Adding permissions checking for isAuthorized

components/iot-plugins/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.api/src/main/java/org/wso2/carbon/device/mgt/iot/virtualfirealarm/service/impl/VirtualFireAlarmControllerServiceImpl.java

@@ -27,18 +27,19 @@ import org.wso2.carbon.apimgt.annotations.api.Permission;
 import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
 import org.wso2.carbon.device.mgt.common.DeviceManagementException;
 import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
+import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants;
 import org.wso2.carbon.device.mgt.iot.controlqueue.mqtt.MqttConfig;
 import org.wso2.carbon.device.mgt.iot.controlqueue.xmpp.XmppConfig;
 import org.wso2.carbon.device.mgt.iot.service.IoTServerStartupListener;
 import org.wso2.carbon.device.mgt.iot.transport.TransportHandlerException;
+import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.constants.VirtualFireAlarmConstants;
 import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.dto.DeviceData;
-import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.transport.VirtualFireAlarmXMPPConnector;
-import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.util.SecurityManager;
 import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.dto.SensorRecord;
 import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.transport.VirtualFireAlarmMQTTConnector;
+import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.transport.VirtualFireAlarmXMPPConnector;
 import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.util.APIUtil;
+import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.util.SecurityManager;
 import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.util.VirtualFireAlarmServiceUtils;
-import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.constants.VirtualFireAlarmConstants;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.Consumes;
@@ -72,7 +73,7 @@ public class VirtualFireAlarmControllerServiceImpl implements VirtualFireAlarmCo
     // holds a mapping of the IP addresses to Device-IDs for HTTP communication
     private ConcurrentHashMap<String, String> deviceToIpMap = new ConcurrentHashMap<>();
 
-    @Permission(scope = "virtual_firealarm_user", permissions = {"device-mgt/virtual_firealarm/user"})
+    @Permission(scope = "virtual_firealarm_user", permissions = { "device-mgt/virtual_firealarm/user" })
     @POST
     @Path("device/register/{deviceId}/{ip}/{port}")
     public Response registerDeviceIP(@PathParam("deviceId") String deviceId, @PathParam("ip") String deviceIP,
@@ -107,8 +108,9 @@ public class VirtualFireAlarmControllerServiceImpl implements VirtualFireAlarmCo
                       protocolString);
         }
         try {
-            if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
+            if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(
-                                                                VirtualFireAlarmConstants.DEVICE_TYPE))) {
+                    new DeviceIdentifier(deviceId, VirtualFireAlarmConstants.DEVICE_TYPE),
+                    DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS)) {
                 return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
             }
             switch (protocolString) {
@@ -155,8 +157,8 @@ public class VirtualFireAlarmControllerServiceImpl implements VirtualFireAlarmCo
             return Response.status(Response.Status.CONFLICT).build();
         }
         try {
-            if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
+            if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(
-                VirtualFireAlarmConstants.DEVICE_TYPE))) {
+                    new DeviceIdentifier(deviceId, VirtualFireAlarmConstants.DEVICE_TYPE))) {
                 return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
             }
             if (!VirtualFireAlarmServiceUtils.publishToDAS(dataMsg.deviceId, dataMsg.value)) {
@@ -175,33 +177,34 @@ public class VirtualFireAlarmControllerServiceImpl implements VirtualFireAlarmCo
     @Produces("application/json")
     public Response getVirtualFirealarmStats(@PathParam("deviceId") String deviceId, @QueryParam("from") long from,
                                              @QueryParam("to") long to) {
-            String fromDate = String.valueOf(from);
+        String fromDate = String.valueOf(from);
-            String toDate = String.valueOf(to);
+        String toDate = String.valueOf(to);
-            String query = "deviceId:" + deviceId + " AND deviceType:" +
+        String query = "deviceId:" + deviceId + " AND deviceType:" +
-                           VirtualFireAlarmConstants.DEVICE_TYPE + " AND time : [" + fromDate + " TO " + toDate + "]";
+                VirtualFireAlarmConstants.DEVICE_TYPE + " AND time : [" + fromDate + " TO " + toDate + "]";
-            String sensorTableName = VirtualFireAlarmConstants.TEMPERATURE_EVENT_TABLE;
+        String sensorTableName = VirtualFireAlarmConstants.TEMPERATURE_EVENT_TABLE;
-            try {
+        try {
-                if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
+            if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(
-                        VirtualFireAlarmConstants.DEVICE_TYPE))) {
+                    new DeviceIdentifier(deviceId, VirtualFireAlarmConstants.DEVICE_TYPE),
-                    return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
+                    DeviceGroupConstants.Permissions.DEFAULT_STATS_MONITOR_PERMISSIONS)) {
-                }
+                return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
-                if (sensorTableName != null) {
-                    List<SortByField> sortByFields = new ArrayList<>();
-                    SortByField sortByField = new SortByField("time", SORT.ASC, false);
-                    sortByFields.add(sortByField);
-                    List<SensorRecord> sensorRecords = APIUtil.getAllEventsForDevice(sensorTableName, query, sortByFields);
-                    return Response.status(Response.Status.OK.getStatusCode()).entity(sensorRecords).build();
-                }
-            } catch (AnalyticsException e) {
-                String errorMsg = "Error on retrieving stats on table " + sensorTableName + " with query " + query;
-                log.error(errorMsg);
-                return Response.status(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode()).entity(errorMsg).build();
-            } catch (DeviceAccessAuthorizationException e) {
-                log.error(e.getErrorMessage(), e);
-                return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
             }
-            return Response.status(Response.Status.BAD_REQUEST).build();
+            if (sensorTableName != null) {
+                List<SortByField> sortByFields = new ArrayList<>();
+                SortByField sortByField = new SortByField("time", SORT.ASC, false);
+                sortByFields.add(sortByField);
+                List<SensorRecord> sensorRecords = APIUtil.getAllEventsForDevice(sensorTableName, query, sortByFields);
+                return Response.status(Response.Status.OK.getStatusCode()).entity(sensorRecords).build();
+            }
+        } catch (AnalyticsException e) {
+            String errorMsg = "Error on retrieving stats on table " + sensorTableName + " with query " + query;
+            log.error(errorMsg);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode()).entity(errorMsg).build();
+        } catch (DeviceAccessAuthorizationException e) {
+            log.error(e.getErrorMessage(), e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
         }
+        return Response.status(Response.Status.BAD_REQUEST).build();
+    }
 
     private boolean waitForServerStartup() {
         while (!IoTServerStartupListener.isServerReady()) {