From 6bb924fa7b978f2a7ea7b832d4a537deb48bbe8c Mon Sep 17 00:00:00 2001
From: harshanl <harshan@wso2.com>
Date: Fri, 12 Aug 2016 13:53:32 +0530
Subject: [PATCH 1/8] Removed unnecessary mysql query from the mysl script

---
 .../src/main/resources/dbscripts/cdm/mysql.sql              | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/dbscripts/cdm/mysql.sql b/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/dbscripts/cdm/mysql.sql
index 39cfc6d172..71de29d833 100644
--- a/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/dbscripts/cdm/mysql.sql
+++ b/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/dbscripts/cdm/mysql.sql
@@ -587,8 +587,4 @@ DM_DEVICE.DEVICE_TYPE_ID = DM_DEVICE_TYPE.ID AND
 DM_DEVICE.ID = DM_DEVICE_DETAIL.DEVICE_ID
 ORDER BY TENANT_ID, DEVICE_ID;
 
--- END OF DASHBOARD RELATED VIEWS --
-
-SELECT feom.DEVICE_IDENTIFICATION, feom.DEVICE_TYPE, or.OPERATION_RESPONSE, feom.CREATED_TIMESTAMP
-FROM DM_DEVICE_OPERATION_RESPONSE dor, (SELECT eom.OPERATION_ID, fe.DEVICE_IDENTIFICATION, fe.DEVICE_TYPE, fe.ENROLMENT_ID, eom.CREATED_TIMESTAMP, eom.UPDATED_TIMESTAMP, or.RECEIVED_TIMESTAMP FROM DM_ENROLMENT_OP_MAPPING eom, (SELECT e.ID AS ENROLMENT_ID, fd.DEVICE_ID, fd.DEVICE_IDENTIFICATION, fd.DEVICE_TYPE FROM DM_ENROLMENT e, (SELECT DISTINCT d.ID AS DEVICE_ID, d.DEVICE_IDENTIFICATION, t.NAME AS DEVICE_TYPE FROM DM_DEVICE d, DM_DEVICE_TYPE t WHERE d.DEVICE_TYPE_ID = t.ID AND d.TENANT_ID = -1234) fd WHERE e.DEVICE_ID = fd.DEVICE_ID AND e.TENANT_ID = -1234) fe WHERE eom.ENROLMENT_ID = fe.ENROLMENT_ID) feom WHERE or.OPERATION_ID = or.OPERATION_ID;
-
+-- END OF DASHBOARD RELATED VIEWS --
\ No newline at end of file

From e5a4c0f7958ac5131bb3ab8ea5f5f192e92173f7 Mon Sep 17 00:00:00 2001
From: Ace <ruwany.ace@gmail.com>
Date: Mon, 15 Aug 2016 11:37:57 +0530
Subject: [PATCH 2/8] Adding role add/update/delete related changes

---
 .../units/cdmf.unit.role.create/create.hbs    |  3 +-
 .../public/js/bottomJs.js                     | 24 +++++++-----
 .../permission.hbs                            | 14 +++++++
 .../permission.js                             |  2 +-
 .../public/js/bottomJs.js                     | 31 ++++++++++------
 .../app/units/cdmf.unit.role.edit/edit.hbs    |  3 +-
 .../cdmf.unit.role.edit/public/js/bottomJs.js | 37 ++++++-------------
 .../public/js/role-listing.js                 |  6 +--
 8 files changed, 66 insertions(+), 54 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.create/create.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.create/create.hbs
index b74abb7dc4..a93d3173a0 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.create/create.hbs
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.create/create.hbs
@@ -47,7 +47,7 @@
                         <div id="role-create-error-msg" class="alert alert-danger hidden" role="alert">
                             <i class="icon fw fw-error"></i><span></span>
                         </div>
-                        <label class="wr-input-label">Domain *</label>
+                        <label class="wr-input-label">User Store Domain</label>
 
                         <div class="wr-input-control">
                             <select id="domain" class="form-control select">
@@ -106,6 +106,7 @@
             </div>
         </div>
         <!-- /content -->
+        <div id="app-context" data-app-context="{{@app.context}}" class="hidden"></div>
     </div>
 </div>
 <!-- /content/body -->
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.create/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.create/public/js/bottomJs.js
index cad7431f81..5a7d7eb304 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.create/public/js/bottomJs.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.create/public/js/bottomJs.js
@@ -31,6 +31,8 @@ function inputIsValid(regExp, inputString) {
 var validateInline = {};
 var clearInline = {};
 
+var apiBasePath = "/api/device-mgt/v1.0";
+
 var enableInlineError = function (inputField, errorMsg, errorSign) {
     var fieldIdentifier = "#" + inputField;
     var errorMsgIdentifier = "#" + inputField + " ." + errorMsg;
@@ -113,12 +115,12 @@ function formatRepoSelection (user) {
 }
 
 $(document).ready(function () {
-
+    var appContext = $("#app-context").data("app-context");
     $("#users").select2({
         multiple:true,
         tags: false,
         ajax: {
-            url: window.location.origin + "/devicemgt/api/invoker/execute/",
+            url: appContext + "/api/invoker/execute/",
             method: "POST",
             dataType: 'json',
             delay: 250,
@@ -128,15 +130,17 @@ $(document).ready(function () {
             data: function (params) {
                 var postData = {};
                 postData.actionMethod = "GET";
-                postData.actionUrl = "/devicemgt_admin/users/view-users?username=" + params.term;
+                postData.actionUrl = apiBasePath + "/users/search/usernames?filter=" + params.term;
                 postData.actionPayload = null;
                 return JSON.stringify(postData);
             },
             processResults: function (data, page) {
                 var newData = [];
-                $.each(data.responseContent, function (index, value) {
-                    value.id = value.username;
-                    newData.push(value);
+                $.each(data, function (index, value) {
+                    var user = {};
+                    user.username = value.username;
+                    user.id = value.username;
+                    newData.push(user);
                 });
                 return {
                     results: newData
@@ -153,7 +157,7 @@ $(document).ready(function () {
     /**
      * Following click function would execute
      * when a user clicks on "Add Role" button
-     * on Add Role page in WSO2 Devicemgt Console.
+     * on Add Role page in WSO2 MDM Console.
      */
     $("button#add-role-btn").click(function() {
         var rolenameInput = $("input#rolename");
@@ -188,7 +192,7 @@ $(document).ready(function () {
             }
             addRoleFormData.users = users;
 
-            var addRoleAPI = "/devicemgt_admin/roles";
+            var addRoleAPI = apiBasePath + "/roles";
 
             invokerUtil.post(
                 addRoleAPI,
@@ -205,10 +209,10 @@ $(document).ready(function () {
                         //// Refreshing with success message
                         //$("#role-create-form").addClass("hidden");
                         //$("#role-created-msg").removeClass("hidden");
-                        window.location.href = '/devicemgt/role/edit-permission/' + roleName + '?wizard=true';
+                        window.location.href = appContext + '/role/edit-permission/' + roleName;
                     }
                 }, function (data) {
-                    if (JSON.parse(data.responseText).errorMessage.indexOf("RoleExisting") > -1) {
+                    if (JSON.parse(data).errorMessage.indexOf("RoleExisting") > -1) {
                         $(errorMsg).text("Role name : " + roleName + " already exists. Pick another role name.");
                     } else {
                         $(errorMsg).text(JSON.parse(data.responseText).errorMessage);
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.hbs
index ad3b495e28..26628391df 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.hbs
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.hbs
@@ -78,6 +78,20 @@
                 </a>
             </div>
         </div>
+        <div id="child-deselect-error-content" class="hide">
+            <div class="content">
+                <div class="row">
+                    <div class="col-lg-5 col-md-6 col-centered">
+                        <h3>Can't deselect child permissions when parent permission is selected.</h3>
+                        <div class="buttons">
+                            <a href="#" id="child-deselect-error-link" class="btn-operations">
+                                Ok
+                            </a>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
         <!-- /content -->
     </div>
 </div>
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.js
index 6829dc21e3..5790f1b7ff 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/permission.js
@@ -26,7 +26,7 @@ function onRequest(context) {
     var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
     var uri = request.getRequestURI();
     var uriMatcher = new URIMatcher(String(uri));
-    var isMatched = uriMatcher.match("/{context}/roles/edit-role-permission/{rolename}");
+    var isMatched = uriMatcher.match("/{context}/role/edit-permission/{rolename}");
 
     if (isMatched) {
         var matchedElements = uriMatcher.elements();
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/public/js/bottomJs.js
index 2989ce3924..7c778de040 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/public/js/bottomJs.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit.permission/public/js/bottomJs.js
@@ -31,6 +31,8 @@
 var modalPopup = ".wr-modalpopup";
 var modalPopupContent = modalPopup + " .modalpopup-content";
 
+var apiBasePath = "/api/device-mgt/v1.0";
+
 /*
  * hide popup function.
  */
@@ -96,29 +98,33 @@ $(document).ready(function () {
     var listPartialSrc = $("#list-partial").attr("src");
     var treeTemplateSrc = $("#tree-template").attr("src");
     var roleName = $("#permissionList").data("currentrole");
-    var serviceUrl = "/devicemgt_admin/roles/permissions?rolename=" + encodeURIComponent(roleName);
+    var serviceUrl = apiBasePath + "/roles/" +encodeURIComponent(roleName)+"/permissions";
     $.registerPartial("list", listPartialSrc, function(){
         $.template("treeTemplate", treeTemplateSrc, function (template) {
             invokerUtil.get(serviceUrl,
                 function(data){
                     data = JSON.parse(data);
-                    var treeData = data.responseContent;
+                    var treeData = data;
                     if(treeData.nodeList.length > 0){
                         treeData = { nodeList: treeData.nodeList };
                         var content = template(treeData);
                         $("#permissionList").html(content);
-                        $("#permissionList").on("click", ".permissionTree .permissionItem", function() {
+                        $("#permissionList").on("click", ".permissionTree .permissionItem", function(){
                             var parentValue = $(this).prop('checked');
                             $(this).closest("li").find("li input").each(function () {
                                 $(this).prop('checked',parentValue);
                             });
                         });
                     }
-                    $("#permissionList li input").click(function() {
+                    $("#permissionList li input").click(function(){
                         var parentInput = $(this).parents("ul:eq(1) > li").find('input:eq(0)');
                         if(parentInput && parentInput.is(':checked')){
-                            parentInput.prop('checked', false);
-                            return true;
+                            $(modalPopupContent).html($('#child-deselect-error-content').html());
+                            showPopup();
+                            $("a#child-deselect-error-link").click(function () {
+                                hidePopup();
+                            });
+                            return false;
                         }
                     });
                     $('#permissionList').tree_view();
@@ -135,24 +141,25 @@ $(document).ready(function () {
      */
     $("button#update-permissions-btn").click(function() {
         var roleName = $("#permissionList").data("currentrole");
-        var updateRolePermissionAPI = "/devicemgt_admin/roles?rolename=" + roleName;
+        var updateRolePermissionAPI = apiBasePath + "/roles/" + roleName;
         var updateRolePermissionData = {};
         var perms = [];
         $("#permissionList li input:checked").each(function(){
             perms.push($(this).data("resourcepath"));
-        });
+        })
         updateRolePermissionData.permissions = perms;
         invokerUtil.put(
             updateRolePermissionAPI,
             updateRolePermissionData,
-            function (jqXHR) {
-                if (JSON.parse(jqXHR).status == 200 || jqXHR.status == 200) {
+            function (data, textStatus, jqXHR) {
+                if (jqXHR.status == 200) {
                     // Refreshing with success message
                     $("#role-create-form").addClass("hidden");
                     $("#role-created-msg").removeClass("hidden");
                 }
             }, function (data) {
-                $(errorMsg).text(JSON.parse(data.responseText).errorMessage);
+                var payload = JSON.parse(data.responseText);
+                $(errorMsg).text(payload.message);
                 $(errorMsgWrapper).removeClass("hidden");
             }
         );
@@ -162,4 +169,4 @@ $(document).ready(function () {
 function get(name){
     if(name=(new RegExp('[?&]'+encodeURIComponent(name)+'=([^&]*)')).exec(location.search))
         return decodeURIComponent(name[1]);
-}
\ No newline at end of file
+}
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/edit.hbs b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/edit.hbs
index 3ed8209cf7..249e35a6e3 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/edit.hbs
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/edit.hbs
@@ -29,7 +29,7 @@
                         <div id="role-create-error-msg" class="alert alert-danger hidden" role="alert">
                             <i class="icon fw fw-error"></i><span></span>
                         </div>
-                        <label class="wr-input-label">Domain *</label>
+                        <label class="wr-input-label">Domain</label>
                         <div class="wr-input-control">
                             <select id="domain" class="form-control select">
                                 <option>PRIMARY</option>
@@ -81,6 +81,7 @@
             </div>
         </div>
         <!-- /content -->
+        <div id="app-context" data-app-context="{{@app.context}}" class="hidden"></div>
     </div>
 </div>
 <!-- /content/body -->
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/public/js/bottomJs.js
index f8c42854cf..e038c32592 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/public/js/bottomJs.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.edit/public/js/bottomJs.js
@@ -1,21 +1,3 @@
-/*
- * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
- *
- * WSO2 Inc. licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
 /**
  * Checks if provided input is valid against RegEx input.
  *
@@ -31,6 +13,8 @@ function inputIsValid(regExp, inputString) {
 var validateInline = {};
 var clearInline = {};
 
+var apiBasePath = "/api/device-mgt/v1.0";
+
 var enableInlineError = function (inputField, errorMsg, errorSign) {
     var fieldIdentifier = "#" + inputField;
     var errorMsgIdentifier = "#" + inputField + " ." + errorMsg;
@@ -113,12 +97,12 @@ function formatRepoSelection (user) {
 }
 
 $(document).ready(function () {
-
+    var appContext = $("#app-context").data("app-context");
     $("#users").select2({
         multiple:true,
         tags: false,
         ajax: {
-            url: window.location.origin + "/devicemgt/api/invoker/execute/",
+            url: appContext + "/api/invoker/execute/",
             method: "POST",
             dataType: 'json',
             delay: 250,
@@ -128,7 +112,7 @@ $(document).ready(function () {
             data: function (params) {
                 var postData = {};
                 postData.actionMethod = "GET";
-                postData.actionUrl = "/devicemgt_admin/users/view-users?username=" + params.term;
+                postData.actionUrl = apiBasePath + "/users/search/usernames?filter=" + params.term;
                 postData.actionPayload = null;
                 return JSON.stringify(postData);
             },
@@ -155,7 +139,7 @@ $(document).ready(function () {
     /**
      * Following click function would execute
      * when a user clicks on "Add Role" button
-     * on Add Role page in WSO2 Devicemgt Console.
+     * on Add Role page in WSO2 MDM Console.
      */
     $("button#add-role-btn").click(function() {
         var rolenameInput = $("input#rolename");
@@ -183,12 +167,12 @@ $(document).ready(function () {
                 addRoleFormData.roleName = domain + "/" + roleName;
             }
 
-            var addRoleAPI = "/devicemgt_admin/roles?rolename=" + encodeURIComponent(currentRoleName);
+            var addRoleAPI = apiBasePath + "/roles/" + currentRoleName;
             invokerUtil.put(
                 addRoleAPI,
                 addRoleFormData,
-                function (jqXHR) {
-                    if (JSON.parse(jqXHR).status == 200 || jqXHR.status == 200) {
+                function (data, textStatus, jqXHR) {
+                    if (jqXHR.status == 200) {
                         // Clearing user input fields.
                         $("input#rolename").val("");
                         $("#domain").val("");
@@ -197,7 +181,8 @@ $(document).ready(function () {
                         $("#role-created-msg").removeClass("hidden");
                     }
                 }, function (data) {
-                    $(errorMsg).text(JSON.parse(data.responseText).errorMessage);
+                    var payload = JSON.parse(data.responseText);
+                    $(errorMsg).text(payload.message);
                     $(errorMsgWrapper).removeClass("hidden");
                 }
             );
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.listing/public/js/role-listing.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.listing/public/js/role-listing.js
index 1b0991cb0a..afeb0a393e 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.listing/public/js/role-listing.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.role.listing/public/js/role-listing.js
@@ -16,7 +16,7 @@
  * under the License.
  */
 var loadRoleBasedActionURL = function (action, rolename) {
-    var href = $("#ast-container").data("app-context") + "roles/" + action + "?rolename=" + rolename;
+    var href = $("#ast-container").data("app-context") + "role/" + action + "/" + rolename;
     $(location).attr('href', href);
 };
 
@@ -113,13 +113,13 @@ function loadRoles(searchQuery) {
             class: "text-right content-fill text-left-on-grid-view no-wrap",
             data: null,
             render: function ( data, type, row, meta ) {
-                return '<a onclick="javascript:loadRoleBasedActionURL(\'edit-role\', \'' + data.name + '\')" data-role="' + data.name +
+                return '<a onclick="javascript:loadRoleBasedActionURL(\'edit\', \'' + data.name + '\')" data-role="' + data.name +
                     '" data-click-event="edit-form" class="btn padding-reduce-on-grid-view edit-role-link"><span class="fw-stack fw-lg">' +
                     '<i class="fw fw-ring fw-stack-2x"></i><i class="fw fw-user fw-stack-1x"></i>' +
                     '<span class="fw-stack fw-move-right fw-move-bottom"><i class="fw fw-circle fw-stack-2x fw-stroke fw-inverse"></i>' +
                     '<i class="fw fw-circle fw-stack-2x"></i><i class="fw fw-edit fw-stack-1x fw-inverse"></i></span></span>' +
                     '<span class="hidden-xs hidden-on-grid-view">Edit</span></a>' +
-                    '<a onclick="javascript:loadRoleBasedActionURL(\'edit-role-permission\', \'' + data.name +
+                    '<a onclick="javascript:loadRoleBasedActionURL(\'edit-permission\', \'' + data.name +
                     '\')" data-role="' + data.name + '" data-click-event="edit-form" class="btn padding-reduce-on-grid-view edit-permission-link">' +
                     '<span class="fw-stack fw-lg"><i class="fw fw-ring fw-stack-2x"></i><i class="fw fw-security-policy fw-stack-1x"></i>' +
                     '<span class="fw-stack fw-move-right fw-move-bottom"><i class="fw fw-circle fw-stack-2x fw-stroke fw-inverse"></i>' +

From 892d5cee205400fa936baf05b5e21e020c34f5d9 Mon Sep 17 00:00:00 2001
From: ayyoob <ayyoobhamza@gmail.com>
Date: Mon, 15 Aug 2016 15:13:39 +0530
Subject: [PATCH 3/8] avoided lazy inialization

---
 .../wso2/carbon/apimgt/webapp/publisher/config/Profiles.java | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/config/Profiles.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/config/Profiles.java
index 61dfe237f2..442d7b2474 100644
--- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/config/Profiles.java
+++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/config/Profiles.java
@@ -41,16 +41,13 @@ import java.util.List;
 public class Profiles {
 
     @XmlElement(name = "Profile")
-    protected List<String> profile;
+    protected List<String> profile = new ArrayList<String>();;
 
     /**
      * Gets the value of the profile property.
      *
      */
     public List<String> getProfile() {
-        if (profile == null) {
-            profile = new ArrayList<String>();
-        }
         return this.profile;
     }
 

From 442c2b86da6ba1373ef723b3244a203267ecbcf8 Mon Sep 17 00:00:00 2001
From: ayyoob <ayyoobhamza@gmail.com>
Date: Mon, 15 Aug 2016 15:19:18 +0530
Subject: [PATCH 4/8] fixed formatting issues

---
 .../device/mgt/jaxrs/service/impl/util/FilteringUtil.java       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/util/FilteringUtil.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/util/FilteringUtil.java
index 3cc650029c..c0f578be39 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/util/FilteringUtil.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/util/FilteringUtil.java
@@ -32,7 +32,7 @@ public class FilteringUtil {
      * This is used to filter from the cached policies.
      */
     public static <T> List<T> getFilteredList(List<T> sourceList, int offset, int limit) {
-        if(sourceList == null || sourceList.size() < offset){
+        if (sourceList == null || sourceList.size() < offset) {
             return Collections.emptyList();
         }
         return sourceList.subList(offset, Math.min(offset + limit, sourceList.size()));

From a7c201363c20fa63dbbca91479828aca4ff4f40f Mon Sep 17 00:00:00 2001
From: ayyoob <ayyoobhamza@gmail.com>
Date: Mon, 15 Aug 2016 15:20:37 +0530
Subject: [PATCH 5/8] logged exception trace

---
 .../client/extension/service/JWTClientManagerServiceImpl.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/service/JWTClientManagerServiceImpl.java b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/service/JWTClientManagerServiceImpl.java
index f12d295b7a..51c19212a3 100644
--- a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/service/JWTClientManagerServiceImpl.java
+++ b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/service/JWTClientManagerServiceImpl.java
@@ -81,7 +81,7 @@ public class JWTClientManagerServiceImpl implements JWTClientManagerService {
                 addJWTClient(tenantDomain, jwtClient);
             } catch (JWTClientAlreadyExistsException e) {
                 log.warn("Attempting to register a jwt client for the tenant " + tenantDomain +
-                        " when one already exists. Returning existing jwt client");
+                        " when one already exists. Returning existing jwt client", e);
                 return getJWTClient(tenantDomain);
             } catch (JWTClientConfigurationException e) {
                 throw new JWTClientException("Failed to parse jwt configuration for tenant " + tenantDomain, e);
@@ -110,7 +110,7 @@ public class JWTClientManagerServiceImpl implements JWTClientManagerService {
                 addJWTClient(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME, defaultJWTClient);
             } catch (JWTClientAlreadyExistsException e) {
                 log.warn("Attempting to register a jwt client for the super tenant" +
-                        " when one already exists. Returning existing jwt client");
+                        " when one already exists. Returning existing jwt client", e);
             }
         }
     }

From 8cb26b3264bce82705c6e3f6ac0cbb9efa6e5bc0 Mon Sep 17 00:00:00 2001
From: dilanua <dilan.u.ariyaratne@gmail.com>
Date: Mon, 15 Aug 2016 17:55:46 +0530
Subject: [PATCH 6/8] Fixing no api resource found issue: changing user
 credentials

---
 .../units/cdmf.unit.ui.header.user-menu/public/js/user-menu.js  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.header.user-menu/public/js/user-menu.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.header.user-menu/public/js/user-menu.js
index 9547a1e50d..16a232b843 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.header.user-menu/public/js/user-menu.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.ui.header.user-menu/public/js/user-menu.js
@@ -50,7 +50,7 @@ $(document).ready(function () {
                 changePasswordFormData.oldPassword = unescape((oldPassword));
 
 
-                var changePasswordAPI = "/api/device-mgt/v1.0/users" + user + "/credentials";
+                var changePasswordAPI = "/api/device-mgt/v1.0/users/" + user + "/credentials";
 
                 invokerUtil.put(
                     changePasswordAPI,

From 7346313d27cc84355f5a22262dcac1fd200c6eeb Mon Sep 17 00:00:00 2001
From: mharindu <milanharindu.ucsc@gmail.com>
Date: Mon, 15 Aug 2016 20:30:45 +0530
Subject: [PATCH 7/8] Modified scope management service

---
 .../device/mgt/jaxrs/beans/RoleInfo.java      |  8 +-
 .../service/api/RoleManagementService.java    | 55 +------------
 .../impl/RoleManagementServiceImpl.java       | 49 +++++-------
 .../device/mgt/jaxrs/util/DeviceMgtUtil.java  | 18 +++--
 .../scope/mgt/ScopeManagementService.java     | 25 ++++++
 .../scope/mgt/ScopeManagementServiceImpl.java | 80 ++++++++++++++++++-
 .../scope/mgt/dao/ScopeManagementDAO.java     | 10 +++
 .../mgt/dao/impl/ScopeManagementDAOImpl.java  | 49 +++++++++---
 8 files changed, 187 insertions(+), 107 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/RoleInfo.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/RoleInfo.java
index 701d341133..94658cd132 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/RoleInfo.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/RoleInfo.java
@@ -30,8 +30,8 @@ public class RoleInfo {
     @ApiModelProperty(name = "roleName", value = "The name of the role.", required = true)
     private String roleName;
     @ApiModelProperty(name = "scopes", value = "Lists out all the scopes associated with roles.",
-            required = true, dataType = "List[org.wso2.carbon.device.mgt.jaxrs.beans.Scope]")
-    private List<Scope> scopes;
+            required = true, dataType = "List[java.lang.String]")
+    private List<String> scopes;
     @ApiModelProperty(name = "users", value = "The list of users assigned to the selected role.",
             required = true, dataType = "List[java.lang.String]")
     private String[] users;
@@ -44,11 +44,11 @@ public class RoleInfo {
         this.roleName = roleName;
     }
 
-    public List<Scope> getScopes() {
+    public List<String> getScopes() {
         return scopes;
     }
 
-    public void setScopes(List<Scope> scopes) {
+    public void setScopes(List<String> scopes) {
         this.scopes = scopes;
     }
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java
index 83b8e5851f..b85b605ead 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java
@@ -166,55 +166,6 @@ public interface RoleManagementService {
                     required = false)
             @HeaderParam("If-Modified-Since") String ifModifiedSince);
 
-    @PUT
-    @Path("/scopes")
-    @ApiOperation(
-            produces = MediaType.APPLICATION_JSON,
-            httpMethod = "PUT",
-            value = "Updating authorization scopes.",
-            notes = "This REST API can be used to update the associated roles of the scopes",
-            tags = "Role Management"
-    )
-    @ApiResponses(value = {
-            @ApiResponse(
-                    code = 200,
-                    message = "OK. \n Scopes has been updated successfully",
-                    responseHeaders = {
-                            @ResponseHeader(
-                                    name = "Content-Type",
-                                    description = "Content type of the body"),
-                            @ResponseHeader(
-                                    name = "ETag",
-                                    description = "Entity Tag of the response resource.\n" +
-                                            "Used by caches, or in conditional requests."),
-                            @ResponseHeader(
-                                    name = "Last-Modified",
-                                    description = "Date and time the resource has been modified the last time.\n" +
-                                            "Used by caches, or in conditional requests.")}),
-            @ApiResponse(
-                    code = 400,
-                    message = "Bad Request. \n Invalid request or validation error.",
-                    response = ErrorResponse.class),
-            @ApiResponse(
-                    code = 404,
-                    message = "Not Found. \n Scopes to be updated does not exist.",
-                    response = ErrorResponse.class),
-            @ApiResponse(
-                    code = 415,
-                    message = "Unsupported media type. \n The entity of the request was in a not supported format.",
-                    response = ErrorResponse.class),
-            @ApiResponse(
-                    code = 500,
-                    message = "Internal Server Error. \n Server error occurred while updating the scopes.",
-                    response = ErrorResponse.class)
-    })
-    @org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "")
-    Response updateScopes(
-            @ApiParam(
-                    name = "Scopes",
-                    value = "List of scopes to be updated",
-                    required = true) List<Scope> scopes);
-
     @GET
     @Path("/{roleName}")
     @ApiOperation(
@@ -418,11 +369,7 @@ public interface RoleManagementService {
                     name = "roleName",
                     value = "Name of the role to de deleted.",
                     required = true)
-            @PathParam("roleName") String roleName,
-            @ApiParam(
-                    name = "role",
-                    value = "Details about the role to be added.",
-                    required = true) RoleInfo role);
+            @PathParam("roleName") String roleName);
 
     @PUT
     @Path("/{roleName}/users")
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java
index 37fe8b214e..fa7560702c 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java
@@ -112,27 +112,6 @@ public class RoleManagementServiceImpl implements RoleManagementService {
         }
     }
 
-    @PUT
-    @Path("/scopes")
-    @Override
-    public Response updateScopes(List<Scope> scopes) {
-        RequestValidationUtil.validateScopes(scopes);
-        try {
-            ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
-            if (scopeManagementService == null) {
-                log.error("Scope management service initialization is failed, hence scopes will not be retrieved");
-            } else {
-                scopeManagementService.updateScopes(DeviceMgtUtil.convertScopestoAPIScopes(scopes));
-            }
-            return Response.status(Response.Status.OK).entity("Scopes has been successfully updated").build();
-        } catch (ScopeManagementException e) {
-            String msg = "Error occurred while updating the scopes";
-            log.error(msg, e);
-            return Response.serverError().entity(
-                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
-        }
-    }
-
     @GET
     @Path("/{roleName}")
     @Override
@@ -143,6 +122,7 @@ public class RoleManagementServiceImpl implements RoleManagementService {
         }
         RequestValidationUtil.validateRoleName(roleName);
         RoleInfo roleInfo = new RoleInfo();
+        List<String> scopes = new ArrayList<>();
         try {
             final UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
             if (!userStoreManager.isExistingRole(roleName)) {
@@ -150,15 +130,26 @@ public class RoleManagementServiceImpl implements RoleManagementService {
                         new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" +
                                 roleName + "'").build()).build();
             }
+            ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
+            if (scopeManagementService == null) {
+                log.error("Scope management service initialization is failed, hence scopes will not be retrieved");
+            } else {
+                scopes = DeviceMgtUtil.convertAPIScopesToScopeKeys(scopeManagementService.getScopesOfRole(roleName));
+            }
             roleInfo.setRoleName(roleName);
             roleInfo.setUsers(userStoreManager.getUserListOfRole(roleName));
-
+            roleInfo.setScopes(scopes);
             return Response.status(Response.Status.OK).entity(roleInfo).build();
         } catch (UserStoreException e) {
             String msg = "Error occurred while retrieving the user role '" + roleName + "'";
             log.error(msg, e);
             return Response.serverError().entity(
                     new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
+        } catch (ScopeManagementException e) {
+            String msg = "Error occurred while retrieving the scopes";
+            log.error(msg, e);
+            return Response.serverError().entity(
+                    new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
         }
     }
 
@@ -234,7 +225,7 @@ public class RoleManagementServiceImpl implements RoleManagementService {
                 if (scopeManagementService == null) {
                     log.error("Scope management service initialization is failed, hence scopes will not be updated");
                 } else {
-                    scopeManagementService.updateScopes(DeviceMgtUtil.convertScopestoAPIScopes(roleInfo.getScopes()));
+                    scopeManagementService.updateScopes(roleInfo.getScopes(), roleName);
                 }
             }
             //TODO: Need to send the updated role information in the entity back to the client
@@ -256,9 +247,8 @@ public class RoleManagementServiceImpl implements RoleManagementService {
     @DELETE
     @Path("/{roleName}")
     @Override
-    public Response deleteRole(@PathParam("roleName") String roleName, RoleInfo roleInfo) {
+    public Response deleteRole(@PathParam("roleName") String roleName) {
         RequestValidationUtil.validateRoleName(roleName);
-        RequestValidationUtil.validateScopes(roleInfo.getScopes());
 
         try {
             final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
@@ -277,22 +267,23 @@ public class RoleManagementServiceImpl implements RoleManagementService {
             // Delete all authorizations for the current role before deleting
             authorizationManager.clearRoleAuthorization(roleName);
 
-            //updating scopes
+            //removing scopes
             ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
             if (scopeManagementService == null) {
                 log.error("Scope management service initialization is failed, hence scopes will not be updated");
             } else {
-                scopeManagementService.updateScopes(DeviceMgtUtil.convertScopestoAPIScopes(roleInfo.getScopes()));
+                scopeManagementService.removeScopes(roleName);
             }
 
-            return Response.status(Response.Status.OK).build();
+            return Response.status(Response.Status.OK).entity("Role '" + roleName + "' has " +
+                    "successfully been deleted").build();
         } catch (UserStoreException e) {
             String msg = "Error occurred while deleting the role '" + roleName + "'";
             log.error(msg, e);
             return Response.serverError().entity(
                     new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
         } catch (ScopeManagementException e) {
-            String msg = "Error occurred while updating scopes of role '" + roleName + "'";
+            String msg = "Error occurred while deleting scopes of role '" + roleName + "'";
             log.error(msg, e);
             return Response.serverError().entity(
                     new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtUtil.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtUtil.java
index 0c198a1587..403f836990 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtUtil.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtUtil.java
@@ -65,15 +65,13 @@ public class DeviceMgtUtil {
 
     }
 
-    public static List<Scope> convertScopestoAPIScopes(List<org.wso2.carbon.device.mgt.jaxrs.beans.Scope> scopes) {
+    public static List<Scope> convertScopesListToAPIScopes(List<String> scopes, String roleName) {
         List<Scope> convertedScopes = new ArrayList<>();
         Scope convertedScope;
-        for (org.wso2.carbon.device.mgt.jaxrs.beans.Scope scope : scopes) {
+        for (String scope : scopes) {
             convertedScope = new Scope();
-            convertedScope.setKey(scope.getKey());
-            convertedScope.setName(scope.getName());
-            convertedScope.setDescription(scope.getDescription());
-            convertedScope.setRoles(scope.getRoles());
+            convertedScope.setKey(scope);
+            convertedScope.setRoles(roleName);
             convertedScopes.add(convertedScope);
         }
         return convertedScopes;
@@ -87,12 +85,18 @@ public class DeviceMgtUtil {
             convertedScope.setKey(scope.getKey());
             convertedScope.setName(scope.getName());
             convertedScope.setDescription(scope.getDescription());
-            convertedScope.setRoles(scope.getRoles());
             convertedScopes.add(convertedScope);
         }
         return convertedScopes;
     }
 
+    public static List<String> convertAPIScopesToScopeKeys(List<Scope> scopes) {
+        List<String> convertedScopes = new ArrayList<>();
+        for (Scope scope : scopes) {
+            convertedScopes.add(scope.getKey());
+        }
+        return convertedScopes;
+    }
     /**
      * Returns a new BadRequestException
      *
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementService.java
index b90011aaf0..2d60dbd1f0 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementService.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementService.java
@@ -34,6 +34,15 @@ public interface ScopeManagementService {
      */
     void updateScopes(List<Scope> scopes) throws ScopeManagementException;
 
+    /**
+     * This method is used to update the given list of scopes keys with the role name.
+     *
+     * @param scopeKeys List of scopes to be updated.
+     * @param roleName Role name
+     * @throws ScopeManagementException
+     */
+    void updateScopes(List<String> scopeKeys, String roleName) throws ScopeManagementException;
+
     /**
      * This method is used to retrieve all the scopes.
      *
@@ -50,4 +59,20 @@ public interface ScopeManagementService {
      */
     String getRolesOfScope(String scopeKey) throws ScopeManagementException;
 
+    /**
+     * This method is to retrieve the scopes of the given role
+     * @param roleName key of the scope
+     * @return List of scopes
+     * @throws ScopeManagementException
+     */
+    List<Scope> getScopesOfRole(String roleName) throws ScopeManagementException;
+
+    /**
+     * This method is used to remove the scopes of a given user role.
+     *
+     * @param roleName Role name
+     * @throws ScopeManagementException
+     */
+    void removeScopes(String roleName) throws ScopeManagementException;
+
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/ScopeManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/ScopeManagementServiceImpl.java
index 59418e760f..e476fc5cad 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/ScopeManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/ScopeManagementServiceImpl.java
@@ -18,6 +18,7 @@
 
 package org.wso2.carbon.device.mgt.core.scope.mgt;
 
+import org.apache.commons.lang.StringUtils;
 import org.wso2.carbon.apimgt.api.model.Scope;
 import org.wso2.carbon.device.mgt.common.TransactionManagementException;
 import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException;
@@ -44,7 +45,34 @@ public class ScopeManagementServiceImpl implements ScopeManagementService {
 
     @Override
     public void updateScopes(List<Scope> scopes) throws ScopeManagementException {
-        try{
+        try {
+            ScopeManagementDAOFactory.beginTransaction();
+            scopeManagementDAO.updateScopes(scopes);
+            ScopeManagementDAOFactory.commitTransaction();
+        } catch (TransactionManagementException e) {
+            ScopeManagementDAOFactory.rollbackTransaction();
+            throw new ScopeManagementException("Transactional error occurred while adding the scopes.", e);
+        } catch (ScopeManagementDAOException e) {
+            ScopeManagementDAOFactory.rollbackTransaction();
+            throw new ScopeManagementException("Error occurred while adding the scopes to database.", e);
+        } finally {
+            ScopeManagementDAOFactory.closeConnection();
+        }
+    }
+
+    @Override
+    public void updateScopes(List<String> scopeKeys, String roleName) throws ScopeManagementException {
+        List<Scope> scopes = new ArrayList<>();
+        try {
+            List<Scope> allScopes = this.getAllScopes();
+            for (Scope scope : allScopes) {
+                for (String key : scopeKeys) {
+                    if (scope.getKey().equals(key)) {
+                        scope.setRoles(scope.getRoles() + "," + roleName);
+                        scopes.add(scope);
+                    }
+                }
+            }
             ScopeManagementDAOFactory.beginTransaction();
             scopeManagementDAO.updateScopes(scopes);
             ScopeManagementDAOFactory.commitTransaction();
@@ -62,7 +90,7 @@ public class ScopeManagementServiceImpl implements ScopeManagementService {
     @Override
     public List<Scope> getAllScopes() throws ScopeManagementException {
         List<Scope> scopes = new ArrayList<>();
-        try{
+        try {
             ScopeManagementDAOFactory.openConnection();
             scopes = scopeManagementDAO.getAllScopes();
         } catch (SQLException e) {
@@ -94,4 +122,52 @@ public class ScopeManagementServiceImpl implements ScopeManagementService {
         return roles;
     }
 
+    @Override
+    public List<Scope> getScopesOfRole(String roleName) throws ScopeManagementException {
+        if (roleName == null || roleName.isEmpty()) {
+            throw new ScopeManagementException("Role name is null or empty");
+        }
+        List<Scope> filteredScopes = new ArrayList<>();
+        try {
+            ScopeManagementDAOFactory.openConnection();
+            List<Scope> allScopes = scopeManagementDAO.getScopesHavingRole(roleName);
+
+            String roles[];
+            for (Scope scope : allScopes) {
+                roles = scope.getRoles().split(",");
+                for (String role : roles) {
+                    if (roleName.equals(role.trim())) {
+                        filteredScopes.add(scope);
+                    }
+                }
+            }
+        } catch (SQLException e) {
+            throw new ScopeManagementException("SQL error occurred while retrieving scopes of role from database.", e);
+        } catch (ScopeManagementDAOException e) {
+            throw new ScopeManagementException("Error occurred while retrieving scopes of role from database.", e);
+        } finally {
+            ScopeManagementDAOFactory.closeConnection();
+        }
+        return filteredScopes;
+    }
+
+    @Override
+    public void removeScopes(String roleName) throws ScopeManagementException {
+
+        List<Scope> scopes = this.getScopesOfRole(roleName);
+        String roles[];
+        ArrayList<String> filteredRoles = new ArrayList<>();
+        for (Scope scope : scopes) {
+            roles = scope.getRoles().split(",");
+            for (String role : roles) {
+                if (!roleName.equals(role.trim())) {
+                    filteredRoles.add(role);
+                }
+            }
+            scope.setRoles(StringUtils.join(filteredRoles, ","));
+            filteredRoles.clear();
+        }
+        this.updateScopes(scopes);
+    }
+
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAO.java
index 38517f6c4e..b15efcc2e7 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAO.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/ScopeManagementDAO.java
@@ -51,4 +51,14 @@ public interface ScopeManagementDAO {
      */
     String getRolesOfScope(String scopeKey) throws ScopeManagementDAOException;
 
+    /**
+     * This method is to retrieve all the scopes of the given role name.
+     * Thus it returns the scopes even if the part of the given name is matched.
+     *
+     * @param roleName Role name
+     * @return List of scopes
+     * @throws ScopeManagementDAOException
+     */
+    List<Scope> getScopesHavingRole(String roleName) throws ScopeManagementDAOException;
+
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/impl/ScopeManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/impl/ScopeManagementDAOImpl.java
index 7e46392446..676da007d3 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/impl/ScopeManagementDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/scope/mgt/dao/impl/ScopeManagementDAOImpl.java
@@ -64,23 +64,14 @@ public class ScopeManagementDAOImpl implements ScopeManagementDAO {
         Connection conn;
         PreparedStatement stmt = null;
         ResultSet rs = null;
-        List<Scope> scopes = new ArrayList<>();
-        Scope scope;
+        List<Scope> scopes;
 
         try {
             conn = this.getConnection();
             String sql = "SELECT * FROM IDN_OAUTH2_SCOPE";
             stmt = conn.prepareStatement(sql);
             rs = stmt.executeQuery();
-
-            while (rs.next()) {
-                scope = new Scope();
-                scope.setKey(rs.getString("SCOPE_KEY"));
-                scope.setName(rs.getString("NAME"));
-                scope.setDescription(rs.getString("DESCRIPTION"));
-                scope.setRoles(rs.getString("ROLES"));
-                scopes.add(scope);
-            }
+            scopes = this.getScopesFromResultSet(rs);
             return scopes;
         } catch (SQLException e) {
             throw new ScopeManagementDAOException("Error occurred while fetching the details of the scopes.", e);
@@ -114,8 +105,44 @@ public class ScopeManagementDAOImpl implements ScopeManagementDAO {
         }
     }
 
+    @Override
+    public List<Scope> getScopesHavingRole(String roleName) throws ScopeManagementDAOException {
+        Connection conn;
+        PreparedStatement stmt = null;
+        ResultSet rs = null;
+        List<Scope> scopes;
+
+        try {
+            conn = this.getConnection();
+            String sql = "SELECT * FROM IDN_OAUTH2_SCOPE WHERE ROLES LIKE ?";
+            stmt = conn.prepareStatement(sql);
+            stmt.setString(1, "%" + roleName + "%");
+            rs = stmt.executeQuery();
+            scopes = this.getScopesFromResultSet(rs);
+            return scopes;
+        } catch (SQLException e) {
+            throw new ScopeManagementDAOException("Error occurred while fetching the details of the scopes.", e);
+        } finally {
+            ScopeManagementDAOUtil.cleanupResources(stmt, rs);
+        }
+    }
+
     private Connection getConnection() throws SQLException {
         return ScopeManagementDAOFactory.getConnection();
     }
 
+    private List<Scope> getScopesFromResultSet(ResultSet rs) throws SQLException {
+        List<Scope> scopes = new ArrayList<>();
+        Scope scope;
+        while (rs.next()) {
+            scope = new Scope();
+            scope.setKey(rs.getString("SCOPE_KEY"));
+            scope.setName(rs.getString("NAME"));
+            scope.setDescription(rs.getString("DESCRIPTION"));
+            scope.setRoles(rs.getString("ROLES"));
+            scopes.add(scope);
+        }
+        return scopes;
+    }
+
 }

From d628699e8b0bf8774b920eef16c82581944756e5 Mon Sep 17 00:00:00 2001
From: harshanl <harshan@wso2.com>
Date: Mon, 15 Aug 2016 20:17:20 +0530
Subject: [PATCH 8/8] Fixed repeating task operations.

---
 .../operation/mgt/OperationManagerImpl.java   | 45 ++++++++++++++++---
 .../core/operation/mgt/dao/OperationDAO.java  |  2 +
 .../mgt/dao/impl/GenericOperationDAOImpl.java | 38 ++++++++++++++++
 3 files changed, 78 insertions(+), 7 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java
index 5dbe2870b2..41949eeb18 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java
@@ -32,6 +32,8 @@ import org.wso2.carbon.device.mgt.common.push.notification.NotificationContext;
 import org.wso2.carbon.device.mgt.common.push.notification.NotificationStrategy;
 import org.wso2.carbon.device.mgt.common.push.notification.PushNotificationExecutionFailedException;
 import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
+import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
+import org.wso2.carbon.device.mgt.core.config.task.TaskConfiguration;
 import org.wso2.carbon.device.mgt.core.dao.DeviceDAO;
 import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOException;
 import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory;
@@ -106,16 +108,34 @@ public class OperationManagerImpl implements OperationManager {
             org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation operationDto =
                     OperationDAOUtil.convertOperation(operation);
             int operationId = this.lookupOperationDAO(operation).addOperation(operationDto);
+            boolean isScheduledOperation = this.isTaskScheduledOperation(operation);
+            boolean isNotRepeated = false;
+            boolean hasExistingTaskOperation;
+            int enrolmentId;
+            if (operationDto.getControl() ==
+                org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation.Control.NO_REPEAT) {
+                isNotRepeated = true;
+            }
+
             //TODO have to create a sql to load device details from deviceDAO using single query.
+            String operationCode = operationDto.getCode();
             for (DeviceIdentifier deviceId : deviceIds) {
                 Device device = getDevice(deviceId);
-                if (operationDto.getControl() ==
-                        org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation.Control.NO_REPEAT) {
-                    operationDAO.updateEnrollmentOperationsStatus(device.getEnrolmentInfo().getId(), operationDto.getCode(),
-                            org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation.Status.PENDING,
-                            org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation.Status.REPEATED);
+                enrolmentId = device.getEnrolmentInfo().getId();
+                //Do not repeat the task operations
+                if (isScheduledOperation) {
+                    hasExistingTaskOperation = operationDAO.updateTaskOperation(enrolmentId, operationCode);
+                    if (!hasExistingTaskOperation) {
+                        operationMappingDAO.addOperationMapping(operationId, enrolmentId);
+                    }
+                } else if (isNotRepeated) {
+                    operationDAO.updateEnrollmentOperationsStatus(enrolmentId, operationCode,
+                                      org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation.Status.PENDING,
+                                           org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation.Status.REPEATED);
+                    operationMappingDAO.addOperationMapping(operationId, enrolmentId);
+                } else {
+                    operationMappingDAO.addOperationMapping(operationId, enrolmentId);
                 }
-                operationMappingDAO.addOperationMapping(operationId, device.getEnrolmentInfo().getId());
                 if (notificationStrategy != null) {
                     try {
                         notificationStrategy.execute(new NotificationContext(deviceId, operation));
@@ -129,7 +149,7 @@ public class OperationManagerImpl implements OperationManager {
             OperationManagementDAOFactory.commitTransaction();
             Activity activity = new Activity();
             activity.setActivityId(DeviceManagementConstants.OperationAttributes.ACTIVITY + operationId);
-            activity.setCode(operationDto.getCode());
+            activity.setCode(operationCode);
             activity.setCreatedTimeStamp(new Date().toString());
             activity.setType(Activity.Type.valueOf(operationDto.getType().toString()));
             return activity;
@@ -788,4 +808,15 @@ public class OperationManagerImpl implements OperationManager {
         return enrolmentId;
     }
 
+    private boolean isTaskScheduledOperation(Operation operation) {
+        TaskConfiguration taskConfiguration =  DeviceConfigurationManager.getInstance().getDeviceManagementConfig().
+                                                                                                 getTaskConfiguration();
+        for (TaskConfiguration.Operation op:taskConfiguration.getOperations()) {
+            if (operation.getCode().equals(op.getOperationName())) {
+                return true;
+            }
+        }
+        return false;
+    }
+
 }
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/dao/OperationDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/dao/OperationDAO.java
index 51a9ba4df7..e07d251319 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/dao/OperationDAO.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/dao/OperationDAO.java
@@ -60,6 +60,8 @@ public interface OperationDAO {
     void updateEnrollmentOperationsStatus(int enrolmentId, String operationCode, Operation.Status existingStatus,
                                           Operation.Status newStatus) throws OperationManagementDAOException;
 
+    boolean updateTaskOperation(int enrolmentId, String operationCode) throws OperationManagementDAOException;
+
     void addOperationResponse(int enrolmentId, int operationId, Object operationResponse)
             throws OperationManagementDAOException;
 
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/dao/impl/GenericOperationDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/dao/impl/GenericOperationDAOImpl.java
index d52922db62..a6a679b4dd 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/dao/impl/GenericOperationDAOImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/dao/impl/GenericOperationDAOImpl.java
@@ -153,6 +153,44 @@ public class GenericOperationDAOImpl implements OperationDAO {
         }
     }
 
+    @Override
+    public boolean updateTaskOperation(int enrolmentId, String operationCode)
+            throws OperationManagementDAOException {
+        PreparedStatement stmt = null;
+        ResultSet rs = null;
+        boolean result = false;
+        try {
+            Connection connection = OperationManagementDAOFactory.getConnection();
+            String query = "SELECT EOM.ID FROM DM_ENROLMENT_OP_MAPPING AS EOM INNER JOIN DM_OPERATION DM " +
+                           "ON DM.ID = EOM.OPERATION_ID WHERE EOM.ENROLMENT_ID = ? AND DM.OPERATION_CODE = ? AND " +
+                           "EOM.STATUS = ?;";
+            stmt = connection.prepareStatement(query);
+            stmt.setInt(1, enrolmentId);
+            stmt.setString(2, operationCode);
+            stmt.setString(3, Operation.Status.PENDING.toString());
+            // This will return only one result always.
+            rs = stmt.executeQuery();
+            int id = 0;
+            if (rs.next()) {
+                id = rs.getInt("ID");
+            }
+            if (id != 0) {
+                stmt = connection.prepareStatement("UPDATE DM_ENROLMENT_OP_MAPPING SET UPDATED_TIMESTAMP = ?  " +
+                                                   "WHERE ID = ?");
+                stmt.setLong(1, System.currentTimeMillis() / 1000);
+                stmt.setInt(2, id);
+                stmt.executeUpdate();
+                result = true;
+            }
+        } catch (SQLException e) {
+            throw new OperationManagementDAOException("Error occurred while update device mapping operation status " +
+                                                      "metadata", e);
+        } finally {
+            OperationManagementDAOUtil.cleanupResources(stmt);
+        }
+        return result;
+    }
+
     @Override
     public void addOperationResponse(int enrolmentId, int operationId, Object operationResponse)
             throws OperationManagementDAOException {