From 29aca290a442aaeb3870cd7a52f454532cd17e9c Mon Sep 17 00:00:00 2001 From: Rasika Perera Date: Wed, 4 May 2016 00:49:06 +0530 Subject: [PATCH] Adding group permission checking --- .../coffeeking/api/ConnectedCupControllerServiceImpl.java | 6 ++++-- .../org/coffeeking/api/ConnectedCupManagerServiceImpl.java | 7 +++++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/modules/samples/connectedcup/component/api/src/main/java/org/coffeeking/api/ConnectedCupControllerServiceImpl.java b/modules/samples/connectedcup/component/api/src/main/java/org/coffeeking/api/ConnectedCupControllerServiceImpl.java index 9cd9e289..f41e77c4 100644 --- a/modules/samples/connectedcup/component/api/src/main/java/org/coffeeking/api/ConnectedCupControllerServiceImpl.java +++ b/modules/samples/connectedcup/component/api/src/main/java/org/coffeeking/api/ConnectedCupControllerServiceImpl.java @@ -28,6 +28,7 @@ import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorization import org.wso2.carbon.analytics.dataservice.commons.SORT; import org.wso2.carbon.analytics.dataservice.commons.SortByField; import org.wso2.carbon.analytics.datasource.commons.exception.AnalyticsException; +import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants; import javax.ws.rs.Consumes; import javax.ws.rs.GET; @@ -49,7 +50,8 @@ public class ConnectedCupControllerServiceImpl implements ConnectedCupController public Response orderCoffee(@QueryParam("deviceId") String deviceId) { try { if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId, - ConnectedCupConstants.DEVICE_TYPE))) { + ConnectedCupConstants.DEVICE_TYPE), DeviceGroupConstants.Permissions. + DEFAULT_OPERATOR_PERMISSIONS)) { return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build(); } log.info("Coffee ordered....!"); @@ -77,7 +79,7 @@ public class ConnectedCupControllerServiceImpl implements ConnectedCupController try { if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId, - ConnectedCupConstants.DEVICE_TYPE))) { + ConnectedCupConstants.DEVICE_TYPE), DeviceGroupConstants.Permissions.DEFAULT_STATS_MONITOR_PERMISSIONS)) { return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build(); } List sensorDatas; diff --git a/modules/samples/connectedcup/component/api/src/main/java/org/coffeeking/api/ConnectedCupManagerServiceImpl.java b/modules/samples/connectedcup/component/api/src/main/java/org/coffeeking/api/ConnectedCupManagerServiceImpl.java index 145348d0..d7b2e678 100644 --- a/modules/samples/connectedcup/component/api/src/main/java/org/coffeeking/api/ConnectedCupManagerServiceImpl.java +++ b/modules/samples/connectedcup/component/api/src/main/java/org/coffeeking/api/ConnectedCupManagerServiceImpl.java @@ -27,6 +27,7 @@ import org.wso2.carbon.device.mgt.common.DeviceIdentifier; import org.wso2.carbon.device.mgt.common.DeviceManagementException; import org.wso2.carbon.device.mgt.common.EnrolmentInfo; import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException; +import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants; import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; @@ -56,7 +57,8 @@ public class ConnectedCupManagerServiceImpl implements ConnectedCupManagerServic DeviceIdentifier deviceIdentifier = new DeviceIdentifier(); deviceIdentifier.setId(deviceId); deviceIdentifier.setType(ConnectedCupConstants.DEVICE_TYPE); - if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier)) { + if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier, DeviceGroupConstants. + Permissions.DEFAULT_ADMIN_PERMISSIONS)) { return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build(); } boolean removed = APIUtil.getDeviceManagementService().disenrollDevice( @@ -81,7 +83,8 @@ public class ConnectedCupManagerServiceImpl implements ConnectedCupManagerServic deviceIdentifier.setId(deviceId); deviceIdentifier.setType(ConnectedCupConstants.DEVICE_TYPE); try { - if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier)) { + if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier, DeviceGroupConstants. + Permissions.DEFAULT_ADMIN_PERMISSIONS)) { return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build(); } Device device = APIUtil.getDeviceManagementService().getDevice(deviceIdentifier);