From 6d8c3e53151989e8f41ead9307c153816bea6734 Mon Sep 17 00:00:00 2001 From: charithag Date: Mon, 18 Apr 2016 16:44:03 +0530 Subject: [PATCH] Fix default permission issues --- .../jaggeryapps/devicemgt/api/user-api.jag | 2 - .../jaggeryapps/devicemgt/app/modules/init.js | 1 - .../devicemgt/app/modules/login.js | 3 - .../jaggeryapps/devicemgt/app/modules/user.js | 25 ++- .../devicemgt/app/modules/utility.js | 153 ------------------ 5 files changed, 12 insertions(+), 172 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/api/user-api.jag b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/api/user-api.jag index 88ddca07d24..2dc839f9077 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/api/user-api.jag +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/api/user-api.jag @@ -46,7 +46,6 @@ if (uriMatcher.match("/{context}/api/user/authenticate")) { if (log.isDebugEnabled()) { log.debug("User Logged In : " + user); } - utility.insertAppPermissions(userModule, "login"); apiWrapperUtil.setupAccessTokenPair("password", { "username": username, "password": password @@ -69,7 +68,6 @@ if (uriMatcher.match("/{context}/api/user/authenticate")) { if (log.isDebugEnabled()) { log.debug("User Logged In : " + user); } - utility.insertAppPermissions(userModule, "login"); apiWrapperUtil.setupAccessTokenPair("password", {"username": username, "password": password}); var permissions = userModule.getUIPermissions(); if (permissions.VIEW_DASHBOARD) { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/init.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/init.js index 1f2c884af69..2a22b1c987a 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/init.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/init.js @@ -26,7 +26,6 @@ application.put("carbonServer", carbonServer); var userModule = require("/app/modules/user.js")["userModule"]; var utility = require("/app/modules/utility.js")["utility"]; -utility.insertAppPermissions(userModule, "init"); var permissions = { '/permission/admin/device-mgt/devices': ['ui.execute'], diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/login.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/login.js index 5b53589c983..00e57c7d4f4 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/login.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/login.js @@ -25,9 +25,6 @@ var onFail; onSuccess = function (context) { var utility = require("/app/modules/utility.js").utility; var apiWrapperUtil = require("/app/modules/api-wrapper-util.js").apiWrapperUtil; - var userModule = require("/app/modules/user.js").userModule; - - utility.insertAppPermissions(userModule, "login"); var properties = {username: context.input.username, password: context.input.password}; apiWrapperUtil.setupAccessTokenPair("password", properties); }; diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/user.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/user.js index 69c3ca62eef..1c1139b3aaf 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/user.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/user.js @@ -629,44 +629,43 @@ var userModule = function () { publicMethods.getUIPermissions = function () { var permissions = {}; - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/devices/list") || - publicMethods.isAuthorized("/permission/admin/device-mgt/user/devices/list")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/devices/list")) { permissions["LIST_DEVICES"] = true; } if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/groups/list")) { permissions["LIST_GROUPS"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/users/list")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/users/list")) { permissions["LIST_USERS"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/roles/list")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/roles/list")) { permissions["LIST_ROLES"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/policies/list")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/policies/list")) { permissions["LIST_POLICIES"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/groups/add")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/groups/add")) { permissions["ADD_GROUP"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/users/add")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/users/add")) { permissions["ADD_USER"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/users/remove")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/users/remove")) { permissions["REMOVE_USER"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/roles/add")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/roles/add")) { permissions["ADD_ROLE"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/policies/add")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/policies/add")) { permissions["ADD_POLICY"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/policies/priority")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/policies/priority")) { permissions["CHANGE_POLICY_PRIORITY"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/dashboard/view")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/dashboard/view")) { permissions["VIEW_DASHBOARD"] = true; } - if (publicMethods.isAuthorized("/permission/admin/device-mgt/emm-admin/platform-configs/view")) { + if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/platform-configs/view")) { permissions["TENANT_CONFIGURATION"] = true; } if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/devices/list")) { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/utility.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/utility.js index 58a30198ce0..07fbe79cc76 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/utility.js +++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/utility.js @@ -61,159 +61,6 @@ utility = function () { return getOsgiService("org.wso2.carbon.policy.mgt.core.PolicyManagerService"); }; - publicMethods.insertAppPermissions = function (userModule, type) { - // Below are the 2 types of users:- Normal users and Admins - userModule.addPermissions([{ - key: "admin", - name: "Device Management Admin" - }], "device-mgt", type); - userModule.addPermissions([{ - key: "user", - name: "Device Management User" - }], "device-mgt", type); - - // adding permission definitions for device-mgt/admin - userModule.addPermissions([{ - key: "dashboard", - name: "Dashboard" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "dashboard/view", - name: "View Dashboard" - }], "device-mgt/admin", type); - - userModule.addPermissions([{ - key: "devices", - name: "Devices" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "devices/list", - name: "List All Devices" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "devices/add", - name: "Add Device" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "devices/edit", - name: "Edit Device" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "devices/remove", - name: "Remove Device" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "groups", - name: "Groups" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "groups/list", - name: "List All Groups" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "groups/add", - name: "Add Group" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "devices/operation", - name: "Perform Operation on Any Device" - }], "device-mgt/admin", type); - - userModule.addPermissions([{key: "users", name: "Users"}], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "users/add", - name: "Add New Users" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "users/invite", - name: "Invite Users" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "users/list", - name: "List Users" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "users/update", - name: "Update Users" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "users/remove", - name: "Remove Users" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "users/reset-password", - name: "Reset User Passwords" - }], "device-mgt/admin", type); - - userModule.addPermissions([{key: "roles", name: "Roles"}], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "roles/add", - name: "Add New Roles" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "roles/invite", - name: "Invite Roles" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "roles/list", - name: "List Roles" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "roles/remove", - name: "Remove Roles" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "roles/permission", - name: "Update Role Permission" - }], "device-mgt/admin", type); - - - userModule.addPermissions([{ - key: "policies", - name: "Policy" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "policies/add", - name: "Add Policy" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "policies/list", - name: "List Policy" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "policies/edit", - name: "Edit Policy" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "policies/remove", - name: "Remove Policy" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "policies/priority", - name: "Policy Priority" - }], "device-mgt/admin", type); - - // adding permission definitions for device-mgt/user - userModule.addPermissions([{key: "devices", name: "Devices"}], "device-mgt/user", type); - userModule.addPermissions([{ - key: "devices/list", - name: "List Individual Devices" - }], "device-mgt/user", type); - userModule.addPermissions([{ - key: "devices/operation", - name: "Perform Operation on an Individual Device" - }], "device-mgt/user", type); - - userModule.addPermissions([{ - key: "platform-configs", - name: "Platform Configurations" - }], "device-mgt/admin", type); - userModule.addPermissions([{ - key: "platform-configs/view", - name: "View Configurations" - }], "device-mgt/admin", type); - }; - publicMethods.getIoTServerConfig = function (configName) { var path = "/config/iot-config.json"; var file = new File(path);