ruwin
/
device-mgt-core
forked from community/device-mgt-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Permission modifications

Browse Source
revert-70aa11f8
kamidu 8 years ago
parent 940f2aaede
commit 878daae5c5
23 changed files with 302 additions and 244 deletions
Show Stats Download Patch File Download Diff File

2
components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/webapp/META-INF/permissions.xml
Unescape View File

@ -32,7 +32,7 @@
<!-- Device related APIs --> <!-- Device related APIs -->
<Permission> <Permission>
<name>get certificate in the database</name> <name>get certificate in the database</name>
<path>/device-mgt/admin/certificate/GetSignCSR</path> <path>/device-mgt/certificate/GetSignCSR</path>
<url>/certificates/scep/signcsr</url> <url>/certificates/scep/signcsr</url>
<method>POST</method> <method>POST</method>
<scope>emm_admin</scope> <scope>emm_admin</scope>

4
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java
Unescape View File

@ -93,7 +93,7 @@ public interface ActivityInfoProviderService {
message = "Internal Server Error. \n Server error occurred while fetching activity data.", message = "Internal Server Error. \n Server error occurred while fetching activity data.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Activities", permission = "/device-mgt/activities/view") @Permission(name = "View Activities", permission = "/device-mgt/devices/owning/view")
Response getActivity( Response getActivity(
@ApiParam( @ApiParam(
name = "id", name = "id",
@ -154,7 +154,7 @@ public interface ActivityInfoProviderService {
message = "Internal Server Error. \n Server error occurred while fetching activity data.", message = "Internal Server Error. \n Server error occurred while fetching activity data.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Activities", permission = "/device-mgt/activities/view") @Permission(name = "View Activities", permission = "/device-mgt/devices/owning/view")
Response getActivities( Response getActivities(
@ApiParam( @ApiParam(
name = "since", name = "since",

4
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java
Unescape View File

@ -82,7 +82,7 @@ public interface ConfigurationManagementService {
"platform configuration.", "platform configuration.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Configurations", permission = "/device-mgt/configuration/view") @Permission(name = "View Configurations", permission = "/device-mgt/configurations/view")
Response getConfiguration( Response getConfiguration(
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",
@ -128,7 +128,7 @@ public interface ConfigurationManagementService {
"Server error occurred while modifying general platform configuration.", "Server error occurred while modifying general platform configuration.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "Manage configurations", permission = "/device-mgt/configuration/manage") @Permission(name = "Manage configurations", permission = "/device-mgt/configurations/manage")
Response updateConfiguration( Response updateConfiguration(
@ApiParam( @ApiParam(
name = "configuration", name = "configuration",

16
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java
Unescape View File

@ -93,7 +93,7 @@ public interface DeviceManagementService {
message = "Internal Server Error. \n Server error occurred while fetching the device list.", message = "Internal Server Error. \n Server error occurred while fetching the device list.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getDevices( Response getDevices(
@ApiParam( @ApiParam(
name = "name", name = "name",
@ -200,7 +200,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving information requested device.", "Server error occurred while retrieving information requested device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getDevice( Response getDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -282,7 +282,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving feature list of the device.", "Server error occurred while retrieving feature list of the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getFeaturesOfDevice( Response getFeaturesOfDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -358,7 +358,7 @@ public interface DeviceManagementService {
"Server error occurred while enrolling the device.", "Server error occurred while enrolling the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response searchDevices( Response searchDevices(
@ApiParam( @ApiParam(
name = "offset", name = "offset",
@ -437,7 +437,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving installed application list of the device.", "Server error occurred while retrieving installed application list of the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getInstalledApplications( Response getInstalledApplications(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -533,7 +533,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving operation list scheduled for the device.", "Server error occurred while retrieving operation list scheduled for the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getDeviceOperations( Response getDeviceOperations(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -631,7 +631,7 @@ public interface DeviceManagementService {
response = ErrorResponse.class) response = ErrorResponse.class)
} }
) )
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getEffectivePolicyOfDevice( Response getEffectivePolicyOfDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -683,7 +683,7 @@ public interface DeviceManagementService {
response = ErrorResponse.class) response = ErrorResponse.class)
} }
) )
@Permission(name = "View Devices", permission = "/device-mgt/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getComplianceDataOfDevice( Response getComplianceDataOfDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",

2
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java
Unescape View File

@ -79,7 +79,7 @@ public interface DeviceTypeManagementService {
response = ErrorResponse.class) response = ErrorResponse.class)
} }
) )
@Permission(name = "View Device Types", permission = "/device-mgt/devices/view") @Permission(name = "View Device Types", permission = "/device-mgt/devices/owning/view")
Response getDeviceTypes( Response getDeviceTypes(
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",

2
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java
Unescape View File

@ -82,7 +82,7 @@ public interface GroupManagementService {
// //
// @GET // @GET
// @Path("/{groupName}/devices") // @Path("/{groupName}/devices")
// @Permission(scope = "group-view", permissions = {"/permission/admin/device-mgt/admin/groups/roles"}) // @Permission(scope = "group-view", permissions = {"/permission/admin/device-mgt/groups/roles"})
// Response getDevicesOfGroup(@PathParam("groupName") String groupName, @QueryParam("offset") int offset, // Response getDevicesOfGroup(@PathParam("groupName") String groupName, @QueryParam("offset") int offset,
// @QueryParam("limit") int limit); // @QueryParam("limit") int limit);
// //

2
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java
Unescape View File

@ -86,7 +86,7 @@ public interface DeviceManagementAdminService {
message = "Internal Server Error. \n Server error occurred while fetching the device list.", message = "Internal Server Error. \n Server error occurred while fetching the device list.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Devices", permission = "/device-mgt/admin/devices/view") @Permission(name = "View Devices", permission = "/device-mgt/devices/owning/view")
Response getDevicesByName( Response getDevicesByName(
@ApiParam( @ApiParam(
name = "name", name = "name",

2
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java
Unescape View File

@ -69,7 +69,7 @@ public interface UserManagementAdminService {
"Server error occurred while updating credentials of the user.", "Server error occurred while updating credentials of the user.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Permission(name = "View Users", permission = "/device-mgt/admin/users/view") @Permission(name = "View Users", permission = "/device-mgt/users/manage")
Response resetUserPassword( Response resetUserPassword(
@ApiParam( @ApiParam(
name = "username", name = "username",

106
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml
Unescape View File

@ -45,334 +45,334 @@
</Permission> </Permission>
<Permission> <Permission>
<name>Devices</name> <name>Devices</name>
<path>/device-mgt/admin/devices</path> <path>/device-mgt/devices</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Device related APIs --> <!-- Device related APIs -->
<Permission> <Permission>
<name>List devices</name> <name>List devices</name>
<path>/device-mgt/admin/devices/List</path> <path>/device-mgt/devices/List</path>
<url>/devices</url> <url>/devices</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Search devices</name> <name>Search devices</name>
<path>/device-mgt/admin/devices/Search</path> <path>/device-mgt/devices/Search</path>
<url>/devices/search-devices</url> <url>/devices/search-devices</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device</name> <name>View device</name>
<path>/device-mgt/admin/devices/View</path> <path>/device-mgt/devices/View</path>
<url>/devices/*/*</url> <url>/devices/*/*</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device info</name> <name>View device info</name>
<path>/device-mgt/admin/devices/View</path> <path>/device-mgt/devices/View</path>
<url>/devices/*/*/info</url> <url>/devices/*/*/info</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device applications</name> <name>View device applications</name>
<path>/device-mgt/admin/devices/View-Applications</path> <path>/device-mgt/devices/View-Applications</path>
<url>/devices/*/*/applications</url> <url>/devices/*/*/applications</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device effective-policy</name> <name>View device effective-policy</name>
<path>/device-mgt/admin/devices/View-Active-Policy</path> <path>/device-mgt/devices/View-Active-Policy</path>
<url>/devices/*/*/effective-policy</url> <url>/devices/*/*/effective-policy</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View devices feature</name> <name>View devices feature</name>
<path>/device-mgt/admin/devices/View-Features</path> <path>/device-mgt/devices/View-Features</path>
<url>/devices/*/*/features</url> <url>/devices/*/*/features</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device operations</name> <name>View device operations</name>
<path>/device-mgt/admin/devices/View-Operations</path> <path>/device-mgt/devices/View-Operations</path>
<url>/devices/*/*/operations</url> <url>/devices/*/*/operations</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View Compliance Data</name> <name>View Compliance Data</name>
<path>/device-mgt/admin/devices/View-Compliance-Data</path> <path>/device-mgt/devices/View-Compliance-Data</path>
<url>/devices/*/*/compliance-data</url> <url>/devices/*/*/compliance-data</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>List all devices</name> <name>List all devices</name>
<path>/device-mgt/admin/devices/Admin-View</path> <path>/device-mgt/devices/Admin-View</path>
<url>/admin/devices</url> <url>/admin/devices</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View device types</name> <name>View device types</name>
<path>/device-mgt/admin/devices/Admin-DeviceType-View</path> <path>/device-mgt/devices/Admin-DeviceType-View</path>
<url>/admin/device-types</url> <url>/admin/device-types</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- End of Device related APIs --> <!-- End of Device related APIs -->
<Permission> <Permission>
<name>Policies</name> <name>Policies</name>
<path>/device-mgt/admin/policies</path> <path>/device-mgt/policies</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Policy related APIs --> <!-- Policy related APIs -->
<Permission> <Permission>
<name>List policies</name> <name>List policies</name>
<path>/device-mgt/admin/policies/List</path> <path>/device-mgt/policies/List</path>
<url>/policies</url> <url>/policies</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Add Policy</name> <name>Add Policy</name>
<path>/device-mgt/admin/policies/Add</path> <path>/device-mgt/policies/Add</path>
<url>/policies</url> <url>/policies</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Activate policy</name> <name>Activate policy</name>
<path>/device-mgt/admin/policies/Activate-Policy</path> <path>/device-mgt/policies/Activate-Policy</path>
<url>/policies/activate-policy</url> <url>/policies/activate-policy</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Deactivate Policy</name> <name>Deactivate Policy</name>
<path>/device-mgt/admin/policies/Deactivate-Policy</path> <path>/device-mgt/policies/Deactivate-Policy</path>
<url>/policies/deactivate-policy</url> <url>/policies/deactivate-policy</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Remove Policy</name> <name>Remove Policy</name>
<path>/device-mgt/admin/policies/Remove</path> <path>/device-mgt/policies/Remove</path>
<url>/policies/remove-policy</url> <url>/policies/remove-policy</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View Policy</name> <name>View Policy</name>
<path>/device-mgt/admin/policies/View</path> <path>/device-mgt/policies/View</path>
<url>/policies/*</url> <url>/policies/*</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update Policy</name> <name>Update Policy</name>
<path>/device-mgt/admin/policies/Update</path> <path>/device-mgt/policies/Update</path>
<url>/policies/*</url> <url>/policies/*</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update Policy</name> <name>Update Policy</name>
<path>/device-mgt/admin/policies/Update</path> <path>/device-mgt/policies/Update</path>
<url>/policies/apply-changes</url> <url>/policies/apply-changes</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update Policy</name> <name>Update Policy</name>
<path>/device-mgt/admin/policies/Change-Priority</path> <path>/device-mgt/policies/Change-Priority</path>
<url>/policies/priorities</url> <url>/policies/priorities</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<!-- End of Policy related APIs --> <!-- End of Policy related APIs -->
<Permission> <Permission>
<name>Notifications</name> <name>Notifications</name>
<path>/device-mgt/admin/notifications</path> <path>/device-mgt/notifications</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Notification related APIs --> <!-- Notification related APIs -->
<Permission> <Permission>
<name>View notifications</name> <name>View notifications</name>
<path>/device-mgt/admin/notifications/View</path> <path>/device-mgt/notifications/View</path>
<url>/notifications</url> <url>/notifications</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Mark checked notifications</name> <name>Mark checked notifications</name>
<path>/device-mgt/admin/notifications/View</path> <path>/device-mgt/notifications/View</path>
<url>/notifications/*/mark-checked</url> <url>/notifications/*/mark-checked</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<!-- End of Notification related APIs --> <!-- End of Notification related APIs -->
<Permission> <Permission>
<name>Users</name> <name>Users</name>
<path>/device-mgt/admin/users</path> <path>/device-mgt/users</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- User related APIs --> <!-- User related APIs -->
<Permission> <Permission>
<name>List users</name> <name>List users</name>
<path>/device-mgt/admin/users/List</path> <path>/device-mgt/users/List</path>
<url>/users</url> <url>/users</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Add user</name> <name>Add user</name>
<path>/device-mgt/admin/users/Add</path> <path>/device-mgt/users/Add</path>
<url>/users</url> <url>/users</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>List users</name> <name>List users</name>
<path>/device-mgt/admin/users/Search</path> <path>/device-mgt/users/Search</path>
<url>/users/search/usernames</url> <url>/users/search/usernames</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Remove user</name> <name>Remove user</name>
<path>/device-mgt/admin/users/Remove</path> <path>/device-mgt/users/Remove</path>
<url>/users/*</url> <url>/users/*</url>
<method>DELETE</method> <method>DELETE</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View user</name> <name>View user</name>
<path>/device-mgt/admin/users/View</path> <path>/device-mgt/users/View</path>
<url>/users/*</url> <url>/users/*</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update user</name> <name>Update user</name>
<path>/device-mgt/admin/users/Update</path> <path>/device-mgt/users/Update</path>
<url>/users/*</url> <url>/users/*</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update user credentials</name> <name>Update user credentials</name>
<path>/device-mgt/admin/users/Change-Password</path> <path>/device-mgt/users/Change-Password</path>
<url>/users/*/credentials</url> <url>/users/*/credentials</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View assigned role</name> <name>View assigned role</name>
<path>/device-mgt/admin/roles/Assigned-Roles</path> <path>/device-mgt/roles/Assigned-Roles</path>
<url>/users/*/roles</url> <url>/users/*/roles</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Change any user credentials</name> <name>Change any user credentials</name>
<path>/device-mgt/admin/users/Change-Password-Any</path> <path>/device-mgt/users/Change-Password-Any</path>
<url>/admin/users/*/credentials</url> <url>/admin/users/*/credentials</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Send invitation mail</name> <name>Send invitation mail</name>
<path>/device-mgt/admin/users/Send-invitations</path> <path>/device-mgt/users/Send-invitations</path>
<url>/users/send-invitation</url> <url>/users/send-invitation</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<!-- End of User related APIs --> <!-- End of User related APIs -->
<Permission> <Permission>
<name>Roles</name> <name>Roles</name>
<path>/device-mgt/admin/roles</path> <path>/device-mgt/roles</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Role related APIs --> <!-- Role related APIs -->
<Permission> <Permission>
<name>List roles</name> <name>List roles</name>
<path>/device-mgt/admin/roles/List</path> <path>/device-mgt/roles/List</path>
<url>/roles</url> <url>/roles</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Add role</name> <name>Add role</name>
<path>/device-mgt/admin/roles/Add</path> <path>/device-mgt/roles/Add</path>
<url>/roles</url> <url>/roles</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Remove role</name> <name>Remove role</name>
<path>/device-mgt/admin/roles/Remove</path> <path>/device-mgt/roles/Remove</path>
<url>/roles/*</url> <url>/roles/*</url>
<method>DELETE</method> <method>DELETE</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View role</name> <name>View role</name>
<path>/device-mgt/admin/roles/View</path> <path>/device-mgt/roles/View</path>
<url>/roles/*</url> <url>/roles/*</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update role</name> <name>Update role</name>
<path>/device-mgt/admin/roles/Update</path> <path>/device-mgt/roles/Update</path>
<url>/roles/*</url> <url>/roles/*</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View role permissions</name> <name>View role permissions</name>
<path>/device-mgt/admin/roles/View-Permission</path> <path>/device-mgt/roles/View-Permission</path>
<url>/roles/*/permissions</url> <url>/roles/*/permissions</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Add Users to role</name> <name>Add Users to role</name>
<path>/device-mgt/admin/roles/Add-Users</path> <path>/device-mgt/roles/Add-Users</path>
<url>/roles/*/users</url> <url>/roles/*/users</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<!-- End of Role related APIs --> <!-- End of Role related APIs -->
<Permission> <Permission>
<name>Configurations</name> <name>Configurations</name>
<path>/device-mgt/admin/general-configs</path> <path>/device-mgt/general-configs</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Configuration related APIs --> <!-- Configuration related APIs -->
<Permission> <Permission>
<name>View configuration</name> <name>View configuration</name>
<path>/device-mgt/admin/general-configuration/View</path> <path>/device-mgt/general-configuration/View</path>
<url>/configuration</url> <url>/configuration</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Update configuration</name> <name>Update configuration</name>
<path>/device-mgt/admin/general-configuration/Update</path> <path>/device-mgt/general-configuration/Update</path>
<url>/configuration</url> <url>/configuration</url>
<method>PUT</method> <method>PUT</method>
</Permission> </Permission>
<!-- End of Configuration related APIs --> <!-- End of Configuration related APIs -->
<Permission> <Permission>
<name>Activities</name> <name>Activities</name>
<path>/device-mgt/admin/activities</path> <path>/device-mgt/activities</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Activity related APIs --> <!-- Activity related APIs -->
<Permission> <Permission>
<name>View Activities</name> <name>View Activities</name>
<path>/device-mgt/admin/activities/View</path> <path>/device-mgt/devices/owning/view</path>
<url>/activities</url> <url>/activities</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<Permission> <Permission>
<name>View Activity Details</name> <name>View Activity Details</name>
<path>/device-mgt/admin/activities/View</path> <path>/device-mgt/devices/owning/view</path>
<url>/activities/*</url> <url>/activities/*</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- End of Activity related APIs --> <!-- End of Activity related APIs -->
<Permission> <Permission>
<name>Applications</name> <name>Applications</name>
<path>/device-mgt/admin/applications</path> <path>/device-mgt/applications</path>
<url>/</url> <url>/</url>
<method>GET</method> <method>GET</method>
</Permission> </Permission>
<!-- Application related APIs --> <!-- Application related APIs -->
<Permission> <Permission>
<name>Install Applications</name> <name>Install Applications</name>
<path>/device-mgt/admin/application/Install</path> <path>/device-mgt/application/Install</path>
<url>/admin/applications/install-application</url> <url>/admin/applications/install-application</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>
<Permission> <Permission>
<name>Uninstall-Applications</name> <name>Uninstall-Applications</name>
<path>/device-mgt/admin/application/Uninstall</path> <path>/device-mgt/application/Uninstall</path>
<url>/admin/applications/uninstall-application</url> <url>/admin/applications/uninstall-application</url>
<method>POST</method> <method>POST</method>
</Permission> </Permission>

2
components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/group/mgt/DeviceGroupConstants.java
Unescape View File

@ -67,7 +67,7 @@ public class DeviceGroupConstants {
public static class Permissions { public static class Permissions {
public static final String[] DEFAULT_ADMIN_PERMISSIONS = public static final String[] DEFAULT_ADMIN_PERMISSIONS =
{"/permission/device-mgt/admin/groups", "/permission/device-mgt/user/groups"}; {"/permission/device-mgt/groups", "/permission/device-mgt/user/groups"};
public static final String[] DEFAULT_OPERATOR_PERMISSIONS = public static final String[] DEFAULT_OPERATOR_PERMISSIONS =
{"/permission/device-mgt/user/groups/device_operation"}; {"/permission/device-mgt/user/groups/device_operation"};
public static final String[] DEFAULT_STATS_MONITOR_PERMISSIONS = public static final String[] DEFAULT_STATS_MONITOR_PERMISSIONS =

4
components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java
Unescape View File

@ -47,7 +47,7 @@ import java.util.Map;
*/ */
public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthorizationService { public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthorizationService {
private final static String CDM_ADMIN_PERMISSION = "/device-mgt/admin"; private final static String CDM_ADMIN_PERMISSION = "/device-mgt/devices/any/permitted-actions-upon-owning-device";
private final static String CDM_ADMIN = "Device Management Administrator"; private final static String CDM_ADMIN = "Device Management Administrator";
private static Log log = LogFactory.getLog(DeviceAccessAuthorizationServiceImpl.class); private static Log log = LogFactory.getLog(DeviceAccessAuthorizationServiceImpl.class);
@ -246,7 +246,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
private boolean addAdminPermissionToRegistry() throws PermissionManagementException { private boolean addAdminPermissionToRegistry() throws PermissionManagementException {
Permission permission = new Permission(); Permission permission = new Permission();
permission.setName(CDM_ADMIN); permission.setName(CDM_ADMIN);
permission.setPath(CDM_ADMIN_PERMISSION); permission.setPath(PermissionUtils.getAbsolutePermissionPath(CDM_ADMIN_PERMISSION));
return PermissionUtils.putPermission(permission); return PermissionUtils.putPermission(permission);
} }

6
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/api/device-api.jag
Unescape View File

@ -152,7 +152,7 @@ if (!user) {
result = responsePayload.responseText; result = responsePayload.responseText;
}); });
} else if (uriMatcher.match("/{context}/api/devices/")) { } else if (uriMatcher.match("/{context}/api/devices/")) {
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/devices/list")) { if (userModule.isAuthorized("/permission/admin/device-mgt/devices/list")) {
result = deviceModule.listDevices(); result = deviceModule.listDevices();
} else { } else {
response.sendError(403); response.sendError(403);
@ -161,7 +161,7 @@ if (!user) {
elements = uriMatcher.elements(); elements = uriMatcher.elements();
deviceId = elements.deviceId; deviceId = elements.deviceId;
type = elements.type; type = elements.type;
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/devices/list")) { if (userModule.isAuthorized("/permission/admin/device-mgt/devices/list")) {
result = deviceModule.viewDevice(type, deviceId); result = deviceModule.viewDevice(type, deviceId);
}else { }else {
response.sendError(403); response.sendError(403);
@ -171,7 +171,7 @@ if (!user) {
deviceId = elements.deviceId; deviceId = elements.deviceId;
type = elements.type; type = elements.type;
operation = elements.operation; operation = elements.operation;
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/devices/operation")) { if (userModule.isAuthorized("/permission/admin/device-mgt/devices/operation")) {
result = deviceModule.performOperation(deviceId, operation, [], type); result = deviceModule.performOperation(deviceId, operation, [], type);
} else { } else {
response.sendError(403); response.sendError(403);

6
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/api/user-api.jag
Unescape View File

@ -98,7 +98,7 @@ if (uriMatcher.match("/{context}/api/user/authenticate")) {
/* /*
@Deprecated @Deprecated
*/ */
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/user/invite")) { if (userModule.isAuthorized("/permission/admin/device-mgt/user/invite")) {
elements = uriMatcher.elements(); elements = uriMatcher.elements();
username = elements.username; username = elements.username;
userModule.inviteUser(username); userModule.inviteUser(username);
@ -109,7 +109,7 @@ if (uriMatcher.match("/{context}/api/user/authenticate")) {
/* /*
@Deprecated @Deprecated
*/ */
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/user/add")) { if (userModule.isAuthorized("/permission/admin/device-mgt/user/add")) {
addUserFormData = request.getContent(); addUserFormData = request.getContent();
username = addUserFormData.username; username = addUserFormData.username;
firstname = addUserFormData.firstname; firstname = addUserFormData.firstname;
@ -160,7 +160,7 @@ if (uriMatcher.match("/{context}/api/user/authenticate")) {
/* /*
@Deprecated @Deprecated
*/ */
if (userModule.isAuthorized("/permission/admin/device-mgt/admin/user/remove")) { if (userModule.isAuthorized("/permission/admin/device-mgt/user/remove")) {
elements = uriMatcher.elements(); elements = uriMatcher.elements();
username = elements.username; username = elements.username;
try { try {

24
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/business-controllers/user.js
Unescape View File

@ -396,25 +396,25 @@ var userModule = function () {
publicMethods.getUIPermissions = function () { publicMethods.getUIPermissions = function () {
var permissions = {}; var permissions = {};
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/devices/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/devices/list")) {
permissions["LIST_DEVICES"] = true; permissions["LIST_DEVICES"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/devices/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/devices/list")) {
permissions["LIST_OWN_DEVICES"] = true; permissions["LIST_OWN_DEVICES"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/groups/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/groups/list")) {
permissions["LIST_ALL_GROUPS"] = true; permissions["LIST_ALL_GROUPS"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/groups/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/groups/list")) {
permissions["LIST_GROUPS"] = true; permissions["LIST_GROUPS"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/users/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/users/list")) {
permissions["LIST_USERS"] = true; permissions["LIST_USERS"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/roles/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/roles/list")) {
permissions["LIST_ROLES"] = true; permissions["LIST_ROLES"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/policies/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/policies/list")) {
permissions["LIST_ALL_POLICIES"] = true; permissions["LIST_ALL_POLICIES"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/policies/list")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/policies/list")) {
@ -426,28 +426,28 @@ var userModule = function () {
if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/groups/add")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/groups/add")) {
permissions["ADD_GROUP"] = true; permissions["ADD_GROUP"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/users/add")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/users/add")) {
permissions["ADD_USER"] = true; permissions["ADD_USER"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/users/remove")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/users/remove")) {
permissions["REMOVE_USER"] = true; permissions["REMOVE_USER"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/roles/add")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/roles/add")) {
permissions["ADD_ROLE"] = true; permissions["ADD_ROLE"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/policies/add")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/policies/add")) {
permissions["ADD_ADMIN_POLICY"] = true; permissions["ADD_ADMIN_POLICY"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/policies/add")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/policies/add")) {
permissions["ADD_POLICY"] = true; permissions["ADD_POLICY"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/policies/priority")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/policies/priority")) {
permissions["CHANGE_POLICY_PRIORITY"] = true; permissions["CHANGE_POLICY_PRIORITY"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/dashboard/view")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/dashboard/view")) {
permissions["VIEW_DASHBOARD"] = true; permissions["VIEW_DASHBOARD"] = true;
} }
if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/platform-configs/view")) { if (publicMethods.isAuthorized("/permission/admin/device-mgt/platform-configs/view")) {
permissions["TENANT_CONFIGURATION"] = true; permissions["TENANT_CONFIGURATION"] = true;
} }

110
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.certificate.create/create.hbs
Unescape View File

@ -23,77 +23,87 @@
<i class="icon fw fw-home"></i> <i class="icon fw fw-home"></i>
</a> </a>
</li> </li>
<li>
<a href="{{@app.context}}/certificates">
Certificates
</a>
</li>
<li> <li>
<a href="{{@app.context}}/certificates/add"> <a href="{{@app.context}}/certificates/add">
<span class="fw-stack"> Add
<i class="fw fw-ring fw-stack-2x"></i>
<i class="fw fw-document fw-stack-1x"></i>
</span>
Add Certificate
</a> </a>
</li> </li>
{{/zone}} {{/zone}}
{{#zone "content"}} {{#zone "content"}}
<!-- content/body --> {{#if isAuthorized}}
<div class="row"> <!-- content/body -->
<div class="col-md-12"> <div class="row">
<!-- content --> <div class="col-md-12">
<div id="certificate-create-form" class="container col-centered wr-content"> <!-- content -->
<div class="wr-form"> <div id="certificate-create-form" class="container col-centered wr-content">
<p class="page-sub-title">Add Certificate</p> <div class="wr-form">
<p>Please note that * sign represents required fields of data.</p> <p class="page-sub-title">Add Certificate</p>
<hr/> <p>Please note that * sign represents required fields of data.</p>
<div class="row"> <hr/>
<div class="col-lg-8"> <div class="row">
<div id="certificate-create-error-msg" class="alert alert-danger hidden" role="alert"> <div class="col-lg-8">
<i class="icon fw fw-error"></i><span></span> <div id="certificate-create-error-msg" class="alert alert-danger hidden" role="alert">
</div> <i class="icon fw fw-error"></i><span></span>
</div>
<label class="wr-input-label "> <label class="wr-input-label ">
Serial Number * Serial Number *
</label> </label>
<br> <br>
<div id="serialNoInputField" class="form-group wr-input-control"> <div id="serialNoInputField" class="form-group wr-input-control">
<input type="text" id="serialNo" class="form-control"/> <input type="text" id="serialNo" class="form-control"/>
</div> </div>
<label class="wr-input-label">Certificate *</label> <label class="wr-input-label">Certificate *</label>
<div id="certificateField" class="form-group wr-input-control"> <div id="certificateField" class="form-group wr-input-control">
<input type="file" id="certificate" class="form-control"/> <input type="file" id="certificate" class="form-control"/>
</div>
</div> </div>
</div> </div>
</div> <br>
<br> <div class="row">
<div class="row"> <div class="col-lg-8">
<div class="col-lg-8"> <button id="add-certificate-btn" class="wr-btn">Add Certificate</button>
<button id="add-certificate-btn" class="wr-btn">Add Certificate</button> </div>
</div> </div>
</div> </div>
</div> </div>
</div> <div id="certificate-created-msg" class="container col-centered wr-content hidden">
<div id="certificate-created-msg" class="container col-centered wr-content hidden"> <div class="wr-form">
<div class="wr-form"> <p class="page-sub-title">Certificate was added successfully.</p>
<p class="page-sub-title">Certificate was added successfully.</p> <br>
<br> <br>Please click <b>"Add Another Certificate"</b>, if you wish to add another certificate or
<br>Please click <b>"Add Another Certificate"</b>, if you wish to add another certificate or
click click
<b>"View Certificate List"</b> to complete the process and go back to the certificate list. <b>"View Certificate List"</b> to complete the process and go back to the certificate list.
<hr/> <hr/>
<button class="wr-btn" onclick="window.location.href='/emm/certificates'">View Certificate List <button class="wr-btn" onclick="window.location.href='/emm/certificates'">View Certificate List
</button> </button>
<a href="/emm/certificates/add" class="cu-btn-inner"> <a href="/emm/certificates/add" class="cu-btn-inner">
<span class="fw-stack"> <span class="fw-stack">
<i class="fw fw-ring fw-stack-2x"></i> <i class="fw fw-ring fw-stack-2x"></i>
<i class="fw fw-add fw-stack-1x"></i> <i class="fw fw-add fw-stack-1x"></i>
</span> </span>
Add Another Certificate Add Another Certificate
</a> </a>
</div>
</div> </div>
<!-- /content -->
</div> </div>
<!-- /content -->
</div> </div>
</div> <!-- /content/body -->
<!-- /content/body --> {{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter Certificate Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "bottomJs"}} {{#zone "bottomJs"}}

3
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.certificate.create/create.js
Unescape View File

@ -26,7 +26,8 @@ function onRequest(context) {
// var log = new Log("units/user-create/create.js"); // var log = new Log("units/user-create/create.js");
var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var mdmProps = require("/app/modules/conf-reader/main.js")["conf"]; var mdmProps = require("/app/modules/conf-reader/main.js")["conf"];
var viewModel = {};
viewModel.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/certificates/manage");
var response = userModule.getRolesByUserStore(); var response = userModule.getRolesByUserStore();
if (response["status"] == "success") { if (response["status"] == "success") {
viewModel["roles"] = response["content"]; viewModel["roles"] = response["content"];

18
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.certificates/certificates.hbs
Unescape View File

@ -24,14 +24,24 @@
</a> </a>
</li> </li>
<li> <li>
<a href="{{@app.context}}/certificates/add"> <a href="{{@app.context}}/certificates">
Certificate
</a>
</li>
{{/zone}}
{{#zone "navbarActions"}}
{{#if removePermitted}}
<li>
<a href="{{@app.context}}/certificates/add">
<span class="fw-stack"> <span class="fw-stack">
<i class="fw fw-ring fw-stack-2x"></i> <i class="fw fw-ring fw-stack-2x"></i>
<i class="fw fw-document fw-stack-1x"></i> <i class="fw fw-document fw-stack-1x"></i>
</span> </span>
Add Certificate Add Certificate
</a> </a>
</li> </li>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "content"}} {{#zone "content"}}

11
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/create.hbs
Unescape View File

@ -38,6 +38,7 @@
{{/zone}} {{/zone}}
{{#zone "content"}} {{#zone "content"}}
{{#if canManage}}
<!-- content/body --> <!-- content/body -->
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
@ -96,6 +97,7 @@
Role name is required, should be in minimum 3 characters long and not include any whitespaces. Role name is required, should be in minimum 3 characters long and not include any whitespaces.
</label> </label>
</div> </div>
{{#if canViewUsers}}
<label class="wr-input-label"> <label class="wr-input-label">
User list User list
</label> </label>
@ -104,6 +106,7 @@
<!--suppress HtmlFormInputWithoutLabel --> <!--suppress HtmlFormInputWithoutLabel -->
<select id="users" class="form-control select2" multiple="multiple"></select> <select id="users" class="form-control select2" multiple="multiple"></select>
</div> </div>
{{/if}}
</div> </div>
</div> </div>
<br> <br>
@ -134,6 +137,14 @@
</div> </div>
</div> </div>
<!-- /content/body --> <!-- /content/body -->
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter Role Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "bottomJs"}} {{#zone "bottomJs"}}
{{js "js/bottomJs.js"}} {{js "js/bottomJs.js"}}

20
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.role.create/create.js
Unescape View File

@ -20,16 +20,24 @@
* Returns the dynamic state to be populated by add-user page. * Returns the dynamic state to be populated by add-user page.
* *
* @param context Object that gets updated with the dynamic state of this page to be presented * @param context Object that gets updated with the dynamic state of this page to be presented
* @returns {*} A context object that returns the dynamic state of this page to be presented * @returns {*} A displayData object that returns the dynamic state of this page to be presented
*/ */
function onRequest(context) { function onRequest(context) {
var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var deviceMgtProps = require("/app/modules/conf-reader/main.js")["conf"]; var deviceMgtProps = require("/app/modules/conf-reader/main.js")["conf"];
var displayData = {};
context["userStores"] = userModule.getSecondaryUserStores(); displayData["userStores"] = userModule.getSecondaryUserStores();
context["roleNameJSRegEx"] = deviceMgtProps["roleValidationConfig"]["roleNameJSRegEx"]; displayData["roleNameJSRegEx"] = deviceMgtProps["roleValidationConfig"]["roleNameJSRegEx"];
context["roleNameHelpText"] = deviceMgtProps["roleValidationConfig"]["roleNameHelpMsg"]; displayData["roleNameHelpText"] = deviceMgtProps["roleValidationConfig"]["roleNameHelpMsg"];
context["roleNameRegExViolationErrorMsg"] = deviceMgtProps["roleValidationConfig"]["roleNameRegExViolationErrorMsg"]; displayData["roleNameRegExViolationErrorMsg"] = deviceMgtProps["roleValidationConfig"]["roleNameRegExViolationErrorMsg"];
return context; if (userModule.isAuthorized("/permission/admin/device-mgt/roles/manage")) {
displayData.canManage = true;
}
if (userModule.isAuthorized("/permission/admin/device-mgt/users/view")) {
displayData.canViewUsers = true;
}
return displayData;
} }

195
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/create.hbs
Unescape View File

@ -37,110 +37,123 @@
{{#zone "content"}} {{#zone "content"}}
{{#if canManage}} {{#if canManage}}
<!-- content/body --> <!-- content/body -->
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
<!-- content --> <!-- content -->
<div id="user-create-form" class="container col-centered wr-content"> <div id="user-create-form" class="container col-centered wr-content">
<div class="wr-form"> <div class="wr-form">
<p class="page-sub-title">Add User</p> <p class="page-sub-title">Add User</p>
<p>Please note that * sign represents required fields of data.</p> <p>Please note that * sign represents required fields of data.</p>
<hr/> <hr/>
<div class="row"> <div class="row">
<div class="col-lg-8"> <div class="col-lg-8">
<div id="user-create-error-msg" class="alert alert-danger hidden" role="alert"> <div id="user-create-error-msg" class="alert alert-danger hidden" role="alert">
<i class="icon fw fw-error"></i><span></span> <i class="icon fw fw-error"></i><span></span>
</div> </div>
<label class="wr-input-label" title="Select the domain of the user store from the drop-down given below. The domain of the default user store is PRIMARY"> <label class="wr-input-label"
User Store Domain title="Select the domain of the user store from the drop-down given below. The domain of the default user store is PRIMARY">
<span class="wr-help-tip glyphicon glyphicon-question-sign"></span> User Store Domain
</label> <span class="wr-help-tip glyphicon glyphicon-question-sign"></span>
<div class="wr-input-control"> </label>
<select id="userStore" class="form-control select"> <div class="wr-input-control">
<option value="PRIMARY">PRIMARY</option> <select id="userStore" class="form-control select">
{{#each userStores}} <option value="PRIMARY">PRIMARY</option>
<option value="{{this}}">{{this}}</option> {{#each userStores}}
{{/each}} <option value="{{this}}">{{this}}</option>
</select> {{/each}}
</div> </select>
<label class="wr-input-label" title="{{usernameHelpMsg}}"> </div>
User Name * <label class="wr-input-label" title="{{usernameHelpMsg}}">
<span class="wr-help-tip glyphicon glyphicon-question-sign"></span> User Name *
</label> <span class="wr-help-tip glyphicon glyphicon-question-sign"></span>
<div id="usernameInputField" class="form-group wr-input-control"> </label>
<input limit="{{charLimit}}" type="text" id="username" data-regex="{{usernameJSRegEx}}" data-errormsg="{{usernameRegExViolationErrorMsg}}" class="form-control"/> <div id="usernameInputField" class="form-group wr-input-control">
<span class=" usernameError hidden glyphicon glyphicon-remove form-control-feedback"></span> <input limit="{{charLimit}}" type="text" id="username"
<label class="error usernameEmpty hidden" for="summary">This field is required. Username should be in minimum 3 characters long and do not include any whitespaces.</label> data-regex="{{usernameJSRegEx}}"
</div> data-errormsg="{{usernameRegExViolationErrorMsg}}" class="form-control"/>
<label class="wr-input-label">First Name *</label> <span class=" usernameError hidden glyphicon glyphicon-remove form-control-feedback"></span>
<div id="firstNameField" class="form-group wr-input-control"> <label class="error usernameEmpty hidden" for="summary">This field is required.
<input type="text" id="firstname" data-regex="{{firstnameJSRegEx}}" data-errormsg="{{firstnameRegExViolationErrorMsg}}" class="form-control"/> Username should be in minimum 3 characters long and do not include any
<span class="glyphicon glyphicon-remove form-control-feedback hidden fnError"></span> whitespaces.</label>
<label class=" hidden error fnError" for="summary">This field is required.</label> </div>
</div> <label class="wr-input-label">First Name *</label>
<label class="wr-input-label">Last Name *</label> <div id="firstNameField" class="form-group wr-input-control">
<div id="lastNameField" class="form-group wr-input-control"> <input type="text" id="firstname" data-regex="{{firstnameJSRegEx}}"
<input type="text" id="lastname" data-regex="{{lastnameJSRegEx}}" data-errormsg="{{lastnameRegExViolationErrorMsg}}" class="form-control"/> data-errormsg="{{firstnameRegExViolationErrorMsg}}" class="form-control"/>
<span class="glyphicon glyphicon-remove form-control-feedback hidden lnError"></span> <span class="glyphicon glyphicon-remove form-control-feedback hidden fnError"></span>
<label class=" hidden error lnError" for="summary">This field is required.</label> <label class=" hidden error fnError" for="summary">This field is required.</label>
</div> </div>
<label class="wr-input-label" title="Ex: dan@abc.com"> <label class="wr-input-label">Last Name *</label>
Email Address * <div id="lastNameField" class="form-group wr-input-control">
<span class="wr-help-tip glyphicon glyphicon-question-sign"></span> <input type="text" id="lastname" data-regex="{{lastnameJSRegEx}}"
</label> data-errormsg="{{lastnameRegExViolationErrorMsg}}" class="form-control"/>
<div id="emailField" class=" form-group wr-input-control"> <span class="glyphicon glyphicon-remove form-control-feedback hidden lnError"></span>
<input type="email" id="emailAddress" class="form-control"/> <label class=" hidden error lnError" for="summary">This field is required.</label>
<span class="glyphicon glyphicon-remove form-control-feedback hidden emailError"></span> </div>
<label class=" hidden error email-required" for="summary">This field is required.</label> <label class="wr-input-label" title="Ex: dan@abc.com">
<label class=" hidden error email-invalid" for="summary">Invalid Email Address.</label> Email Address *
</div> <span class="wr-help-tip glyphicon glyphicon-question-sign"></span>
<label class="wr-input-label" title="Optional field that can have 0-to-many roles for the user"> </label>
User Roles <div id="emailField" class=" form-group wr-input-control">
<span class="wr-help-tip glyphicon glyphicon-question-sign"></span> <input type="email" id="emailAddress" class="form-control"/>
</label> <span class="glyphicon glyphicon-remove form-control-feedback hidden emailError"></span>
<div class="wr-input-control"> <label class=" hidden error email-required" for="summary">This field is
<select id="roles" class="form-control select2" multiple="multiple"> required.</label>
{{#each roles}} <label class=" hidden error email-invalid" for="summary">Invalid Email
<option>{{this}}</option> Address.</label>
{{/each}} </div>
</select> <label class="wr-input-label"
title="Optional field that can have 0-to-many roles for the user">
User Roles
<span class="wr-help-tip glyphicon glyphicon-question-sign"></span>
</label>
{{#if canViewRoles}}
<div class="wr-input-control">
<select id="roles" class="form-control select2" multiple="multiple">
{{#each roles}}
<option>{{this}}</option>
{{/each}}
</select>
</div>
{{/if}}
</div> </div>
</div> </div>
<br>
<button id="add-user-btn" class="wr-btn">Add User</button>
</div> </div>
<br>
<button id="add-user-btn" class="wr-btn">Add User</button>
</div> </div>
</div> <div id="user-created-msg" class="container col-centered wr-content hidden">
<div id="user-created-msg" class="container col-centered wr-content hidden"> <div class="wr-form">
<div class="wr-form"> <p class="page-sub-title">User was added successfully.</p>
<p class="page-sub-title">User was added successfully.</p> <p>
<p> An invitation mail will be sent to this user to initiate device enrollment.
An invitation mail will be sent to this user to initiate device enrollment. Below QR code can also be used to enroll a device.
Below QR code can also be used to enroll a device. </p>
</p> <div class="panel panel-default">
<div class="panel panel-default"> <div id="qr-code-modal" class="hidden" data-enrollment-url="{{enrollmentURL}}"></div>
<div id="qr-code-modal" class="hidden" data-enrollment-url="{{enrollmentURL}}"></div> <div class="panel-body">
<div class="panel-body"> <div class="qr-code col-lg-5 col-md-6 col-centered"></div>
<div class="qr-code col-lg-5 col-md-6 col-centered"></div> </div>
</div> </div>
</div>
<br>Please click <b>"Add Another User"</b>, if you wish to add another user or click <br>Please click <b>"Add Another User"</b>, if you wish to add another user or click
<b>"View User List"</b> to complete the process and go back to the user list. <b>"View User List"</b> to complete the process and go back to the user list.
<hr/> <hr/>
<button class="wr-btn" onclick="window.location.href='{{@app.context}}/users'">View User List</button> <button class="wr-btn" onclick="window.location.href='{{@app.context}}/users'">View User List
<a href="{{@app.context}}/user/add" class="cu-btn-inner"> </button>
<a href="{{@app.context}}/user/add" class="cu-btn-inner">
<span class="fw-stack"> <span class="fw-stack">
<i class="fw fw-ring fw-stack-2x"></i> <i class="fw fw-ring fw-stack-2x"></i>
<i class="fw fw-add fw-stack-1x"></i> <i class="fw fw-add fw-stack-1x"></i>
</span> </span>
Add Another User Add Another User
</a> </a>
</div>
</div> </div>
<!-- /content -->
</div> </div>
<!-- /content -->
</div> </div>
</div>
{{else}} {{else}}
<h1 class="page-sub-title"> <h1 class="page-sub-title">
Permission Denied Permission Denied

3
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.user.create/create.js
Unescape View File

@ -35,6 +35,9 @@ function onRequest() {
if (userModule.isAuthorized("/permission/admin/device-mgt/users/manage")) { if (userModule.isAuthorized("/permission/admin/device-mgt/users/manage")) {
page.canManage = true; page.canManage = true;
} }
if (userModule.isAuthorized("/permission/admin/device-mgt/roles/view")) {
page.canViewRoles = true;
}
var userStores = userModule.getSecondaryUserStores(); var userStores = userModule.getSecondaryUserStores();
page["userStores"] = userStores; page["userStores"] = userStores;
page["charLimit"] = devicemgtProps["usernameLength"]; page["charLimit"] = devicemgtProps["usernameLength"];

2
components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.js
Unescape View File

@ -26,6 +26,8 @@ function onRequest(context) {
var types = {}; var types = {};
types.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage"); types.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage");
types.isAuthorizedViewUsers = userModule.isAuthorized("/permission/admin/device-mgt/roles/view");
types.isAuthorizedViewRoles = userModule.isAuthorized("/permission/admin/device-mgt/users/view");
types["types"] = []; types["types"] = [];
var typesListResponse = deviceModule.getDeviceTypes(); var typesListResponse = deviceModule.getDeviceTypes();
if (typesListResponse["status"] == "success") { if (typesListResponse["status"] == "success") {

2
components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/config/Permissions.java
Unescape View File

@ -23,7 +23,7 @@ import javax.xml.bind.annotation.XmlType;
* &lt;simpleType> * &lt;simpleType>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}string"> * &lt;restriction base="{http://www.w3.org/2001/XMLSchema}string">
* &lt;enumeration value="/permission/device-mgt/user/groups/device_operation"/> * &lt;enumeration value="/permission/device-mgt/user/groups/device_operation"/>
* &lt;enumeration value="/permission/device-mgt/admin/groups"/> * &lt;enumeration value="/permission/device-mgt/groups"/>
* &lt;enumeration value="/permission/device-mgt/user/groups"/> * &lt;enumeration value="/permission/device-mgt/user/groups"/>
* &lt;enumeration value="/permission/device-mgt/user/groups/device_monitor"/> * &lt;enumeration value="/permission/device-mgt/user/groups/device_monitor"/>
* &lt;/restriction> * &lt;/restriction>

Write Preview
Loading…
Cancel
Save