Merge branch 'master' into 'master'

Fix public app installing issue and improve tool-tip texts

## Purpose
> The purpose of this PR is to fix the public app installing issue and improving tool-tip texts.

## Security checks
 - Followed secure coding standards? (yes)
 - Ran FindSecurityBugs plugin and verified report? (yes)
 - Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets? (yes)

See merge request entgra/carbon-device-mgt!365
4.x.x
Saad Sahibjan 5 years ago
commit e612334fd4

@ -1802,6 +1802,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
} }
List<String> appUnrestrictedRoles = this.visibilityDAO.getUnrestrictedRoles(applicationId, tenantId); List<String> appUnrestrictedRoles = this.visibilityDAO.getUnrestrictedRoles(applicationId, tenantId);
List<String> appCategories = this.applicationDAO.getAppCategories(applicationId, tenantId);
List<String> appTags = this.applicationDAO.getAppTags(applicationId, tenantId);
boolean isExistingAppRestricted = !appUnrestrictedRoles.isEmpty(); boolean isExistingAppRestricted = !appUnrestrictedRoles.isEmpty();
boolean isUpdatingAppRestricted = false; boolean isUpdatingAppRestricted = false;
@ -1812,6 +1814,7 @@ public class ApplicationManagerImpl implements ApplicationManager {
if (isExistingAppRestricted && !isUpdatingAppRestricted) { if (isExistingAppRestricted && !isUpdatingAppRestricted) {
visibilityDAO.deleteUnrestrictedRoles(appUnrestrictedRoles, applicationId, tenantId); visibilityDAO.deleteUnrestrictedRoles(appUnrestrictedRoles, applicationId, tenantId);
appUnrestrictedRoles.clear();
} else if (isUpdatingAppRestricted) { } else if (isUpdatingAppRestricted) {
if (!hasUserRole(applicationUpdateWrapper.getUnrestrictedRoles(), userName)) { if (!hasUserRole(applicationUpdateWrapper.getUnrestrictedRoles(), userName)) {
String msg = String msg =
@ -1827,6 +1830,7 @@ public class ApplicationManagerImpl implements ApplicationManager {
if (!isExistingAppRestricted) { if (!isExistingAppRestricted) {
visibilityDAO visibilityDAO
.addUnrestrictedRoles(applicationUpdateWrapper.getUnrestrictedRoles(), applicationId, tenantId); .addUnrestrictedRoles(applicationUpdateWrapper.getUnrestrictedRoles(), applicationId, tenantId);
appUnrestrictedRoles = applicationUpdateWrapper.getUnrestrictedRoles();
} else { } else {
List<String> addingRoleList = getDifference(applicationUpdateWrapper.getUnrestrictedRoles(), List<String> addingRoleList = getDifference(applicationUpdateWrapper.getUnrestrictedRoles(),
applicationDTO.getUnrestrictedRoles()); applicationDTO.getUnrestrictedRoles());
@ -1834,15 +1838,16 @@ public class ApplicationManagerImpl implements ApplicationManager {
applicationUpdateWrapper.getUnrestrictedRoles()); applicationUpdateWrapper.getUnrestrictedRoles());
if (!addingRoleList.isEmpty()) { if (!addingRoleList.isEmpty()) {
visibilityDAO.addUnrestrictedRoles(addingRoleList, applicationId, tenantId); visibilityDAO.addUnrestrictedRoles(addingRoleList, applicationId, tenantId);
appUnrestrictedRoles.addAll(addingRoleList);
} }
if (!removingRoleList.isEmpty()) { if (!removingRoleList.isEmpty()) {
visibilityDAO.deleteUnrestrictedRoles(removingRoleList, applicationId, tenantId); visibilityDAO.deleteUnrestrictedRoles(removingRoleList, applicationId, tenantId);
appUnrestrictedRoles.removeAll(removingRoleList);
} }
} }
} }
applicationDTO.setUnrestrictedRoles(applicationUpdateWrapper.getUnrestrictedRoles());
List<String> updatingAppCategries = applicationUpdateWrapper.getCategories();
List<String> updatingAppCategries = applicationUpdateWrapper.getCategories();
if (updatingAppCategries != null){ if (updatingAppCategries != null){
List<CategoryDTO> allCategories = this.applicationDAO.getAllCategories(tenantId); List<CategoryDTO> allCategories = this.applicationDAO.getAllCategories(tenantId);
List<String> allCategoryName = allCategories.stream().map(CategoryDTO::getCategoryName) List<String> allCategoryName = allCategories.stream().map(CategoryDTO::getCategoryName)
@ -1854,22 +1859,23 @@ public class ApplicationManagerImpl implements ApplicationManager {
throw new BadRequestException(msg); throw new BadRequestException(msg);
} }
List<String> appCategories = this.applicationDAO.getAppCategories(applicationId, tenantId);
List<String> addingAppCategories = getDifference(updatingAppCategries, appCategories); List<String> addingAppCategories = getDifference(updatingAppCategries, appCategories);
List<String> removingAppCategories = getDifference(appCategories, updatingAppCategries); List<String> removingAppCategories = getDifference(appCategories, updatingAppCategries);
if (!addingAppCategories.isEmpty()) { if (!addingAppCategories.isEmpty()) {
List<Integer> categoryIds = this.applicationDAO.getCategoryIdsForCategoryNames(addingAppCategories, tenantId); List<Integer> categoryIds = this.applicationDAO.getCategoryIdsForCategoryNames(addingAppCategories, tenantId);
this.applicationDAO.addCategoryMapping(categoryIds, applicationId, tenantId); this.applicationDAO.addCategoryMapping(categoryIds, applicationId, tenantId);
appCategories.addAll(addingAppCategories);
} }
if (!removingAppCategories.isEmpty()) { if (!removingAppCategories.isEmpty()) {
List<Integer> categoryIds = this.applicationDAO.getCategoryIdsForCategoryNames(removingAppCategories, tenantId); List<Integer> categoryIds = this.applicationDAO.getCategoryIdsForCategoryNames(removingAppCategories, tenantId);
this.applicationDAO.deleteAppCategories(categoryIds, applicationId, tenantId); this.applicationDAO.deleteAppCategories(categoryIds, applicationId, tenantId);
appCategories.removeAll(removingAppCategories);
} }
} }
List<String> updatingAppTags = applicationUpdateWrapper.getTags(); List<String> updatingAppTags = applicationUpdateWrapper.getTags();
if (updatingAppTags!= null){ if (updatingAppTags!= null){
List<String> appTags = this.applicationDAO.getAppTags(applicationId, tenantId);
List<String> addingTagList = getDifference(updatingAppTags, appTags); List<String> addingTagList = getDifference(updatingAppTags, appTags);
List<String> removingTagList = getDifference(appTags, updatingAppTags); List<String> removingTagList = getDifference(appTags, updatingAppTags);
if (!addingTagList.isEmpty()) { if (!addingTagList.isEmpty()) {
@ -1881,10 +1887,12 @@ public class ApplicationManagerImpl implements ApplicationManager {
} }
List<Integer> addingTagIds = this.applicationDAO.getTagIdsForTagNames(addingTagList, tenantId); List<Integer> addingTagIds = this.applicationDAO.getTagIdsForTagNames(addingTagList, tenantId);
this.applicationDAO.addTagMapping(addingTagIds, applicationId, tenantId); this.applicationDAO.addTagMapping(addingTagIds, applicationId, tenantId);
appTags.addAll(addingTagList);
} }
if (!removingTagList.isEmpty()) { if (!removingTagList.isEmpty()) {
List<Integer> removingTagIds = this.applicationDAO.getTagIdsForTagNames(removingTagList, tenantId); List<Integer> removingTagIds = this.applicationDAO.getTagIdsForTagNames(removingTagList, tenantId);
this.applicationDAO.deleteApplicationTags(removingTagIds, applicationId, tenantId); this.applicationDAO.deleteApplicationTags(removingTagIds, applicationId, tenantId);
appTags.removeAll(removingTagList);
} }
} }
if (!applicationDAO.updateApplication(applicationDTO, tenantId)){ if (!applicationDAO.updateApplication(applicationDTO, tenantId)){
@ -1893,6 +1901,10 @@ public class ApplicationManagerImpl implements ApplicationManager {
log.error(msg); log.error(msg);
throw new ApplicationManagementException(msg); throw new ApplicationManagementException(msg);
} }
applicationDTO.setUnrestrictedRoles(appUnrestrictedRoles);
applicationDTO.setAppCategories(appCategories);
applicationDTO.setTags(appTags);
ConnectionManagerUtil.commitDBTransaction(); ConnectionManagerUtil.commitDBTransaction();
return APIUtil.appDtoToAppResponse(applicationDTO); return APIUtil.appDtoToAppResponse(applicationDTO);
} catch (UserStoreException e) { } catch (UserStoreException e) {

@ -336,7 +336,6 @@ public class SubscriptionManagerImpl implements SubscriptionManager {
ApplicationDTO applicationDTO = getApplicationDTO(applicationUUID); ApplicationDTO applicationDTO = getApplicationDTO(applicationUUID);
ApplicationReleaseDTO applicationReleaseDTO = applicationDTO.getApplicationReleaseDTOs().get(0); ApplicationReleaseDTO applicationReleaseDTO = applicationDTO.getApplicationReleaseDTOs().get(0);
//todo need to check application release status if it is not in installable state send forbidden exception
int applicationReleaseId = applicationReleaseDTO.getId(); int applicationReleaseId = applicationReleaseDTO.getId();
if (!ApplicationType.PUBLIC.toString().equals(applicationDTO.getType())) { if (!ApplicationType.PUBLIC.toString().equals(applicationDTO.getType())) {
String msg = "Application type is not public. Hence you can't perform google ent.install operation on " String msg = "Application type is not public. Hence you can't perform google ent.install operation on "
@ -726,6 +725,8 @@ public class SubscriptionManagerImpl implements SubscriptionManager {
log.error(msg); log.error(msg);
throw new ForbiddenException(msg); throw new ForbiddenException(msg);
} }
applicationDTO.setTags(this.applicationDAO.getAppTags(applicationDTO.getId(), tenantId));
applicationDTO.setAppCategories(this.applicationDAO.getAppCategories(applicationDTO.getId(), tenantId));
return applicationDTO; return applicationDTO;
} catch (LifecycleManagementException e) { } catch (LifecycleManagementException e) {
String msg = "Error occured when getting life-cycle state from life-cycle state manager."; String msg = "Error occured when getting life-cycle state from life-cycle state manager.";

@ -26,14 +26,14 @@
<div class="panel-body"> <div class="panel-body">
<h3>About Entgra IoT Server</h3> <h3>About Entgra IoT Server</h3>
<p>Entgra IoT Server 4.0.0 is a complete solution that enables device manufacturers and enterprises to <p>Entgra IoT Server 3.8.0 is a complete solution that enables device manufacturers and enterprises to
connect and manage their devices, build apps, manage events, secure devices and data, and visualize connect and manage their devices, build apps, manage events, secure devices and data, and visualize
sensor data in a scalable manner.</p> sensor data in a scalable manner.</p>
<p>It also offers a complete and secure Enterprise Mobility Management (EMM/MDM) solution that aims to <p>It also offers a complete and secure Enterprise Mobility Management (EMM/MDM) solution that aims to
address mobile computing challenges faced by enterprises today. Supporting iOS, Android, and Windows address mobile computing challenges faced by enterprises today. Supporting iOS, Android, and Windows
devices, it helps organizations deal with both Corporate Owned, Personally Enabled (COPE) and devices, it helps organizations deal with both Corporate Owned, Personally Enabled (COPE) and
employee-owned devices with the Bring Your Own Device (BYOD) concept.</p> employee-owned devices with the Bring Your Own Device (BYOD) concept.</p>
<p>Entgra IoT Server 4.0.0 comes with advanced analytics, enabling users to analyze speed, proximity, and <p>Entgra IoT Server 3.8.0 comes with advanced analytics, enabling users to analyze speed, proximity, and
geo-fencing information of devices including details of those in motion and stationary state.</p> geo-fencing information of devices including details of those in motion and stationary state.</p>
</p> </p>
<h2>Cookie Policy</h2> <h2>Cookie Policy</h2>
@ -45,55 +45,55 @@
apps remember things about you. Other technologies, including Web storage and identifiers associated apps remember things about you. Other technologies, including Web storage and identifiers associated
with your device, may be used for similar purposes. In this policy, we use the term “cookies” to with your device, may be used for similar purposes. In this policy, we use the term “cookies” to
discuss all of these technologies.</p> discuss all of these technologies.</p>
<h3>How does Entgra IoT Server 4.0.0 process cookies?</h3> <h3>How does Entgra IoT Server 3.8.0 process cookies?</h3>
<p>Entgra IoT Server 4.0.0 uses cookies to store and retrieve information on your browser. This <p>Entgra IoT Server 3.8.0 uses cookies to store and retrieve information on your browser. This
information is used to provide a better user experience. Some cookies serve the purpose of allowing a information is used to provide a better user experience. Some cookies serve the purpose of allowing a
user to log in to the system, maintain sessions, and keep track of activities within the login user to log in to the system, maintain sessions, and keep track of activities within the login
session.</p> session.</p>
<p>Some cookies in Entgra IoT Server 4.0.0 are used to personally identify you. However, the cookie <p>Some cookies in Entgra IoT Server 3.8.0 are used to personally identify you. However, the cookie
lifetime ends once your session ends, i.e., after you log-out, or after the session expiry time has lifetime ends once your session ends, i.e., after you log-out, or after the session expiry time has
elapsed.</p> elapsed.</p>
<p>Some cookies are simply used to give you a more personalised web experience, and these cannot be used <p>Some cookies are simply used to give you a more personalised web experience, and these cannot be used
to identify you or your activities personally.</p> to identify you or your activities personally.</p>
<p>This Cookie Policy is part of the IoT Server <a href="{{@app.context}}/privacy-policy">Privacy Policy.</a> <p>This Cookie Policy is part of the IoT Server <a href="{{@app.context}}/privacy-policy">Privacy Policy.</a>
</p> </p>
<h3>What does Entgra IoT Server 3.0.0 use cookies for?</h3> <h3>What does Entgra IoT Server 3.8.0 use cookies for?</h3>
<p>Cookies are used for two purposes in Entgra IoT Server 4.0.0.</p> <p>Cookies are used for two purposes in Entgra IoT Server 3.8.0.</p>
<ol> <ol>
<li>To identify you and provide security</li> <li>To identify you and provide security</li>
<li>To provide a satisfying user experience.</li> <li>To provide a satisfying user experience.</li>
</ol> </ol>
<h4><u>Preferences</u></h4> <h4><u>Preferences</u></h4>
<p>Entgra IoT Server 4.0.0 uses cookies to remember your settings and preferences and to auto-fill the <p>Entgra IoT Server 3.8.0 uses cookies to remember your settings and preferences and to auto-fill the
fields to make your interactions with the site easier.</p> fields to make your interactions with the site easier.</p>
<p>These cookies can not be used to personally identify you.</p> <p>These cookies can not be used to personally identify you.</p>
<h4><u>Security</u></h4> <h4><u>Security</u></h4>
<ol> <ol>
<li>Entgra IoT Server 4.0.0 uses selected cookies to identify and prevent security risks. For example, <li>Entgra IoT Server 3.8.0 uses selected cookies to identify and prevent security risks. For example,
Entgra IoT Server 4.0.0 may use cookies to store your session information to prevent others from Entgra IoT Server 3.8.0 may use cookies to store your session information to prevent others from
changing your password without your username and password. changing your password without your username and password.
</li> </li>
<li>Entgra IoT Server 4.0.0 uses session cookie to maintain your active session.</li> <li>Entgra IoT Server 3.8.0 uses session cookie to maintain your active session.</li>
<li>Entgra IoT Server 4.0.0 may use a temporary cookie when performing multi-factor authentication and <li>Entgra IoT Server 3.8.0 may use a temporary cookie when performing multi-factor authentication and
federated authentication. federated authentication.
</li> </li>
<li>Entgra IoT Server 4.0.0 may use permanent cookies to detect the devices you have logged in <li>Entgra IoT Server 3.8.0 may use permanent cookies to detect the devices you have logged in
previously. This is to to calculate the <b>risk level</b> associated with your current login previously. This is to to calculate the <b>risk level</b> associated with your current login
attempt. Using these cookies protects you and your account from possible attacks. attempt. Using these cookies protects you and your account from possible attacks.
</li> </li>
</ol> </ol>
<h4><u>Performance</u></h4> <h4><u>Performance</u></h4>
<p>Entgra IoT Server 4.0.0 may use cookies to allow <b>Remember Me</b> functionalities.</p> <p>Entgra IoT Server 3.8.0 may use cookies to allow <b>Remember Me</b> functionalities.</p>
<h4><u>Analytics</u></h4> <h4><u>Analytics</u></h4>
<p>Entgra IoT Server 4.0.0 as a product does not use cookies for analytical purposes.</p> <p>Entgra IoT Server 3.8.0 as a product does not use cookies for analytical purposes.</p>
<h4><u>Third party cookies</u></h4> <h4><u>Third party cookies</u></h4>
<p>Using Entgra IoT Server 4.0.0 may cause third-party cookie to be set in your browser. Entgra IoT Server <p>Using Entgra IoT Server 3.8.0 may cause third-party cookie to be set in your browser. Entgra IoT Server
4.0.0 has no control over how any of them operate. The third-party cookies that maybe set 3.8.0 has no control over how any of them operate. The third-party cookies that maybe set
include:</p> include:</p>
<ol> <ol>
<li>Any social login sites. For example, third-party cookies may be set when Entgra IoT Server 4.0.0 <li>Any social login sites. For example, third-party cookies may be set when Entgra IoT Server 3.8.0
is configured to use “social” or “federated” login, and you opt to login with your “Social is configured to use “social” or “federated” login, and you opt to login with your “Social
Account”. Account”.
</li> </li>
@ -101,11 +101,11 @@
</ol> </ol>
<p>Entgra strongly advises you to refer the respective cookie policies of such sites carefully as Entgra has <p>Entgra strongly advises you to refer the respective cookie policies of such sites carefully as Entgra has
no knowledge or use on these cookies.</p> no knowledge or use on these cookies.</p>
<h3>What type of cookies does Entgra IoT Server 4.0.0 use?</h3> <h3>What type of cookies does Entgra IoT Server 3.8.0 use?</h3>
<p>Entgra IoT Server 4.0.0 uses persistent cookies and session cookies. A persistent cookie helps Entgra IS <p>Entgra IoT Server 3.8.0 uses persistent cookies and session cookies. A persistent cookie helps Entgra IS
4.0.0 to recognize you as an existing user so that it is easier to return to Entgra or interact with 3.8.0 to recognize you as an existing user so that it is easier to return to Entgra or interact with
Entgra IS 4.0.0 without signing in again. After you sign in, a persistent cookie stays in your browser Entgra IS 3.8.0 without signing in again. After you sign in, a persistent cookie stays in your browser
and will be read by Entgra IoT Server 4.0.0 when you return to Entgra IoT Server 4.0.0.</p> and will be read by Entgra IoT Server 3.8.0 when you return to Entgra IoT Server 3.8.0.</p>
<p>A session cookie is a cookie that is erased when the user closes the Web browser. The session cookie <p>A session cookie is a cookie that is erased when the user closes the Web browser. The session cookie
is stored in temporarily and is not retained after the browser is closed. Session cookies do not is stored in temporarily and is not retained after the browser is closed. Session cookies do not
collect information from the users computer.</p> collect information from the users computer.</p>
@ -114,9 +114,9 @@
for websites to set cookies, you may worsen your overall user experience since it will no longer be for websites to set cookies, you may worsen your overall user experience since it will no longer be
personalized to you. It may also stop you from saving customized settings like login information. personalized to you. It may also stop you from saving customized settings like login information.
Most likely, disabling cookies will make it unable for you to use authentication and authorization Most likely, disabling cookies will make it unable for you to use authentication and authorization
functionalities offered by Entgra IoT Server 4.0.0.</p> functionalities offered by Entgra IoT Server 3.8.0.</p>
<p>If you have any questions or concerns regarding the use of cookies, please contact the entity or <p>If you have any questions or concerns regarding the use of cookies, please contact the entity or
individuals (or their data protection officer, if applicable) running this Entgra IoT Server 4.0.0 individuals (or their data protection officer, if applicable) running this Entgra IoT Server 3.8.0
instance.</p> instance.</p>
<h3>What are the cookies used?</h3> <h3>What are the cookies used?</h3>
<table class="table table-striped table-bordered"> <table class="table table-striped table-bordered">
@ -150,7 +150,7 @@
</tbody> </tbody>
</table> </table>
<h3>Disclaimer</h3> <h3>Disclaimer</h3>
<p>This cookie policy is only for illustrative purposes of the product Entgra IoT Server 4.0.0. The <p>This cookie policy is only for illustrative purposes of the product Entgra IoT Server 3.8.0. The
content in the policy is technically correct at the time of the product shipment. The content in the policy is technically correct at the time of the product shipment. The
entity,organization or individual that runs this Entgra IoT Server 4.0.0 instance has full authority entity,organization or individual that runs this Entgra IoT Server 4.0.0 instance has full authority
and responsibility with regard to the effective Cookie Policy. Entgra, its employees, partners, and and responsibility with regard to the effective Cookie Policy. Entgra, its employees, partners, and

Loading…
Cancel
Save