </select>
-                                    </div>
-                                    <br class="c-both" />
+                                <div class="wr-input-control wr-btn-grp">
+                                    <a href="#" class="wr-btn wizard-stepper" data-is-back-btn="true"
+                                       data-current="policy-criteria" data-next="policy-profile">
+                                        Back
+                                    </a>
+                                    <a href="#" class="wr-btn wizard-stepper" data-current="policy-criteria"
+                                       data-next="policy-naming" data-validate="true">
+                                        Continue
+                                    </a>
                                 </div>
                             </div>
-                            <div class="wr-input-control wr-btn-grp">
-                                <a href="#" class="wr-btn wizard-stepper" data-is-back-btn="true" data-current="policy-criteria" data-next="policy-profile">
-                                    Back
-                                </a>
-                                <a href="#" class="wr-btn wizard-stepper" data-current="policy-criteria" data-next="policy-naming" data-validate="true">
-                                    Continue
-                                </a>
-                            </div>
                         </div>
                     </div>
                 </div>
-            </div>
 
-            <div class="container col-centered wr-content policy-profile">
-                <div class="wr-form">
-                    <h1 id="policy-profile-page-wizard-title" class="page-sub-title">EDIT POLICY</h1>
-                    <hr>
-                    <div id="policy-profile-wizard-steps" class="row wr-wizard"></div>
-                    <hr>
-                    <div class="row">
-                        <div class="col-lg-12">
-                            <h4 class="visible-xs">Step 1: Edit current profile</h4>
-                            <br>
-                            <div id="policy-profile-main-error-msg" class="alert alert-danger hidden" role="alert">
-                                <i class="icon fw fw-error"></i><span></span>
-                            </div>
-                            <div class="wr-advance-operations">
-                                <div class="wr-advance-operations-init">
-                                    <br>
-                                    &nbsp;&nbsp;
-                                    <i class="fw fw-settings fw-spin fw-2x"></i>
-                                    &nbsp;Loading platform features . . .
-                                    <br>
-                                    <br>
+                <div class="container col-centered wr-content policy-profile">
+                    <div class="wr-form">
+                        <h1 id="policy-profile-page-wizard-title" class="page-sub-title">EDIT POLICY</h1>
+                        <hr>
+                        <div id="policy-profile-wizard-steps" class="row wr-wizard"></div>
+                        <hr>
+                        <div class="row">
+                            <div class="col-lg-12">
+                                <h4 class="visible-xs">Step 1: Edit current profile</h4>
+                                <br>
+                                <div id="policy-profile-main-error-msg" class="alert alert-danger hidden" role="alert">
+                                    <i class="icon fw fw-error"></i><span></span>
+                                </div>
+                                <div class="wr-advance-operations">
+                                    <div class="wr-advance-operations-init">
+                                        <br>
+                                        &nbsp;&nbsp;
+                                        <i class="fw fw-settings fw-spin fw-2x"></i>
+                                        &nbsp;Loading platform features . . .
+                                        <br>
+                                        <br>
+                                    </div>
+                                </div>
+                                <div class="wr-input-control wr-btn-grp">
+                                    <a href="#" class="wr-btn wizard-stepper" data-current="policy-profile"
+                                       data-next="policy-criteria" data-validate="true">
+                                        Continue
+                                    </a>
                                 </div>
-                            </div>
-                            <div class="wr-input-control wr-btn-grp">
-                                <a href="#" class="wr-btn wizard-stepper" data-current="policy-profile" data-next="policy-criteria" data-validate="true">
-                                    Continue
-                                </a>
                             </div>
                         </div>
                     </div>
                 </div>
-            </div>
 
-            <!-- content -->
+                <!-- content -->
 
+            </div>
         </div>
-    </div>
+    {{else}}
+        <h1 class="page-sub-title">
+            Permission Denied
+        </h1>
+        <br>
+        You not authorized to enter Policy Management Section.
+        <br>
+    {{/if}}
 {{/zone}}
 {{#zone "bottomJs"}}
     <!--suppress HtmlUnknownTarget -->
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.edit/edit.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.edit/edit.js
index dfb1cbe953..fef29ec473 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.edit/edit.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.edit/edit.js
@@ -24,13 +24,13 @@ function onRequest(context) {
 
     var rolesResult = userModule.getRoles();
     if (rolesResult.status == "success") {
-        context.roles = rolesResult.content;
+        viewModel.roles = rolesResult.content;
     }
 
     var usersResult = userModule.getUsers();
     if (usersResult.status == "success") {
-        context.users = usersResult.content;
+        viewModel.users = usersResult.content;
     }
-
-    return context;
+    viewModel.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage");
+    return viewModel;
 }
\ No newline at end of file
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.view/view.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.view/view.hbs
index b7f2adf56d..ea2b91a78c 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.view/view.hbs
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.view/view.hbs
@@ -1,77 +1,87 @@
 {{#zone "content"}}
-    {{#defineZone "policy-profile-top"}}
-        <div class="row wr-device-board">
-            <div class="col-lg-12 wr-secondary-bar">
-                <label id="policy-heading" class="device-id device-select">
-                </label>
+    {{#if isAuthorized}}
+        {{#defineZone "policy-profile-top"}}
+            <div class="row wr-device-board">
+                <div class="col-lg-12 wr-secondary-bar">
+                    <label id="policy-heading" class="device-id device-select">
+                    </label>
+                </div>
             </div>
-        </div>
-    {{/defineZone}}
+        {{/defineZone}}
 
-    <!-- #page-content-wrapper -->
-    <div class="page-content-wrapper">
-        <div class="row no-gutter add-padding-5x add-margin-top-5x" style="border: 1px solid #e4e4e4;">
-            <div class="media">
-                <div class="media-body asset-desc add-padding-left-5x">
-                    <div style="background: #11375B; color: #fff; padding: 10px; margin-bottom: 5px">
-                        Policy Overview
-                    </div>
-                    {{#defineZone "policy-detail-properties"}}
-                        <table class="table table-responsive table-striped" id="members">
-                            <tbody>
-                            <tr role="row" class="even">
-                                <td class="sorting_1" style="padding:10px 15px; width: 14%;">Platform</td>
-                                <td id="policy-platform" style="padding:10px 15px;"></td>
-                            </tr>
-                            <tr role="row" class="odd">
-                                <td class="sorting_1" style="padding:10px 15px;">Ownership</td>
-                                <td id="policy-assignment" style="padding:10px 15px;"></td>
-                            </tr>
-                            <tr role="row" class="even">
-                                <td class="sorting_1" style="padding:10px 15px;">Action upon non-compliance</td>
-                                <td id="policy-action" style="padding:10px 15px;"></td>
-                            </tr>
-                            <tr role="row" class="even">
-                                <td class="sorting_1" style="padding:10px 15px;">Status</td>
-                                <td id="policy-status" style="padding:10px 15px;"></td>
-                            </tr>
-                            <tr role="row" id="users-row" class="even">
-                                <td class="sorting_1" style="padding:10px 15px;">Assigned Users</td>
-                                <td id="policy-users" style="padding:10px 15px;"></td>
-                            </tr>
-                            <tr role="row" id="roles-row" class="even">
-                                <td class="sorting_1" style="padding:10px 15px;">Assigned Roles</td>
-                                <td id="policy-roles" style="padding:10px 15px;"></td>
-                            </tr>
-                            </tbody>
-                        </table>
-                    {{/defineZone}}
-                    <div style="background: #11375B; color: #fff; padding: 10px; margin-bottom: 5px">Description</div>
-                    <div class="add-margin-top-4x">
-                        <div id="policy-description" class="panel-title-description"></div>
-                    </div>
-                    <br>
-                    <div style="background: #11375B; color: #fff; padding: 10px; margin-bottom: 5px">
-                        Profile Information
-                    </div>
-                    <div class="add-margin-top-4x">
-                        <div id="policy-profile-main-error-msg" class="alert alert-danger hidden" role="alert">
-                            <i class="icon fw fw-error"></i><span></span>
+        <!-- #page-content-wrapper -->
+        <div class="page-content-wrapper">
+            <div class="row no-gutter add-padding-5x add-margin-top-5x" style="border: 1px solid #e4e4e4;">
+                <div class="media">
+                    <div class="media-body asset-desc add-padding-left-5x">
+                        <div style="background: #11375B; color: #fff; padding: 10px; margin-bottom: 5px">
+                            Policy Overview
                         </div>
-                        <div class="wr-advance-operations">
-                            <div class="wr-advance-operations-init">
-                                <br>
-                                <i class="fw fw-settings fw-spin fw-2x"></i>
-                                Loading platform features . . .
-                                <br>
-                                <br>
+                        {{#defineZone "policy-detail-properties"}}
+                            <table class="table table-responsive table-striped" id="members">
+                                <tbody>
+                                <tr role="row" class="even">
+                                    <td class="sorting_1" style="padding:10px 15px; width: 14%;">Platform</td>
+                                    <td id="policy-platform" style="padding:10px 15px;"></td>
+                                </tr>
+                                <tr role="row" class="odd">
+                                    <td class="sorting_1" style="padding:10px 15px;">Ownership</td>
+                                    <td id="policy-assignment" style="padding:10px 15px;"></td>
+                                </tr>
+                                <tr role="row" class="even">
+                                    <td class="sorting_1" style="padding:10px 15px;">Action upon non-compliance</td>
+                                    <td id="policy-action" style="padding:10px 15px;"></td>
+                                </tr>
+                                <tr role="row" class="even">
+                                    <td class="sorting_1" style="padding:10px 15px;">Status</td>
+                                    <td id="policy-status" style="padding:10px 15px;"></td>
+                                </tr>
+                                <tr role="row" id="users-row" class="even">
+                                    <td class="sorting_1" style="padding:10px 15px;">Assigned Users</td>
+                                    <td id="policy-users" style="padding:10px 15px;"></td>
+                                </tr>
+                                <tr role="row" id="roles-row" class="even">
+                                    <td class="sorting_1" style="padding:10px 15px;">Assigned Roles</td>
+                                    <td id="policy-roles" style="padding:10px 15px;"></td>
+                                </tr>
+                                </tbody>
+                            </table>
+                        {{/defineZone}}
+                        <div style="background: #11375B; color: #fff; padding: 10px; margin-bottom: 5px">Description
+                        </div>
+                        <div class="add-margin-top-4x">
+                            <div id="policy-description" class="panel-title-description"></div>
+                        </div>
+                        <br>
+                        <div style="background: #11375B; color: #fff; padding: 10px; margin-bottom: 5px">
+                            Profile Information
+                        </div>
+                        <div class="add-margin-top-4x">
+                            <div id="policy-profile-main-error-msg" class="alert alert-danger hidden" role="alert">
+                                <i class="icon fw fw-error"></i><span></span>
+                            </div>
+                            <div class="wr-advance-operations">
+                                <div class="wr-advance-operations-init">
+                                    <br>
+                                    <i class="fw fw-settings fw-spin fw-2x"></i>
+                                    Loading platform features . . .
+                                    <br>
+                                    <br>
+                                </div>
                             </div>
                         </div>
                     </div>
                 </div>
             </div>
         </div>
-    </div>
+    {{else}}
+        <h1 class="page-sub-title">
+            Permission Denied
+        </h1>
+        <br>
+        You not authorized to enter Policy Management Section.
+        <br>
+    {{/if}}
 {{/zone}}
 {{#zone "bottomJs"}}
     <!--suppress HtmlUnknownTarget -->
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.view/view.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.view/view.js
index 2d2a438263..e8247821b6 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.view/view.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.view/view.js
@@ -21,5 +21,6 @@ function onRequest(context) {
 
 //    var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
 //    context.roles = userModule.getRoles();
+    context.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/view");
     return context;
 }
\ No newline at end of file

Platform
Ownership
Action upon non-compliance
Status
Assigned Users
Assigned Roles