diff --git a/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/api/impl/GrafanaAPIProxyServiceImpl.java b/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/api/impl/GrafanaAPIProxyServiceImpl.java
index 9c91a23e2b..8ed6fe1ca1 100644
--- a/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/api/impl/GrafanaAPIProxyServiceImpl.java
+++ b/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/api/impl/GrafanaAPIProxyServiceImpl.java
@@ -22,11 +22,11 @@ import com.google.gson.JsonObject;
import io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api.GrafanaAPIProxyService;
import io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api.bean.ErrorResponse;
import io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api.exception.RefererNotValid;
+import io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api.impl.util.GrafanaMgtAPIUtils;
import io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api.impl.util.GrafanaRequestHandlerUtil;
import io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.common.exception.GrafanaManagementException;
import io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core.bean.GrafanaPanelIdentifier;
import io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core.exception.MaliciousQueryAttempt;
-import io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core.internal.GrafanaMgtDataHolder;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import io.entgra.device.mgt.core.device.mgt.common.exceptions.DBConnectionException;
@@ -57,8 +57,8 @@ public class GrafanaAPIProxyServiceImpl implements GrafanaAPIProxyService {
public Response queryDatasource(JsonObject body, @Context HttpHeaders headers, @Context UriInfo requestUriInfo) {
try {
GrafanaPanelIdentifier panelIdentifier = GrafanaRequestHandlerUtil.getPanelIdentifier(headers);
- GrafanaMgtDataHolder.getInstance().getGrafanaQueryService().
- buildSafeQuery(body, panelIdentifier.getDashboardId(), panelIdentifier.getPanelId(), requestUriInfo.getRequestUri());
+ GrafanaMgtAPIUtils.getGrafanaQueryService().buildSafeQuery(body, panelIdentifier.getDashboardId(),
+ panelIdentifier.getPanelId(), requestUriInfo.getRequestUri());
return GrafanaRequestHandlerUtil.proxyPassPostRequest(body, requestUriInfo, panelIdentifier.getOrgId());
} catch (MaliciousQueryAttempt e) {
return Response.status(Response.Status.BAD_REQUEST).entity(
diff --git a/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/api/impl/util/GrafanaMgtAPIUtils.java b/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/api/impl/util/GrafanaMgtAPIUtils.java
new file mode 100644
index 0000000000..07a4293b49
--- /dev/null
+++ b/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/api/impl/util/GrafanaMgtAPIUtils.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2018 - 2023, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
+ *
+ * Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.api.impl.util;
+
+import io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core.service.GrafanaQueryService;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
+
+public class GrafanaMgtAPIUtils {
+
+ private static final Log log = LogFactory.getLog(GrafanaMgtAPIUtils.class);
+ private static volatile GrafanaQueryService grafanaQueryService;
+
+ /**
+ * Accessing GrafanaQueryService from OSGI service context
+ * @return GrafanaQueryService instance
+ */
+ public static GrafanaQueryService getGrafanaQueryService() {
+ if (grafanaQueryService == null) {
+ synchronized (GrafanaMgtAPIUtils.class) {
+ if (grafanaQueryService == null) {
+ PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+ grafanaQueryService =
+ (GrafanaQueryService) ctx.getOSGiService(GrafanaQueryService.class, null);
+ if (grafanaQueryService == null) {
+ String msg = "Grafana Query service has not initialized.";
+ log.error(msg);
+ throw new IllegalStateException(msg);
+ }
+ }
+ }
+ }
+ return grafanaQueryService;
+ }
+}
diff --git a/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/pom.xml b/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/pom.xml
index 5ccdb13257..24f5dbdcab 100644
--- a/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/pom.xml
+++ b/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/pom.xml
@@ -88,7 +88,7 @@
io.entgra.device.mgt.core.application.mgt.core.*
- !io.entgra.device.mgt.core.transport.mgt.email.sender.core.internal,
+ !io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core.internal,
io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core.*
diff --git a/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/core/internal/GrafanaManagementServiceComponent.java b/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/core/internal/GrafanaManagementServiceComponent.java
index 8438c61156..cc4ab33920 100644
--- a/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/core/internal/GrafanaManagementServiceComponent.java
+++ b/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/src/main/java/io/entgra/device/mgt/core/analytics/mgt/grafana/proxy/core/internal/GrafanaManagementServiceComponent.java
@@ -26,7 +26,6 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.framework.BundleContext;
import org.osgi.service.component.ComponentContext;
-import org.wso2.carbon.context.PrivilegedCarbonContext;
/**
* @scr.component name="io.entgra.analytics.mgt.grafana.proxy.grafanamanagementservicecomponent" immediate="true"
diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/internal/APIApplicationManagerExtensionDataHolder.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/internal/APIApplicationManagerExtensionDataHolder.java
index 8a4cf4f1a6..299184c946 100644
--- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/internal/APIApplicationManagerExtensionDataHolder.java
+++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.application.extension/src/main/java/io/entgra/device/mgt/core/apimgt/application/extension/internal/APIApplicationManagerExtensionDataHolder.java
@@ -62,17 +62,18 @@ public class APIApplicationManagerExtensionDataHolder {
public void setRealmService(RealmService realmService) {
this.realmService = realmService;
- this.setTenantManager(realmService);
+ setTenantManager(realmService != null ?
+ realmService.getTenantManager() : null);
}
- private void setTenantManager(RealmService realmService) {
- if (realmService == null) {
- throw new IllegalStateException("Realm service is not initialized properly");
- }
- this.tenantManager = realmService.getTenantManager();
+ private void setTenantManager(TenantManager tenantManager) {
+ this.tenantManager = tenantManager;
}
public TenantManager getTenantManager() {
+ if (tenantManager == null) {
+ throw new IllegalStateException("Tenant manager is not initialized properly");
+ }
return tenantManager;
}
diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/internal/APIPublisherDataHolder.java b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/internal/APIPublisherDataHolder.java
index baff1848ed..bc7b8af32c 100644
--- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/internal/APIPublisherDataHolder.java
+++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/src/main/java/io/entgra/device/mgt/core/apimgt/webapp/publisher/internal/APIPublisherDataHolder.java
@@ -75,17 +75,18 @@ public class APIPublisherDataHolder {
public void setRealmService(RealmService realmService) {
this.realmService = realmService;
- this.setTenantManager(realmService);
+ setTenantManager(realmService != null ?
+ realmService.getTenantManager() : null);
}
- private void setTenantManager(RealmService realmService) {
- if (realmService == null) {
- throw new IllegalStateException("Realm service is not initialized properly");
- }
- this.tenantManager = realmService.getTenantManager();
+ private void setTenantManager(TenantManager tenantManager) {
+ this.tenantManager = tenantManager;
}
public TenantManager getTenantManager() {
+ if (tenantManager == null) {
+ throw new IllegalStateException("Tenant manager is not initialized properly");
+ }
return tenantManager;
}
diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/GroupManagementServiceImpl.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/GroupManagementServiceImpl.java
index 1c077c00a5..de2991e7a7 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/GroupManagementServiceImpl.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/GroupManagementServiceImpl.java
@@ -29,6 +29,7 @@ import io.entgra.device.mgt.core.device.mgt.common.group.mgt.RoleDoesNotExistExc
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
+import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import io.entgra.device.mgt.core.device.mgt.common.Device;
import io.entgra.device.mgt.core.device.mgt.common.DeviceIdentifier;
@@ -48,6 +49,8 @@ import io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl.util.RequestV
import io.entgra.device.mgt.core.device.mgt.api.jaxrs.util.DeviceMgtAPIUtils;
import io.entgra.device.mgt.core.policy.mgt.common.PolicyAdministratorPoint;
import io.entgra.device.mgt.core.policy.mgt.common.PolicyManagementException;
+import org.wso2.carbon.user.api.UserRealm;
+import org.wso2.carbon.user.api.UserStoreException;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
@@ -56,6 +59,7 @@ import javax.ws.rs.Path;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.List;
public class GroupManagementServiceImpl implements GroupManagementService {
@@ -109,8 +113,18 @@ public class GroupManagementServiceImpl implements GroupManagementService {
request.setGroupName(name);
request.setOwner(owner);
request.setDepth(depth);
- PaginationResult deviceGroupsResult = DeviceMgtAPIUtils.getGroupManagementProviderService()
- .getGroupsWithHierarchy(currentUser, request, requireGroupProps);
+ int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
+ UserRealm realmService = DeviceMgtAPIUtils.getRealmService().getTenantUserRealm(tenantId);
+ String[] roles = realmService.getUserStoreManager().getRoleListOfUser(currentUser);
+ boolean hasAdminRole = Arrays.asList(roles).contains(DEFAULT_ADMIN_ROLE);
+ PaginationResult deviceGroupsResult;
+ if (hasAdminRole) {
+ deviceGroupsResult = DeviceMgtAPIUtils.getGroupManagementProviderService()
+ .getGroupsWithHierarchy(null, request, requireGroupProps);
+ } else{
+ deviceGroupsResult = DeviceMgtAPIUtils.getGroupManagementProviderService()
+ .getGroupsWithHierarchy(currentUser, request, requireGroupProps);
+ }
DeviceGroupList deviceGroupList = new DeviceGroupList();
deviceGroupList.setList(deviceGroupsResult.getData());
deviceGroupList.setCount(deviceGroupsResult.getRecordsTotal());
@@ -119,6 +133,10 @@ public class GroupManagementServiceImpl implements GroupManagementService {
String error = "Error occurred while retrieving groups with hierarchy.";
log.error(error, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(error).build();
+ } catch (UserStoreException e) {
+ String msg = "Error occurred while getting user realm.";
+ log.error(msg, e);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
}
}
@@ -457,8 +475,8 @@ public class GroupManagementServiceImpl implements GroupManagementService {
log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (GroupAlreadyExistException e) {
- String msg = "Group already exists with name : " + groups.getName() + ".";
- log.warn(msg);
+ String msg = "Group already exists with name : " + groups.getName() + " Try with another group name.";
+ log.error(msg, e);
return Response.status(Response.Status.CONFLICT).entity(msg).build();
} catch (RoleDoesNotExistException e) {
return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();
diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/RoleManagementServiceImpl.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/RoleManagementServiceImpl.java
index 099473ad0d..077e814fe7 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/RoleManagementServiceImpl.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/RoleManagementServiceImpl.java
@@ -18,6 +18,7 @@
package io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl;
import io.entgra.device.mgt.core.device.mgt.common.exceptions.MetadataManagementException;
+import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupManagementException;
import io.entgra.device.mgt.core.device.mgt.common.metadata.mgt.Metadata;
import org.apache.commons.logging.Log;
import org.json.simple.JSONObject;
@@ -637,6 +638,7 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@Consumes(MediaType.WILDCARD)
@Override
public Response deleteRole(@PathParam("roleName") String roleName, @QueryParam("user-store") String userStoreName) {
+ String roleToDelete = roleName;
if (userStoreName != null && !userStoreName.isEmpty()) {
roleName = userStoreName + "/" + roleName;
}
@@ -644,6 +646,7 @@ public class RoleManagementServiceImpl implements RoleManagementService {
try {
final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
final UserStoreManager userStoreManager = userRealm.getUserStoreManager();
+ int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
if (!userStoreManager.isExistingRole(roleName)) {
String msg = "No role exists with the name : " + roleName ;
return Response.status(404).entity(msg).build();
@@ -653,16 +656,18 @@ public class RoleManagementServiceImpl implements RoleManagementService {
if (log.isDebugEnabled()) {
log.debug("Deleting the role in user store");
}
- userStoreManager.deleteRole(roleName);
- // Delete all authorizations for the current role before deleting
- authorizationManager.clearRoleAuthorization(roleName);
-
+ DeviceMgtAPIUtils.getGroupManagementProviderService().deleteRoleAndRoleGroupMapping(roleName, roleToDelete, tenantId, userStoreManager, authorizationManager);
return Response.status(Response.Status.OK).build();
} catch (UserStoreException e) {
String msg = "Error occurred while deleting the role '" + roleName + "'";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
+ } catch (GroupManagementException e) {
+ String msg = "Error occurred while deleting group-role mapping records";
+ log.error(msg, e);
+ return Response.serverError().entity(
+ new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
}
}
diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/admin/GroupManagementAdminServiceImpl.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/admin/GroupManagementAdminServiceImpl.java
index 4495a3fe9c..00d2e1cbaf 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/admin/GroupManagementAdminServiceImpl.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.api/src/main/java/io/entgra/device/mgt/core/device/mgt/api/jaxrs/service/impl/admin/GroupManagementAdminServiceImpl.java
@@ -31,7 +31,11 @@ import io.entgra.device.mgt.core.device.mgt.api.jaxrs.beans.DeviceGroupList;
import io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.api.admin.GroupManagementAdminService;
import io.entgra.device.mgt.core.device.mgt.api.jaxrs.service.impl.util.RequestValidationUtil;
import io.entgra.device.mgt.core.device.mgt.api.jaxrs.util.DeviceMgtAPIUtils;
+import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.apache.commons.lang.StringUtils;
+import org.wso2.carbon.user.api.UserRealm;
+import org.wso2.carbon.user.api.UserStoreException;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
@@ -40,6 +44,7 @@ import javax.ws.rs.Path;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import java.util.ArrayList;
+import java.util.Arrays;
public class GroupManagementAdminServiceImpl implements GroupManagementAdminService {
@@ -94,13 +99,25 @@ public class GroupManagementAdminServiceImpl implements GroupManagementAdminServ
@DefaultValue("5") @QueryParam("limit") int limit) {
try {
RequestValidationUtil.validatePaginationParameters(offset, limit);
+ String currentUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
GroupPaginationRequest request = new GroupPaginationRequest(offset, limit);
request.setGroupName(name);
request.setOwner(owner);
request.setStatus(status);
request.setDepth(depth);
- PaginationResult deviceGroupsResult = DeviceMgtAPIUtils.getGroupManagementProviderService()
- .getGroupsWithHierarchy(null, request, requireGroupProps);
+ int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
+ UserRealm realmService = DeviceMgtAPIUtils.getRealmService().getTenantUserRealm(tenantId);
+ String[] roles = realmService.getUserStoreManager().getRoleListOfUser(currentUser);
+ boolean isAdmin = DEFAULT_ADMIN_ROLE.equals(currentUser);
+ boolean hasAdminRole = Arrays.asList(roles).contains(DEFAULT_ADMIN_ROLE);
+ PaginationResult deviceGroupsResult;
+ if (StringUtils.isBlank(currentUser) || isAdmin || hasAdminRole) {
+ deviceGroupsResult = DeviceMgtAPIUtils.getGroupManagementProviderService()
+ .getGroupsWithHierarchy(null, request, requireGroupProps);
+ } else {
+ deviceGroupsResult = DeviceMgtAPIUtils.getGroupManagementProviderService()
+ .getGroupsWithHierarchy(currentUser, request, requireGroupProps);
+ }
DeviceGroupList deviceGroupList = new DeviceGroupList();
deviceGroupList.setList(deviceGroupsResult.getData());
deviceGroupList.setCount(deviceGroupsResult.getRecordsTotal());
@@ -109,6 +126,10 @@ public class GroupManagementAdminServiceImpl implements GroupManagementAdminServ
String error = "Error occurred while retrieving groups with hierarchy.";
log.error(error, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(error).build();
+ } catch (UserStoreException e) {
+ String msg = "Error occurred while getting user realm.";
+ log.error(msg, e);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
}
}
@@ -166,8 +187,8 @@ public class GroupManagementAdminServiceImpl implements GroupManagementAdminServ
log.error(msg, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
} catch (GroupAlreadyExistException e) {
- String msg = "Group already exists with name : " + group.getName() + ".";
- log.warn(msg);
+ String msg = "Group already exists with name : " + group.getName() + " Try with another group name.";
+ log.error(msg, e);
return Response.status(Response.Status.CONFLICT).entity(msg).build();
} catch (RoleDoesNotExistException e) {
return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();
diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/dao/GroupDAO.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/dao/GroupDAO.java
index fe639e63e1..e339437cb7 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/dao/GroupDAO.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/dao/GroupDAO.java
@@ -156,6 +156,15 @@ public interface GroupDAO {
*/
void deleteGroupsMapping(List groupIds, int tenantId) throws GroupManagementDAOException;
+ /**
+ * Delete mappings of Device Groups.
+ *
+ * @param role of Device Groups.
+ * @param tenantId of the role.
+ * @throws GroupManagementDAOException on error during deletion of mappings of groups
+ */
+ void deleteGroupsMapping(String role, int tenantId) throws GroupManagementDAOException;
+
/**
* Delete existing Device Groups.
*
diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/dao/impl/AbstractGroupDAOImpl.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/dao/impl/AbstractGroupDAOImpl.java
index 480bc735b0..1dddaa093c 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/dao/impl/AbstractGroupDAOImpl.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/dao/impl/AbstractGroupDAOImpl.java
@@ -544,6 +544,23 @@ public abstract class AbstractGroupDAOImpl implements GroupDAO {
}
}
+ @Override
+ public void deleteGroupsMapping(String role, int tenantId) throws GroupManagementDAOException {
+
+ try {
+ Connection conn = GroupManagementDAOFactory.getConnection();
+ String sql = "DELETE FROM DM_ROLE_GROUP_MAP WHERE ROLE = ? AND TENANT_ID = ?";
+ try (PreparedStatement stmt = conn.prepareStatement(sql)) {
+ stmt.setString(1, role);
+ stmt.setInt(2, tenantId);
+ stmt.executeUpdate();
+ }
+ } catch (SQLException e) {
+ String msg = "Error occurred while removing record from group-role mapping.";
+ log.error(msg);
+ throw new GroupManagementDAOException(msg, e);
+ }
+ }
@Override
public void deleteGroups(List groupIds, int tenantId) throws GroupManagementDAOException {
try {
diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/operation/mgt/OperationManagerImpl.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/operation/mgt/OperationManagerImpl.java
index 692aa242c9..42fac254ec 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/operation/mgt/OperationManagerImpl.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/operation/mgt/OperationManagerImpl.java
@@ -480,6 +480,7 @@ public class OperationManagerImpl implements OperationManager {
int failAttempts = 0;
while (true) {
try {
+ OperationManagementDAOFactory.beginTransaction();
operationMappingDAO.updateOperationMapping(operation.getId(), device.getEnrolmentInfo().getId(),
io.entgra.device.mgt.core.device.mgt.core.dto.operation.mgt.Operation.PushNotificationStatus.SCHEDULED);
OperationManagementDAOFactory.commitTransaction();
@@ -502,6 +503,11 @@ public class OperationManagerImpl implements OperationManager {
} catch (InterruptedException ignore) {
break;
}
+ } catch (TransactionManagementException ex) {
+ log.error("Error occurred while initiating the transaction", ex);
+ break;
+ } finally {
+ OperationManagementDAOFactory.closeConnection();
}
}
} catch (Exception e) {
diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/service/GroupManagementProviderService.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/service/GroupManagementProviderService.java
index 153b97b5bf..20d9bbd386 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/service/GroupManagementProviderService.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/service/GroupManagementProviderService.java
@@ -30,6 +30,8 @@ import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupAlreadyExistEx
import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupManagementException;
import io.entgra.device.mgt.core.device.mgt.common.group.mgt.GroupNotExistException;
import io.entgra.device.mgt.core.device.mgt.common.group.mgt.RoleDoesNotExistException;
+import org.wso2.carbon.user.api.AuthorizationManager;
+import org.wso2.carbon.user.api.UserStoreManager;
import java.util.List;
@@ -57,7 +59,7 @@ public interface GroupManagementProviderService {
* @param defaultPermissions of the default role
* @throws GroupManagementException
*/
- void createGroupWithRoles(DeviceGroupRoleWrapper groups, String defaultRole, String[] defaultPermissions) throws GroupManagementException, GroupAlreadyExistException, RoleDoesNotExistException;
+ void createGroupWithRoles(DeviceGroupRoleWrapper groups, String defaultRole, String[] defaultPermissions) throws GroupAlreadyExistException,GroupManagementException, RoleDoesNotExistException;
/**
* Update existing device group.
@@ -79,6 +81,18 @@ public interface GroupManagementProviderService {
*/
boolean deleteGroup(int groupId, boolean isDeleteChildren) throws GroupManagementException;
+ /**
+ * Delete existing device group.
+ *
+ * @param role to be deleted with the userStore name.
+ * @param roleToDelete to delete the role.
+ * @param tenantId to belongs to roles.
+ * @param userStoreManager with details.
+ * @param authorizationManager with details.
+ * @throws GroupManagementException
+ */
+ void deleteRoleAndRoleGroupMapping(String role, String roleToDelete, int tenantId, UserStoreManager userStoreManager, AuthorizationManager authorizationManager) throws GroupManagementException;
+
/**
* Get the device group provided the device group id.
*
diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/service/GroupManagementProviderServiceImpl.java b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/service/GroupManagementProviderServiceImpl.java
index 3b83d49c01..ee489dedc3 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/service/GroupManagementProviderServiceImpl.java
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/src/main/java/io/entgra/device/mgt/core/device/mgt/core/service/GroupManagementProviderServiceImpl.java
@@ -35,7 +35,6 @@ import io.entgra.device.mgt.core.device.mgt.core.dao.GroupManagementDAOFactory;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.netbeans.lib.cvsclient.commandLine.command.status;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
@@ -46,14 +45,13 @@ import io.entgra.device.mgt.core.device.mgt.common.exceptions.DeviceManagementEx
import io.entgra.device.mgt.core.device.mgt.common.exceptions.DeviceNotFoundException;
import io.entgra.device.mgt.core.device.mgt.common.GroupPaginationRequest;
import io.entgra.device.mgt.core.device.mgt.common.PaginationResult;
-import io.entgra.device.mgt.core.device.mgt.common.exceptions.TrackerAlreadyExistException;
import io.entgra.device.mgt.core.device.mgt.common.exceptions.TransactionManagementException;
import io.entgra.device.mgt.core.device.mgt.core.event.config.GroupAssignmentEventOperationExecutor;
import io.entgra.device.mgt.core.device.mgt.core.geo.task.GeoFenceEventOperationManager;
import io.entgra.device.mgt.core.device.mgt.core.internal.DeviceManagementDataHolder;
import io.entgra.device.mgt.core.device.mgt.core.operation.mgt.OperationMgtConstants;
import io.entgra.device.mgt.core.device.mgt.core.util.DeviceManagerUtil;
-import io.entgra.device.mgt.core.device.mgt.core.util.HttpReportingUtil;
+import org.wso2.carbon.user.api.AuthorizationManager;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
@@ -148,7 +146,7 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
}
}
- public void createGroupWithRoles(DeviceGroupRoleWrapper groups, String defaultRole, String[] defaultPermissions) throws GroupManagementException {
+ public void createGroupWithRoles(DeviceGroupRoleWrapper groups, String defaultRole, String[] defaultPermissions) throws GroupAlreadyExistException, GroupManagementException {
if (groups == null) {
String msg = "Received incomplete data for createGroup";
log.error(msg);
@@ -181,7 +179,7 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
}
GroupManagementDAOFactory.commitTransaction();
} else {
- throw new GroupManagementException("Group exist with name " + groups.getName());
+ throw new GroupAlreadyExistException("Group already exists with name : " + groups.getName() + " Try with another group name.");
}
} catch (GroupManagementDAOException e) {
GroupManagementDAOFactory.rollbackTransaction();
@@ -359,6 +357,40 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
}
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public void deleteRoleAndRoleGroupMapping(String roleName, String roleToDelete, int tenantId, UserStoreManager userStoreManager, AuthorizationManager authorizationManager) throws GroupManagementException {
+ if (log.isDebugEnabled()) {
+ log.debug("Delete roles");
+ }
+ try {
+ GroupManagementDAOFactory.beginTransaction();
+ groupDAO.deleteGroupsMapping(roleToDelete, tenantId);
+ userStoreManager.deleteRole(roleName);
+ // Delete all authorizations for the current role before deleting
+ authorizationManager.clearRoleAuthorization(roleName);
+ GroupManagementDAOFactory.commitTransaction();
+ } catch (UserStoreException e) {
+ GroupManagementDAOFactory.rollbackTransaction();
+ String msg = "Error occurred while deleting the role '" + roleName + "'";
+ log.error(msg, e);
+ throw new GroupManagementException(msg, e);
+ } catch (TransactionManagementException e) {
+ String msg = "Error occurred while initiating transaction.";
+ log.error(msg, e);
+ throw new GroupManagementException(msg, e);
+ } catch (GroupManagementDAOException e) {
+ GroupManagementDAOFactory.rollbackTransaction();
+ String msg = "Error occurred while deleting the role";
+ log.error(msg, e);
+ throw new GroupManagementException(msg, e);
+ } finally {
+ GroupManagementDAOFactory.closeConnection();
+ }
+ }
+
/**
* {@inheritDoc}
*/
diff --git a/components/identity-extensions/io.entgra.device.mgt.core.identity.jwt.client.extension/src/main/java/io/entgra/device/mgt/core/identity/jwt/client/extension/internal/JWTClientExtensionDataHolder.java b/components/identity-extensions/io.entgra.device.mgt.core.identity.jwt.client.extension/src/main/java/io/entgra/device/mgt/core/identity/jwt/client/extension/internal/JWTClientExtensionDataHolder.java
index 7d253b2333..cd3999c9bf 100644
--- a/components/identity-extensions/io.entgra.device.mgt.core.identity.jwt.client.extension/src/main/java/io/entgra/device/mgt/core/identity/jwt/client/extension/internal/JWTClientExtensionDataHolder.java
+++ b/components/identity-extensions/io.entgra.device.mgt.core.identity.jwt.client.extension/src/main/java/io/entgra/device/mgt/core/identity/jwt/client/extension/internal/JWTClientExtensionDataHolder.java
@@ -74,17 +74,18 @@ public class JWTClientExtensionDataHolder {
public void setRealmService(RealmService realmService) {
this.realmService = realmService;
- this.setTenantManager(realmService);
+ setTenantManager(realmService != null ?
+ realmService.getTenantManager() : null);
}
- private void setTenantManager(RealmService realmService) {
- if (realmService == null) {
- throw new IllegalStateException("Realm service is not initialized properly");
- }
- this.tenantManager = realmService.getTenantManager();
+ private void setTenantManager(TenantManager tenantManager) {
+ this.tenantManager = tenantManager;
}
public TenantManager getTenantManager() {
+ if (tenantManager == null) {
+ throw new IllegalStateException("Tenant manager is not initialized properly");
+ }
return tenantManager;
}
}
diff --git a/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml b/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml
index 3ce48daefe..c40cefc413 100644
--- a/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml
+++ b/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/cdm-config.xml
@@ -189,7 +189,7 @@
<a href='https://entgra.io' target='_blank'>
Entgra
</a>
- IoT Server 5.2.0 | © 2023
+ UEM Server 5.3.0 | © 2023
, All Rights Reserved.
Entgra
diff --git a/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml b/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml
index 809c856038..b16935562d 100644
--- a/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml
+++ b/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf/mdm-ui-config.xml
@@ -227,6 +227,19 @@
perm:android:clear-application
perm:android:suspend-package
perm:android:alternate-install
+ perm:ios:lock
+ perm:ios:location
+ perm:ios:ring
+ perm:ios:clear-passcode
+ perm:ios:enterprise-wipe
+ perm:ios:notification
+ perm:ios:wipe-data
+ perm:ios:boolean-setting
+ perm:ios:wallpaper
+ perm:ios:app-attributes
+ perm:ios:app-configurations
+ perm:mac-os:restart
+ perm:mac-os:shut-down
device-mgt
diff --git a/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf_templates/templates/repository/conf/cdm-config.xml.j2 b/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf_templates/templates/repository/conf/cdm-config.xml.j2
index 262761caec..2152b1814f 100644
--- a/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf_templates/templates/repository/conf/cdm-config.xml.j2
+++ b/features/device-mgt/io.entgra.device.mgt.core.device.mgt.basics.feature/src/main/resources/conf_templates/templates/repository/conf/cdm-config.xml.j2
@@ -325,12 +325,16 @@
- <a href='https://entgra.io' target='_blank'>
- Entgra
- </a>
- IoT Server 5.2.0 | © 2023
- , All Rights Reserved.
-
+ <a href='https://entgra.io' target='_blank'>
+ Entgra
+ </a>
+ {% if product_conf is defined %}
+ {{product_conf.server_name}} {{product_conf.server_version}} | © {{product_conf.current_year}}
+ {% else %}
+ Entgra UEM Server
+ {% endif %}
+ , All Rights Reserved.
+
Entgra
repository/resources/whitelabel