org.wso2.carbon.registry
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js
index 36164975b2..67743b3bc0 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js
@@ -187,7 +187,7 @@ var userModule = function () {
var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] + "/users/" +
encodeURIComponent(username);
if (domain) {
- url += '?domain=' + domain;
+ url += '?domain=' + encodeURIComponent(domain);
}
var response = privateMethods.callBackend(url, constants["HTTP_GET"]);
response["content"] = parse(response.content);
@@ -217,7 +217,7 @@ var userModule = function () {
var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] + "/users/" +
encodeURIComponent(username) + "/roles";
if (domain) {
- url += '?domain=' + domain;
+ url += '?domain=' + encodeURIComponent(domain);
}
var response = privateMethods.callBackend(url, constants["HTTP_GET"]);
if (response.status == "success") {
@@ -328,7 +328,7 @@ var userModule = function () {
try {
utility.startTenantFlow(carbonUser);
var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] +
- "/roles?user-store=" + userStore + "&limit=100";
+ "/roles?user-store=" + encodeURIComponent(userStore) + "&limit=100";
var response = privateMethods.callBackend(url, constants["HTTP_GET"]);
if (response.status == "success") {
response.content = parse(response.content).roles;
@@ -388,7 +388,7 @@ var userModule = function () {
var url = devicemgtProps["httpsURL"] + devicemgtProps["backendRestEndpoints"]["deviceMgt"] +
"/roles/" + encodeURIComponent(roleName);
if (userStore) {
- url += "?user-store=" + userStore;
+ url += "?user-store=" + encodeURIComponent(userStore);
}
var response = privateMethods.callBackend(url, constants["HTTP_GET"]);
if (response.status == "success") {
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/public/js/bottomJs.js
index dc90ad0cc0..2b5a331398 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/public/js/bottomJs.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/public/js/bottomJs.js
@@ -130,7 +130,7 @@ $(document).ready(function () {
var postData = {};
postData.requestMethod = "GET";
postData.requestURL = "/api/device-mgt/v1.0/users/search/usernames?filter=" + params.term +
- "&domain=" + domain;
+ "&domain=" + encodeURIComponent(domain);
postData.requestPayload = null;
return JSON.stringify(postData);
},
@@ -204,7 +204,7 @@ $(document).ready(function () {
$("input#roleName").val("");
$("#domain").val("PRIMARY");
$("#users").val("");
- window.location.href = appContext + "/role/edit-permission/" + addRoleFormData.roleName;
+ window.location.href = appContext + "/role/edit-permission/?rolename=" + encodeURIComponent(addRoleFormData.roleName);
}
},
function (jqXHR) {
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit.permission/permission.json b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit.permission/permission.json
index a6e56c02a5..952c4abe20 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit.permission/permission.json
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.edit.permission/permission.json
@@ -1,5 +1,5 @@
{
"version": "1.0.0",
- "uri": "/role/edit-permission/{+any}",
+ "uri": "/role/edit-permission/",
"layout": "cdmf.layout.default"
}
\ No newline at end of file
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.roles/public/js/role-listing.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.roles/public/js/role-listing.js
index 1d9fdf3003..27c137c0f0 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.roles/public/js/role-listing.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.roles/public/js/role-listing.js
@@ -206,9 +206,9 @@ $("#role-grid").on("click", ".remove-role-link", function () {
userStore = role.substr(0, role.indexOf('/'));
role = role.substr(role.indexOf('/') + 1);
}
- var removeRoleAPI = apiBasePath + "/roles/" + role;
+ var removeRoleAPI = apiBasePath + "/roles/" + encodeURIComponent(role);
if (userStore) {
- removeRoleAPI += "?user-store=" + userStore;
+ removeRoleAPI += "?user-store=" + encodeURIComponent(userStore);
}
$(modalPopupContent).html($('#remove-role-modal-content').html());
showPopup();
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/public/js/bottomJs.js
index bed8b810bd..317cf435e4 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/public/js/bottomJs.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/public/js/bottomJs.js
@@ -180,8 +180,7 @@ $("#userStore").change(
str += $(this).text() + "";
});
if ($("#roles").length > 0) {
- var getRolesAPI = deviceMgtAPIsBasePath + "/roles?user-store=" + str + "&limit=100";
-
+ var getRolesAPI = deviceMgtAPIsBasePath + "/roles?user-store=" + encodeURIComponent(str) + "&limit=100";
invokerUtil.get(
getRolesAPI,
function (data) {
@@ -189,7 +188,7 @@ $("#userStore").change(
if (data.errorMessage) {
$(errorMsg).text("Selected user store prompted an error : " + data.errorMessage);
$(errorMsgWrapper).removeClass("hidden");
- } else if (data.count > 0) {
+ } else {
$("#roles").empty();
for (var i = 0; i < data.roles.length; i++) {
var newOption = $('');
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.edit/public/js/bottomJs.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.edit/public/js/bottomJs.js
index 00357909e6..2ecada94ad 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.edit/public/js/bottomJs.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.edit/public/js/bottomJs.js
@@ -236,7 +236,8 @@ $(document).ready(function () {
}
addUserFormData.roles = roles;
username = username.substr(username.indexOf('/') + 1);
- var addUserAPI = deviceMgtBasePath + "/users/" + username + "?domain=" + domain;
+ var addUserAPI = deviceMgtBasePath + "/users/" + encodeURIComponent(username) + "?domain=" +
+ encodeURIComponent(domain);
invokerUtil.put(
addUserAPI,
diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js
index d8dc9d4860..d7e557a46c 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.users/public/js/listing.js
@@ -158,7 +158,7 @@ function resetPassword(username) {
}
var resetPasswordServiceURL = apiBasePath + "/admin/users/" + username + "/credentials";
if (domain) {
- resetPasswordServiceURL += '?domain=' + domain;
+ resetPasswordServiceURL += '?domain=' + encodeURIComponent(domain);
}
invokerUtil.post(
resetPasswordServiceURL,
@@ -198,11 +198,10 @@ function removeUser(username) {
domain = username.substr(0, username.indexOf('/'));
username = username.substr(username.indexOf('/') + 1);
}
- var removeUserAPI = apiBasePath + "/users/" + username;
+ var removeUserAPI = apiBasePath + "/users/" + encodeURIComponent(username);
if (domain) {
- removeUserAPI += '?domain=' + domain;
+ removeUserAPI += '?domain=' + encodeURIComponent(domain);
}
-
modalDialog.header("Remove User");
modalDialog.content("Do you really want to remove this user ?");
modalDialog.footer('