From 250ce1f77c7f1329651ebc8b51588894c4643958 Mon Sep 17 00:00:00 2001 From: ayyoob Date: Thu, 21 Jul 2016 20:14:43 +0530 Subject: [PATCH 01/14] added device mgt grant types --- .../DeviceAccessAuthorizationServiceImpl.java | 9 +- .../pom.xml | 29 +- .../oauth/extensions/DeviceRequestDTO.java | 30 ++ .../mgt/oauth/extensions/OAuthExtUtils.java | 126 +++++-- .../mgt/oauth/extensions/config/Action.java | 90 +++++ .../extensions/config/DeviceMgtScopes.java | 67 ++++ .../config/DeviceMgtScopesConfig.java | 67 ++++ ...MgtScopesConfigurationFailedException.java | 44 +++ .../oauth/extensions/config/Permissions.java | 78 +++++ .../mgt/oauth/extensions/constants.java | 13 + ...tendedDeviceMgtJWTBearerGrantHandler.java} | 4 +- ...ExtendedDeviceMgtPasswordGrantHandler.java | 62 ++++ .../grant/ExtendedPasswordGrantHandler.java | 328 ------------------ .../OAuthExtensionServiceComponent.java | 42 +-- .../internal/OAuthExtensionsDataHolder.java | 15 +- .../ExtendedDeviceJWTGrantValidator.java | 39 +++ .../ExtendedDevicePasswordGrantValidator.java | 37 ++ .../extension/constant/JWTConstants.java | 2 +- 18 files changed, 662 insertions(+), 420 deletions(-) create mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/DeviceRequestDTO.java create mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/Action.java create mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopes.java create mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopesConfig.java create mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopesConfigurationFailedException.java create mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/Permissions.java create mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/constants.java rename components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/{ExtendedJWTBearerGrantHandler.java => ExtendedDeviceMgtJWTBearerGrantHandler.java} (77%) create mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedDeviceMgtPasswordGrantHandler.java delete mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedPasswordGrantHandler.java create mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/ExtendedDeviceJWTGrantValidator.java create mode 100644 components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/ExtendedDevicePasswordGrantValidator.java diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java index 4c2e57d8bda..27bbcc13eff 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java @@ -202,18 +202,13 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori throws DeviceAccessAuthorizationException { //Check for device ownership. If the user is the owner of the device we allow the access. try { - Device device = DeviceManagementDataHolder.getInstance().getDeviceManagementProvider(). - getDevice(deviceIdentifier); - EnrolmentInfo enrolmentInfo = device.getEnrolmentInfo(); - if (enrolmentInfo != null && username.equalsIgnoreCase(enrolmentInfo.getOwner())) { - return true; - } + return DeviceManagementDataHolder.getInstance().getDeviceManagementProvider(). + isEnrolled(deviceIdentifier, username); } catch (DeviceManagementException e) { throw new DeviceAccessAuthorizationException("Unable to authorize the access to device : " + deviceIdentifier.getId() + " for the user : " + username, e); } - return false; } private boolean isAdminUser(String username, int tenantId) throws UserStoreException { diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/pom.xml b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/pom.xml index 8023f94fd91..85156fc0472 100644 --- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/pom.xml +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/pom.xml @@ -50,6 +50,10 @@ org.wso2.carbon.apimgt org.wso2.carbon.apimgt.impl + + org.wso2.carbon.apimgt + org.wso2.carbon.apimgt.keymgt + com.googlecode.json-simple.wso2 json-simple @@ -95,40 +99,41 @@ org.wso2.carbon.device.mgt.*, org.wso2.carbon.identity.application.common.model, org.wso2.carbon.identity.oauth.callback, - org.wso2.carbon.identity.oauth.common, org.wso2.carbon.identity.oauth2, org.wso2.carbon.identity.oauth2.model, org.wso2.carbon.identity.oauth2.validators, org.wso2.carbon.user.api, org.wso2.carbon.user.core.service, - org.wso2.carbon.identity.application.common.model, - org.wso2.carbon.identity.application.authentication.framework.model, org.wso2.carbon.user.core.tenant, org.json.simple, javax.cache, - javax.xml.namespace, - org.apache.axiom.om, org.wso2.carbon.apimgt.api, org.wso2.carbon.apimgt.impl, org.wso2.carbon.apimgt.impl.dao, org.wso2.carbon.apimgt.impl.utils, - org.wso2.carbon.identity.application.common.cache, org.wso2.carbon.identity.core.util, org.wso2.carbon.identity.oauth2.dto, org.wso2.carbon.identity.oauth2.token, - org.wso2.carbon.identity.oauth2.token.handlers.grant, - org.wso2.carbon.user.core, - org.wso2.carbon.user.core.config, - org.wso2.carbon.user.core.util, + org.apache.oltu.oauth2.common.validators, org.wso2.carbon.utils, org.wso2.carbon.context, org.wso2.carbon.identity.oauth.cache, org.wso2.carbon.identity.oauth.config, org.wso2.carbon.identity.oauth2.dao, org.wso2.carbon.utils.multitenancy, - org.wso2.carbon.base, org.wso2.carbon.identity.oauth2.grant.jwt.*, - org.wso2.carbon.device.mgt.core.* + org.wso2.carbon.device.mgt.core.*, + javax.xml.bind, + javax.xml.bind.annotation, + javax.xml.parsers, + org.w3c.dom, + org.wso2.carbon.apimgt.keymgt, + org.wso2.carbon.apimgt.keymgt.handlers, + com.google.gson, + org.apache.commons.codec.binary, + org.wso2.carbon.identity.application.authentication.framework.model, + org.apache.oltu.oauth2.common, + org.wso2.carbon.base diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/DeviceRequestDTO.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/DeviceRequestDTO.java new file mode 100644 index 00000000000..75c4b35b3ab --- /dev/null +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/DeviceRequestDTO.java @@ -0,0 +1,30 @@ +package org.wso2.carbon.device.mgt.oauth.extensions; + +import org.wso2.carbon.device.mgt.common.DeviceIdentifier; + +import java.util.List; + +/** + * This class holds the request format for device for grant type. + */ +public class DeviceRequestDTO { + + private List deviceIdentifiers; + private String scope; + + public List getDeviceIdentifiers() { + return deviceIdentifiers; + } + + public void setDeviceIdentifiers(List deviceIdentifiers) { + this.deviceIdentifiers = deviceIdentifiers; + } + + public String getScope() { + return scope; + } + + public void setScope(String scope) { + this.scope = scope; + } +} diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/OAuthExtUtils.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/OAuthExtUtils.java index 97d7e5f5cf0..b6e5c2947c7 100644 --- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/OAuthExtUtils.java +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/OAuthExtUtils.java @@ -18,17 +18,25 @@ package org.wso2.carbon.device.mgt.oauth.extensions; +import com.google.gson.Gson; +import org.apache.commons.codec.binary.Base64; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Document; import org.wso2.carbon.apimgt.api.APIManagementException; import org.wso2.carbon.apimgt.impl.APIConstants; import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO; import org.wso2.carbon.apimgt.impl.utils.APIUtil; +import org.wso2.carbon.apimgt.keymgt.ScopesIssuer; import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.device.mgt.common.DeviceIdentifier; -import org.wso2.carbon.device.mgt.common.DeviceManagementException; +import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException; +import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult; +import org.wso2.carbon.device.mgt.oauth.extensions.config.DeviceMgtScopesConfig; +import org.wso2.carbon.device.mgt.oauth.extensions.config.DeviceMgtScopesConfigurationFailedException; import org.wso2.carbon.device.mgt.oauth.extensions.internal.OAuthExtensionsDataHolder; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; +import org.wso2.carbon.identity.oauth2.model.RequestParameter; import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext; import org.wso2.carbon.user.api.TenantManager; import org.wso2.carbon.user.api.UserRealm; @@ -36,6 +44,9 @@ import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.core.service.RealmService; import javax.cache.Caching; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import java.io.File; import java.util.ArrayList; import java.util.Arrays; import java.util.List; @@ -51,7 +62,8 @@ public class OAuthExtUtils { private static final String UI_EXECUTE = "ui.execute"; private static final String REST_API_SCOPE_CACHE = "REST_API_SCOPE_CACHE"; private static final int START_INDEX = 0; - private static final String CDMF_SCOPE_SEPERATOR = "/"; + private static final String DEFAULT_SCOPE_TAG = "device-mgt"; + /** * This method is used to get the tenant id when given tenant domain. * @@ -114,7 +126,7 @@ public class OAuthExtUtils { restAPIScopesOfCurrentTenant = APIUtil. getRESTAPIScopesFromConfig(APIUtil.getTenantRESTAPIScopesConfig(tenantDomain)); - //call load tenant config for rest API. + //call load tenant org.wso2.carbon.device.mgt.iot.output.adapter.ui.config for rest API. //then put cache appScopes.putAll(restAPIScopesOfCurrentTenant); Caching.getCacheManager(APIConstants.API_MANAGER_CACHE_MANAGER) @@ -166,20 +178,6 @@ public class OAuthExtUtils { return false; } - /** - * Determines if the scope is specified with CDMF device scope prefix. - * - * @param scope - The scope key to check - * @return - 'true' if the scope has the prefix. 'false' if not. - */ - private static boolean isCDMFDeviceSpecificScope(String scope) { - // load white listed scopes - if (scope.startsWith(OAuthExtensionsDataHolder.getInstance().getDeviceScope())) { - return true; - } - return false; - } - /** * Get the set of default scopes. If a requested scope is matches with the patterns specified in the white list, * then such scopes will be issued without further validation. If the scope list is empty, @@ -275,27 +273,6 @@ public class OAuthExtUtils { else if (appScopes.containsKey(scope) || isWhiteListedScope(scope)) { authorizedScopes.add(scope); } - - //check whether is device specific scope (CDMF) - else if (isCDMFDeviceSpecificScope(scope)) { - PrivilegedCarbonContext.startTenantFlow(); - PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenantId, true); - try { - String deviceId[] = scope.split(CDMF_SCOPE_SEPERATOR); - DeviceIdentifier deviceIdentifier = new DeviceIdentifier(deviceId[2], deviceId[1]); - boolean enrolled = OAuthExtensionsDataHolder.getInstance().getDeviceManagementService().isEnrolled( - deviceIdentifier, tokReqMsgCtx.getAuthorizedUser().getUserName()); - if (enrolled) { - authorizedScopes.add(scope); - } - } catch (DeviceManagementException e) { - log.error("Error occurred while checking device scope with CDMF", e); - } catch (ArrayIndexOutOfBoundsException e) { - log.error("Invalid scope format, have to adhere [prefix/devicetype/deviceId]", e); - }finally { - PrivilegedCarbonContext.endTenantFlow(); - } - } } } catch (UserStoreException e) { log.error("Error occurred while initializing user store.", e); @@ -311,4 +288,77 @@ public class OAuthExtUtils { return trimmedName.substring(START_INDEX, trimmedName.lastIndexOf('@')); } + public static boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) { + boolean isScopesSet = ScopesIssuer.getInstance().setScopes(tokReqMsgCtx); + if (isScopesSet) { + PrivilegedCarbonContext.startTenantFlow(); + PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain( + tokReqMsgCtx.getAuthorizedUser().getTenantDomain(), true); + String username = tokReqMsgCtx.getAuthorizedUser().getUserName(); + PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(username); + try { + + DeviceRequestDTO deviceRequestDTO = null; + RequestParameter parameters[] = tokReqMsgCtx.getOauth2AccessTokenReqDTO().getRequestParameters(); + for (RequestParameter parameter : parameters) { + if (Constants.DEFAULT_DEVICE_ASSERTION.equals(parameter.getKey())) { + String deviceJson = parameter.getValue()[0]; + Gson gson = new Gson(); + deviceRequestDTO = gson.fromJson(new String(Base64.decodeBase64(deviceJson)), + DeviceRequestDTO.class); + } + } + if (deviceRequestDTO != null) { + String scopeName = deviceRequestDTO.getScope(); + List deviceIdentifiers = deviceRequestDTO.getDeviceIdentifiers(); + DeviceAuthorizationResult deviceAuthorizationResult = OAuthExtensionsDataHolder.getInstance() + .getDeviceAccessAuthorizationService() + .isUserAuthorized(deviceIdentifiers, username, getPermissions(scopeName)); + if (deviceAuthorizationResult != null && deviceAuthorizationResult.getAuthorizedDevices() != null) { + String scopes[] = tokReqMsgCtx.getScope(); + String authorizedScopes[] = new String[scopes.length + deviceAuthorizationResult + .getAuthorizedDevices().size()]; + int scopeIndex = 0; + for (String scope : scopes) { + authorizedScopes[scopeIndex] = scope; + scopeIndex++; + } + for (DeviceIdentifier deviceIdentifier : deviceAuthorizationResult.getAuthorizedDevices()) { + authorizedScopes[scopeIndex] = DEFAULT_SCOPE_TAG + ":" + deviceIdentifier.getType() + ":" + + deviceIdentifier.getId() + ":" + scopeName; + scopeIndex++; + } + tokReqMsgCtx.setScope(authorizedScopes); + } + } + } catch (DeviceAccessAuthorizationException e) { + log.error("Error occurred while checking authorization for the user " + username, e); + } finally { + PrivilegedCarbonContext.endTenantFlow(); + } + } + return isScopesSet; + } + + /** + * retrieve the permission related to given scope. + * @param scopeName requested scope action + * @return set of permission associated with the given scope. + */ + private static String[] getPermissions(String scopeName) { + return DeviceMgtScopesConfig.getInstance().getDeviceMgtScopePermissionMap().get(scopeName); + } + + public static Document convertToDocument(File file) throws DeviceMgtScopesConfigurationFailedException { + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + factory.setNamespaceAware(true); + try { + DocumentBuilder docBuilder = factory.newDocumentBuilder(); + return docBuilder.parse(file); + } catch (Exception e) { + throw new DeviceMgtScopesConfigurationFailedException("Error occurred while parsing file, while converting " + + "to a org.w3c.dom.Document", e); + } + } + } diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/Action.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/Action.java new file mode 100644 index 00000000000..4f71e308014 --- /dev/null +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/Action.java @@ -0,0 +1,90 @@ + +package org.wso2.carbon.device.mgt.oauth.extensions.config; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlType; + + +/** + *

Java class for Action complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType name="Action">
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <sequence>
+ *         <element name="Permissions" type="{}Permissions"/>
+ *       </sequence>
+ *       <attribute name="name" type="{http://www.w3.org/2001/XMLSchema}string" />
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "Action", propOrder = { + "permissions" +}) +public class Action { + + @XmlElement(name = "Permissions", required = true) + protected Permissions permissions; + @XmlAttribute(name = "name") + protected String name; + + /** + * Gets the value of the permissions property. + * + * @return + * possible object is + * {@link Permissions } + * + */ + public Permissions getPermissions() { + return permissions; + } + + /** + * Sets the value of the permissions property. + * + * @param value + * allowed object is + * {@link Permissions } + * + */ + public void setPermissions(Permissions value) { + this.permissions = value; + } + + /** + * Gets the value of the name property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getName() { + return name; + } + + /** + * Sets the value of the name property. + * + * @param value + * allowed object is + * {@link String } + * + */ + public void setName(String value) { + this.name = value; + } + +} diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopes.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopes.java new file mode 100644 index 00000000000..07a46b21304 --- /dev/null +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopes.java @@ -0,0 +1,67 @@ + +package org.wso2.carbon.device.mgt.oauth.extensions.config; + +import java.util.ArrayList; +import java.util.List; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlType; + + +/** + *

Java class for DeviceMgtScopes complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType name="DeviceMgtScopes">
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <sequence>
+ *         <element name="Action" type="{}Action" maxOccurs="unbounded" minOccurs="0"/>
+ *       </sequence>
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlRootElement(name = "DeviceMgtScopes") +public class DeviceMgtScopes { + + @XmlElement(name = "Action") + protected List action; + + /** + * Gets the value of the action property. + * + *

+ * This accessor method returns a reference to the live list, + * not a snapshot. Therefore any modification you make to the + * returned list will be present inside the JAXB object. + * This is why there is not a set method for the action property. + * + *

+ * For example, to add a new item, do as follows: + * 

+     *    getAction().add(newItem);
+     *
+ * + * + *

+ * Objects of the following type(s) are allowed in the list + * {@link Action } + * + * + */ + public List getAction() { + if (action == null) { + action = new ArrayList(); + } + return this.action; + } + +} diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopesConfig.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopesConfig.java new file mode 100644 index 00000000000..9f8d05760b5 --- /dev/null +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopesConfig.java @@ -0,0 +1,67 @@ + +package org.wso2.carbon.device.mgt.oauth.extensions.config; + +import org.w3c.dom.Document; +import org.wso2.carbon.device.mgt.oauth.extensions.OAuthExtUtils; +import org.wso2.carbon.utils.CarbonUtils; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; +import java.io.File; +import java.util.HashMap; +import java.util.Map; + +/** + * This class represents the configuration that are needed for scopes to permission map. + */ +public class DeviceMgtScopesConfig { + + private static DeviceMgtScopesConfig config = new DeviceMgtScopesConfig(); + private static Map actionPermissionMap = new HashMap<>(); + + private static final String DEVICE_MGT_SCOPES_CONFIG_PATH = + CarbonUtils.getEtcCarbonConfigDirPath() + File.separator + "device-mgt-scopes.xml"; + + private DeviceMgtScopesConfig() { + } + + public static DeviceMgtScopesConfig getInstance() { + return config; + } + + public static void init() throws DeviceMgtScopesConfigurationFailedException { + try { + File deviceMgtConfig = new File(DEVICE_MGT_SCOPES_CONFIG_PATH); + Document doc = OAuthExtUtils.convertToDocument(deviceMgtConfig); + + /* Un-marshaling DeviceMGtScope configuration */ + JAXBContext ctx = JAXBContext.newInstance(DeviceMgtScopes.class); + Unmarshaller unmarshaller = ctx.createUnmarshaller(); + //unmarshaller.setSchema(getSchema()); + DeviceMgtScopes deviceMgtScopes = (DeviceMgtScopes) unmarshaller.unmarshal(doc); + if (deviceMgtScopes != null) { + for (Action action : deviceMgtScopes.getAction()) { + Permissions permissions = action.getPermissions(); + if (permissions != null) { + String permission[] = new String[permissions.getPermission().size()]; + int i = 0; + for (String perm : permissions.getPermission()) { + permission[i] = perm; + i++; + } + actionPermissionMap.put(action.getName(), permission); + } + } + } + } catch (JAXBException e) { + throw new DeviceMgtScopesConfigurationFailedException("Error occurred while un-marshalling Device Scope" + + " Config", e); + } + } + + public Map getDeviceMgtScopePermissionMap() { + return actionPermissionMap; + } + +} diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopesConfigurationFailedException.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopesConfigurationFailedException.java new file mode 100644 index 00000000000..7a16382c18d --- /dev/null +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/DeviceMgtScopesConfigurationFailedException.java @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.device.mgt.oauth.extensions.config; + +public class DeviceMgtScopesConfigurationFailedException extends Exception { + + private static final long serialVersionUID = -3151279312929070398L; + + public DeviceMgtScopesConfigurationFailedException(String msg, Exception nestedEx) { + super(msg, nestedEx); + } + + public DeviceMgtScopesConfigurationFailedException(String message, Throwable cause) { + super(message, cause); + } + + public DeviceMgtScopesConfigurationFailedException(String msg) { + super(msg); + } + + public DeviceMgtScopesConfigurationFailedException() { + super(); + } + + public DeviceMgtScopesConfigurationFailedException(Throwable cause) { + super(cause); + } +} diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/Permissions.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/Permissions.java new file mode 100644 index 00000000000..dd20c772aff --- /dev/null +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/Permissions.java @@ -0,0 +1,78 @@ + +package org.wso2.carbon.device.mgt.oauth.extensions.config; + +import java.util.ArrayList; +import java.util.List; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlType; + + +/** + *

Java class for Permissions complex type. + * + *

The following schema fragment specifies the expected content contained within this class. + * + * 

+ * <complexType name="Permissions">
+ *   <complexContent>
+ *     <restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
+ *       <sequence>
+ *         <element name="Permission" maxOccurs="unbounded" minOccurs="0">
+ *           <simpleType>
+ *             <restriction base="{http://www.w3.org/2001/XMLSchema}string">
+ *               <enumeration value="/permission/device-mgt/user/groups/device_operation"/>
+ *               <enumeration value="/permission/device-mgt/admin/groups"/>
+ *               <enumeration value="/permission/device-mgt/user/groups"/>
+ *               <enumeration value="/permission/device-mgt/user/groups/device_monitor"/>
+ *             </restriction>
+ *           </simpleType>
+ *         </element>
+ *       </sequence>
+ *     </restriction>
+ *   </complexContent>
+ * </complexType>
+ *
+ * + * + */ +@XmlAccessorType(XmlAccessType.FIELD) +@XmlType(name = "Permissions", propOrder = { + "permission" +}) +public class Permissions { + + @XmlElement(name = "Permission") + protected List permission; + + /** + * Gets the value of the permission property. + * + *

+ * This accessor method returns a reference to the live list, + * not a snapshot. Therefore any modification you make to the + * returned list will be present inside the JAXB object. + * This is why there is not a set method for the permission property. + * + *

+ * For example, to add a new item, do as follows: + * 

+     *    getPermission().add(newItem);
+     *
+ * + * + *

+ * Objects of the following type(s) are allowed in the list + * {@link String } + * + * + */ + public List getPermission() { + if (permission == null) { + permission = new ArrayList(); + } + return this.permission; + } + +} diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/constants.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/constants.java new file mode 100644 index 00000000000..b9f5080555c --- /dev/null +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/constants.java @@ -0,0 +1,13 @@ +package org.wso2.carbon.device.mgt.oauth.extensions; + + +/** + * This hold the constants related oauth extensions. + */ +public class Constants { + + public static final String DEFAULT_DEVICE_ASSERTION = "device"; + public static final String DEFAULT_USERNAME_IDENTIFIER = "username"; + public static final String DEFAULT_PASSWORD_IDENTIFIER = "password"; + +} diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedJWTBearerGrantHandler.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedDeviceMgtJWTBearerGrantHandler.java similarity index 77% rename from components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedJWTBearerGrantHandler.java rename to components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedDeviceMgtJWTBearerGrantHandler.java index cb7fcdef190..b90ba6f7157 100644 --- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedJWTBearerGrantHandler.java +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedDeviceMgtJWTBearerGrantHandler.java @@ -5,10 +5,10 @@ import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; import org.wso2.carbon.identity.oauth2.grant.jwt.JWTBearerGrantHandler; import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext; -public class ExtendedJWTBearerGrantHandler extends JWTBearerGrantHandler { +public class ExtendedDeviceMgtJWTBearerGrantHandler extends JWTBearerGrantHandler { @Override public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception { - return OAuthExtUtils.setScopes(tokReqMsgCtx); + return OAuthExtUtils.validateScope(tokReqMsgCtx); } } diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedDeviceMgtPasswordGrantHandler.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedDeviceMgtPasswordGrantHandler.java new file mode 100644 index 00000000000..cc329158ee2 --- /dev/null +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedDeviceMgtPasswordGrantHandler.java @@ -0,0 +1,62 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant; + +import com.google.gson.Gson; +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.apimgt.keymgt.handlers.ExtendedPasswordGrantHandler; +import org.wso2.carbon.device.mgt.oauth.extensions.Constants; +import org.wso2.carbon.device.mgt.oauth.extensions.DeviceRequestDTO; +import org.wso2.carbon.device.mgt.oauth.extensions.OAuthExtUtils; +import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; +import org.wso2.carbon.identity.oauth2.model.RequestParameter; +import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext; + +@SuppressWarnings("unused") +public class ExtendedDeviceMgtPasswordGrantHandler extends ExtendedPasswordGrantHandler { + + private static Log log = LogFactory.getLog(ExtendedDeviceMgtPasswordGrantHandler.class); + + @Override + public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception { + RequestParameter parameters[] = tokReqMsgCtx.getOauth2AccessTokenReqDTO().getRequestParameters(); + for (RequestParameter parameter : parameters) { + switch (parameter.getKey()) { + case Constants.DEFAULT_USERNAME_IDENTIFIER: + String username = parameter.getValue()[0]; + tokReqMsgCtx.getOauth2AccessTokenReqDTO().setResourceOwnerUsername(username); + break; + + case Constants.DEFAULT_PASSWORD_IDENTIFIER: + String password = parameter.getValue()[0]; + tokReqMsgCtx.getOauth2AccessTokenReqDTO().setResourceOwnerPassword(password); + break; + } + } + return super.validateGrant(tokReqMsgCtx); + } + + @Override + public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) { + return OAuthExtUtils.validateScope(tokReqMsgCtx); + } + +} diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedPasswordGrantHandler.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedPasswordGrantHandler.java deleted file mode 100644 index d39ea69f0c2..00000000000 --- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/ExtendedPasswordGrantHandler.java +++ /dev/null @@ -1,328 +0,0 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant; - -import org.apache.axiom.om.OMElement; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.device.mgt.oauth.extensions.OAuthExtUtils; -import org.wso2.carbon.device.mgt.oauth.extensions.internal.OAuthExtensionsDataHolder; -import org.wso2.carbon.identity.application.common.cache.BaseCache; -import org.wso2.carbon.identity.core.util.IdentityConfigParser; -import org.wso2.carbon.identity.core.util.IdentityCoreConstants; -import org.wso2.carbon.identity.core.util.IdentityTenantUtil; -import org.wso2.carbon.identity.oauth.common.OAuthConstants; -import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception; -import org.wso2.carbon.identity.oauth2.ResponseHeader; -import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO; -import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext; -import org.wso2.carbon.identity.oauth2.token.handlers.grant.PasswordGrantHandler; -import org.wso2.carbon.user.api.Claim; -import org.wso2.carbon.user.api.UserStoreException; -import org.wso2.carbon.user.api.UserStoreManager; -import org.wso2.carbon.user.core.UserRealm; -import org.wso2.carbon.user.core.config.RealmConfiguration; -import org.wso2.carbon.user.core.service.RealmService; -import org.wso2.carbon.user.core.util.UserCoreUtil; - -import javax.xml.namespace.QName; -import java.util.*; -import java.util.concurrent.ConcurrentHashMap; - -@SuppressWarnings("unused") -public class ExtendedPasswordGrantHandler extends PasswordGrantHandler { - - private static Log log = LogFactory.getLog(ExtendedPasswordGrantHandler.class); - - private static final String CONFIG_ELEM_OAUTH = "OAuth"; - - // Claims that are set as response headers of access token response - private static final String REQUIRED_CLAIM_URIS = "RequiredRespHeaderClaimUris"; - private BaseCache userClaimsCache; - - // Primary/Secondary Login configuration - private static final String CLAIM_URI = "ClaimUri"; - private static final String LOGIN_CONFIG = "LoginConfig"; - private static final String USERID_LOGIN = "UserIdLogin"; - private static final String EMAIL_LOGIN = "EmailLogin"; - private static final String PRIMARY_LOGIN = "primary"; - - private Map> loginConfiguration = new ConcurrentHashMap<>(); - - private List requiredHeaderClaimUris = new ArrayList<>(); - - public void init() throws IdentityOAuth2Exception { - - super.init(); - - IdentityConfigParser configParser; - configParser = IdentityConfigParser.getInstance(); - OMElement oauthElem = configParser.getConfigElement(CONFIG_ELEM_OAUTH); - - // Get the required claim uris that needs to be included in the response. - parseRequiredHeaderClaimUris(oauthElem.getFirstChildWithName(getQNameWithIdentityNS(REQUIRED_CLAIM_URIS))); - - // read login config - parseLoginConfig(oauthElem); - - userClaimsCache = new BaseCache<>("UserClaimsCache"); - if (log.isDebugEnabled()) { - log.debug("Successfully created UserClaimsCache under " + OAuthConstants.OAUTH_CACHE_MANAGER); - } - } - - @Override - public boolean validateGrant(OAuthTokenReqMessageContext tokReqMsgCtx) - throws IdentityOAuth2Exception { - - OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO = tokReqMsgCtx.getOauth2AccessTokenReqDTO(); - String username = oAuth2AccessTokenReqDTO.getResourceOwnerUsername(); - String loginUserName = getLoginUserName(username); - tokReqMsgCtx.getOauth2AccessTokenReqDTO().setResourceOwnerUsername(loginUserName); - - boolean isValidated = super.validateGrant(tokReqMsgCtx); - - if (isValidated) { - - int tenantId; - tenantId = IdentityTenantUtil.getTenantIdOfUser(username); - - RealmService realmService = OAuthExtensionsDataHolder.getInstance().getRealmService(); - UserStoreManager userStoreManager; - try { - userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager(); - } catch (UserStoreException e) { - log.error("Error when getting the tenant's UserStoreManager", e); - return false; - } - - List respHeaders = new ArrayList<>(); - - if (oAuth2AccessTokenReqDTO.getResourceOwnerUsername() != null) { - try { - if (requiredHeaderClaimUris != null && !requiredHeaderClaimUris.isEmpty()) { - // Get user's claim values from the default profile. - String userStoreDomain = tokReqMsgCtx.getAuthorizedUser().getUserStoreDomain(); - - String endUsernameWithDomain = UserCoreUtil. - addDomainToName(oAuth2AccessTokenReqDTO.getResourceOwnerUsername(), userStoreDomain); - - Claim[] mapClaimValues = getUserClaimValues(endUsernameWithDomain, userStoreManager); - - if (mapClaimValues != null && mapClaimValues.length > 0) { - ResponseHeader header; - for (String claimUri : requiredHeaderClaimUris) { - for (Claim claim : mapClaimValues) { - if (claimUri.equals(claim.getClaimUri())) { - header = new ResponseHeader(); - header.setKey(claim.getDisplayTag()); - header.setValue(claim.getValue()); - respHeaders.add(header); - break; - } - } - } - } else if (log.isDebugEnabled()) { - log.debug("No claim values for user : " + endUsernameWithDomain); - } - } - } catch (Exception e) { - throw new IdentityOAuth2Exception("Error occurred while retrieving user claims", e); - } - } - tokReqMsgCtx.addProperty("RESPONSE_HEADERS", respHeaders.toArray(new ResponseHeader[respHeaders.size()])); - } - - return isValidated; - } - - @Override - public boolean validateScope(OAuthTokenReqMessageContext tokReqMsgCtx) { - return OAuthExtUtils.setScopes(tokReqMsgCtx); - } - - private String getLoginUserName(String userID) { - String loginUserName = userID; - if (isSecondaryLogin(userID)) { - loginUserName = getPrimaryFromSecondary(userID); - } - return loginUserName; - } - - /** - * Identify whether the logged in user used his Primary Login name or - * Secondary login name - * - * @param userId - The username used to login. - * @return true if secondary login name is used, - * false if primary login name has been used - */ - private boolean isSecondaryLogin(String userId) { - - if (loginConfiguration.get(EMAIL_LOGIN) != null) { - Map emailConf = loginConfiguration.get(EMAIL_LOGIN); - if ("true".equalsIgnoreCase(emailConf.get(PRIMARY_LOGIN))) { - return !isUserLoggedInEmail(userId); - } else if ("false".equalsIgnoreCase(emailConf.get(PRIMARY_LOGIN))) { - return isUserLoggedInEmail(userId); - } - } else if (loginConfiguration.get(USERID_LOGIN) != null) { - Map userIdConf = loginConfiguration.get(USERID_LOGIN); - if ("true".equalsIgnoreCase(userIdConf.get(PRIMARY_LOGIN))) { - return isUserLoggedInEmail(userId); - } else if ("false".equalsIgnoreCase(userIdConf.get(PRIMARY_LOGIN))) { - return !isUserLoggedInEmail(userId); - } - } - return false; - } - - /** - * Identify whether the logged in user used his ordinal username or email - * - * @param userId - username used to login. - * @return - true if userId contains '@'. false otherwise - */ - private boolean isUserLoggedInEmail(String userId) { - return userId.contains("@"); - } - - /** - * Get the primaryLogin name using secondary login name. Primary secondary - * Configuration is provided in the identitiy.xml. In the userstore, it is - * users responsibility TO MAINTAIN THE SECONDARY LOGIN NAME AS UNIQUE for - * each and every users. If it is not unique, we will pick the very first - * entry from the userlist. - * - * @param login - username used to login. - * @return - - */ - private String getPrimaryFromSecondary(String login) { - - String claimURI, username = null; - if (isUserLoggedInEmail(login)) { - Map emailConf = loginConfiguration.get(EMAIL_LOGIN); - claimURI = emailConf.get(CLAIM_URI); - } else { - Map userIdConf = loginConfiguration.get(USERID_LOGIN); - claimURI = userIdConf.get(CLAIM_URI); - } - - try { - RealmService realmSvc = OAuthExtensionsDataHolder.getInstance().getRealmService(); - RealmConfiguration config = new RealmConfiguration(); - UserRealm realm = realmSvc.getUserRealm(config); - org.wso2.carbon.user.core.UserStoreManager storeManager = realm.getUserStoreManager(); - String[] user = storeManager.getUserList(claimURI, login, null); - if (user.length > 0) { - username = user[0]; - } - } catch (UserStoreException e) { - log.error("Error while retrieving the primaryLogin name using secondary login name : " + login, e); - } - return username; - } - - private Claim[] getUserClaimValues(String authorizedUser, UserStoreManager userStoreManager) - throws - UserStoreException { - Claim[] userClaims = userClaimsCache.getValueFromCache(authorizedUser); - if (userClaims != null) { - return userClaims; - } else { - if (log.isDebugEnabled()) { - log.debug("Cache miss for user claims. Username :" + authorizedUser); - } - userClaims = userStoreManager.getUserClaimValues( - authorizedUser, null); - userClaimsCache.addToCache(authorizedUser, userClaims); - return userClaims; - } - } - - /** - * Read the required claim configuration from identity.xml - */ - private void parseRequiredHeaderClaimUris(OMElement requiredClaimUrisElem) { - if (requiredClaimUrisElem == null) { - return; - } - - Iterator claimUris = requiredClaimUrisElem.getChildrenWithLocalName(CLAIM_URI); - if (claimUris != null) { - while (claimUris.hasNext()) { - OMElement claimUri = (OMElement) claimUris.next(); - if (claimUri != null) { - requiredHeaderClaimUris.add(claimUri.getText()); - } - } - } - } - - /** - * Read the primary/secondary login configuration - * - * .... - * - * - * - * - * - * http://wso2.org/claims/emailaddress - * - * - * ..... - * - * - * @param oauthConfigElem - The '' xml configuration element in the api-manager.xml - */ - private void parseLoginConfig(OMElement oauthConfigElem) { - OMElement loginConfigElem = oauthConfigElem.getFirstChildWithName(getQNameWithIdentityNS(LOGIN_CONFIG)); - if (loginConfigElem != null) { - if (log.isDebugEnabled()) { - log.debug("Login configuration is set "); - } - // Primary/Secondary supported login mechanisms - OMElement emailConfigElem = loginConfigElem.getFirstChildWithName(getQNameWithIdentityNS(EMAIL_LOGIN)); - - OMElement userIdConfigElem = loginConfigElem.getFirstChildWithName(getQNameWithIdentityNS(USERID_LOGIN)); - - Map emailConf = new HashMap(2); - emailConf.put(PRIMARY_LOGIN, - emailConfigElem.getAttributeValue(new QName(PRIMARY_LOGIN))); - emailConf.put(CLAIM_URI, - emailConfigElem.getFirstChildWithName(getQNameWithIdentityNS(CLAIM_URI)) - .getText()); - - Map userIdConf = new HashMap(2); - userIdConf.put(PRIMARY_LOGIN, - userIdConfigElem.getAttributeValue(new QName(PRIMARY_LOGIN))); - userIdConf.put(CLAIM_URI, - userIdConfigElem.getFirstChildWithName(getQNameWithIdentityNS(CLAIM_URI)) - .getText()); - - loginConfiguration.put(EMAIL_LOGIN, emailConf); - loginConfiguration.put(USERID_LOGIN, userIdConf); - } - } - - private QName getQNameWithIdentityNS(String localPart) { - return new QName(IdentityCoreConstants.IDENTITY_DEFAULT_NAMESPACE, localPart); - } -} diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/internal/OAuthExtensionServiceComponent.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/internal/OAuthExtensionServiceComponent.java index 350de887a4d..8e483bd1a44 100644 --- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/internal/OAuthExtensionServiceComponent.java +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/internal/OAuthExtensionServiceComponent.java @@ -24,8 +24,12 @@ import org.osgi.service.component.ComponentContext; import org.wso2.carbon.apimgt.api.APIManagementException; import org.wso2.carbon.apimgt.impl.APIConstants; import org.wso2.carbon.apimgt.impl.APIManagerConfiguration; +import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException; +import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService; import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService; import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService; +import org.wso2.carbon.device.mgt.oauth.extensions.config.DeviceMgtScopesConfig; +import org.wso2.carbon.device.mgt.oauth.extensions.config.DeviceMgtScopesConfigurationFailedException; import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService; import org.wso2.carbon.user.core.service.RealmService; import org.wso2.carbon.utils.CarbonUtils; @@ -54,12 +58,12 @@ import java.util.List; * policy="dynamic" * bind="setPermissionManagerService" * unbind="unsetPermissionManagerService" - * @scr.reference name="org.wso2.carbon.device.manager" - * interface="org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService" + * @scr.reference name="org.wso2.carbon.device.authorization" + * interface="org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService" * cardinality="1..1" * policy="dynamic" - * bind="setDeviceManagementService" - * unbind="unsetDeviceManagementService" + * bind="setDeviceAccessAuthorizationService" + * unbind="unsetDeviceAccessAuthorizationService" */ public class OAuthExtensionServiceComponent { @@ -67,8 +71,6 @@ public class OAuthExtensionServiceComponent { private static final String REPOSITORY = "repository"; private static final String CONFIGURATION = "conf"; private static final String APIM_CONF_FILE = "api-manager.xml"; - private static final String API_KEY_MANGER_DEVICE_SCOPE = "APIKeyValidator.DeviceScope"; - private static final String CDMF_DEVICE_SCOPE_PREFIX = "cdmf_"; @SuppressWarnings("unused") @@ -77,6 +79,8 @@ public class OAuthExtensionServiceComponent { log.debug("Starting OAuthExtensionBundle"); } try { + DeviceMgtScopesConfig.init(); + APIManagerConfiguration configuration = new APIManagerConfiguration(); String filePath = new StringBuilder(). append(CarbonUtils.getCarbonHome()). @@ -102,18 +106,10 @@ public class OAuthExtensionServiceComponent { } OAuthExtensionsDataHolder.getInstance().setWhitelistedScopes(whiteList); - - // Read device scope(Specific to CDMF) from Configuration. - String deviceScope = configuration.getFirstProperty(API_KEY_MANGER_DEVICE_SCOPE); - - if (deviceScope == null) { - deviceScope = CDMF_DEVICE_SCOPE_PREFIX; - } - - OAuthExtensionsDataHolder.getInstance().setDeviceScope(deviceScope); - } catch (APIManagementException e) { - log.error("Error occurred while loading APIM configurations", e); + log.error("Error occurred while loading DeviceMgtConfig configurations", e); + } catch (DeviceMgtScopesConfigurationFailedException e) { + log.error("Failed to initialize device scope configuration.", e); } } @@ -198,24 +194,24 @@ public class OAuthExtensionServiceComponent { /** * Set DeviceManagementProviderService - * @param deviceManagerService An instance of PermissionManagerService + * @param deviceAccessAuthorizationService An instance of deviceAccessAuthorizationService */ - protected void setDeviceManagementService(DeviceManagementProviderService deviceManagerService) { + protected void setDeviceAccessAuthorizationService(DeviceAccessAuthorizationService deviceAccessAuthorizationService) { if (log.isDebugEnabled()) { log.debug("Setting Device Management Service"); } - OAuthExtensionsDataHolder.getInstance().setDeviceManagementService(deviceManagerService); + OAuthExtensionsDataHolder.getInstance().setDeviceAccessAuthorizationService(deviceAccessAuthorizationService); } /** * unset DeviceManagementProviderService - * @param deviceManagementService An instance of PermissionManagerService + * @param deviceAccessAuthorizationService An instance of deviceAccessAuthorizationService */ - protected void unsetDeviceManagementService(DeviceManagementProviderService deviceManagementService) { + protected void unsetDeviceAccessAuthorizationService(DeviceAccessAuthorizationService deviceAccessAuthorizationService) { if (log.isDebugEnabled()) { log.debug("Removing Device Management Service"); } - OAuthExtensionsDataHolder.getInstance().setDeviceManagementService(null); + OAuthExtensionsDataHolder.getInstance().setDeviceAccessAuthorizationService(null); } } diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/internal/OAuthExtensionsDataHolder.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/internal/OAuthExtensionsDataHolder.java index 2f052094d79..5e4d953fc4b 100644 --- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/internal/OAuthExtensionsDataHolder.java +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/internal/OAuthExtensionsDataHolder.java @@ -18,6 +18,7 @@ package org.wso2.carbon.device.mgt.oauth.extensions.internal; +import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService; import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService; import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService; import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService; @@ -35,7 +36,7 @@ public class OAuthExtensionsDataHolder { private PermissionManagerService permissionManagerService; private List whitelistedScopes; private String deviceScope; - private DeviceManagementProviderService deviceManagementService; + private DeviceAccessAuthorizationService deviceAccessAuthorizationService; private static OAuthExtensionsDataHolder thisInstance = new OAuthExtensionsDataHolder(); @@ -87,19 +88,15 @@ public class OAuthExtensionsDataHolder { this.whitelistedScopes = whitelistedScopes; } - public void setDeviceScope(String deviceScope) { - this.deviceScope = deviceScope; - } - public String getDeviceScope() { return deviceScope; } - public DeviceManagementProviderService getDeviceManagementService() { - return deviceManagementService; + public DeviceAccessAuthorizationService getDeviceAccessAuthorizationService() { + return deviceAccessAuthorizationService; } - public void setDeviceManagementService(DeviceManagementProviderService deviceManagementService) { - this.deviceManagementService = deviceManagementService; + public void setDeviceAccessAuthorizationService(DeviceAccessAuthorizationService deviceAccessAuthorizationService) { + this.deviceAccessAuthorizationService = deviceAccessAuthorizationService; } } diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/ExtendedDeviceJWTGrantValidator.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/ExtendedDeviceJWTGrantValidator.java new file mode 100644 index 00000000000..9ccadc2a488 --- /dev/null +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/ExtendedDeviceJWTGrantValidator.java @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License + */ + +package org.wso2.carbon.device.mgt.oauth.extensions.validators; + +import org.apache.oltu.oauth2.common.OAuth; +import org.apache.oltu.oauth2.common.validators.AbstractValidator; +import org.wso2.carbon.device.mgt.oauth.extensions.Constants; + +import javax.servlet.http.HttpServletRequest; + +/** + * Grant validator for JSON Web Tokens + * For JWT Grant to be valid the required parameters are + * grant_type and assertion + */ +public class ExtendedDeviceJWTGrantValidator extends AbstractValidator { + + public ExtendedDeviceJWTGrantValidator() { + requiredParams.add(OAuth.OAUTH_GRANT_TYPE); + requiredParams.add(OAuth.OAUTH_ASSERTION); + requiredParams.add(Constants.DEFAULT_DEVICE_ASSERTION); + } +} \ No newline at end of file diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/ExtendedDevicePasswordGrantValidator.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/ExtendedDevicePasswordGrantValidator.java new file mode 100644 index 00000000000..71b1eb54b0c --- /dev/null +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/ExtendedDevicePasswordGrantValidator.java @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License + */ + +package org.wso2.carbon.device.mgt.oauth.extensions.validators; + +import org.apache.oltu.oauth2.common.OAuth; +import org.apache.oltu.oauth2.common.validators.AbstractValidator; +import org.wso2.carbon.device.mgt.oauth.extensions.Constants; + +import javax.servlet.http.HttpServletRequest; + +/** + * Grant validator for Device Object with Password Grant type + */ +public class ExtendedDevicePasswordGrantValidator extends AbstractValidator { + + public ExtendedDevicePasswordGrantValidator() { + requiredParams.add(OAuth.OAUTH_USERNAME); + requiredParams.add(OAuth.OAUTH_PASSWORD); + requiredParams.add(Constants.DEFAULT_DEVICE_ASSERTION); + } +} \ No newline at end of file diff --git a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/constant/JWTConstants.java b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/constant/JWTConstants.java index ab6a4b142d1..04cf3dda560 100644 --- a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/constant/JWTConstants.java +++ b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/constant/JWTConstants.java @@ -23,7 +23,7 @@ package org.wso2.carbon.identity.jwt.client.extension.constant; public class JWTConstants { public static final String OAUTH_EXPIRES_IN = "expires_in"; public static final String OAUTH_TOKEN_TYPE = "token_type"; - public static final String JWT_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:jwt-bearer"; + public static final String JWT_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:device-mgt:jwt-bearer"; public static final String GRANT_TYPE_PARAM_NAME = "grant_type"; public static final String REFRESH_TOKEN_GRANT_TYPE = "refresh_token"; public static final String REFRESH_TOKEN_GRANT_TYPE_PARAM_NAME = "refresh_token"; From 8eb29a77ccc6a4856a757f4a23e142aa500e82f8 Mon Sep 17 00:00:00 2001 From: ayyoob Date: Mon, 25 Jul 2016 11:46:45 +0530 Subject: [PATCH 02/14] adding device-mgt-scopes config --- .../src/main/resources/build.properties | 19 +++++++ .../src/main/resources/device-mgt-scopes.xml | 51 +++++++++++++++++++ .../src/main/resources/p2.inf | 2 + 3 files changed, 72 insertions(+) create mode 100644 features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/build.properties create mode 100644 features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/device-mgt-scopes.xml create mode 100644 features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/p2.inf diff --git a/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/build.properties b/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/build.properties new file mode 100644 index 00000000000..33bb0980d3c --- /dev/null +++ b/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/build.properties @@ -0,0 +1,19 @@ +# +# Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# WSO2 Inc. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +custom = true diff --git a/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/device-mgt-scopes.xml b/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/device-mgt-scopes.xml new file mode 100644 index 00000000000..a76191cce0b --- /dev/null +++ b/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/device-mgt-scopes.xml @@ -0,0 +1,51 @@ + + + + + + + + + /permission/device-mgt/user/groups/device_operation + /permission/device-mgt/admin/groups + /permission/device-mgt/user/groups + + + + + /permission/device-mgt/user/groups/device_monitor + /permission/device-mgt/admin/groups + /permission/device-mgt/user/groups + + + + + /permission/device-mgt/user/groups/device_monitor + /permission/device-mgt/admin/groups + /permission/device-mgt/user/groups + + + + + /permission/device-mgt/user/groups/device_operation + /permission/device-mgt/admin/groups + /permission/device-mgt/user/groups + + + \ No newline at end of file diff --git a/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/p2.inf b/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/p2.inf new file mode 100644 index 00000000000..6f97c8724c6 --- /dev/null +++ b/features/oauth-extensions/org.wso2.carbon.device.mgt.oauth.extensions.feature/src/main/resources/p2.inf @@ -0,0 +1,2 @@ +instructions.configure = \ +org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.device.mgt.oauth.extensions_${feature.version}/device-mgt-scopes.xml,target:${installFolder}/../../conf/etc/device-mgt-scopes.xml,overwrite:true);\ From 1ed0481ec3f386af757f3a88ca215f571dccc711 Mon Sep 17 00:00:00 2001 From: Ace Date: Tue, 26 Jul 2016 16:59:57 +0530 Subject: [PATCH 03/14] Changing nav-bar base-unit implementation --- .../pages/cdmf.page.dashboard/dashboard.hbs | 3 +- .../cdmf.unit.ui.navbar.nav-menu/nav-menu.hbs | 121 ++++-- .../public/js/jquery.qrcode.min.js | 47 +++ .../public/js/nav-menu.js | 378 ++++++++++++++++++ .../public/templates/notifications.hbs | 14 + 5 files changed, 531 insertions(+), 32 deletions(-) create mode 100755 components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/js/jquery.qrcode.min.js create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/js/nav-menu.js create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/templates/notifications.hbs diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.dashboard/dashboard.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.dashboard/dashboard.hbs index 012b6df8c09..07f970ec6e1 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.dashboard/dashboard.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.dashboard/dashboard.hbs @@ -16,12 +16,11 @@ under the License. }} {{unit "cdmf.unit.ui.title" pageTitle="Dashboard"}} -{{unit "cdmf.unit.ui.content.title" pageHeader="Dashboard"}} {{#zone "breadcrumbs"}}

  • - + Dashboard
    • {{/zone}} diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/nav-menu.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/nav-menu.hbs index 181056757fb..215a4950680 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/nav-menu.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/nav-menu.hbs @@ -30,13 +30,22 @@ {{/if}} - {{#if permissions.LIST_OWN_DEVICES}} + {{#if permissions.LIST_DEVICES_ADMIN}}
  • Device Management
    • + {{else}} + {{#if permissions.LIST_OWN_DEVICES}} +
  • + + + Device Management + +
    • + {{/if}} {{/if}} {{#if permissions.LIST_GROUPS}}
  • @@ -46,35 +55,87 @@
    • {{/if}} - {{#if permissions.ADD_USER}} -
  • - - - User Management - -
    • - {{/if}} - {{#if permissions.ADD_ROLE}} -
  • - - - Role Management - -
    • - {{/if}} - {{#if permissions.ADD_POLICY}} -
  • - - - Policy Management - -
    • +
  • User Management +
      + {{#if permissions.LIST_USERS}} +
    • Users
      • + {{/if}} + + {{#if permissions.LIST_ROLES}} +
    • Roles
      • + {{/if}} +
    +
    • + {{#if permissions.LIST_POLICIES}} +
  • Policy Management
    • {{/if}} - {{#if permissions.TENANT_CONFIGURATION}} -
  • - - Platform Configurations +
  • Configuration Management + +
    • +{{/zone}} + +{{#zone "navbarCollapsableRightItems"}} + +{{/zone}} + +{{#zone "navbarBelow"}} + +{{/zone}} +{{#zone "sidePanes"}} + +{{/zone}} +{{#zone "bottomJs"}} + + {{js "js/nav-menu.js"}} + {{js "js/jquery.qrcode.min.js"}} +{{/zone}} diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/js/jquery.qrcode.min.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/js/jquery.qrcode.min.js new file mode 100755 index 00000000000..2a169909b24 --- /dev/null +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/js/jquery.qrcode.min.js @@ -0,0 +1,47 @@ +//--------------------------------------------------------------------- +// QRCode for JavaScript +// +// Copyright (c) 2009 Kazuhiko Arase +// +// URL: http://www.d-project.com/ +// +// Licensed under the MIT license: +// http://www.opensource.org/licenses/mit-license.php +// +// The word "QR Code" is registered trademark of +// DENSO WAVE INCORPORATED +// http://www.denso-wave.com/qrcode/faqpatent-e.html +// +//--------------------------------------------------------------------- + +//--------------------------------------------------------------------- +// QR8bitByte +//--------------------------------------------------------------------- +(function(r){r.fn.qrcode=function(h){var s;function u(a){this.mode=s;this.data=a}function o(a,c){this.typeNumber=a;this.errorCorrectLevel=c;this.modules=null;this.moduleCount=0;this.dataCache=null;this.dataList=[]}function q(a,c){if(void 0==a.length)throw Error(a.length+"/"+c);for(var d=0;da||this.moduleCount<=a||0>c||this.moduleCount<=c)throw Error(a+","+c);return this.modules[a][c]},getModuleCount:function(){return this.moduleCount},make:function(){if(1>this.typeNumber){for(var a=1,a=1;40>a;a++){for(var c=p.getRSBlocks(a,this.errorCorrectLevel),d=new t,b=0,e=0;e=d;d++)if(!(-1>=a+d||this.moduleCount<=a+d))for(var b=-1;7>=b;b++)-1>=c+b||this.moduleCount<=c+b||(this.modules[a+d][c+b]= + 0<=d&&6>=d&&(0==b||6==b)||0<=b&&6>=b&&(0==d||6==d)||2<=d&&4>=d&&2<=b&&4>=b?!0:!1)},getBestMaskPattern:function(){for(var a=0,c=0,d=0;8>d;d++){this.makeImpl(!0,d);var b=j.getLostPoint(this);if(0==d||a>b)a=b,c=d}return c},createMovieClip:function(a,c,d){a=a.createEmptyMovieClip(c,d);this.make();for(c=0;c=f;f++)for(var i=-2;2>=i;i++)this.modules[b+f][e+i]=-2==f||2==f||-2==i||2==i||0==f&&0==i?!0:!1}},setupTypeNumber:function(a){for(var c= + j.getBCHTypeNumber(this.typeNumber),d=0;18>d;d++){var b=!a&&1==(c>>d&1);this.modules[Math.floor(d/3)][d%3+this.moduleCount-8-3]=b}for(d=0;18>d;d++)b=!a&&1==(c>>d&1),this.modules[d%3+this.moduleCount-8-3][Math.floor(d/3)]=b},setupTypeInfo:function(a,c){for(var d=j.getBCHTypeInfo(this.errorCorrectLevel<<3|c),b=0;15>b;b++){var e=!a&&1==(d>>b&1);6>b?this.modules[b][8]=e:8>b?this.modules[b+1][8]=e:this.modules[this.moduleCount-15+b][8]=e}for(b=0;15>b;b++)e=!a&&1==(d>>b&1),8>b?this.modules[8][this.moduleCount- + b-1]=e:9>b?this.modules[8][15-b-1+1]=e:this.modules[8][15-b-1]=e;this.modules[this.moduleCount-8][8]=!a},mapData:function(a,c){for(var d=-1,b=this.moduleCount-1,e=7,f=0,i=this.moduleCount-1;0g;g++)if(null==this.modules[b][i-g]){var n=!1;f>>e&1));j.getMask(c,b,i-g)&&(n=!n);this.modules[b][i-g]=n;e--; -1==e&&(f++,e=7)}b+=d;if(0>b||this.moduleCount<=b){b-=d;d=-d;break}}}};o.PAD0=236;o.PAD1=17;o.createData=function(a,c,d){for(var c=p.getRSBlocks(a, + c),b=new t,e=0;e8*a)throw Error("code length overflow. ("+b.getLengthInBits()+">"+8*a+")");for(b.getLengthInBits()+4<=8*a&&b.put(0,4);0!=b.getLengthInBits()%8;)b.putBit(!1);for(;!(b.getLengthInBits()>=8*a);){b.put(o.PAD0,8);if(b.getLengthInBits()>=8*a)break;b.put(o.PAD1,8)}return o.createBytes(b,c)};o.createBytes=function(a,c){for(var d= + 0,b=0,e=0,f=Array(c.length),i=Array(c.length),g=0;g>>=1;return c},getPatternPosition:function(a){return j.PATTERN_POSITION_TABLE[a-1]},getMask:function(a,c,d){switch(a){case 0:return 0==(c+d)%2;case 1:return 0==c%2;case 2:return 0==d%3;case 3:return 0==(c+d)%3;case 4:return 0==(Math.floor(c/2)+Math.floor(d/3))%2;case 5:return 0==c*d%2+c*d%3;case 6:return 0==(c*d%2+c*d%3)%2;case 7:return 0==(c*d%3+(c+d)%2)%2;default:throw Error("bad maskPattern:"+ +a);}},getErrorCorrectPolynomial:function(a){for(var c=new q([1],0),d=0;dc)switch(a){case 1:return 10;case 2:return 9;case s:return 8;case 8:return 8;default:throw Error("mode:"+a);}else if(27>c)switch(a){case 1:return 12;case 2:return 11;case s:return 16;case 8:return 10;default:throw Error("mode:"+a);}else if(41>c)switch(a){case 1:return 14;case 2:return 13;case s:return 16;case 8:return 12;default:throw Error("mode:"+ +a);}else throw Error("type:"+c);},getLostPoint:function(a){for(var c=a.getModuleCount(),d=0,b=0;b=g;g++)if(!(0>b+g||c<=b+g))for(var h=-1;1>=h;h++)0>e+h||c<=e+h||0==g&&0==h||i==a.isDark(b+g,e+h)&&f++;5a)throw Error("glog("+a+")");return l.LOG_TABLE[a]},gexp:function(a){for(;0>a;)a+=255;for(;256<=a;)a-=255;return l.EXP_TABLE[a]},EXP_TABLE:Array(256), + LOG_TABLE:Array(256)},m=0;8>m;m++)l.EXP_TABLE[m]=1<m;m++)l.EXP_TABLE[m]=l.EXP_TABLE[m-4]^l.EXP_TABLE[m-5]^l.EXP_TABLE[m-6]^l.EXP_TABLE[m-8];for(m=0;255>m;m++)l.LOG_TABLE[l.EXP_TABLE[m]]=m;q.prototype={get:function(a){return this.num[a]},getLength:function(){return this.num.length},multiply:function(a){for(var c=Array(this.getLength()+a.getLength()-1),d=0;d + this.getLength()-a.getLength())return this;for(var c=l.glog(this.get(0))-l.glog(a.get(0)),d=Array(this.getLength()),b=0;b>>7-a%8&1)},put:function(a,c){for(var d=0;d>>c-d-1&1))},getLengthInBits:function(){return this.length},putBit:function(a){var c=Math.floor(this.length/8);this.buffer.length<=c&&this.buffer.push(0);a&&(this.buffer[c]|=128>>>this.length%8);this.length++}};"string"===typeof h&&(h={text:h});h=r.extend({},{render:"canvas",width:256,height:256,typeNumber:-1, + correctLevel:2,background:"#ffffff",foreground:"#000000"},h);return this.each(function(){var a;if("canvas"==h.render){a=new o(h.typeNumber,h.correctLevel);a.addData(h.text);a.make();var c=document.createElement("canvas");c.width=h.width;c.height=h.height;for(var d=c.getContext("2d"),b=h.width/a.getModuleCount(),e=h.height/a.getModuleCount(),f=0;f").css("width",h.width+"px").css("height",h.height+"px").css("border","0px").css("border-collapse","collapse").css("background-color",h.background);d=h.width/a.getModuleCount();b=h.height/a.getModuleCount();for(e=0;e").css("height",b+"px").appendTo(c);for(i=0;i").css("width", + d+"px").css("background-color",a.isDark(e,i)?h.foreground:h.background).appendTo(f)}}a=c;jQuery(a).appendTo(this)})}})(jQuery); \ No newline at end of file diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/js/nav-menu.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/js/nav-menu.js new file mode 100644 index 00000000000..0a6e68fcdaa --- /dev/null +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/js/nav-menu.js @@ -0,0 +1,378 @@ +/* + * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +var modalPopup = ".wr-modalpopup", + modalPopupContainer = modalPopup + " .modalpopup-container", + modalPopupContent = modalPopup + " .modalpopup-content"; + +var emmAdminBasePath = "/api/device-mgt/v1.0"; + +//function openCollapsedNav() { +// $(".wr-hidden-nav-toggle-btn").addClass("active"); +// $("#hiddenNav").slideToggle("slideDown", function () { +// if ($(this).css("display") == "none") { +// $(".wr-hidden-nav-toggle-btn").removeClass("active"); +// } +// }); +//} + +/* + * set popup maximum height function. + */ +function setPopupMaxHeight() { + var maxHeight = "max-height"; + var marginTop = "margin-top"; + var body = "body"; + $(modalPopupContent).css(maxHeight, ($(body).height() - ($(body).height() / 100 * 30))); + $(modalPopupContainer).css(marginTop, (-($(modalPopupContainer).height() / 2))); +} + +/* + * show popup function. + */ +function showPopup() { + $(modalPopup).show(); + setPopupMaxHeight(); +} + +/* + * hide popup function. + */ +function hidePopup() { + $(modalPopupContent).html(""); + $(modalPopupContent).removeClass("operation-data"); + $(modalPopup).hide(); +} + +/* + * QR-code generation function. + */ +function generateQRCode(qrCodeClass) { + var enrollmentURL = $("#qr-code-modal").data("enrollment-url"); + $(qrCodeClass).qrcode({ + text: enrollmentURL, + width: 200, + height: 200 + }); +} + +function toggleEnrollment() { + $(".modalpopup-content").html($("#qr-code-modal").html()); + generateQRCode(".modalpopup-content .qr-code"); + showPopup(); +} + +var updateNotificationCount = function (data, textStatus, jqXHR) { + if (jqXHR.status == 200 && data) { + var responsePayload = JSON.parse(data); + var newNotificationsCount = responsePayload.count; + if (newNotificationsCount > 0) { + $("#notification-bubble").html(newNotificationsCount); + } +// } else { +// $("#notification-bubble").html("Error"); +// } + } +}; + +function loadNotificationsPanel() { + if ("true" == $("#right-sidebar").attr("is-authorized")) { + var serviceURL = emmAdminBasePath + "/notifications?status=NEW"; + invokerUtil.get(serviceURL, updateNotificationCount, hideNotificationCount); + loadNewNotifications(); + } else { + $("#notification-bubble-wrapper").remove(); + } +} + +function hideNotificationCount(jqXHR) { + if (jqXHR.status == 404) { + // this means "no new notifications to show" + $("#notification-bubble").hide(); + } else { + $("#notification-bubble").html("Error"); + } +} + +function loadNewNotifications() { + var messageSideBar = ".sidebar-messages"; + if ($("#right-sidebar").attr("is-authorized") == "true") { + var notifications = $("#notifications"); + var currentUser = notifications.data("currentUser"); + + $.template("notification-listing", notifications.attr("src"), function (template) { + var serviceURL = emmAdminBasePath + "/notifications?status=NEW"; + + var successCallback = function (data, textStatus, jqXHR) { + if (jqXHR.status == 200 && data) { + var viewModel = {}; + var responsePayload = JSON.parse(data); + + if (responsePayload.notifications) { + viewModel.notifications = responsePayload.notifications; + if (responsePayload.count > 0) { + $(messageSideBar).html(template(viewModel)); + } else { + $(messageSideBar).html("

    No new notifications found...

    "); + } + } else { + $(messageSideBar).html("

    Unexpected error occurred while loading new notifications.

    "); + } + } + }; + var errorCallback = function (jqXHR) { + if (jqXHR.status = 500) { + $(messageSideBar).html("

    Unexpected error occurred while trying " + + "to retrieve any new notifications.

    "); + } + }; + invokerUtil.get(serviceURL, successCallback, errorCallback); + }); + } else { + $(messageSideBar).html("

    You are not authorized to view notifications

    "); + } +} + +/** + * Toggle function for + * notification listing sidebar. + * @return {Null} + */ +$.sidebar_toggle = function (action, target, container) { + var elem = '[data-toggle=sidebar]', + button, + containerOffsetLeft, + containerOffsetRight, + targetOffsetLeft, + targetOffsetRight, + targetWidth, + targetSide, + relationship, + pushType, + buttonParent; + + var sidebar_window = { + update: function (target, container, button) { + containerOffsetLeft = $(container).data('offset-left') ? $(container).data('offset-left') : 0; + containerOffsetRight = $(container).data('offset-right') ? $(container).data('offset-right') : 0; + targetOffsetLeft = $(target).data('offset-left') ? $(target).data('offset-left') : 0; + targetOffsetRight = $(target).data('offset-right') ? $(target).data('offset-right') : 0; + targetWidth = $(target).data('width'); + targetSide = $(target).data("side"); + pushType = $(container).parent().is('body') == true ? 'padding' : 'margin'; + + if (button !== undefined) { + relationship = button.attr('rel') ? button.attr('rel') : ''; + buttonParent = $(button).parent(); + } + }, + + show: function () { + if ($(target).data('sidebar-fixed') == true) { + $(target).height($(window).height() - $(target).data('fixed-offset')); + } + $(target).trigger('show.sidebar'); + if (targetWidth !== undefined) { + $(target).css('width', targetWidth); + } + $(target).addClass('toggled'); + if (button !== undefined) { + if (relationship !== '') { + // Removing active class from all relative buttons + $(elem + '[rel=' + relationship + ']:not([data-handle=close])').removeClass("active"); + $(elem + '[rel=' + relationship + ']:not([data-handle=close])').attr('aria-expanded', 'false'); + } + // Adding active class to button + if (button.attr('data-handle') !== 'close') { + button.addClass("active"); + button.attr('aria-expanded', 'true'); + } + if (buttonParent.is('li')) { + if (relationship !== '') { + $(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent().removeClass("active"); + $(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent(). + attr('aria-expanded', 'false'); + } + buttonParent.addClass("active"); + buttonParent.attr('aria-expanded', 'true'); + } + } + // Sidebar open function + if (targetSide == 'left') { + if ((button !== undefined) && (button.attr('data-container-divide'))) { + $(container).css(pushType + '-' + targetSide, targetWidth + targetOffsetLeft); + } + $(target).css(targetSide, targetOffsetLeft); + } else if (targetSide == 'right') { + if ((button !== undefined) && (button.attr('data-container-divide'))) { + $(container).css(pushType + '-' + targetSide, targetWidth + targetOffsetRight); + } + $(target).css(targetSide, targetOffsetRight); + } + $(target).trigger('shown.sidebar'); + }, + + hide: function () { + $(target).trigger('hide.sidebar'); + $(target).removeClass('toggled'); + if (button !== undefined) { + if (relationship !== '') { + // Removing active class from all relative buttons + $(elem + '[rel=' + relationship + ']:not([data-handle=close])').removeClass("active"); + $(elem + '[rel=' + relationship + ']:not([data-handle=close])').attr('aria-expanded', 'false'); + } + // Removing active class from button + if (button.attr('data-handle') !== 'close') { + button.removeClass("active"); + button.attr('aria-expanded', 'false'); + } + if ($(button).parent().is('li')) { + if (relationship !== '') { + $(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent().removeClass("active"); + $(elem + '[rel=' + relationship + ']:not([data-handle=close])').parent(). + attr('aria-expanded', 'false'); + } + } + } + // Sidebar close function + if (targetSide == 'left') { + if ((button !== undefined) && (button.attr('data-container-divide'))) { + $(container).css(pushType + '-' + targetSide, targetOffsetLeft); + } + $(target).css(targetSide, -Math.abs(targetWidth + targetOffsetLeft)); + } else if (targetSide == 'right') { + if ((button !== undefined) && (button.attr('data-container-divide'))) { + $(container).css(pushType + '-' + targetSide, targetOffsetRight); + } + $(target).css(targetSide, -Math.abs(targetWidth + targetOffsetRight)); + } + $(target).trigger('hidden.sidebar'); + } + }; + if (action === 'show') { + sidebar_window.update(target, container); + sidebar_window.show(); + } + if (action === 'hide') { + sidebar_window.update(target, container); + sidebar_window.hide(); + } + // binding click function + var body = 'body'; + $(body).off('click', elem); + $(body).on('click', elem, function (e) { + e.preventDefault(); + button = $(this); + container = button.data('container'); + target = button.data('target'); + sidebar_window.update(target, container, button); + /** + * Sidebar function on data container divide + * @return {Null} + */ + if (button.attr('aria-expanded') == 'false') { + sidebar_window.show(); + } else if (button.attr('aria-expanded') == 'true') { + sidebar_window.hide(); + } + }); +}; + +$.fn.collapse_nav_sub = function () { + var navSelector = 'ul.nav'; + + if (!$(navSelector).hasClass('collapse-nav-sub')) { + $(navSelector + ' > li', this).each(function () { + var position = $(this).offset().left - $(this).parent().scrollLeft(); + $(this).attr('data-absolute-position', (position + 5)); + }); + + $(navSelector + ' li', this).each(function () { + if ($('ul', this).length !== 0) { + $(this).addClass('has-sub'); + } + }); + + $(navSelector + ' > li', this).each(function () { + $(this).css({ + 'left': $(this).data('absolute-position'), + 'position': 'absolute' + }); + }); + + $(navSelector + ' li.has-sub', this).on('click', function () { + var elem = $(this); + if (elem.attr('aria-expanded') !== 'true') { + elem.siblings().fadeOut(100, function () { + elem.animate({'left': '15'}, 200, function () { + $(elem).first().children('ul').fadeIn(200); + }); + }); + elem.siblings().attr('aria-expanded', 'false'); + elem.attr('aria-expanded', 'true'); + } else { + $(elem).first().children('ul').fadeOut(100, function () { + elem.animate({'left': $(elem).data('absolute-position')}, 200, function () { + elem.siblings().fadeIn(100); + }); + }); + elem.siblings().attr('aria-expanded', 'false'); + elem.attr('aria-expanded', 'false'); + } + }); + + $(navSelector + ' > li.has-sub ul', this).on('click', function (e) { + e.stopPropagation(); + }); + $(navSelector).addClass('collapse-nav-sub'); + } +}; + +$(document).ready(function () { + loadNotificationsPanel(); + $.sidebar_toggle(); + + $("#right-sidebar").on("click", ".new-notification", function () { + var notificationId = $(this).data("id"); + var redirectUrl = $(this).data("url"); + var markAsReadNotificationsAPI = "/mdm-admin/notifications/" + notificationId + "/CHECKED"; + var messageSideBar = ".sidebar-messages"; + + invokerUtil.put( + markAsReadNotificationsAPI, + null, + function (data) { + data = JSON.parse(data); + if (data.statusCode == responseCodes["ACCEPTED"]) { + location.href = redirectUrl; + } + }, function () { + var content = "

  • Warning

    " + + "

    Unexpected error occurred while loading notification. Please refresh the page and" + + " try again

    • "; + $(messageSideBar).html(content); + } + ); + }); + + if (typeof $.fn.collapse == 'function') { + $('.navbar-collapse.tiles').on('shown.bs.collapse', function () { + $(this).collapse_nav_sub(); + }); + } +}); diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/templates/notifications.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/templates/notifications.hbs new file mode 100644 index 00000000000..30cf5fb41fb --- /dev/null +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/public/templates/notifications.hbs @@ -0,0 +1,14 @@ +{{#each notifications}} +
  • +

    + + + Device Type : {{deviceIdentifier.type}} + +

    +

    {{description}}

    +
    • +{{/each}} \ No newline at end of file From d2ec81b12b5aec44e9f5ba6d5bdfe71b930a8eda Mon Sep 17 00:00:00 2001 From: dilanua Date: Tue, 26 Jul 2016 17:35:50 +0530 Subject: [PATCH 04/14] Refactoring oauth token handling functions and dependants --- .../devicemgt/app/modules/api-wrapper-util.js | 2 +- .../devicemgt/app/modules/backend-service-invoker.js | 12 ++++++------ .../jaggeryapps/devicemgt/app/modules/util.js | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/api-wrapper-util.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/api-wrapper-util.js index 0db3225031f..6c7108e3b3c 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/api-wrapper-util.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/api-wrapper-util.js @@ -31,7 +31,7 @@ var apiWrapperUtil = function () { log.error("Could not set up encoded tenant based client credentials " + "to session context. No username is found as input."); } else { - var dynamicClientCredentials = tokenUtil.getDyanmicClientCredentials(); + var dynamicClientCredentials = tokenUtil.getDynamicClientCredentials(); if (!dynamicClientCredentials) { log.error("Could not set up encoded tenant based client credentials " + "to session context as the server is unable to obtain dynamic client credentials."); diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/backend-service-invoker.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/backend-service-invoker.js index e93fe88aaac..36c9f8a075a 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/backend-service-invoker.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/backend-service-invoker.js @@ -43,7 +43,7 @@ var backendServiceInvoker = function () { privateMethods.getAccessToken = function () { var tokenPair = parse(session.get(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"])); if (tokenPair) { - return tokenPair.accessToken; + return tokenPair["accessToken"]; } else { return null; } @@ -78,7 +78,7 @@ var backendServiceInvoker = function () { }); } else { xmlHttpRequest. - setRequestHeader(constants["AUTHORIZATION_HEADER"], constants["BEARER_PREFIX"] + accessToken); + setRequestHeader(constants["AUTHORIZATION_HEADER"], constants["BEARER_PREFIX"] + accessToken); } } @@ -307,7 +307,7 @@ var backendServiceInvoker = function () { publicHTTPClientInvokers.get = function (url, successCallback, errorCallback) { var requestPayload = null; return privateMethods. - initiateHTTPClientRequest(constants["HTTP_GET"], url, successCallback, errorCallback, requestPayload); + initiateHTTPClientRequest(constants["HTTP_GET"], url, successCallback, errorCallback, requestPayload); }; /** @@ -319,7 +319,7 @@ var backendServiceInvoker = function () { */ publicHTTPClientInvokers.post = function (url, payload, successCallback, errorCallback) { return privateMethods. - initiateHTTPClientRequest(constants["HTTP_POST"], url, successCallback, errorCallback, payload); + initiateHTTPClientRequest(constants["HTTP_POST"], url, successCallback, errorCallback, payload); }; /** @@ -331,7 +331,7 @@ var backendServiceInvoker = function () { */ publicHTTPClientInvokers.put = function (url, payload, successCallback, errorCallback) { return privateMethods. - initiateHTTPClientRequest(constants["HTTP_PUT"], url, successCallback, errorCallback, payload); + initiateHTTPClientRequest(constants["HTTP_PUT"], url, successCallback, errorCallback, payload); }; /** @@ -343,7 +343,7 @@ var backendServiceInvoker = function () { publicHTTPClientInvokers.delete = function (url, successCallback, errorCallback) { var requestPayload = null; return privateMethods. - initiateHTTPClientRequest(constants["HTTP_DELETE"], url, successCallback, errorCallback, requestPayload); + initiateHTTPClientRequest(constants["HTTP_DELETE"], url, successCallback, errorCallback, requestPayload); }; var publicMethods = {}; diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/util.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/util.js index 921850ca648..d1afc795d3c 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/util.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/util.js @@ -27,7 +27,7 @@ var util = function () { var adminUser = devicemgtProps["adminUser"]; var clientName = devicemgtProps["clientName"]; - module.getDyanmicCredentials = function (owner) { + module.getDynamicClientCredentials = function () { var payload = { "callbackUrl": devicemgtProps.callBackUrl, "clientName": clientName, From 5bc7cf7c309246c361ca762e400ae446622a0535 Mon Sep 17 00:00:00 2001 From: prabathabey Date: Tue, 26 Jul 2016 18:32:00 +0530 Subject: [PATCH 05/14] Simplifying operation management related implementations --- .../operation/mgt/OperationManagerImpl.java | 306 +++++------------- 1 file changed, 87 insertions(+), 219 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java index d7dd0e5a70d..f53c2a116f3 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java @@ -141,7 +141,6 @@ public class OperationManagerImpl implements OperationManager { } finally { OperationManagementDAOFactory.closeConnection(); } - } private List getAuthorizedDevices( @@ -161,26 +160,6 @@ public class OperationManagerImpl implements OperationManager { return authorizedDeviceList; } - private List getEnrollmentsByStatus( - List deviceIds) throws OperationManagementException { - List enrolments; - int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - try { - DeviceManagementDAOFactory.openConnection(); - enrolments = deviceDAO.getEnrolmentsByStatus(deviceIds, EnrolmentInfo.Status.ACTIVE, tenantId); - } catch (SQLException e) { - throw new OperationManagementException("Error occurred while opening a connection the data " + - "source", e); - } catch (DeviceManagementDAOException e) { - OperationManagementDAOFactory.rollbackTransaction(); - throw new OperationManagementException( - "Error occurred while retrieving enrollments by status", e); - } finally { - DeviceManagementDAOFactory.closeConnection(); - } - return enrolments; - } - private Device getDevice(DeviceIdentifier deviceId) throws OperationManagementException { int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); try { @@ -200,39 +179,19 @@ public class OperationManagerImpl implements OperationManager { @Override public List getOperations(DeviceIdentifier deviceId) throws OperationManagementException { - int enrolmentId; List operations = null; - try { - boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). - isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); - if (!isUserAuthorized) { - throw new UnauthorizedDeviceAccessException("User '" + getUser() + "' is not authorized to " + - "fetch operations on device '" + deviceId.getId() + "'"); - } - } catch (DeviceAccessAuthorizationException e) { - throw new OperationManagementException("Error occurred while authorizing access to the devices for user : " + - this.getUser(), e); + + if (!isActionAuthorized(deviceId)) { + throw new OperationManagementException("User '" + getUser() + "' is not authorized to access the '" + + deviceId.getType() + "' device, which carries the identifier '" + deviceId.getId() + "'"); } - try { - DeviceManagementDAOFactory.openConnection(); - int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); - } catch (DeviceManagementDAOException e) { - throw new OperationManagementException("Error occurred while retrieving metadata of '" + - deviceId.getType() + "' device carrying the identifier '" + - deviceId.getId() + "'"); - } catch (SQLException e) { - throw new OperationManagementException( - "Error occurred while opening a connection to the data source", e); - } finally { - DeviceManagementDAOFactory.closeConnection(); + int enrolmentId = this.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE); + if (enrolmentId < 0) { + return null; } try { - if (enrolmentId < 0) { - return null; - } OperationManagementDAOFactory.openConnection(); List operationList = operationDAO.getOperationsForDevice(enrolmentId); @@ -259,42 +218,22 @@ public class OperationManagerImpl implements OperationManager { public PaginationResult getOperations(DeviceIdentifier deviceId, PaginationRequest request) throws OperationManagementException { PaginationResult paginationResult = null; - int enrolmentId; List operations = new ArrayList<>(); - try { - boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). - isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); - if (!isUserAuthorized) { - log.error("User : " + getUser() + " is not authorized to fetch operations on device : " + - deviceId.getId()); - } - } catch (DeviceAccessAuthorizationException e) { - throw new OperationManagementException("Error occurred while authorizing access to the devices for user : " + - this.getUser(), e); + + if (!isActionAuthorized(deviceId)) { + throw new OperationManagementException("User '" + getUser() + "' is not authorized to access the '" + + deviceId.getType() + "' device, which carries the identifier '" + deviceId.getId() + "'"); } - try { - DeviceManagementDAOFactory.openConnection(); - int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); - } catch (SQLException e) { - throw new OperationManagementException( - "Error occurred while opening a connection to the data source", e); - } catch (DeviceManagementDAOException e) { - throw new OperationManagementException("Error occurred while retrieving metadata of '" + - deviceId.getType() + "' device carrying the identifier '" + - deviceId.getId() + "'"); - } finally { - DeviceManagementDAOFactory.closeConnection(); + int enrolmentId = this.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE); + if (enrolmentId < 0) { + throw new OperationManagementException("Device not found for given device " + + "Identifier:" + deviceId.getId() + " and given type" + + deviceId.getType()); } try { OperationManagementDAOFactory.openConnection(); - if (enrolmentId < 0) { - throw new OperationManagementException("Device not found for given device " + - "Identifier:" + deviceId.getId() + " and given type" + - deviceId.getType()); - } List operationList = operationDAO.getOperationsForDevice(enrolmentId, request); for (org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation dtoOperation : operationList) { @@ -326,43 +265,23 @@ public class OperationManagerImpl implements OperationManager { if (log.isDebugEnabled()) { log.debug("Device identifier id:[" + deviceId.getId() + "] type:[" + deviceId.getType() + "]"); } - int enrolmentId; List operations = new ArrayList<>(); List dtoOperationList = new ArrayList<>(); - try { - boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). - isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); - if (!isUserAuthorized) { - log.error("User : " + getUser() + " is not authorized to fetch operations on device : " - + deviceId.getId()); - } - } catch (DeviceAccessAuthorizationException e) { - throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" + - this.getUser(), e); + + if (!isActionAuthorized(deviceId)) { + throw new OperationManagementException("User '" + getUser() + "' is not authorized to access the '" + + deviceId.getType() + "' device, which carries the identifier '" + deviceId.getId() + "'"); } - try { - DeviceManagementDAOFactory.openConnection(); - int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); - } catch (SQLException e) { - throw new OperationManagementException( - "Error occurred while opening a connection to the data source", e); - } catch (DeviceManagementDAOException e) { - throw new OperationManagementException("Error occurred while retrieving the device " + - "for device Identifier type -'" + deviceId.getType() + - "' and device Id '" + deviceId.getId() + "'", e); - } finally { - DeviceManagementDAOFactory.closeConnection(); + int enrolmentId = this.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE); + if (enrolmentId < 0) { + throw new OperationManagementException("Device not found for the given device Identifier:" + + deviceId.getId() + " and given type:" + + deviceId.getType()); } try { OperationManagementDAOFactory.openConnection(); - if (enrolmentId < 0) { - throw new OperationManagementException("Device not found for the given device Identifier:" + - deviceId.getId() + " and given type:" + - deviceId.getType()); - } dtoOperationList.addAll(commandOperationDAO.getOperationsByDeviceAndStatus( enrolmentId, org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation.Status.PENDING)); dtoOperationList.addAll(configOperationDAO.getOperationsByDeviceAndStatus( @@ -396,41 +315,21 @@ public class OperationManagerImpl implements OperationManager { log.debug("device identifier id:[" + deviceId.getId() + "] type:[" + deviceId.getType() + "]"); } Operation operation = null; - int enrolmentId; - try { - boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). - isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); - if (!isUserAuthorized) { - log.error("User : " + getUser() + " is not authorized to fetch operations on device : " - + deviceId.getId()); - } - } catch (DeviceAccessAuthorizationException e) { - throw new OperationManagementException("Error occurred while authorizing access to the devices for user : " + - this.getUser(), e); + + if (!isActionAuthorized(deviceId)) { + throw new OperationManagementException("User '" + getUser() + "' is not authorized to access the '" + + deviceId.getType() + "' device, which carries the identifier '" + deviceId.getId() + "'"); } - try { - DeviceManagementDAOFactory.openConnection(); - int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); - } catch (DeviceManagementDAOException e) { - throw new OperationManagementException("Error occurred while retrieving the device " + - "for device Identifier type -'" + deviceId.getType() + - "' and device Id '" + deviceId.getId(), e); - } catch (SQLException e) { - throw new OperationManagementException( - "Error occurred while opening a connection to the data source", e); - } finally { - DeviceManagementDAOFactory.closeConnection(); + int enrolmentId = this.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE); + if (enrolmentId < 0) { + throw new OperationManagementException("Device not found for given device " + + "Identifier:" + deviceId.getId() + " and given type" + + deviceId.getType()); } try { OperationManagementDAOFactory.openConnection(); - if (enrolmentId < 0) { - throw new OperationManagementException("Device not found for given device " + - "Identifier:" + deviceId.getId() + " and given type" + - deviceId.getType()); - } org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation dtoOperation = operationDAO. getNextOperation(enrolmentId); if (dtoOperation != null) { @@ -470,35 +369,14 @@ public class OperationManagerImpl implements OperationManager { if (log.isDebugEnabled()) { log.debug("operation Id:" + operationId + " status:" + operation.getStatus()); } - int enrolmentId; - try { - boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). - isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); - if (!isUserAuthorized) { - log.error("User : " + getUser() + " is not authorized to update operations on device : " - + deviceId.getId()); - } - } catch (DeviceAccessAuthorizationException e) { - throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" + - this.getUser(), e); - } - try { - DeviceManagementDAOFactory.openConnection(); - int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); - } catch (SQLException e) { - throw new OperationManagementException("Error occurred while opening a connection to the" + - " data source", e); - } catch (DeviceManagementDAOException e) { - OperationManagementDAOFactory.rollbackTransaction(); - throw new OperationManagementException( - "Error occurred while fetching the device for device identifier: " + deviceId.getId() + - "type:" + deviceId.getType(), e); - } finally { - DeviceManagementDAOFactory.closeConnection(); + if (!isActionAuthorized(deviceId)) { + throw new OperationManagementException("User '" + getUser() + "' is not authorized to access the '" + + deviceId.getType() + "' device, which carries the identifier '" + deviceId.getId() + "'"); } + int enrolmentId = this.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE); + try { OperationManagementDAOFactory.beginTransaction(); boolean isUpdated = false; @@ -547,45 +425,25 @@ public class OperationManagerImpl implements OperationManager { @Override public Operation getOperationByDeviceAndOperationId(DeviceIdentifier deviceId, int operationId) throws OperationManagementException { - int enrolmentId; Operation operation = null; if (log.isDebugEnabled()) { log.debug("Operation Id: " + operationId + " Device Type: " + deviceId.getType() + " Device Identifier: " + deviceId.getId()); } - try { - boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). - isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); - if (!isUserAuthorized) { - log.error("User : " + getUser() + " is not authorized to fetch operations on device : " - + deviceId.getId()); - } - } catch (DeviceAccessAuthorizationException e) { - throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" + - this.getUser(), e); + + if (!isActionAuthorized(deviceId)) { + throw new OperationManagementException("User '" + getUser() + "' is not authorized to access the '" + + deviceId.getType() + "' device, which carries the identifier '" + deviceId.getId() + "'"); } - try { - DeviceManagementDAOFactory.openConnection(); - int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); - } catch (DeviceManagementDAOException e) { - throw new OperationManagementException("Error occurred while retrieving the device " + - "for device Identifier type -'" + deviceId.getType() + - "' and device Id '" + deviceId.getId() + "'", e); - } catch (SQLException e) { - throw new OperationManagementException("Error occurred while opening connection to the data source", - e); - } finally { - DeviceManagementDAOFactory.closeConnection(); + int enrolmentId = this.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE); + if (enrolmentId < 0) { + throw new OperationManagementException("Device not found for given device identifier: " + + deviceId.getId() + " type: " + deviceId.getType()); } try { OperationManagementDAOFactory.openConnection(); - if (enrolmentId < 0) { - throw new OperationManagementException("Device not found for given device identifier: " + - deviceId.getId() + " type: " + deviceId.getType()); - } org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation dtoOperation = operationDAO. getOperationByDeviceAndId(enrolmentId, operationId); if (dtoOperation.getType(). @@ -630,43 +488,21 @@ public class OperationManagerImpl implements OperationManager { DeviceIdentifier deviceId, Operation.Status status) throws OperationManagementException { List operations = new ArrayList<>(); List dtoOperationList = new ArrayList<>(); - int enrolmentId; - try { - boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). - isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); - if (!isUserAuthorized) { - log.info("User : " + getUser() + " is not authorized to fetch operations on device : " - + deviceId.getId()); - } - } catch (DeviceAccessAuthorizationException e) { - throw new OperationManagementException("Error occurred while authorizing access to the devices for user :" + - this.getUser(), e); + + if (!isActionAuthorized(deviceId)) { + throw new OperationManagementException("User '" + getUser() + "' is not authorized to access the '" + + deviceId.getType() + "' device, which carries the identifier '" + deviceId.getId() + "'"); } - try { - DeviceManagementDAOFactory.openConnection(); - int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); - enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE, tenantId); - } catch (DeviceManagementDAOException e) { - throw new OperationManagementException("Error occurred while retrieving the device " + - "for device Identifier type -'" + deviceId.getType() + - "' and device Id '" + deviceId.getId(), e); - } catch (SQLException e) { + int enrolmentId = this.getEnrolmentByStatus(deviceId, EnrolmentInfo.Status.ACTIVE); + if (enrolmentId < 0) { throw new OperationManagementException( - "Error occurred while opening a connection to the data source", e); - } finally { - DeviceManagementDAOFactory.closeConnection(); + "Device not found for device id:" + deviceId.getId() + " " + "type:" + + deviceId.getType()); } try { OperationManagementDAOFactory.openConnection(); - - if (enrolmentId < 0) { - throw new OperationManagementException( - "Device not found for device id:" + deviceId.getId() + " " + "type:" + - deviceId.getType()); - } - org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation.Status dtoOpStatus = org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation.Status.valueOf(status.toString()); dtoOperationList.addAll(commandOperationDAO.getOperationsByDeviceAndStatus(enrolmentId, dtoOpStatus)); @@ -920,4 +756,36 @@ public class OperationManagerImpl implements OperationManager { return status; } + private boolean isActionAuthorized(DeviceIdentifier deviceId) { + boolean isUserAuthorized; + try { + isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). + isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS); + } catch (DeviceAccessAuthorizationException e) { + log.error("Error occurred while trying to authorize current user upon the invoked operation", e); + return false; + } + return isUserAuthorized; + } + + private int getEnrolmentByStatus(DeviceIdentifier deviceId, + EnrolmentInfo.Status status) throws OperationManagementException { + int enrolmentId; + try { + DeviceManagementDAOFactory.openConnection(); + int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); + enrolmentId = deviceDAO.getEnrolmentByStatus(deviceId, status, tenantId); + } catch (DeviceManagementDAOException e) { + throw new OperationManagementException("Error occurred while retrieving metadata of '" + + deviceId.getType() + "' device carrying the identifier '" + + deviceId.getId() + "'"); + } catch (SQLException e) { + throw new OperationManagementException( + "Error occurred while opening a connection to the data source", e); + } finally { + DeviceManagementDAOFactory.closeConnection(); + } + return enrolmentId; + } + } From e27905792f39f1166eb6e63b37b3ca7fd3031934 Mon Sep 17 00:00:00 2001 From: prabathabey Date: Tue, 26 Jul 2016 19:14:43 +0530 Subject: [PATCH 06/14] Code cleanup --- .../device/mgt/core/operation/mgt/OperationManagerImpl.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java index f53c2a116f3..5dbe2870b20 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java @@ -778,7 +778,7 @@ public class OperationManagerImpl implements OperationManager { } catch (DeviceManagementDAOException e) { throw new OperationManagementException("Error occurred while retrieving metadata of '" + deviceId.getType() + "' device carrying the identifier '" + - deviceId.getId() + "'"); + deviceId.getId() + "'", e); } catch (SQLException e) { throw new OperationManagementException( "Error occurred while opening a connection to the data source", e); From c63818b78f2e96c947e27fda9cf235ceba4cb334 Mon Sep 17 00:00:00 2001 From: prabathabey Date: Tue, 26 Jul 2016 19:31:44 +0530 Subject: [PATCH 07/14] Avoiding multiple device data getting retrieved upon the same id --- .../carbon/device/mgt/core/dao/impl/AbstractDeviceDAOImpl.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/dao/impl/AbstractDeviceDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/dao/impl/AbstractDeviceDAOImpl.java index 30d177efc29..44bdd5ba454 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/dao/impl/AbstractDeviceDAOImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/dao/impl/AbstractDeviceDAOImpl.java @@ -748,7 +748,7 @@ public abstract class AbstractDeviceDAOImpl implements DeviceDAO { ResultSet rs = null; try { conn = this.getConnection(); - String sql = "SELECT ID AS ENROLMENT_ID FROM DM_ENROLMENT WHERE DEVICE_ID = (SELECT d.ID " + + String sql = "SELECT ID AS ENROLMENT_ID FROM DM_ENROLMENT WHERE DEVICE_ID = (SELECT DISTINCT d.ID " + "FROM DM_DEVICE d, DM_DEVICE_TYPE t WHERE d.DEVICE_TYPE_ID = t.ID " + "AND d.DEVICE_IDENTIFICATION = ? AND t.NAME = ? AND d.TENANT_ID = ?) " + "AND STATUS = ? AND TENANT_ID = ?"; From 0d94a293a4359a15dfec620580b3a757fc01c732 Mon Sep 17 00:00:00 2001 From: Ace Date: Tue, 26 Jul 2016 20:57:38 +0530 Subject: [PATCH 08/14] Adding notification and fixing QR code --- .../app/units/cdmf.unit.lib.qrcode/qrcode.hbs | 19 ++++--- .../cdmf.unit.ui.navbar.nav-menu/nav-menu.hbs | 24 --------- .../cdmf.unit.ui.navbar.nav-menu/nav-menu.js | 50 +++++++++++++++---- .../public/js/nav-menu.js | 27 ---------- .../public/templates/notifications.hbs | 20 ++++---- 5 files changed, 61 insertions(+), 79 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.lib.qrcode/qrcode.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.lib.qrcode/qrcode.hbs index 4a5b9a3cb9d..30912b71d40 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.lib.qrcode/qrcode.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.lib.qrcode/qrcode.hbs @@ -16,8 +16,8 @@ under the License. }} {{#zone "bottomJs"}} - {{js "js/jquery.qrcode.min.js"}} - + + {{/zone}} diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/nav-menu.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/nav-menu.hbs index 215a4950680..4aa6a9fdb0b 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/nav-menu.hbs +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.navbar.nav-menu/nav-menu.hbs @@ -99,29 +99,6 @@ {{/zone}} - -{{#zone "navbarBelow"}} - -{{/zone}} {{#zone "sidePanes"}}