Merge pull request #505 from rasika/release-2.0.x

Fixing user is not authorized to view devices
8 years ago · 9c37df9343
parent cef9876575 acb2c38799
commit 9c37df9343
1 changed files with 4 additions and 2 deletions
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
@ -45,6 +45,7 @@ import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
 import org.wso2.carbon.policy.mgt.common.monitor.ComplianceData;
 import org.wso2.carbon.policy.mgt.common.monitor.PolicyComplianceException;
 import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
 import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
 import javax.validation.constraints.Size;
 import javax.ws.rs.*;
@ -113,15 +114,16 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
            }
            // this is the user who initiates the request
-            String authorizedUser = CarbonContext.getThreadLocalCarbonContext().getUsername();
+            String authorizedUser = MultitenantUtils.getTenantAwareUsername(CarbonContext.getThreadLocalCarbonContext().getUsername());
            // check whether the user is device-mgt admin
            if (deviceAccessAuthorizationService.isDeviceAdminUser()) {
                if (user != null && !user.isEmpty()) {
-                    request.setOwner(user);
+                    request.setOwner(MultitenantUtils.getTenantAwareUsername(user));
                }
            } else {
                if (user != null && !user.isEmpty()) {
                    user = MultitenantUtils.getTenantAwareUsername(user);
                    if (user.equals(authorizedUser)) {
                        request.setOwner(user);
                    } else {