Merge branch 'master' of https://github.com/wso2/carbon-device-mgt into devicetype-3.1.0

revert-70aa11f8
ayyoob 8 years ago
commit 2dab109ad3

@ -311,6 +311,16 @@
<artifactId>org.wso2.carbon.identity.jwt.client.extension</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.registry.core</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.registry</groupId>
<artifactId>org.wso2.carbon.registry.resource</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity.framework</groupId>
<artifactId>org.wso2.carbon.identity.user.store.count</artifactId>

@ -22,6 +22,8 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.RegistryType;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
@ -30,6 +32,9 @@ import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.FilteringUtil;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.device.mgt.jaxrs.util.SetReferenceTransformer;
import org.wso2.carbon.registry.api.Registry;
import org.wso2.carbon.registry.core.session.UserRegistry;
import org.wso2.carbon.registry.resource.services.utils.ChangeRolePermissionsUtil;
import org.wso2.carbon.user.api.*;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.mgt.UserRealmProxy;
@ -296,6 +301,7 @@ public class RoleManagementServiceImpl implements RoleManagementService {
}
}
userStoreManager.addRole(roleInfo.getRoleName(), roleInfo.getUsers(), permissions);
authorizeRoleForAppmgt(roleInfo.getRoleName(), roleInfo.getPermissions());
//TODO fix what's returned in the entity
return Response.created(new URI(API_BASE_PATH + "/" + URLEncoder.encode(roleInfo.getRoleName(), "UTF-8"))).
@ -450,6 +456,7 @@ public class RoleManagementServiceImpl implements RoleManagementService {
authorizationManager.authorizeRole(roleName, permission, CarbonConstants.UI_PERMISSION_ACTION);
}
}
authorizeRoleForAppmgt(roleName, roleInfo.getPermissions());
}
//TODO: Need to send the updated role information in the entity back to the client
return Response.status(Response.Status.OK).entity("Role '" + roleInfo.getRoleName() + "' has " +
@ -467,6 +474,59 @@ public class RoleManagementServiceImpl implements RoleManagementService {
}
}
/**
* When presented with role and a set of permissions, if given role has permission to
* perform mobile app management, said role will be given rights mobile app collection in the
* governance registry.
*
* @param role
* @param permissions
* @return state of role update Operation
*/
private boolean authorizeRoleForAppmgt(String role, String[] permissions) {
String permissionString =
"ra^true:rd^false:wa^true:wd^false:da^true:dd^false:aa^true:ad^false";
String resourcePath = "/_system/governance/mobileapps/";
boolean appmPermAvailable = false;
if (permissions != null) {
for (int i = 0; i < permissions.length; i++)
switch (permissions[i]) {
case "/permission/admin/manage/mobileapp":
appmPermAvailable = true;
break;
case "/permission/admin/manage/mobileapp/create":
appmPermAvailable = true;
break;
case "/permission/admin/manage/mobileapp/publish":
appmPermAvailable = true;
break;
}
}
if (appmPermAvailable) {
try {
Registry registry = CarbonContext.getThreadLocalCarbonContext().
getRegistry(RegistryType.SYSTEM_GOVERNANCE);
ChangeRolePermissionsUtil.changeRolePermissions((UserRegistry) registry,
resourcePath, role + ":" + permissionString);
return true;
} catch (Exception e) {
String msg = "Error while retrieving user registry in order to update permissions "
+ "for resource : " + resourcePath;
log.error(msg, e);
return false;
}
} else {
if (log.isDebugEnabled()) {
log.debug("Mobile App Management permissions not selected, therefore role : " +
role + " not given permission for registry collection : " + resourcePath);
}
return false;
}
}
@DELETE
@Path("/{roleName}")
@Override

@ -420,5 +420,7 @@ public interface DeviceDAO {
*/
List<EnrolmentInfo> getEnrolmentsByStatus(List<DeviceIdentifier> deviceIds, Status status,
int tenantId) throws DeviceManagementDAOException;
List<Integer> getDeviceEnrolledTenants() throws DeviceManagementDAOException;
}

@ -1071,4 +1071,27 @@ public abstract class AbstractDeviceDAOImpl implements DeviceDAO {
return devices;
}
public List<Integer> getDeviceEnrolledTenants() throws DeviceManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet rs = null;
List<Integer> tenants = new ArrayList<>();
try {
conn = this.getConnection();
String sql = "SELECT distinct(TENANT_ID) FROM DM_DEVICE";
stmt = conn.prepareStatement(sql);
rs = stmt.executeQuery();
while (rs.next()) {
tenants.add(rs.getInt("TENANT_ID"));
}
} catch (SQLException e) {
throw new DeviceManagementDAOException("Error occurred while retrieving tenants which have " +
"device registered.", e);
} finally {
DeviceManagementDAOUtil.cleanupResources(stmt, rs);
}
return tenants;
}
}

@ -587,4 +587,6 @@ public interface DeviceManagementProviderService {
*/
void notifyPullNotificationSubscriber(DeviceIdentifier deviceIdentifier, Operation operation)
throws PullNotificationExecutionFailedException;
List<Integer> getDeviceEnrolledTenants() throws DeviceManagementException;
}

@ -1471,6 +1471,21 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv
return isDeviceUpdated;
}
@Override
public List<Integer> getDeviceEnrolledTenants() throws DeviceManagementException {
try {
DeviceManagementDAOFactory.openConnection();
return deviceDAO.getDeviceEnrolledTenants();
} catch (DeviceManagementDAOException e) {
throw new DeviceManagementException("Error occurred while retrieving the tenants " +
"which have device enrolled.", e);
} catch (SQLException e) {
throw new DeviceManagementException("Error occurred while opening a connection to the data source", e);
} finally {
DeviceManagementDAOFactory.closeConnection();
}
}
private boolean updateEnrollment(int deviceId, EnrolmentInfo enrolmentInfo, int tenantId)
throws DeviceManagementException {
boolean isUpdatedEnrollment = false;

@ -22,20 +22,26 @@ package org.wso2.carbon.device.mgt.core.task.impl;
import com.google.gson.Gson;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.OperationMonitoringTaskConfig;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
import org.wso2.carbon.device.mgt.core.task.DeviceMgtTaskException;
import org.wso2.carbon.device.mgt.core.task.DeviceTaskManager;
import org.wso2.carbon.ntask.core.Task;
import org.wso2.carbon.user.api.UserStoreException;
import java.util.List;
import java.util.Map;
public class DeviceDetailsRetrieverTask implements Task {
private static Log log = LogFactory.getLog(DeviceDetailsRetrieverTask.class);
// private DeviceTaskManager deviceTaskManager = new DeviceTaskManagerImpl();
private String deviceType;
private String oppConfig;
private OperationMonitoringTaskConfig operationMonitoringTaskConfig;
private boolean executeForTenants = false;
private final String IS_CLOUD = "is.cloud";
@Override
public void setProperties(Map<String, String> map) {
@ -54,10 +60,16 @@ public class DeviceDetailsRetrieverTask implements Task {
@Override
public void execute() {
if(System.getProperty(IS_CLOUD) != null && Boolean.parseBoolean(System.getProperty(IS_CLOUD))){
executeForTenants = true;
}
if(executeForTenants){
this.executeForAllTenants();
} else {
if (log.isDebugEnabled()) {
log.debug("Device details retrieving task started to run.");
}
DeviceTaskManager deviceTaskManager = new DeviceTaskManagerImpl(deviceType,
operationMonitoringTaskConfig);
//pass the configurations also from here, monitoring tasks
@ -65,10 +77,45 @@ public class DeviceDetailsRetrieverTask implements Task {
deviceTaskManager.addOperations();
} catch (DeviceMgtTaskException e) {
log.error(
"Error occurred while trying to add the operations to device to retrieve device details.",
e);
"Error occurred while trying to add the operations to device to retrieve device details.", e);
}
}
}
private void executeForAllTenants() {
if (log.isDebugEnabled()) {
log.debug("Device details retrieving task started to run for all tenants.");
}
try {
List<Integer> tenants = DeviceManagementDataHolder.getInstance().
getDeviceManagementProvider().getDeviceEnrolledTenants();
for (Integer tenant : tenants) {
String tenantDomain = DeviceManagementDataHolder.getInstance().
getRealmService().getTenantManager().getDomain(tenant);
try {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenant);
DeviceTaskManager deviceTaskManager = new DeviceTaskManagerImpl(deviceType,
operationMonitoringTaskConfig);
//pass the configurations also from here, monitoring tasks
try {
deviceTaskManager.addOperations();
} catch (DeviceMgtTaskException e) {
log.error("Error occurred while trying to add the operations to " +
"device to retrieve device details.", e);
}
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
} catch (UserStoreException e) {
log.error("Error occurred while trying to get the available tenants", e);
} catch (DeviceManagementException e) {
log.error("Error occurred while trying to get the available tenants " +
"from device manager provider service.", e);
}
}
}

@ -115,7 +115,6 @@ var userModule = function () {
var url = carbon.server.address('https') + "/admin/services";
var server = new carbon.server.Server(url);
var userManager = new carbon.user.UserManager(server, tenantId);
try {
if (userManager.userExists(username)) {
if (log.isDebugEnabled()) {
@ -632,11 +631,17 @@ var userModule = function () {
var url = carbon.server.address('https') + "/admin/services";
var server = new carbon.server.Server(url);
var userManager = new carbon.user.UserManager(server, tenantId);
try {
if (!userManager.roleExists(roleName)) {
userManager.addRole(roleName, users, permissions);
} else {
log.info("Role exist with name: " + roleName);
var array = Object.keys(permissions);
var i, permission;
for (i = 0; i < array.length; i++) {
permission = array[i];
userManager.authorizeRole(roleName, permission, "ui.execute");
}
}
} catch (e) {
throw e;

@ -21,14 +21,18 @@ package org.wso2.carbon.policy.mgt.core.task;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
import org.wso2.carbon.device.mgt.common.policy.mgt.PolicyMonitoringManager;
import org.wso2.carbon.device.mgt.common.policy.mgt.monitor.PolicyComplianceException;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl;
import org.wso2.carbon.ntask.core.Task;
import org.wso2.carbon.policy.mgt.core.internal.PolicyManagementDataHolder;
import org.wso2.carbon.policy.mgt.core.mgt.MonitoringManager;
import org.wso2.carbon.user.api.UserStoreException;
import java.util.ArrayList;
import java.util.List;
@ -39,6 +43,8 @@ public class MonitoringTask implements Task {
private static Log log = LogFactory.getLog(MonitoringTask.class);
Map<String, String> properties;
private boolean executeForTenants = false;
private final String IS_CLOUD = "is.cloud";
@Override
@ -56,6 +62,61 @@ public class MonitoringTask implements Task {
if (log.isDebugEnabled()) {
log.debug("Monitoring task started to run.");
}
if(System.getProperty(IS_CLOUD) != null && Boolean.parseBoolean(System.getProperty(IS_CLOUD))){
executeForTenants = true;
}
if(executeForTenants) {
this.executeforAllTenants();
} else {
this.executeTask();
}
}
/**
* Check whether Device platform (ex: android) is exist in the cdm-config.xml file before adding a
* Monitoring operation to a specific device type.
*
* @param deviceType available device types.
* @return return platform is exist(true) or not (false).
*/
private boolean isPlatformExist(String deviceType) {
PolicyMonitoringManager policyMonitoringManager = PolicyManagementDataHolder.getInstance()
.getDeviceManagementService().getPolicyMonitoringManager(deviceType);
if (policyMonitoringManager != null) {
return true;
}
return false;
}
private void executeforAllTenants() {
if (log.isDebugEnabled()) {
log.debug("Monitoring task started to run for all tenants.");
}
try {
DeviceManagementProviderService deviceManagementService = new DeviceManagementProviderServiceImpl();
List<Integer> tenants = deviceManagementService.getDeviceEnrolledTenants();
for (Integer tenant : tenants) {
String tenantDomain = PolicyManagementDataHolder.getInstance().
getRealmService().getTenantManager().getDomain(tenant);
try {
PrivilegedCarbonContext.startTenantFlow();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain);
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenant);
this.executeTask();
} finally {
PrivilegedCarbonContext.endTenantFlow();
}
}
} catch (UserStoreException e) {
log.error("Error occurred while trying to get the available tenants", e);
} catch (DeviceManagementException e) {
log.error("Error occurred while trying to get the available tenants from device manager service ", e);
}
}
private void executeTask(){
MonitoringManager monitoringManager = PolicyManagementDataHolder.getInstance().getMonitoringManager();
List<String> deviceTypes = new ArrayList<>();
@ -121,23 +182,5 @@ public class MonitoringTask implements Task {
} else {
log.info("No device types registered currently. So did not run the monitoring task.");
}
}
/**
* Check whether Device platform (ex: android) is exist in the cdm-config.xml file before adding a
* Monitoring operation to a specific device type.
*
* @param deviceType available device types.
* @return return platform is exist(true) or not (false).
*/
private boolean isPlatformExist(String deviceType) {
PolicyMonitoringManager policyMonitoringManager = PolicyManagementDataHolder.getInstance()
.getDeviceManagementService().getPolicyMonitoringManager(deviceType);
if (policyMonitoringManager != null) {
return true;
}
return false;
}
}

@ -1583,6 +1583,11 @@
<artifactId>org.wso2.carbon.event.stream.stub</artifactId>
<version>${carbon.analytics.common.version}</version>
</dependency>
<dependency>
<groupId>org.wso2.carbon.registry</groupId>
<artifactId>org.wso2.carbon.registry.resource</artifactId>
<version>${carbon.registry.resource.version}</version>
</dependency>
</dependencies>
</dependencyManagement>
@ -1896,6 +1901,7 @@
<!-- Carbon Registry -->
<carbon.registry.version>4.6.0</carbon.registry.version>
<carbon.registry.resource.version>4.6.5</carbon.registry.resource.version>
<carbon.registry.imp.pkg.version.range>[4.4.8, 5.0.0)</carbon.registry.imp.pkg.version.range>
<!--CXF properties-->

Loading…
Cancel
Save