diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java index 3838155c1e0..8cafcce4dab 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java @@ -647,7 +647,14 @@ public interface DeviceManagementService { required = false, defaultValue = "5") @QueryParam("limit") - int limit); + int limit, + @ApiParam( + name = "owner", + value = "Provides the owner of the required device.", + required = true, + defaultValue = "") + @QueryParam("owner") + String owner); @GET @Path("/{type}/{id}/effective-policy") diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java index ccea8d9bd4d..6a94902b593 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java @@ -380,10 +380,13 @@ public class DeviceManagementServiceImpl implements DeviceManagementService { @PathParam("id") @Size(max = 45) String id, @HeaderParam("If-Modified-Since") String ifModifiedSince, @QueryParam("offset") int offset, - @QueryParam("limit") int limit) { + @QueryParam("limit") int limit, + @QueryParam("owner") String owner) { OperationList operationsList = new OperationList(); + RequestValidationUtil.validateOwnerParameter(owner); RequestValidationUtil.validatePaginationParameters(offset, limit); PaginationRequest request = new PaginationRequest(offset, limit); + request.setOwner(owner); PaginationResult result; DeviceManagementProviderService dms; try { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/util/RequestValidationUtil.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/util/RequestValidationUtil.java index 00c7a503e29..d6e921c0cad 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/util/RequestValidationUtil.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/util/RequestValidationUtil.java @@ -345,4 +345,12 @@ public class RequestValidationUtil { } + public static void validateOwnerParameter(String owner) { + if (owner == null || owner.isEmpty()) { + throw new InputValidationException( + new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage("Request parameter owner should" + + " be non empty.").build()); + } + } + } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java index 9cffdb5bf89..0b6f4e1997e 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java @@ -307,14 +307,14 @@ public class OperationManagerImpl implements OperationManager { throws OperationManagementException { PaginationResult paginationResult = null; List operations = new ArrayList<>(); - + String owner = request.getOwner(); if (!isActionAuthorized(deviceId)) { throw new OperationManagementException("User '" + getUser() + "' is not authorized to access the '" + deviceId.getType() + "' device, which carries the identifier '" + - deviceId.getId() + "'"); + deviceId.getId() + "' of owner '" + owner + "'" ); } - EnrolmentInfo enrolmentInfo = this.getEnrolmentInfo(deviceId); + EnrolmentInfo enrolmentInfo = this.getEnrolmentInfo(deviceId, owner); if (enrolmentInfo == null) { throw new OperationManagementException("Device not found for given device " + "Identifier:" + deviceId.getId() + " and given type" + @@ -923,31 +923,33 @@ public class OperationManagerImpl implements OperationManager { return enrolmentId; } - private EnrolmentInfo getEnrolmentInfo(DeviceIdentifier deviceId) throws OperationManagementException { - EnrolmentInfo enrolmentInfo; + private EnrolmentInfo getEnrolmentInfo(DeviceIdentifier deviceId, String owner) throws OperationManagementException { + EnrolmentInfo enrolmentInfo = null; try { - DeviceManagementDAOFactory.openConnection(); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); String user = this.getUser(); - enrolmentInfo = deviceDAO.getEnrolment(deviceId, user, tenantId); - if (enrolmentInfo == null) { + DeviceManagementDAOFactory.openConnection(); + if (this.isSameUser(user, owner)) { + enrolmentInfo = deviceDAO.getEnrolment(deviceId, owner, tenantId); + } else { boolean isAdminUser = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). isDeviceAdminUser(); if (isAdminUser) { - enrolmentInfo = deviceDAO.getEnrolment(deviceId, tenantId); + enrolmentInfo = deviceDAO.getEnrolment(deviceId, owner, tenantId); } + //TODO : Add a check for group admin if this fails } } catch (DeviceManagementDAOException e) { throw new OperationManagementException("Error occurred while retrieving enrollment data of '" + deviceId.getType() + "' device carrying the identifier '" + - deviceId.getId() + "'", e); + deviceId.getId() + "' of owner '" + owner + "'", e); } catch (SQLException e) { throw new OperationManagementException( "Error occurred while opening a connection to the data source", e); } catch (DeviceAccessAuthorizationException e) { throw new OperationManagementException("Error occurred while checking the device access permissions for '" + deviceId.getType() + "' device carrying the identifier '" + - deviceId.getId() + "'", e); + deviceId.getId() + "' of owner '" + owner + "'", e); } finally { DeviceManagementDAOFactory.closeConnection(); } @@ -1021,4 +1023,8 @@ public class OperationManagerImpl implements OperationManager { } return false; } + + private boolean isSameUser(String user, String owner) { + return user.equalsIgnoreCase(owner); + } } \ No newline at end of file