Refactored scopes

4.x.x
mharindu 8 years ago
parent eb5216091e
commit ed4c762bfd

@ -28,18 +28,24 @@ import java.lang.annotation.Target;
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface Permission {
public @interface Scope {
/**
* Represents the scope key which should be unique.
* @return Returns scope key.
*/
String key();
/**
* Represents the scope name.
* @return Returns scope name.
*/
String scope();
String name();
/**
* Represents the associated permissions.
* @return Returns list of permissions.
* Represents the scope description.
* @return Returns scope description.
*/
String[] roles();
String description();
}

@ -1,45 +0,0 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.config;
/**
* This class represents the information related to permissions.
*/
public class PermissionConfiguration {
private String scopeName;
private String[] roles;
public String getScopeName() {
return scopeName;
}
public void setScopeName(String scope) {
this.scopeName = scope;
}
public String[] getRoles() {
return roles;
}
public void setRoles(String[] roles) {
this.roles = roles;
}
}

@ -1,60 +0,0 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.config;
/**
* Custom exception class of Permission related operations.
*/
public class PermissionManagementException extends Exception {
private static final long serialVersionUID = -3151279311929070298L;
private String errorMessage;
public String getErrorMessage() {
return errorMessage;
}
public void setErrorMessage(String errorMessage) {
this.errorMessage = errorMessage;
}
public PermissionManagementException(String msg, Exception nestedEx) {
super(msg, nestedEx);
setErrorMessage(msg);
}
public PermissionManagementException(String message, Throwable cause) {
super(message, cause);
setErrorMessage(message);
}
public PermissionManagementException(String msg) {
super(msg);
setErrorMessage(msg);
}
public PermissionManagementException() {
super();
}
public PermissionManagementException(Throwable cause) {
super(cause);
}
}

@ -23,13 +23,9 @@ import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.api.model.Scope;
import org.wso2.carbon.apimgt.webapp.publisher.APIPublisherUtil;
import org.wso2.carbon.apimgt.webapp.publisher.config.APIResource;
import org.wso2.carbon.apimgt.webapp.publisher.config.APIResourceConfiguration;
import org.wso2.carbon.apimgt.webapp.publisher.config.PermissionConfiguration;
import org.wso2.carbon.apimgt.webapp.publisher.config.PermissionManagementException;
import javax.servlet.ServletContext;
import javax.ws.rs.*;
@ -242,15 +238,9 @@ public class AnnotationProcessor {
Annotation producesAnno = method.getAnnotation(producesClass);
resource.setProduces(invokeMethod(producesClassMethods[0], producesAnno, STRING_ARR));
}
if (annotations[i].annotationType().getName().equals(Permission.class.getName())) {
PermissionConfiguration permissionConf = this.getPermission(method);
if (permissionConf != null) {
Scope scope = new Scope();
scope.setKey(permissionConf.getScopeName());
scope.setDescription(permissionConf.getScopeName());
scope.setName(permissionConf.getScopeName());
String roles = StringUtils.join(permissionConf.getRoles(), ",");
scope.setRoles(roles);
if (annotations[i].annotationType().getName().equals(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName())) {
org.wso2.carbon.apimgt.api.model.Scope scope = this.getScope(method);
if (scope != null) {
resource.setScope(scope);
}
}
@ -348,35 +338,32 @@ public class AnnotationProcessor {
return ((String[]) methodHandler.invoke(annotation, method, null));
}
private PermissionConfiguration getPermission(Method currentMethod) throws Throwable {
Class<Permission> permissionClass = (Class<Permission>) classLoader.loadClass(Permission.class.getName());
Annotation permissionAnnotation = currentMethod.getAnnotation(permissionClass);
if (permissionClass != null) {
Method[] permissionClassMethods = permissionClass.getMethods();
PermissionConfiguration permissionConf = new PermissionConfiguration();
private org.wso2.carbon.apimgt.api.model.Scope getScope(Method currentMethod) throws Throwable {
Class<org.wso2.carbon.apimgt.annotations.api.Scope> scopeClass =
(Class<org.wso2.carbon.apimgt.annotations.api.Scope>) classLoader.
loadClass(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName());
Annotation permissionAnnotation = currentMethod.getAnnotation(scopeClass);
if (scopeClass != null) {
Method[] permissionClassMethods = scopeClass.getMethods();
org.wso2.carbon.apimgt.api.model.Scope scope = new org.wso2.carbon.apimgt.api.model.Scope();
for (Method method : permissionClassMethods) {
switch (method.getName()) {
case "scope":
permissionConf.setScopeName(invokeMethod(method, permissionAnnotation, STRING));
case "key":
scope.setKey(invokeMethod(method, permissionAnnotation, STRING));
break;
case "roles":
String roles[] = invokeMethod(method, permissionAnnotation);
this.addPermission(roles);
permissionConf.setRoles(roles);
case "name":
scope.setName(invokeMethod(method, permissionAnnotation, STRING));
break;
case "description":
scope.setDescription(invokeMethod(method, permissionAnnotation, STRING));
break;
}
}
return permissionConf;
return scope;
}
return null;
}
private void addPermission(String[] permissions) throws PermissionManagementException {
for (String permission : permissions) {
PermissionUtils.addPermission(permission);
}
}
/**
* Find the URL pointing to "/WEB-INF/classes" This method may not work in conjunction with IteratorFactory
* if your servlet container does not extract the /WEB-INF/classes into a real file-based directory

@ -1,91 +0,0 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util;
import org.wso2.carbon.apimgt.webapp.publisher.config.PermissionManagementException;
import org.wso2.carbon.apimgt.webapp.publisher.internal.APIPublisherDataHolder;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.registry.api.RegistryException;
import org.wso2.carbon.registry.api.Resource;
import org.wso2.carbon.registry.core.Registry;
import java.util.StringTokenizer;
/**
* Utility class which holds necessary utility methods required for persisting permissions in
* registry.
*/
public class PermissionUtils {
public static final String ADMIN_PERMISSION_REGISTRY_PATH = "/permission/admin";
public static final String PERMISSION_PROPERTY_NAME = "name";
public static Registry getGovernanceRegistry() throws PermissionManagementException {
try {
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
return APIPublisherDataHolder.getInstance().getRegistryService()
.getGovernanceSystemRegistry(
tenantId);
} catch (RegistryException e) {
throw new PermissionManagementException(
"Error in retrieving governance registry instance: " +
e.getMessage(), e);
}
}
public static void addPermission(String permission) throws PermissionManagementException {
String resourcePermission = getAbsolutePermissionPath(permission);
try {
StringTokenizer tokenizer = new StringTokenizer(resourcePermission, "/");
String lastToken = "", currentToken, tempPath;
while (tokenizer.hasMoreTokens()) {
currentToken = tokenizer.nextToken();
tempPath = lastToken + "/" + currentToken;
if (!checkResourceExists(tempPath)) {
createRegistryCollection(tempPath, currentToken);
}
lastToken = tempPath;
}
} catch (RegistryException e) {
throw new PermissionManagementException("Error occurred while persisting permission : " +
resourcePermission, e);
}
}
public static void createRegistryCollection(String path, String resourceName)
throws PermissionManagementException,
RegistryException {
Resource resource = PermissionUtils.getGovernanceRegistry().newCollection();
resource.addProperty(PERMISSION_PROPERTY_NAME, resourceName);
PermissionUtils.getGovernanceRegistry().beginTransaction();
PermissionUtils.getGovernanceRegistry().put(path, resource);
PermissionUtils.getGovernanceRegistry().commitTransaction();
}
public static boolean checkResourceExists(String path)
throws PermissionManagementException,
org.wso2.carbon.registry.core.exceptions.RegistryException {
return PermissionUtils.getGovernanceRegistry().resourceExists(path);
}
private static String getAbsolutePermissionPath(String permissionPath) {
return PermissionUtils.ADMIN_PERMISSION_REGISTRY_PATH + permissionPath;
}
}

@ -4,7 +4,7 @@ import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.certificate.mgt.jaxrs.beans.ErrorResponse;
import javax.ws.rs.*;
@ -46,7 +46,7 @@ public interface CertificateMgtService {
message = "Internal Server Error. \n Error occurred while retrieving signed certificate.",
response = ErrorResponse.class)
})
@Permission(scope = "sign-csr", roles = {"emm-admin"})
@Scope(key = "certificate:sign-csr", name = "Sign CSR", description = "")
Response getSignedCertFromCSR(
@ApiParam(
name = "If-Modified-Since",

@ -2,7 +2,7 @@ package org.wso2.carbon.certificate.mgt.cert.jaxrs.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse;
@ -77,7 +77,7 @@ public interface CertificateManagementAdminService {
message = "Internal Server Error. \n Server error occurred while adding certificates.",
response = ErrorResponse.class)
})
@Permission(scope = "certificate:add", roles = {"admin"})
@Scope(key = "certificate:write", name = "Add certificates", description = "")
Response addCertificate(
@ApiParam(
name = "enrollmentCertificates",
@ -135,7 +135,7 @@ public interface CertificateManagementAdminService {
"Server error occurred while retrieving information requested certificate.",
response = ErrorResponse.class)
})
@Permission(scope = "certificate:view", roles = {"admin"})
@Scope(key = "certificate:read", name = "View certificates", description = "")
Response getCertificate(
@ApiParam(name = "serialNumber",
value = "Provide the serial number of the certificate that you wish to get the details of",
@ -207,7 +207,7 @@ public interface CertificateManagementAdminService {
"Server error occurred while retrieving all certificates enrolled in the system.",
response = ErrorResponse.class)
})
@Permission(scope = "certificate:view", roles = {"admin"})
@Scope(key = "certificate:read", name = "View certificates", description = "")
Response getAllCertificates(
@ApiParam(
name = "offset",
@ -250,7 +250,7 @@ public interface CertificateManagementAdminService {
message = "Internal Server Error. \n " +
"Server error occurred while removing the certificate.",
response = ErrorResponse.class)})
@Permission(scope = "certificate:modify", roles = {"admin"})
@Scope(key = "certificate:write", name = "Add certificates", description = "")
Response removeCertificate(
@ApiParam(
name = "serialNumber",

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -91,7 +91,7 @@ public interface ActivityInfoProviderService {
message = "Internal Server Error. \n Server error occurred while fetching activity data.",
response = ErrorResponse.class)
})
@Permission(scope = "activity:view", roles = {"admin"})
@Scope(key = "activity:read", name = "View Activities", description = "")
Response getActivity(
@ApiParam(
name = "id",
@ -150,7 +150,7 @@ public interface ActivityInfoProviderService {
message = "Internal Server Error. \n Server error occurred while fetching activity data.",
response = ErrorResponse.class)
})
@Permission(scope = "activity:view", roles = {"admin"})
@Scope(key = "activity:read", name = "View Activities", description = "")
Response getActivities(
@ApiParam(
name = "since",

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -81,7 +81,7 @@ public interface ConfigurationManagementService {
"platform configuration.",
response = ErrorResponse.class)
})
@Permission(scope = "configuration:view", roles = {"admin"})
@Scope(key = "configuration:read", name = "View Configurations", description = "")
Response getConfiguration(
@ApiParam(
name = "If-Modified-Since",
@ -127,7 +127,7 @@ public interface ConfigurationManagementService {
"Server error occurred while modifying general platform configuration.",
response = ErrorResponse.class)
})
@Permission(scope = "configuration:modify", roles = {"admin"})
@Scope(key = "configuration:modify", name = "Modify Configurations", description = "")
Response updateConfiguration(
@ApiParam(
name = "configuration",

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.Feature;
import org.wso2.carbon.device.mgt.common.app.mgt.Application;
@ -91,7 +91,7 @@ public interface DeviceManagementService {
message = "Internal Server Error. \n Server error occurred while fetching the device list.",
response = ErrorResponse.class)
})
@Permission(scope = "device:list", roles = {"admin"})
@Scope(key = "device:read", name = "View Devices", description = "")
Response getDevices(
@ApiParam(
name = "name",
@ -200,7 +200,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving information requested device.",
response = ErrorResponse.class)
})
@Permission(scope = "device:view", roles = {"admin"})
@Scope(key = "device:read", name = "View Devices", description = "")
Response getDevice(
@ApiParam(
name = "type",
@ -280,7 +280,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving feature list of the device.",
response = ErrorResponse.class)
})
@Permission(scope = "device:view", roles = {"admin"})
@Scope(key = "device:read", name = "View Devices", description = "")
Response getFeaturesOfDevice(
@ApiParam(
name = "type",
@ -354,7 +354,7 @@ public interface DeviceManagementService {
"Server error occurred while enrolling the device.",
response = ErrorResponse.class)
})
@Permission(scope = "device:search", roles = {"admin" })
@Scope(key = "device:read", name = "View Devices", description = "")
Response searchDevices(
@ApiParam(
name = "offset",
@ -433,7 +433,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving installed application list of the device.",
response = ErrorResponse.class)
})
@Permission(scope = "device:view", roles = {"admin"})
@Scope(key = "device:read", name = "View Devices", description = "")
Response getInstalledApplications(
@ApiParam(
name = "type",
@ -527,7 +527,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving operation list scheduled for the device.",
response = ErrorResponse.class)
})
@Permission(scope = "device:view", roles = {"admin"})
@Scope(key = "device:read", name = "View Devices", description = "")
Response getDeviceOperations(
@ApiParam(
name = "type",
@ -623,7 +623,7 @@ public interface DeviceManagementService {
response = ErrorResponse.class)
}
)
@Permission(scope = "device:view", roles = {"admin"})
@Scope(key = "device:read", name = "View Devices", description = "")
Response getEffectivePolicyOfDevice(
@ApiParam(
name = "type",
@ -674,6 +674,7 @@ public interface DeviceManagementService {
response = ErrorResponse.class)
}
)
@Scope(key = "device:read", name = "View Devices", description = "")
Response getComplianceDataOfDevice(
@ApiParam(
name = "type",

@ -18,7 +18,7 @@
*/
package org.wso2.carbon.device.mgt.jaxrs.service.api;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup;

@ -20,10 +20,8 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.notification.mgt.Notification;
import org.wso2.carbon.device.mgt.jaxrs.NotificationContext;
import org.wso2.carbon.device.mgt.jaxrs.NotificationList;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -90,7 +88,7 @@ public interface NotificationManagementService {
"\n Server error occurred while fetching the notification list.",
response = ErrorResponse.class)
})
@Permission(scope = "notification:view", roles = {"admin"})
@Scope(key = "notification:read", name = "View and manage notifications", description = "")
Response getNotifications(
@ApiParam(
name = "status",
@ -142,7 +140,7 @@ public interface NotificationManagementService {
message = "Error occurred while updating notification status.")
}
)
@Permission(scope = "notification:view", roles = {"admin"})
@Scope(key = "notification:read", name = "View and manage notifications", description = "")
Response updateNotificationStatus(
@ApiParam(
name = "id",

@ -20,11 +20,11 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper;
import org.wso2.carbon.policy.mgt.common.Policy;
import org.wso2.carbon.device.mgt.jaxrs.beans.PriorityUpdatedPolicyWrapper;
import org.wso2.carbon.policy.mgt.common.Policy;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
@ -99,7 +99,7 @@ public interface PolicyManagementService {
"Server error occurred while adding a new policy.",
response = ErrorResponse.class)
})
@Permission(scope = "policy:add", roles = {"admin"})
@Scope(key = "policy:write", name = "Add policies", description = "")
Response addPolicy(
@ApiParam(
name = "policy",
@ -153,7 +153,7 @@ public interface PolicyManagementService {
"policies."),
response = ErrorResponse.class)
})
@Permission(scope = "policy:list", roles = {"admin"})
@Scope(key = "policy:read", name = "Views policies", description = "")
Response getPolicies(
@ApiParam(
name = "If-Modified-Since",
@ -219,7 +219,7 @@ public interface PolicyManagementService {
"policy.",
response = ErrorResponse.class)
})
@Permission(scope = "policy:view", roles = {"admin"})
@Scope(key = "policy:read", name = "View policies", description = "")
Response getPolicy(
@ApiParam(
name = "id",
@ -283,7 +283,7 @@ public interface PolicyManagementService {
"Server error occurred while updating the policy.",
response = ErrorResponse.class)
})
@Permission(scope = "policy:modify", roles = {"admin"})
@Scope(key = "policy:write", name = "Add policies", description = "")
Response updatePolicy(
@ApiParam(
name = "id",
@ -329,7 +329,7 @@ public interface PolicyManagementService {
"Server error occurred while bulk removing policies.",
response = ErrorResponse.class)
})
@Permission(scope = "policy:modify", roles = {"admin"})
@Scope(key = "policy:write", name = "Add policies", description = "")
Response removePolicies(
@ApiParam(
name = "policyIds",
@ -365,7 +365,7 @@ public interface PolicyManagementService {
message = "ErrorResponse in activating policies.",
response = ErrorResponse.class)
})
@Permission(scope = "policy:add", roles = {"admin"})
@Scope(key = "policy:write", name = "Add policies", description = "")
Response activatePolicies(
@ApiParam(
name = "policyIds",
@ -401,7 +401,7 @@ public interface PolicyManagementService {
message = "ErrorResponse in deactivating policies.",
response = ErrorResponse.class)
})
@Permission(scope = "policy:add", roles = {"admin"})
@Scope(key = "policy:write", name = "Add policies", description = "")
Response deactivatePolicies(
@ApiParam(
name = "policyIds",
@ -434,7 +434,7 @@ public interface PolicyManagementService {
message = "ErrorResponse in deactivating policies.",
response = ErrorResponse.class)
})
@Permission(scope = "policy:add", roles = {"admin"})
@Scope(key = "policy:write", name = "Add policies", description = "")
Response applyChanges();
@ -463,7 +463,7 @@ public interface PolicyManagementService {
message = "Exception in updating policy priorities.",
response = ErrorResponse.class)
})
@Permission(scope = "policy:add", roles = {"admin"})
@Scope(key = "policy:write", name = "Add policies", description = "")
Response updatePolicyPriorities(
@ApiParam(
name = "priorityUpdatedPolicies",

@ -20,7 +20,6 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
@ -77,7 +76,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while fetching requested list of roles.",
response = ErrorResponse.class)
})
@Permission(scope = "role:list", roles = {"admin"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:read", name = "View roles", description = "")
Response getRoles(
@ApiParam(
name = "filter",
@ -159,7 +158,7 @@ public interface RoleManagementService {
message = "Internal Server ErrorResponse. \n Server error occurred while fetching the permission list of the requested role.",
response = ErrorResponse.class)
})
@Permission(scope = "role:scope:read", roles = {"admin"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:read", name = "View roles", description = "")
Response getScopes(
@ApiParam(
name = "If-Modified-Since",
@ -209,7 +208,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while updating the scopes.",
response = ErrorResponse.class)
})
@Permission(scope = "role:scope:write", roles = {"admin"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:add", name = "Add roles", description = "")
Response updateScopes(
@ApiParam(
name = "Scopes",
@ -266,7 +265,7 @@ public interface RoleManagementService {
"requested role.",
response = ErrorResponse.class)
})
@Permission(scope = "role:view", roles = {"admin"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:read", name = "View roles", description = "")
Response getRole(
@ApiParam(
name = "roleName",
@ -326,7 +325,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while adding a new role.",
response = ErrorResponse.class)
})
@Permission(scope = "role:add", roles = {"admin"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:add", name = "Add roles", description = "")
Response addRole(
@ApiParam(
name = "role",
@ -376,7 +375,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while updating the role.",
response = ErrorResponse.class)
})
@Permission(scope = "role:modify", roles = {"admin"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:add", name = "Add roles", description = "")
Response updateRole(
@ApiParam(
name = "roleName",
@ -413,7 +412,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while removing the role.",
response = ErrorResponse.class)
})
@Permission(scope = "role:modify", roles = {"admin"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:add", name = "Add roles", description = "")
Response deleteRole(
@ApiParam(
name = "roleName",
@ -475,7 +474,7 @@ public interface RoleManagementService {
"Server error occurred while updating the user list of the role.",
response = ErrorResponse.class)
})
@Permission(scope = "role:add", roles = {"admin"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:add", name = "Add roles", description = "")
Response updateUsersOfRole(
@ApiParam(
name = "roleName",

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.*;
import javax.ws.rs.*;
@ -83,7 +83,7 @@ public interface UserManagementService {
message = "Internal Server Error. \n Server error occurred while adding a new user.",
response = ErrorResponse.class)
})
@Permission(scope = "user:add", roles = {"admin"})
@Scope(key = "user:write", name = "Add users", description = "")
Response addUser(
@ApiParam(
name = "user",
@ -135,7 +135,7 @@ public interface UserManagementService {
" fetching the requested user.",
response = ErrorResponse.class)
})
@Permission(scope = "user:view", roles = {"admin"})
@Scope(key = "user:read", name = "View users", description = "")
Response getUser(
@ApiParam(
name = "username",
@ -192,7 +192,7 @@ public interface UserManagementService {
"Server error occurred while updating the user.",
response = ErrorResponse.class)
})
@Permission(scope = "user:modify", roles = {"admin"})
@Scope(key = "user:write", name = "Add users", description = "")
Response updateUser(
@ApiParam(
name = "username",
@ -227,7 +227,7 @@ public interface UserManagementService {
response = ErrorResponse.class
)
})
@Permission(scope = "user:modify", roles = {"admin"})
@Scope(key = "user:write", name = "Add users", description = "")
Response removeUser(
@ApiParam(name = "username", value = "Username of the user to be deleted.", required = true)
@PathParam("username") String username);
@ -276,7 +276,7 @@ public interface UserManagementService {
" assigned to the user.",
response = ErrorResponse.class)
})
@Permission(scope = "user:view", roles = {"admin"})
@Scope(key = "user:read", name = "View users", description = "")
Response getRolesOfUser(
@ApiParam(name = "username", value = "Username of the user.", required = true)
@PathParam("username") String username);
@ -319,7 +319,7 @@ public interface UserManagementService {
message = "Internal Server Error. \n Server error occurred while fetching the user list.",
response = ErrorResponse.class)
})
@Permission(scope = "user:list", roles = {"admin"})
@Scope(key = "user:read", name = "View users", description = "")
Response getUsers(
@ApiParam(
name = "filter",
@ -386,7 +386,7 @@ public interface UserManagementService {
"list that matches the given filter.",
response = ErrorResponse.class)
})
@Permission(scope = "user:view", roles = {"admin"})
@Scope(key = "user:read", name = "View users", description = "")
Response getUserNames(
@ApiParam(
name = "filter",
@ -440,7 +440,7 @@ public interface UserManagementService {
"Server error occurred while updating credentials of the user.",
response = ErrorResponse.class)
})
@Permission(scope = "user:modify", roles = {"admin"})
@Scope(key = "user:read", name = "View users", description = "")
Response resetPassword(
@ApiParam(
name = "username",
@ -483,7 +483,7 @@ public interface UserManagementService {
"Server error occurred while updating credentials of the user.",
response = ErrorResponse.class)
})
@Permission(scope = "user:invite", roles = {"admin"})
@Scope(key = "user:write", name = "Add users", description = "")
Response inviteExistingUsersToEnrollDevice(
@ApiParam(
name = "users",

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -74,7 +74,7 @@ public interface ApplicationManagementAdminService {
"a given set of devices.",
response = ErrorResponse.class)
})
@Permission(scope = "application:install", roles = {"admin"})
@Scope(key = "application:manage", name = "Install/Uninstall applications", description = "")
Response installApplication(
@ApiParam(
name = "applicationWrapper",
@ -113,7 +113,7 @@ public interface ApplicationManagementAdminService {
"a given set of devices.",
response = ErrorResponse.class)
})
@Permission(scope = "application:uninstall", roles = {"admin"})
@Scope(key = "application:manage", name = "Install/Uninstall applications", description = "")
Response uninstallApplication(
@ApiParam(
name = "applicationWrapper",

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -84,7 +84,7 @@ public interface DeviceManagementAdminService {
message = "Internal Server Error. \n Server error occurred while fetching the device list.",
response = ErrorResponse.class)
})
@Permission(scope = "device:view", roles = {"admin"})
@Scope(key = "device:admin:read", name = "View Devices", description = "")
Response getDevicesByName(
@ApiParam(
name = "name",

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceTypeList;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -78,7 +78,7 @@ public interface DeviceTypeManagementService {
response = ErrorResponse.class)
}
)
@Permission(scope = "device-types:read", roles = {"admin"})
@Scope(key = "device-type:admin:read", name = "View device types", description = "")
Response getDeviceTypes(
@ApiParam(
name = "If-Modified-Since",

@ -19,7 +19,7 @@
package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.policy.mgt.common.DeviceGroupWrapper;
import javax.ws.rs.*;

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper;
@ -67,7 +67,7 @@ public interface UserManagementAdminService {
"Server error occurred while updating credentials of the user.",
response = ErrorResponse.class)
})
@Permission(scope = "user:modify", roles = {"admin"})
@Scope(key = "user:admin:reset-password", name = "View users", description = "")
Response resetUserPassword(
@ApiParam(
name = "username",

@ -314,6 +314,14 @@ public class RequestValidationUtil {
}
}
public static void validateScopes(List<Scope> scopes) {
if (scopes == null || scopes.isEmpty()) {
throw new InputValidationException(
new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage("Scope details of the request body" +
" is incorrect or empty").build());
}
}
public static void validatePaginationParameters(int offset, int limit) {
if (offset < 0) {
throw new InputValidationException(

Loading…
Cancel
Save