Merge remote-tracking branch 'entgra/master' into entgra-master

revert-70aa11f8
Charitha Goonetilleke 6 years ago
commit e78a2a1279

@ -4,8 +4,11 @@
[![pipeline status](https://gitlab.com/entgra/carbon-device-mgt/badges/master/pipeline.svg)](https://gitlab.com/entgra/carbon-device-mgt/commits/master) [![pipeline status](https://gitlab.com/entgra/carbon-device-mgt/badges/master/pipeline.svg)](https://gitlab.com/entgra/carbon-device-mgt/commits/master)
WSO2 CONNECTED DEVICE MANAGEMENT COMPONENTS Entgra CONNECTED DEVICE MANAGEMENT COMPONENTS
WSO2 Connected Device Manager (WSO2 CDM) is a comprehensive platform that helps solve mobile computing challenges enterprises face today when dealing with both corporate owned, personally enabled (COPE) devices and employee owned devices as part of a bring your own device (BYOD) program. Entgra Connected Device Manager (Entgra CDM) is a comprehensive platform that helps solve mobile computing challenges
enterprises face today when dealing with both corporate owned, personally enabled (COPE) devices and employee owned devices as part of a bring your own device (BYOD) program.
Whether it is device provisioning, device configuration management, policy enforcement, mobile application management, device data security, or compliance monitoring, WSO2 CDM offers a single enterprise-grade platform to develop extensions for IOT related device types. Whether it is device provisioning, device configuration management, policy enforcement, mobile application
management, device data security, or compliance monitoring, Entgra CDM offers a single enterprise-grade platform to
develop extensions for IOT related device types.

@ -25,4 +25,7 @@ public class Constants {
public static final String PROP_AND = "PROP_AND"; public static final String PROP_AND = "PROP_AND";
public static final String PROP_OR = "PROP_OR"; public static final String PROP_OR = "PROP_OR";
public static final String LOCATION = "LOCATION"; public static final String LOCATION = "LOCATION";
public static final String ANY_DEVICE_PERMISSION = "/device-mgt/devices/any-device";
public static final String UI_EXECUTE = "ui.execute";
} }

@ -25,8 +25,6 @@ import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier; import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.DeviceManagementConstants; import org.wso2.carbon.device.mgt.common.DeviceManagementConstants;
import org.wso2.carbon.device.mgt.common.EnrolmentInfo; import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
import org.wso2.carbon.device.mgt.common.device.details.DeviceInfo; import org.wso2.carbon.device.mgt.common.device.details.DeviceInfo;
import org.wso2.carbon.device.mgt.common.device.details.DeviceLocation; import org.wso2.carbon.device.mgt.common.device.details.DeviceLocation;
import org.wso2.carbon.device.mgt.common.search.SearchContext; import org.wso2.carbon.device.mgt.common.search.SearchContext;
@ -34,11 +32,21 @@ import org.wso2.carbon.device.mgt.core.dao.ApplicationDAO;
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOException; import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOException;
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory; import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory;
import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil; import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder; import org.wso2.carbon.device.mgt.core.search.mgt.Constants;
import org.wso2.carbon.device.mgt.core.search.mgt.*; import org.wso2.carbon.device.mgt.core.search.mgt.InvalidOperatorException;
import org.wso2.carbon.device.mgt.core.search.mgt.Processor;
import org.wso2.carbon.device.mgt.core.search.mgt.QueryBuilder;
import org.wso2.carbon.device.mgt.core.search.mgt.QueryHolder;
import org.wso2.carbon.device.mgt.core.search.mgt.ResultSetAggregator;
import org.wso2.carbon.device.mgt.core.search.mgt.SearchMgtException;
import org.wso2.carbon.device.mgt.core.search.mgt.ValueType;
import org.wso2.carbon.device.mgt.core.search.mgt.dao.SearchDAOException; import org.wso2.carbon.device.mgt.core.search.mgt.dao.SearchDAOException;
import java.sql.*; import java.sql.Array;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
@ -47,17 +55,9 @@ import java.util.Map;
public class ProcessorImpl implements Processor { public class ProcessorImpl implements Processor {
private ApplicationDAO applicationDAO; private ApplicationDAO applicationDAO;
private static final Log log = LogFactory.getLog(ProcessorImpl.class); private static final Log log = LogFactory.getLog(ProcessorImpl.class);
private DeviceAccessAuthorizationService deviceAccessAuthorizationService;
public ProcessorImpl() { public ProcessorImpl() {
applicationDAO = DeviceManagementDAOFactory.getApplicationDAO(); applicationDAO = DeviceManagementDAOFactory.getApplicationDAO();
deviceAccessAuthorizationService = DeviceManagementDataHolder.getInstance()
.getDeviceAccessAuthorizationService();
if (deviceAccessAuthorizationService == null) {
String msg = "DeviceAccessAuthorization service has not initialized.";
log.error(msg);
throw new IllegalStateException(msg);
}
} }
@Override @Override
@ -115,35 +115,10 @@ public class ProcessorImpl implements Processor {
devices.put(Constants.LOCATION, locationDevices); devices.put(Constants.LOCATION, locationDevices);
List<Device> finalDevices = aggregator.aggregate(devices); List<Device> finalDevices = aggregator.aggregate(devices);
finalDevices = authorizedDevices(finalDevices);
this.setApplicationListOfDevices(finalDevices); this.setApplicationListOfDevices(finalDevices);
return finalDevices; return finalDevices;
} }
/**
* To get the authorized devices for a particular user
*
* @param devices Devices that satisfy search results
* @return Devices that satisfy search results and authorized to be viewed by particular user
*/
private List<Device> authorizedDevices(List<Device> devices) throws SearchMgtException {
List<Device> filteredList = new ArrayList<>();
try {
for (Device device : devices) {
DeviceIdentifier deviceIdentifier = new DeviceIdentifier(device.getDeviceIdentifier(),
device.getType());
if (deviceAccessAuthorizationService != null && deviceAccessAuthorizationService
.isUserAuthorized(deviceIdentifier)) {
filteredList.add(device);
}
}
return filteredList;
} catch (DeviceAccessAuthorizationException e) {
log.error("Error getting authorized search results for logged in user");
throw new SearchMgtException(e);
}
}
@Override @Override
public List<Device> getUpdatedDevices(long epochTime) throws SearchMgtException { public List<Device> getUpdatedDevices(long epochTime) throws SearchMgtException {
@ -256,7 +231,6 @@ public class ProcessorImpl implements Processor {
PreparedStatement stmt = null; PreparedStatement stmt = null;
ResultSet rs = null; ResultSet rs = null;
List<Device> devices = new ArrayList<>(); List<Device> devices = new ArrayList<>();
Map<Integer, Integer> devs = new HashMap<>();
try { try {
conn = this.getConnection(); conn = this.getConnection();
stmt = conn.prepareStatement(queryHolder.getQuery()); stmt = conn.prepareStatement(queryHolder.getQuery());
@ -281,59 +255,57 @@ public class ProcessorImpl implements Processor {
rs = stmt.executeQuery(); rs = stmt.executeQuery();
while (rs.next()) { while (rs.next()) {
if (!devs.containsKey(rs.getInt("ID"))) { Device device = new Device();
Device device = new Device(); device.setId(rs.getInt("ID"));
device.setId(rs.getInt("ID")); device.setDescription(rs.getString("DESCRIPTION"));
device.setDescription(rs.getString("DESCRIPTION")); device.setName(rs.getString("NAME"));
device.setName(rs.getString("NAME")); device.setType(rs.getString("DEVICE_TYPE_NAME"));
device.setType(rs.getString("DEVICE_TYPE_NAME")); device.setDeviceIdentifier(rs.getString("DEVICE_IDENTIFICATION"));
device.setDeviceIdentifier(rs.getString("DEVICE_IDENTIFICATION"));
EnrolmentInfo enrolmentInfo = new EnrolmentInfo();
EnrolmentInfo enrolmentInfo = new EnrolmentInfo(); enrolmentInfo.setId(rs.getInt("ENROLLMENT_ID"));
enrolmentInfo.setStatus(EnrolmentInfo.Status.valueOf(rs.getString("DE_STATUS"))); enrolmentInfo.setStatus(EnrolmentInfo.Status.valueOf(rs.getString("DE_STATUS")));
enrolmentInfo.setOwner(rs.getString("OWNER")); enrolmentInfo.setOwner(rs.getString("OWNER"));
enrolmentInfo.setOwnership(EnrolmentInfo.OwnerShip.valueOf(rs.getString("OWNERSHIP"))); enrolmentInfo.setOwnership(EnrolmentInfo.OwnerShip.valueOf(rs.getString("OWNERSHIP")));
device.setEnrolmentInfo(enrolmentInfo); device.setEnrolmentInfo(enrolmentInfo);
DeviceIdentifier identifier = new DeviceIdentifier(); DeviceIdentifier identifier = new DeviceIdentifier();
identifier.setType(rs.getString("DEVICE_TYPE_NAME")); identifier.setType(rs.getString("DEVICE_TYPE_NAME"));
identifier.setId(rs.getString("DEVICE_IDENTIFICATION")); identifier.setId(rs.getString("DEVICE_IDENTIFICATION"));
DeviceInfo deviceInfo = new DeviceInfo(); DeviceInfo deviceInfo = new DeviceInfo();
deviceInfo.setAvailableRAMMemory(rs.getDouble("AVAILABLE_RAM_MEMORY")); deviceInfo.setAvailableRAMMemory(rs.getDouble("AVAILABLE_RAM_MEMORY"));
deviceInfo.setBatteryLevel(rs.getDouble("BATTERY_LEVEL")); deviceInfo.setBatteryLevel(rs.getDouble("BATTERY_LEVEL"));
deviceInfo.setConnectionType(rs.getString("CONNECTION_TYPE")); deviceInfo.setConnectionType(rs.getString("CONNECTION_TYPE"));
deviceInfo.setCpuUsage(rs.getDouble("CPU_USAGE")); deviceInfo.setCpuUsage(rs.getDouble("CPU_USAGE"));
deviceInfo.setDeviceModel(rs.getString("DEVICE_MODEL")); deviceInfo.setDeviceModel(rs.getString("DEVICE_MODEL"));
deviceInfo.setExternalAvailableMemory(rs.getDouble("EXTERNAL_AVAILABLE_MEMORY")); deviceInfo.setExternalAvailableMemory(rs.getDouble("EXTERNAL_AVAILABLE_MEMORY"));
deviceInfo.setExternalTotalMemory(rs.getDouble("EXTERNAL_TOTAL_MEMORY")); deviceInfo.setExternalTotalMemory(rs.getDouble("EXTERNAL_TOTAL_MEMORY"));
deviceInfo.setInternalAvailableMemory(rs.getDouble("INTERNAL_AVAILABLE_MEMORY")); deviceInfo.setInternalAvailableMemory(rs.getDouble("INTERNAL_AVAILABLE_MEMORY"));
deviceInfo.setInternalTotalMemory(rs.getDouble("EXTERNAL_TOTAL_MEMORY")); deviceInfo.setInternalTotalMemory(rs.getDouble("EXTERNAL_TOTAL_MEMORY"));
deviceInfo.setOsVersion(rs.getString("OS_VERSION")); deviceInfo.setOsVersion(rs.getString("OS_VERSION"));
deviceInfo.setOsBuildDate(rs.getString("OS_BUILD_DATE")); deviceInfo.setOsBuildDate(rs.getString("OS_BUILD_DATE"));
deviceInfo.setPluggedIn(rs.getBoolean("PLUGGED_IN")); deviceInfo.setPluggedIn(rs.getBoolean("PLUGGED_IN"));
deviceInfo.setSsid(rs.getString("SSID")); deviceInfo.setSsid(rs.getString("SSID"));
deviceInfo.setTotalRAMMemory(rs.getDouble("TOTAL_RAM_MEMORY")); deviceInfo.setTotalRAMMemory(rs.getDouble("TOTAL_RAM_MEMORY"));
deviceInfo.setVendor(rs.getString("VENDOR")); deviceInfo.setVendor(rs.getString("VENDOR"));
deviceInfo.setUpdatedTime(new java.util.Date(rs.getLong("UPDATE_TIMESTAMP"))); deviceInfo.setUpdatedTime(new java.util.Date(rs.getLong("UPDATE_TIMESTAMP")));
DeviceLocation deviceLocation = new DeviceLocation(); DeviceLocation deviceLocation = new DeviceLocation();
deviceLocation.setLatitude(rs.getDouble("LATITUDE")); deviceLocation.setLatitude(rs.getDouble("LATITUDE"));
deviceLocation.setLongitude(rs.getDouble("LONGITUDE")); deviceLocation.setLongitude(rs.getDouble("LONGITUDE"));
deviceLocation.setStreet1(rs.getString("STREET1")); deviceLocation.setStreet1(rs.getString("STREET1"));
deviceLocation.setStreet2(rs.getString("STREET2")); deviceLocation.setStreet2(rs.getString("STREET2"));
deviceLocation.setCity(rs.getString("CITY")); deviceLocation.setCity(rs.getString("CITY"));
deviceLocation.setState(rs.getString("STATE")); deviceLocation.setState(rs.getString("STATE"));
deviceLocation.setZip(rs.getString("ZIP")); deviceLocation.setZip(rs.getString("ZIP"));
deviceLocation.setCountry(rs.getString("COUNTRY")); deviceLocation.setCountry(rs.getString("COUNTRY"));
deviceLocation.setDeviceId(rs.getInt("ID")); deviceLocation.setDeviceId(rs.getInt("ID"));
deviceLocation.setUpdatedTime(new java.util.Date(rs.getLong("DL_UPDATED_TIMESTAMP"))); deviceLocation.setUpdatedTime(new java.util.Date(rs.getLong("DL_UPDATED_TIMESTAMP")));
deviceInfo.setLocation(deviceLocation); deviceInfo.setLocation(deviceLocation);
device.setDeviceInfo(deviceInfo); device.setDeviceInfo(deviceInfo);
devices.add(device); devices.add(device);
devs.put(device.getId(), device.getId());
}
} }
} catch (SQLException e) { } catch (SQLException e) {
throw new SearchDAOException("Error occurred while aquiring the device details.", e); throw new SearchDAOException("Error occurred while aquiring the device details.", e);

@ -331,7 +331,7 @@ public class QueryBuilderImpl implements QueryBuilder {
"DD.EXTERNAL_TOTAL_MEMORY, DD.EXTERNAL_AVAILABLE_MEMORY, DD.CONNECTION_TYPE, \n" + "DD.EXTERNAL_TOTAL_MEMORY, DD.EXTERNAL_AVAILABLE_MEMORY, DD.CONNECTION_TYPE, \n" +
"DD.SSID, DD.CPU_USAGE, DD.TOTAL_RAM_MEMORY, DD.AVAILABLE_RAM_MEMORY, \n" + "DD.SSID, DD.CPU_USAGE, DD.TOTAL_RAM_MEMORY, DD.AVAILABLE_RAM_MEMORY, \n" +
"DD.PLUGGED_IN, DD.UPDATE_TIMESTAMP, DL.LATITUDE, DL.LONGITUDE, DL.STREET1, DL.STREET2, DL.CITY, DL.ZIP, \n" + "DD.PLUGGED_IN, DD.UPDATE_TIMESTAMP, DL.LATITUDE, DL.LONGITUDE, DL.STREET1, DL.STREET2, DL.CITY, DL.ZIP, \n" +
"DL.STATE, DL.COUNTRY, DL.UPDATE_TIMESTAMP AS DL_UPDATED_TIMESTAMP, DE.OWNER, DE.OWNERSHIP, DE.STATUS " + "DL.STATE, DL.COUNTRY, DL.UPDATE_TIMESTAMP AS DL_UPDATED_TIMESTAMP, DE.ID AS ENROLLMENT_ID, DE.OWNER, DE.OWNERSHIP, DE.STATUS " +
"AS DE_STATUS FROM DM_DEVICE_DETAIL DD INNER JOIN DM_DEVICE D ON D.ID=DD.DEVICE_ID\n" + "AS DE_STATUS FROM DM_DEVICE_DETAIL DD INNER JOIN DM_DEVICE D ON D.ID=DD.DEVICE_ID\n" +
"LEFT JOIN DM_DEVICE_LOCATION DL ON DL.DEVICE_ID=D.ID \n" + "LEFT JOIN DM_DEVICE_LOCATION DL ON DL.DEVICE_ID=D.ID \n" +
"INNER JOIN DM_DEVICE_TYPE DT ON DT.ID=D.DEVICE_TYPE_ID\n" + "INNER JOIN DM_DEVICE_TYPE DT ON DT.ID=D.DEVICE_TYPE_ID\n" +
@ -359,7 +359,7 @@ public class QueryBuilderImpl implements QueryBuilder {
"DD.SSID, DD.CPU_USAGE, DD.TOTAL_RAM_MEMORY, DD.AVAILABLE_RAM_MEMORY, \n" + "DD.SSID, DD.CPU_USAGE, DD.TOTAL_RAM_MEMORY, DD.AVAILABLE_RAM_MEMORY, \n" +
"DD.PLUGGED_IN, DD.UPDATE_TIMESTAMP, DL.LATITUDE, DL.LONGITUDE, DL.STREET1, DL.STREET2, DL.CITY, DL.ZIP, \n" + "DD.PLUGGED_IN, DD.UPDATE_TIMESTAMP, DL.LATITUDE, DL.LONGITUDE, DL.STREET1, DL.STREET2, DL.CITY, DL.ZIP, \n" +
"DL.STATE, DL.COUNTRY, DL.UPDATE_TIMESTAMP AS DL_UPDATED_TIMESTAMP, DI.KEY_FIELD, DI.VALUE_FIELD, \n" + "DL.STATE, DL.COUNTRY, DL.UPDATE_TIMESTAMP AS DL_UPDATED_TIMESTAMP, DI.KEY_FIELD, DI.VALUE_FIELD, \n" +
"DE.OWNER, DE.OWNERSHIP, DE.STATUS AS DE_STATUS " + "DE.ID ENROLLMENT_ID, DE.OWNER, DE.OWNERSHIP, DE.STATUS AS DE_STATUS " +
"FROM DM_DEVICE_DETAIL DD INNER JOIN DM_DEVICE D ON D.ID=DD.DEVICE_ID\n" + "FROM DM_DEVICE_DETAIL DD INNER JOIN DM_DEVICE D ON D.ID=DD.DEVICE_ID\n" +
"LEFT JOIN DM_DEVICE_LOCATION DL ON DL.DEVICE_ID=D.ID \n" + "LEFT JOIN DM_DEVICE_LOCATION DL ON DL.DEVICE_ID=D.ID \n" +
"INNER JOIN DM_DEVICE_TYPE DT ON DT.ID=D.DEVICE_TYPE_ID\n" + "INNER JOIN DM_DEVICE_TYPE DT ON DT.ID=D.DEVICE_TYPE_ID\n" +

@ -19,9 +19,16 @@
package org.wso2.carbon.device.mgt.core.search.mgt.impl; package org.wso2.carbon.device.mgt.core.search.mgt.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionUtils;
import org.wso2.carbon.device.mgt.core.search.mgt.Constants; import org.wso2.carbon.device.mgt.core.search.mgt.Constants;
import org.wso2.carbon.device.mgt.core.search.mgt.ResultSetAggregator; import org.wso2.carbon.device.mgt.core.search.mgt.ResultSetAggregator;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
@ -29,16 +36,17 @@ import java.util.List;
import java.util.Map; import java.util.Map;
public class ResultSetAggregatorImpl implements ResultSetAggregator { public class ResultSetAggregatorImpl implements ResultSetAggregator {
private static Log log = LogFactory.getLog(ResultSetAggregatorImpl.class);
@Override @Override
public List<Device> aggregate(Map<String, List<Device>> devices) { public List<Device> aggregate(Map<String, List<Device>> devices) {
Map<Integer, Device> generalQueryMap = this.convertToMap(devices.get(Constants.GENERAL)); Map<Integer, Device> generalQueryMap = this.convertToMap(devices.get(Constants.GENERAL));
Map<Integer, Device> andMap = this.convertToMap(devices.get(Constants.PROP_AND)); Map<Integer, Device> andMap = this.convertToMap(devices.get(Constants.PROP_AND));
Map<Integer, Device> orMap = this.convertToMap(devices.get(Constants.PROP_OR)); Map<Integer, Device> orMap = this.convertToMap(devices.get(Constants.PROP_OR));
Map<Integer, Device> locationMap = this.convertToMap(devices.get(Constants.LOCATION)); Map<Integer, Device> locationMap = this.convertToMap(devices.get(Constants.LOCATION));
Map<Integer, Device> finalMap = new HashMap<>(); Map<Integer, Device> finalMap = new HashMap<>();
List<Device> finalResult = new ArrayList<>(); List<Device> finalResult = new ArrayList<>();
List<Device> ownDevices = new ArrayList<>();
if (andMap.isEmpty()) { if (andMap.isEmpty()) {
finalMap = generalQueryMap; finalMap = generalQueryMap;
@ -70,7 +78,23 @@ public class ResultSetAggregatorImpl implements ResultSetAggregator {
} }
} }
return finalResult; String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
try {
if (isPermittedToViewAnyDevice(username)) {
return finalResult;
}
} catch (UserStoreException e) {
log.error("Unable to check permissions of the user: " + username, e);
}
for (Device device: finalResult) {
if (username.equals(device.getEnrolmentInfo().getOwner())) {
ownDevices.add(device);
}
}
return ownDevices;
} }
private Map<Integer, Device> convertToMap(List<Device> devices) { private Map<Integer, Device> convertToMap(List<Device> devices) {
@ -79,7 +103,7 @@ public class ResultSetAggregatorImpl implements ResultSetAggregator {
} }
Map<Integer, Device> deviceWrapperMap = new HashMap<>(); Map<Integer, Device> deviceWrapperMap = new HashMap<>();
for (Device device : devices) { for (Device device : devices) {
deviceWrapperMap.put(device.getId(), device); deviceWrapperMap.put(device.getEnrolmentInfo().getId(), device);
} }
return deviceWrapperMap; return deviceWrapperMap;
} }
@ -92,4 +116,20 @@ public class ResultSetAggregatorImpl implements ResultSetAggregator {
return list; return list;
} }
/**
* Checks if the user has permissions to view all devices.
*
* @param username username
* @return {@code true} if user is permitted
* @throws UserStoreException If unable to check user permissions
*/
private boolean isPermittedToViewAnyDevice(String username) throws UserStoreException {
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
UserRealm userRealm = DeviceManagementDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId);
return userRealm != null && userRealm.getAuthorizationManager() != null &&
userRealm.getAuthorizationManager().isUserAuthorized(username,
PermissionUtils.getAbsolutePermissionPath(Constants.ANY_DEVICE_PERMISSION),
Constants.UI_EXECUTE);
}
} }

@ -17,14 +17,11 @@
*/ */
package org.wso2.carbon.device.mgt.core.search; package org.wso2.carbon.device.mgt.core.search;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.testng.Assert; import org.testng.Assert;
import org.testng.annotations.BeforeClass; import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test; import org.testng.annotations.Test;
import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier; import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
import org.wso2.carbon.device.mgt.common.search.Condition; import org.wso2.carbon.device.mgt.common.search.Condition;
import org.wso2.carbon.device.mgt.common.search.SearchContext; import org.wso2.carbon.device.mgt.common.search.SearchContext;
import org.wso2.carbon.device.mgt.core.TestDeviceManagementService; import org.wso2.carbon.device.mgt.core.TestDeviceManagementService;
@ -41,7 +38,6 @@ import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl; import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants; import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
import java.lang.reflect.Field;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
@ -50,16 +46,12 @@ import java.util.List;
*/ */
public class ProcessorImplTest extends BaseDeviceManagementTest { public class ProcessorImplTest extends BaseDeviceManagementTest {
private DeviceAccessAuthorizationService deviceAccessAuthorizationService;
private static final Log log = LogFactory.getLog(SearchManagementServiceTest.class);
private static List<DeviceIdentifier> deviceIdentifiers = new ArrayList<>(); private static List<DeviceIdentifier> deviceIdentifiers = new ArrayList<>();
private static final String DEVICE_ID_PREFIX = "SEARCH-DEVICE-ID-"; private static final String DEVICE_ID_PREFIX = "SEARCH-DEVICE-ID-";
private static final String DEVICE_TYPE = "SEARCH_TYPE"; private static final String DEVICE_TYPE = "SEARCH_TYPE";
@BeforeClass @BeforeClass
public void init() throws Exception { public void init() throws Exception {
deviceAccessAuthorizationService = DeviceManagementDataHolder.getInstance()
.getDeviceAccessAuthorizationService();
for (int i = 0; i < 5; i++) { for (int i = 0; i < 5; i++) {
deviceIdentifiers.add(new DeviceIdentifier(DEVICE_ID_PREFIX + i, DEVICE_TYPE)); deviceIdentifiers.add(new DeviceIdentifier(DEVICE_ID_PREFIX + i, DEVICE_TYPE));
} }
@ -81,27 +73,59 @@ public class ProcessorImplTest extends BaseDeviceManagementTest {
} }
} }
@Test(description = "Test the Search Processor") @Test (description = "Search for device with and condition")
public void testWithNoDeviceAccessAuthorization() throws NoSuchFieldException, IllegalAccessException, public void testSearchDevicesWIthAndCondition() throws SearchMgtException {
SearchMgtException {
SearchContext context = new SearchContext(); SearchContext context = new SearchContext();
List<Condition> conditions = new ArrayList<>(); List<Condition> conditions = new ArrayList<>();
Condition cond = new Condition();
cond.setKey("batteryLevel"); Condition condition = new Condition();
cond.setOperator("="); condition.setKey("IMEI");
cond.setValue("40"); condition.setOperator("=");
cond.setState(Condition.State.AND); condition.setValue("e6f236ac82537a8e");
conditions.add(cond); condition.setState(Condition.State.AND);
conditions.add(condition);
context.setConditions(conditions);
ProcessorImpl processor = new ProcessorImpl();
List<Device> devices = processor.execute(context);
Assert.assertEquals(5, devices.size(), "There should be exactly 5 devices with matching search criteria");
}
@Test (description = "Search for device with or condition")
public void testSearchDevicesWIthORCondition() throws SearchMgtException {
SearchContext context = new SearchContext();
List<Condition> conditions = new ArrayList<>();
Condition condition = new Condition();
condition.setKey("IMSI");
condition.setOperator("=");
condition.setValue("432659632123654845");
condition.setState(Condition.State.OR);
conditions.add(condition);
context.setConditions(conditions); context.setConditions(conditions);
ProcessorImpl processor = new ProcessorImpl(); ProcessorImpl processor = new ProcessorImpl();
Field deviceAccessAuthorizationServiceField = ProcessorImpl.class.getDeclaredField List<Device> devices = processor.execute(context);
("deviceAccessAuthorizationService"); Assert.assertEquals(5, devices.size(), "There should be exactly 5 devices with matching search criteria");
deviceAccessAuthorizationServiceField.setAccessible(true);
deviceAccessAuthorizationServiceField.set(processor, null);
List<Device> searchedDevices = processor.execute(context);
Assert.assertEquals(0, searchedDevices.size());
} }
@Test (description = "Search for device with wrong condition")
public void testSearchDevicesWIthWrongCondition() throws SearchMgtException {
SearchContext context = new SearchContext();
List<Condition> conditions = new ArrayList<>();
Condition condition = new Condition();
condition.setKey("IMSI");
condition.setOperator("=");
condition.setValue("43265963212378466");
condition.setState(Condition.State.OR);
conditions.add(condition);
context.setConditions(conditions);
ProcessorImpl processor = new ProcessorImpl();
List<Device> devices = processor.execute(context);
Assert.assertEquals(0, devices.size(), "There should be no devices with matching search criteria");
}
@Test(description = "Test for invalid state") @Test(description = "Test for invalid state")
public void testInvalidState() throws SearchMgtException { public void testInvalidState() throws SearchMgtException {
@ -141,16 +165,4 @@ public class ProcessorImplTest extends BaseDeviceManagementTest {
} }
} }
} }
@Test(description = "Test when Device Access Authorization is null", expectedExceptions = {IllegalStateException
.class}, dependsOnMethods = {"testWithNoDeviceAccessAuthorization", "testInvalidState"})
public void testProcessorInitializationError() throws ClassNotFoundException, NoSuchMethodException,
NoSuchFieldException, IllegalAccessException, SearchMgtException {
DeviceManagementDataHolder deviceManagementDataHolder = DeviceManagementDataHolder.getInstance();
Field field = DeviceManagementDataHolder.class.getDeclaredField("deviceAccessAuthorizationService");
field.setAccessible(true);
field.set(deviceManagementDataHolder, null);
ProcessorImpl processor = new ProcessorImpl();
processor.execute(null);
}
} }

@ -156,10 +156,12 @@
"perm:admin:device-type", "perm:admin:device-type",
"perm:device:enroll", "perm:device:enroll",
"perm:geo-service:analytics-view", "perm:geo-service:analytics-view",
"perm:geo-service:alerts-manage" "perm:geo-service:alerts-manage",
"appm:read"
], ],
"isOAuthEnabled": true, "isOAuthEnabled": true,
"backendRestEndpoints": { "backendRestEndpoints": {
"deviceMgt": "/api/device-mgt/v1.0" "deviceMgt": "/api/device-mgt/v1.0",
"appMgt": "/api/appm/store/v1.1"
} }
} }

@ -14,6 +14,23 @@
* either express or implied. See the License for the * either express or implied. See the License for the
* specific language governing permissions and limitations * specific language governing permissions and limitations
* under the License. * under the License.
*
*
* Copyright (c) 2018, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/ */
var policyModule; var policyModule;
@ -180,6 +197,55 @@ policyModule = function () {
} }
}; };
/*
Get apps available in the store from backend service.
*/
publicMethods.getStoreAppsForPolicy = function () {
var carbonUser = session.get(constants["USER_SESSION_KEY"]);
if (!carbonUser) {
log.error("User object was not found in the session");
userModule.logout(function () {
response.sendRedirect(devicemgtProps["appContext"] + "login");
});
}
try {
var url = devicemgtProps["managerHTTPSURL"] + devicemgtProps["backendRestEndpoints"]["appMgt"] +
"/apps/mobileapp?field-filter=all";
return serviceInvokers.XMLHttp.get(url,
function (backendResponse) {
var response = {};
if (backendResponse.status === 200 && backendResponse.responseText) {
var appListFromRestEndpoint = parse(backendResponse.responseText)["appList"];
var storeApps = [];
var i, appObjectFromRestEndpoint, appObjectToView;
for (i=0; i<appListFromRestEndpoint.length; i++) {
appObjectFromRestEndpoint = appListFromRestEndpoint[i];
appObjectToView = {};
appObjectToView["appName"] = appObjectFromRestEndpoint["name"];
appObjectToView["appId"] = appObjectFromRestEndpoint["id"];
appObjectToView["packageName"] = appObjectFromRestEndpoint["appmeta"]["package"];
appObjectToView["version"] = appObjectFromRestEndpoint["version"];
appObjectToView["platform"] = appObjectFromRestEndpoint["platform"];
storeApps.push(appObjectToView);
}
response.status = "success";
response.content = storeApps;
return response;
} else {
response.status = "error";
if (backendResponse.responseText === "Scope validation failed") {
response.content = "Permission Denied";
} else {
response.content = backendResponse.responseText;
}
return response;
}
});
} catch (e) {
throw e;
}
};
/* /*
@Updated - used by getAllPolicies @Updated - used by getAllPolicies
*/ */

@ -14,6 +14,23 @@
either express or implied. See the License for the either express or implied. See the License for the
specific language governing permissions and limitations specific language governing permissions and limitations
under the License. under the License.
Copyright (c) 2018, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file except
in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
}} }}
{{unit "cdmf.unit.ui.title" pageTitle="Policy Management | Add Policy"}} {{unit "cdmf.unit.ui.title" pageTitle="Policy Management | Add Policy"}}
@ -40,4 +57,5 @@
{{#zone "content"}} {{#zone "content"}}
{{unit "cdmf.unit.device.operation-mod"}} {{unit "cdmf.unit.device.operation-mod"}}
{{unit "cdmf.unit.policy.create"}} {{unit "cdmf.unit.policy.create"}}
{{unit "cdmf.unit.lib.data-table"}}
{{/zone}} {{/zone}}

@ -14,6 +14,23 @@
either express or implied. See the License for the either express or implied. See the License for the
specific language governing permissions and limitations specific language governing permissions and limitations
under the License. under the License.
Copyright (c) 2018, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file except
in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
}} }}
{{unit "cdmf.unit.ui.title" pageTitle="Policy Management | Edit Policy"}} {{unit "cdmf.unit.ui.title" pageTitle="Policy Management | Edit Policy"}}
@ -40,4 +57,5 @@
{{#zone "content"}} {{#zone "content"}}
{{unit "cdmf.unit.device.operation-mod"}} {{unit "cdmf.unit.device.operation-mod"}}
{{unit "cdmf.unit.policy.edit"}} {{unit "cdmf.unit.policy.edit"}}
{{unit "cdmf.unit.lib.data-table"}}
{{/zone}} {{/zone}}

@ -14,6 +14,23 @@
either express or implied. See the License for the either express or implied. See the License for the
specific language governing permissions and limitations specific language governing permissions and limitations
under the License. under the License.
Copyright (c) 2018, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file except
in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
}} }}
{{unit "cdmf.unit.ui.title" pageTitle="Policy Management | View Policy"}} {{unit "cdmf.unit.ui.title" pageTitle="Policy Management | View Policy"}}
@ -48,4 +65,5 @@
{{#zone "content"}} {{#zone "content"}}
{{unit "cdmf.unit.device.operation-mod"}} {{unit "cdmf.unit.device.operation-mod"}}
{{unit "cdmf.unit.policy.view"}} {{unit "cdmf.unit.policy.view"}}
{{unit "cdmf.unit.lib.data-table"}}
{{/zone}} {{/zone}}

@ -1,7 +1,9 @@
{{#zone "content"}} {{#zone "content"}}
{{#if isAuthorized}} {{#if isAuthorized}}
<span id="logged-in-user" class="hidden" data-username="{{@user.username}}" data-domain="{{@user.domain}}" <span id="logged-in-user" class="hidden" data-username="{{@user.username}}" data-domain="{{@user.domain}}"
data-tenant-id="{{@user.tenantId}}" data-iscloud="{{isCloud}}" data-isDeviceOwnerEnabled="{{isDeviceOwnerEnabled}}"></span> data-tenant-id="{{@user.tenantId}}" data-iscloud="{{isCloud}}"
data-isDeviceOwnerEnabled="{{isDeviceOwnerEnabled}}" data-storeapps="{{storeApps}}">
</span>
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">

@ -14,6 +14,23 @@
* KIND, either express or implied. See the License for the * KIND, either express or implied. See the License for the
* specific language governing permissions and limitations * specific language governing permissions and limitations
* under the License. * under the License.
*
*
* Copyright (c) 2018, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/ */
function onRequest(context) { function onRequest(context) {
@ -24,6 +41,7 @@ function onRequest(context) {
var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var deviceModule = require("/app/modules/business-controllers/device.js")["deviceModule"]; var deviceModule = require("/app/modules/business-controllers/device.js")["deviceModule"];
var groupModule = require("/app/modules/business-controllers/group.js")["groupModule"]; var groupModule = require("/app/modules/business-controllers/group.js")["groupModule"];
var policyModule = require("/app/modules/business-controllers/policy.js")["policyModule"];
var types = {}; var types = {};
types.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage"); types.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage");
@ -97,6 +115,8 @@ function onRequest(context) {
types["isCloud"] = devicemgtProps.isCloud; types["isCloud"] = devicemgtProps.isCloud;
types["isDeviceOwnerEnabled"] = devicemgtProps.isDeviceOwnerEnabled; types["isDeviceOwnerEnabled"] = devicemgtProps.isDeviceOwnerEnabled;
var enrollmentApps = policyModule.getStoreAppsForPolicy();
types["storeApps"] = JSON.stringify(enrollmentApps["content"]);
return types; return types;
} }

@ -13,6 +13,23 @@
* either express or implied. See the License for the * either express or implied. See the License for the
* specific language governing permissions and limitations * specific language governing permissions and limitations
* under the License. * under the License.
*
*
* Copyright (c) 2018, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/ */
var stepForwardFrom = {}; var stepForwardFrom = {};
@ -145,8 +162,10 @@ stepForwardFrom["policy-platform"] = function (actionButton) {
var policyOperationsTemplateCacheKey = deviceType + '-policy-operations'; var policyOperationsTemplateCacheKey = deviceType + '-policy-operations';
if (policyOperationsTemplateSrc) { if (policyOperationsTemplateSrc) {
var storeApps = getStoreApps($("#logged-in-user").data("storeapps"), deviceType);
$.template(policyOperationsTemplateCacheKey, context + policyOperationsTemplateSrc, function (template) { $.template(policyOperationsTemplateCacheKey, context + policyOperationsTemplateSrc, function (template) {
var content = template({"iscloud" : $("#logged-in-user").data("iscloud"), "isDeviceOwnerEnabled" : $("#logged-in-user").data("isdeviceownerenabled")}); var content = template({"iscloud" : $("#logged-in-user").data("iscloud"),
"isDeviceOwnerEnabled" : $("#logged-in-user").data("isdeviceownerenabled"), "storeapps" : storeApps});
$("#device-type-policy-operations").html(content).removeClass("hidden"); $("#device-type-policy-operations").html(content).removeClass("hidden");
$(".policy-platform").addClass("hidden"); $(".policy-platform").addClass("hidden");
}); });
@ -172,6 +191,24 @@ stepForwardFrom["policy-platform"] = function (actionButton) {
$(".wr-advance-operations-init").addClass("hidden"); $(".wr-advance-operations-init").addClass("hidden");
}; };
/**
* Retrieve store apps of the given device type
*
* @param storeApps
* @param deviceType
* @returns {Array}
*/
function getStoreApps(storeApps, deviceType) {
var selectedApps = [];
var i;
for (i=0; i<storeApps.length; i++) {
if (deviceType === storeApps[i].platform) {
selectedApps.push(storeApps[i]);
}
}
return selectedApps;
}
/** /**
* Forward action of policy profile page. Generates policy profile payload. * Forward action of policy profile page. Generates policy profile payload.
*/ */

@ -1,7 +1,7 @@
{{#zone "content"}} {{#zone "content"}}
{{#if isAuthorized }} {{#if isAuthorized }}
<span id="logged-in-user" class="hidden" data-username="{{@user.username}}" data-domain="{{@user.domain}}" <span id="logged-in-user" class="hidden" data-username="{{@user.username}}" data-domain="{{@user.domain}}"
data-tenant-id="{{@user.tenantId}}" data-iscloud="{{isCloud}}"></span> data-tenant-id="{{@user.tenantId}}" data-iscloud="{{isCloud}}" data-storeapps="{{storeApps}}"></span>
<span id="policy-operations" class="hidden" data-template="{{policyOperations.template}}" <span id="policy-operations" class="hidden" data-template="{{policyOperations.template}}"
data-script="{{policyOperations.script}}" data-style="{{policyOperations.style}}"></span> data-script="{{policyOperations.script}}" data-style="{{policyOperations.style}}"></span>
<div class="row"> <div class="row">

@ -14,6 +14,23 @@
* either express or implied. See the License for the * either express or implied. See the License for the
* specific language governing permissions and limitations * specific language governing permissions and limitations
* under the License. * under the License.
*
*
* Copyright (c) 2018, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/ */
function onRequest(context) { function onRequest(context) {
@ -21,6 +38,7 @@ function onRequest(context) {
var utility = require("/app/modules/utility.js").utility; var utility = require("/app/modules/utility.js").utility;
var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var groupModule = require("/app/modules/business-controllers/group.js")["groupModule"]; var groupModule = require("/app/modules/business-controllers/group.js")["groupModule"];
var policyModule = require("/app/modules/business-controllers/policy.js")["policyModule"];
var rolesResult = userModule.getRoles(); var rolesResult = userModule.getRoles();
if (rolesResult.status == "success") { if (rolesResult.status == "success") {
@ -63,5 +81,8 @@ function onRequest(context) {
var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"]; var devicemgtProps = require("/app/modules/conf-reader/main.js")["conf"];
context["isCloud"] = devicemgtProps.isCloud; context["isCloud"] = devicemgtProps.isCloud;
var enrollmentApps = policyModule.getStoreAppsForPolicy();
context["storeApps"] = JSON.stringify(enrollmentApps["content"]);
return context; return context;
} }

@ -14,6 +14,23 @@
* either express or implied. See the License for the * either express or implied. See the License for the
* specific language governing permissions and limitations * specific language governing permissions and limitations
* under the License. * under the License.
*
*
* Copyright (c) 2018, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/ */
var validateStep = {}; var validateStep = {};
@ -202,7 +219,8 @@ skipStep["policy-platform"] = function (policyPayloadObj) {
hasPolicyProfileScript = false; hasPolicyProfileScript = false;
} }
$.template(policyEditTemplateCacheKey, context + policyEditTemplateSrc, function (template) { $.template(policyEditTemplateCacheKey, context + policyEditTemplateSrc, function (template) {
var content = template({"iscloud" : $("#logged-in-user").data("iscloud")}); var storeApps = getStoreApps($("#logged-in-user").data("storeapps"), deviceType);
var content = template({"iscloud" : $("#logged-in-user").data("iscloud"), "storeapps" : storeApps});
$("#device-type-policy-operations").html(content).removeClass("hidden"); $("#device-type-policy-operations").html(content).removeClass("hidden");
$(".policy-platform").addClass("hidden"); $(".policy-platform").addClass("hidden");
if (hasPolicyProfileScript) { if (hasPolicyProfileScript) {
@ -230,6 +248,24 @@ skipStep["policy-platform"] = function (policyPayloadObj) {
} }
}; };
/**
* Retrieve store apps of the given device type
*
* @param storeApps
* @param deviceType
* @returns {Array}
*/
function getStoreApps(storeApps, deviceType) {
var selectedApps = [];
var i;
for (i=0; i<storeApps.length; i++) {
if (storeApps[i].platform === deviceType) {
selectedApps.push(storeApps[i]);
}
}
return selectedApps;
}
/** /**
* Forward action of policy profile page. Generates policy profile payload. * Forward action of policy profile page. Generates policy profile payload.
*/ */

@ -14,6 +14,23 @@
* KIND, either express or implied. See the License for the * KIND, either express or implied. See the License for the
* specific language governing permissions and limitations * specific language governing permissions and limitations
* under the License. * under the License.
*
*
* Copyright (c) 2018, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/ */
@ -123,71 +140,69 @@ public class ComplianceDecisionPointImpl implements ComplianceDecisionPoint {
public void reEnforcePolicy(DeviceIdentifier deviceIdentifier, NonComplianceData complianceData) throws public void reEnforcePolicy(DeviceIdentifier deviceIdentifier, NonComplianceData complianceData) throws
PolicyComplianceException { PolicyComplianceException {
try { // do not re-enforce policy if the only feature to be applied is enrollment app install
Policy policy = complianceData.getPolicy(); if (complianceData.getComplianceFeatures().size() != 1 || !PolicyManagementConstants
if (policy != null) { .ENROLLMENT_APP_INSTALL_FEATURE_CODE.equals(complianceData.getComplianceFeatures().get(0)
List<DeviceIdentifier> deviceIdentifiers = new ArrayList<DeviceIdentifier>(); .getFeatureCode())) {
deviceIdentifiers.add(deviceIdentifier); try {
Policy policy = complianceData.getPolicy();
if (policy != null) {
List<ProfileOperation> profileOperationList = new ArrayList<ProfileOperation>(); List<DeviceIdentifier> deviceIdentifiers = new ArrayList<>();
deviceIdentifiers.add(deviceIdentifier);
PolicyOperation policyOperation = new PolicyOperation();
policyOperation.setEnabled(true); List<ProfileOperation> profileOperationList = new ArrayList<>();
policyOperation.setType(Operation.Type.POLICY);
policyOperation.setCode(PolicyOperation.POLICY_OPERATION_CODE); PolicyOperation policyOperation = new PolicyOperation();
policyOperation.setEnabled(true);
policyOperation.setType(Operation.Type.POLICY);
if (complianceData.isCompletePolicy()) { policyOperation.setCode(PolicyOperation.POLICY_OPERATION_CODE);
List<ProfileFeature> effectiveFeatures = policy.getProfile().getProfileFeaturesList();
if (complianceData.isCompletePolicy()) {
for (ProfileFeature feature : effectiveFeatures) { List<ProfileFeature> effectiveFeatures = policy.getProfile().getProfileFeaturesList();
ProfileOperation profileOperation = new ProfileOperation(); for (ProfileFeature feature : effectiveFeatures) {
ProfileOperation profileOperation = new ProfileOperation();
profileOperation.setCode(feature.getFeatureCode()); profileOperation.setCode(feature.getFeatureCode());
profileOperation.setEnabled(true); profileOperation.setEnabled(true);
profileOperation.setStatus(Operation.Status.PENDING); profileOperation.setStatus(Operation.Status.PENDING);
profileOperation.setType(Operation.Type.PROFILE); profileOperation.setType(Operation.Type.PROFILE);
profileOperation.setPayLoad(feature.getContent()); profileOperation.setPayLoad(feature.getContent());
profileOperationList.add(profileOperation); profileOperationList.add(profileOperation);
} }
} else { } else {
List<ComplianceFeature> noneComplianceFeatures = complianceData.getComplianceFeatures(); List<ComplianceFeature> noneComplianceFeatures = complianceData.getComplianceFeatures();
List<ProfileFeature> effectiveFeatures = policy.getProfile().getProfileFeaturesList(); List<ProfileFeature> effectiveFeatures = policy.getProfile().getProfileFeaturesList();
for (ComplianceFeature feature : noneComplianceFeatures) { for (ComplianceFeature feature : noneComplianceFeatures) {
for (ProfileFeature pf : effectiveFeatures) {
for (ProfileFeature pf : effectiveFeatures) { if (pf.getFeatureCode().equalsIgnoreCase(feature.getFeatureCode())) {
if (pf.getFeatureCode().equalsIgnoreCase(feature.getFeatureCode())) { ProfileOperation profileOperation = new ProfileOperation();
profileOperation.setCode(feature.getFeatureCode());
ProfileOperation profileOperation = new ProfileOperation(); profileOperation.setEnabled(true);
profileOperation.setStatus(Operation.Status.PENDING);
profileOperation.setCode(feature.getFeatureCode()); profileOperation.setType(Operation.Type.PROFILE);
profileOperation.setEnabled(true); profileOperation.setPayLoad(pf.getContent());
profileOperation.setStatus(Operation.Status.PENDING); profileOperationList.add(profileOperation);
profileOperation.setType(Operation.Type.PROFILE); }
profileOperation.setPayLoad(pf.getContent());
profileOperationList.add(profileOperation);
} }
} }
} }
} policyOperation.setProfileOperations(profileOperationList);
policyOperation.setProfileOperations(profileOperationList); policyOperation.setPayLoad(policyOperation.getProfileOperations());
policyOperation.setPayLoad(policyOperation.getProfileOperations());
//TODO: Fix this properly later adding device type to be passed in when the task manage executes "addOperations()" //TODO: Fix this properly later adding device type to be passed in when the task manage executes "addOperations()"
String type = null; String type = null;
if (deviceIdentifiers.size() > 0) { if (deviceIdentifiers.size() > 0) {
type = deviceIdentifiers.get(0).getType(); type = deviceIdentifiers.get(0).getType();
} }
PolicyManagementDataHolder.getInstance().getDeviceManagementService(). PolicyManagementDataHolder.getInstance().getDeviceManagementService().
addOperation(type, policyOperation, deviceIdentifiers); addOperation(type, policyOperation, deviceIdentifiers);
}
} catch (InvalidDeviceException e) {
throw new PolicyComplianceException("Invalid Device identifiers found.", e);
} catch (OperationManagementException e) {
throw new PolicyComplianceException("Error occurred while re-enforcing the policy to device " + deviceIdentifier.getId() + " - " +
deviceIdentifier.getType(), e);
} }
} catch (InvalidDeviceException e) {
throw new PolicyComplianceException("Invalid Device identifiers found.", e);
} catch (OperationManagementException e) {
throw new PolicyComplianceException("Error occurred while re-enforcing the policy to device " + deviceIdentifier.getId() + " - " +
deviceIdentifier.getType(), e);
} }
} }

@ -31,6 +31,8 @@ public final class PolicyManagementConstants {
public static final String WARN = "WARN"; public static final String WARN = "WARN";
public static final String BLOCK = "BLOCK"; public static final String BLOCK = "BLOCK";
public static final String ENROLLMENT_APP_INSTALL_FEATURE_CODE = "ENROLLMENT_APP_INSTALL";
public static final String MONITORING_TASK_TYPE = "MONITORING_TASK"; public static final String MONITORING_TASK_TYPE = "MONITORING_TASK";
public static final String MONITORING_TASK_NAME = "MONITORING"; public static final String MONITORING_TASK_NAME = "MONITORING";
public static final String MONITORING_TASK_CLAZZ = "org.wso2.carbon.policy.mgt.core.task.MonitoringTask"; public static final String MONITORING_TASK_CLAZZ = "org.wso2.carbon.policy.mgt.core.task.MonitoringTask";

Loading…
Cancel
Save