From 6a0c0cb299416a2b9a3f8e94b6708845a5b435a4 Mon Sep 17 00:00:00 2001
From: ayyoob <ayyoobhamza@gmail.com>
Date: Thu, 2 Mar 2017 20:27:32 +0530
Subject: [PATCH 1/2] added default permissions

---
 .../resources/jaggeryapps/devicemgt/app/conf/app-conf.json   | 2 +-
 .../devicemgt/app/modules/business-controllers/user.js       | 2 +-
 .../main/resources/jaggeryapps/devicemgt/app/modules/init.js | 5 ++++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/app-conf.json b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/app-conf.json
index 6171219bb9..4be20160d3 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/app-conf.json
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/conf/app-conf.json
@@ -30,7 +30,7 @@
             "enabled": true,
             "issuer" : "devicemgt",
             "appName" : "devicemgt",
-            "identityProviderUrl" : "https://%carbon.local.ip%:%iot.keymanager.https.port%/samlsso",
+            "identityProviderUrl" : "https://%iot.keymanager.host%:%iot.keymanager.https.port%/samlsso",
             "acs": "https://%iot.manager.host%:%iot.manager.https.port%/devicemgt/uuf/sso/acs",
             "identityAlias": "wso2carbon",
             "responseSigningEnabled" : true,
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js
index 8de168ccea..d1b2838985 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js
@@ -511,7 +511,7 @@ var userModule = function () {
             permissions["LIST_DEVICES"] = true;
             permissions["LIST_OWN_DEVICES"] = true;
         }
-        if (publicMethods.isAuthorized("/permission/admin/device-mgt/devices/owning-device")) {
+        if (publicMethods.isAuthorized("/permission/admin/device-mgt/devices/owning-device/view")) {
             permissions["LIST_OWN_DEVICES"] = true;
         }
         if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/groups/view")) {
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/init.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/init.js
index 457e4e1b08..beaa90c56b 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/init.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/init.js
@@ -30,7 +30,10 @@ application.put("carbonServer", carbonServer);
 
 var permissions = {
     "/permission/admin/Login": ["ui.execute"],
-    "/permission/admin/device-mgt/device/api/subscribe": ["ui.execute"]
+    "/permission/admin/device-mgt/device/api/subscribe": ["ui.execute"],
+	"/permission/admin/device-mgt/devices/enroll": ["ui.execute"],
+	"/permission/admin/device-mgt/devices/disenroll": ["ui.execute"],
+	"/permission/admin/device-mgt/devices/owning-device/view": ["ui.execute"]
 };
 
 var adminPermissions = {

From 5e4b0564b78b8673333e5c22e8795d3ef80c4d82 Mon Sep 17 00:00:00 2001
From: ayyoob <ayyoobhamza@gmail.com>
Date: Fri, 3 Mar 2017 17:02:36 +0530
Subject: [PATCH 2/2] added permission fix for operation and synchronised
 application creation to avoid duplicate subscription

---
 .../api/ApiApplicationRegistrationServiceImpl.java | 14 ++++++++------
 .../extension/api/util/RegistrationProfile.java    | 10 ++++++++++
 .../app/modules/business-controllers/operation.js  | 10 ++++++++++
 3 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java
index 65392645ea..4656653988 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java
@@ -107,12 +107,14 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
                 validityPeriod = registrationProfile.getValidityPeriod();
             }
 
-            String applicationName = "devicetype_app_" + StringUtils.join(registrationProfile.getTags(), "_");
-            ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(
-                    applicationName, registrationProfile.getTags(),
-                    ApiApplicationConstants.DEFAULT_TOKEN_TYPE, username,
-                    registrationProfile.isAllowedToAllDomains(), validityPeriod);
-            return Response.status(Response.Status.CREATED).entity(apiApplicationKey.toString()).build();
+            String applicationName = registrationProfile.getApplicationName();
+            synchronized (ApiApplicationRegistrationServiceImpl.class) {
+                ApiApplicationKey apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(
+                        applicationName, registrationProfile.getTags(),
+                        ApiApplicationConstants.DEFAULT_TOKEN_TYPE, username,
+                        registrationProfile.isAllowedToAllDomains(), validityPeriod);
+                return Response.status(Response.Status.CREATED).entity(apiApplicationKey.toString()).build();
+            }
         } catch (APIManagerException e) {
             String msg = "Error occurred while registering an application with apis '"
                     + StringUtils.join(registrationProfile.getTags(), ",") + "'";
diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/util/RegistrationProfile.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/util/RegistrationProfile.java
index 2111753efe..44cc5554fc 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/util/RegistrationProfile.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/util/RegistrationProfile.java
@@ -30,6 +30,8 @@ import javax.xml.bind.annotation.XmlRootElement;
 
 @JsonIgnoreProperties(ignoreUnknown = true)
 public class RegistrationProfile {
+    @XmlElement(required = true)
+    private String applicationName;
     @XmlElement(required = true)
     private String tags[];
     @XmlElement(required = true)
@@ -37,6 +39,14 @@ public class RegistrationProfile {
     @XmlElement(required = false)
     private String validityPeriod;
 
+    public String getApplicationName() {
+        return applicationName;
+    }
+
+    public void setApiApplicationName(String apiApplicationName) {
+        this.applicationName = apiApplicationName;
+    }
+
     public String[] getTags() {
         return tags;
     }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/operation.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/operation.js
index 127a0df064..e9c07ee0ba 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/operation.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/operation.js
@@ -51,6 +51,16 @@ var operationModule = function () {
                    feature["contentType"] = features[i].contentType;
                    feature["deviceType"] = deviceType;
                    feature["params"] = [];
+				   var featuresEntry = utility.getDeviceTypeConfig(deviceType)["deviceType"]["features"];
+				   if (featuresEntry) {
+					   var featureEntry = featuresEntry[features[i].code];
+					   if (featureEntry) {
+						   var permissionEntry = featureEntry["permission"];
+						   if (permissionEntry) {
+							   feature["permission"] = permissionEntry
+						   }
+					   }
+				   }
                    var metaData = features[i].metadataEntries;
                    if (metaData) {
                        for (var j = 0; j < metaData.length; j++) {