From f9a9cff0b9bc14148d8acdc0c16e03528e2512fc Mon Sep 17 00:00:00 2001 From: Amalka Subasinghe Date: Mon, 28 Jun 2021 13:04:13 +0530 Subject: [PATCH] updated user roles --- .../ApplicationManagementPublisherAPI.java | 4 +- ...pplicationManagementPublisherAdminAPI.java | 2 +- .../ReviewManagementPublisherAdminAPI.java | 4 +- .../services/ApplicationManagementAPI.java | 2 +- .../api/services/ReviewManagementAPI.java | 4 +- .../services/SubscriptionManagementAPI.java | 4 +- .../admin/ReviewManagementStoreAdminAPI.java | 2 +- .../admin/SubscriptionManagementAdminAPI.java | 2 +- .../mgt/jaxrs/api/CertificateMgtService.java | 2 +- .../CertificateManagementAdminService.java | 10 +-- .../DeviceManagementConfigService.java | 8 +-- .../api/ActivityInfoProviderService.java | 2 +- .../AnalyticsArtifactsManagementService.java | 16 ++--- .../api/ConfigurationManagementService.java | 4 +- .../jaxrs/service/api/DeviceAgentService.java | 10 +-- .../api/DeviceEventManagementService.java | 4 +- .../service/api/DeviceManagementService.java | 22 +++---- .../api/DeviceTypeManagementService.java | 8 +-- .../service/api/GeoLocationBasedService.java | 6 +- .../service/api/GroupManagementService.java | 28 ++++---- .../jaxrs/service/api/MetadataService.java | 8 +-- .../api/NotificationManagementService.java | 4 +- .../service/api/PolicyManagementService.java | 20 +++--- .../service/api/RemoteSessionService.java | 2 +- .../service/api/ReportManagementService.java | 2 +- .../service/api/RoleManagementService.java | 16 ++--- .../service/api/UserManagementService.java | 26 ++++---- .../ApplicationManagementAdminService.java | 4 +- ...DeviceAccessAuthorizationAdminService.java | 2 +- ...AnalyticsArtifactUploaderAdminService.java | 2 +- .../admin/DeviceManagementAdminService.java | 6 +- .../DeviceTypeManagementAdminService.java | 6 +- .../admin/GroupManagementAdminService.java | 6 +- .../api/admin/UserManagementAdminService.java | 4 +- .../DeviceManagementServiceComponent.java | 4 ++ .../core/internal/UserRoleCreateObserver.java | 64 +++++++++++++++++++ .../ConfigurationManagementService.java | 2 +- 37 files changed, 195 insertions(+), 127 deletions(-) create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/UserRoleCreateObserver.java diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/ApplicationManagementPublisherAPI.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/ApplicationManagementPublisherAPI.java index 342552a230..19bf82f0f0 100644 --- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/ApplicationManagementPublisherAPI.java +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/ApplicationManagementPublisherAPI.java @@ -86,14 +86,14 @@ import javax.ws.rs.core.Response; name = "Get ApplicationDTO Details", description = "Get application details", key = "perm:app:publisher:view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/app-mgt/publisher/application/view"} ), @Scope( name = "Update an ApplicationDTO", description = "Update an application", key = "perm:app:publisher:update", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/app-mgt/publisher/application/update"} ) } diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/admin/ApplicationManagementPublisherAdminAPI.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/admin/ApplicationManagementPublisherAdminAPI.java index b967577d8b..bbf92d37eb 100644 --- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/admin/ApplicationManagementPublisherAdminAPI.java +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/admin/ApplicationManagementPublisherAdminAPI.java @@ -68,7 +68,7 @@ import java.util.List; name = "Delete Application Release", description = "Delete Application Release", key = "perm:admin:app:publisher:update", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/app-mgt/publisher/admin/application/update"} ) } diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/admin/ReviewManagementPublisherAdminAPI.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/admin/ReviewManagementPublisherAdminAPI.java index 5a10d06872..73a1ccb636 100644 --- a/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/admin/ReviewManagementPublisherAdminAPI.java +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/admin/ReviewManagementPublisherAdminAPI.java @@ -65,14 +65,14 @@ scopes = { name = "Update a Review", description = "Update a Review of application.", key = "perm:admin:app:review:update", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/app-mgt/publisher/admin/review/update"} ), @Scope( name = "Get Review Details", description = "Get review details of application.", key = "perm:admin:app:review:view", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/app-mgt/publisher/admin/review/view"} ) } diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/ApplicationManagementAPI.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/ApplicationManagementAPI.java index 8d0e1bb1fb..eaf5380ddf 100644 --- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/ApplicationManagementAPI.java +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/ApplicationManagementAPI.java @@ -68,7 +68,7 @@ import javax.ws.rs.core.Response; name = "Get Application Details", description = "Get application details", key = "perm:app:store:view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/app-mgt/store/application/view"} ) } diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/ReviewManagementAPI.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/ReviewManagementAPI.java index 330579effe..a620045426 100644 --- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/ReviewManagementAPI.java +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/ReviewManagementAPI.java @@ -73,14 +73,14 @@ import java.util.List; name = "Get Review Details", description = "Get review details from application store.", key = "perm:app:review:view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/app-mgt/store/review/view"} ), @Scope( name = "Update a Review", description = "Update a Review from the application store.", key = "perm:app:review:update", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/app-mgt/store/review/update"} ), } diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/SubscriptionManagementAPI.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/SubscriptionManagementAPI.java index 3d96b242fc..42b20140d0 100644 --- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/SubscriptionManagementAPI.java +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/SubscriptionManagementAPI.java @@ -70,14 +70,14 @@ import java.util.List; name = "Install an ApplicationDTO", description = "Install an application", key = "perm:app:subscription:install", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/app-mgt/store/subscription/install"} ), @Scope( name = "Uninstall an Application", description = "Uninstall an application", key = "perm:app:subscription:uninstall", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/app-mgt/store/subscription/uninstall"} ) } diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/admin/ReviewManagementStoreAdminAPI.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/admin/ReviewManagementStoreAdminAPI.java index 9b26fa939f..cfaf91a5cc 100644 --- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/admin/ReviewManagementStoreAdminAPI.java +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/admin/ReviewManagementStoreAdminAPI.java @@ -63,7 +63,7 @@ scopes = { name = "Update a Review", description = "Update a Review of applications.", key = "perm:admin:app:review:update", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/app-mgt/store/admin/review/update"} ) } diff --git a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/admin/SubscriptionManagementAdminAPI.java b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/admin/SubscriptionManagementAdminAPI.java index 66c39e29a3..d46594d6cc 100644 --- a/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/admin/SubscriptionManagementAdminAPI.java +++ b/components/application-mgt/org.wso2.carbon.device.application.mgt.store.api/src/main/java/org/wso2/carbon/device/application/mgt/store/api/services/admin/SubscriptionManagementAdminAPI.java @@ -67,7 +67,7 @@ import java.util.List; name = "View Application Subscriptions", description = "View Application Subscriptions.", key = "perm:admin:app:subscription:view", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/app-mgt/store/admin/subscription/view"} ) } diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java index a061b57d82..b6ec9993fe 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java @@ -41,7 +41,7 @@ import javax.ws.rs.core.Response; name = "Sign CSR", description = "Sign CSR", key = "perm:sign-csr", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/certificates/manage"} ) } diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java index 87b6bb04fe..5204205dc1 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java @@ -45,35 +45,35 @@ import javax.ws.rs.core.Response; name = "Adding a new SSL certificate", description = "Adding a new SSL certificate", key = "perm:admin:certificates:add", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/certificates/add"} ), @Scope( name = "Getting Details of an SSL Certificate", description = "Getting Details of an SSL Certificate", key = "perm:admin:certificates:details", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/certificates/details"} ), @Scope( name = "Getting Details of Certificates", description = "Getting Details of Certificates", key = "perm:admin:certificates:view", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/certificates/view"} ), @Scope( name = "Deleting an SSL Certificate", description = "Deleting an SSL Certificate", key = "perm:admin:certificates:delete", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/certificates/delete"} ), @Scope( name = "Verify SSL certificate", description = "Verify SSL certificate", key = "perm:admin:certificates:verify", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/certificates/verify"} ) } diff --git a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/DeviceManagementConfigService.java b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/DeviceManagementConfigService.java index c4bdc58b17..d5fe117a63 100644 --- a/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/DeviceManagementConfigService.java +++ b/components/device-mgt/io.entgra.carbon.device.mgt.config.api/src/main/java/io/entgra/carbon/device/mgt/config/jaxrs/service/DeviceManagementConfigService.java @@ -71,28 +71,28 @@ import java.util.List; name = "View configurations", description = "", key = "perm:view-configuration", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/platform-configurations/view"} ), @Scope( name = "Manage configurations", description = "", key = "perm:manage-configuration", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/platform-configurations/manage"} ), @Scope( name = "Getting Details of Device tenants", description = "Getting Details of Device tenants", key = "perm:admin:tenant:view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/tenants/view"} ), @Scope( name = "Add a permission to the permission tree", description = "Add a permission to the permission tree", key = "perm:admin:permissions:add", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/permissions/add"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java index 4219f6b669..43bd7e847b 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java @@ -76,7 +76,7 @@ import javax.ws.rs.core.Response; name = "Get activities", description = "Get activities", key = "perm:get-activity", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/AnalyticsArtifactsManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/AnalyticsArtifactsManagementService.java index b6783010ac..608d19fb92 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/AnalyticsArtifactsManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/AnalyticsArtifactsManagementService.java @@ -68,49 +68,49 @@ import javax.ws.rs.core.Response; name = "Create Event Stream Artifact", description = "Create Event Stream Artifact", key = "perm:analytics:artifacts:stream", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/analytics/artifacts/stream/add"}), @Scope( name = "Delete Stream Artifact", description = "Delete Stream Artifact", key = "perm:analytics:artifacts:stream:delete", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/analytics/artifacts/stream/delete"}), @Scope( name = "Create Event Receiver Artifact", description = "Create Event Receiver Artifact", key = "perm:analytics:artifacts:receiver", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/analytics/artifacts/receiver/add"}), @Scope( name = "Delete Receiver Artifact", description = "Delete Receiver Artifact", key = "perm:analytics:artifacts:receiver:delete", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/analytics/artifacts/receiver/delete"}), @Scope( name = "Create Event Publisher Artifact", description = "Create Event Publisher Artifact", key = "perm:analytics:artifacts:publisher", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/analytics/artifacts/publisher/add"}), @Scope( name = "Delete Publisher Artifact", description = "Delete Publisher Artifact", key = "perm:analytics:artifacts:publisher:delete", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/analytics/artifacts/publisher/delete"}), @Scope( name = "Create Siddhi Script Artifact", description = "Create Siddhi Script Artifact", key = "perm:analytics:artifacts:siddhi", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/analytics/artifacts/siddhi-script/add"}), @Scope( name = "Delete Siddhi Script Artifact", description = "Delete Siddhi Script Artifact", key = "perm:analytics:artifacts:siddhi:delete", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/analytics/artifacts/siddhi-script/delete"}) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java index 92e1f9a473..fe328f9f8c 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java @@ -69,14 +69,14 @@ import javax.ws.rs.core.Response; name = "View configurations", description = "", key = "perm:view-configuration", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/platform-configurations/view"} ), @Scope( name = "Manage configurations", description = "", key = "perm:manage-configuration", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/platform-configurations/manage"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceAgentService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceAgentService.java index 66d8da7eab..467ae522a2 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceAgentService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceAgentService.java @@ -77,35 +77,35 @@ import java.util.Map; name = "Enroll Device", description = "Register a device", key = "perm:device:enroll", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/add"} ), @Scope( name = "Modify Device", description = "Modify a device", key = "perm:device:modify", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/modify"} ), @Scope( name = "Disenroll Device", description = "Disenroll a device", key = "perm:device:disenroll", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/remove"} ), @Scope( name = "Publish Event", description = "publish device event", key = "perm:device:publish-event", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/event"} ), @Scope( name = "Getting Device Operation Details", description = "Getting Device Operation Details", key = "perm:device:operations", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceEventManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceEventManagementService.java index 2f91595d38..dbba4be604 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceEventManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceEventManagementService.java @@ -51,14 +51,14 @@ import javax.ws.rs.core.Response; name = "Add or Delete Event Definition for device type", description = "Add or Delete Event Definition for device type", key = "perm:device-types:events", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/device-type/add"} ), @Scope( name = "Get Events Details of a Device Type", description = "Get Events Details of a Device Type", key = "perm:device-types:events:view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java index 075061a253..de81d28918 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java @@ -107,77 +107,77 @@ import java.util.List; name = "Getting Details of Registered Devices", description = "Getting Details of Registered Devices", key = "perm:devices:view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Details of a Device", description = "Getting Details of a Device", key = "perm:devices:details", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Update the device specified by device id", description = "Update the device specified by device id", key = "perm:devices:update", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Delete the device specified by device id", description = "Delete the device specified by device id", key = "perm:devices:delete", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Feature Details of a Device", description = "Getting Feature Details of a Device", key = "perm:devices:features", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Advanced Search for Devices", description = "Advanced Search for Devices", key = "perm:devices:search", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Installed Application Details of a Device", description = "Getting Installed Application Details of a Device", key = "perm:devices:applications", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Device Operation Details", description = "Getting Device Operation Details", key = "perm:devices:operations", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Get the details of the policy that is enforced on a device.", description = "Get the details of the policy that is enforced on a device.", key = "perm:devices:effective-policy", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Policy Compliance Details of a Device", description = "Getting Policy Compliance Details of a Device", key = "perm:devices:compliance-data", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Change device status.", description = "Change device status.", key = "perm:devices:change-status", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/change-status"} ), } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java index 0d9adb0197..933ce64517 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java @@ -87,28 +87,28 @@ import javax.ws.rs.core.Response; name = "Getting the Supported Device Platforms", description = "Getting the Supported Device Platforms", key = "perm:device-types:types", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/device-type/view"} ), @Scope( name = "Get Feature Details of a Device Type", description = "Get Feature Details of a Device Type", key = "perm:device-types:features", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/device-type/features/view"} ), @Scope( name = "Get Config Details of a Device Type", description = "Get Config Details of a Device Type", key = "perm:device-types:configs", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/device-type/config/view"} ), @Scope( name = "Getting Details of Policies", description = "Getting Details of Policies", key = "perm:policies:get-details", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/view"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GeoLocationBasedService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GeoLocationBasedService.java index 775f5c9e82..75fb07ef87 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GeoLocationBasedService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GeoLocationBasedService.java @@ -73,21 +73,21 @@ import java.util.List; name = "View Analytics", description = "", key = "perm:geo-service:analytics-view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view-analytics"} ), @Scope( name = "Manage Alerts", description = "", key = "perm:geo-service:alerts-manage", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/manage-alerts"} ), @Scope( name = "Manage Geo Fences", description = "", key = "perm:geo-service:geo-fence", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/manage-geo-fence"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java index 0d90f3dfd4..fc2bfadc56 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java @@ -82,98 +82,98 @@ import java.util.List; name = "Get the list of groups belongs to current user.", description = "Get the list of groups belongs to current user.", key = "perm:groups:groups", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/view"} ), @Scope( name = "Get the count of groups belongs to current user.", description = "Get the count of groups belongs to current user.", key = "perm:groups:count", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/view"} ), @Scope( name = "Add new device group to the system.", description = "Add new device group to the system.", key = "perm:groups:add", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/add"} ), @Scope( name = "View group specified", description = "View group specified", key = "perm:groups:groups-view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/view"} ), @Scope( name = "Update a group", description = "Update a group", key = "perm:groups:update", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/update"} ), @Scope( name = "Delete a group", description = "Delete a group", key = "perm:groups:remove", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/remove"} ), @Scope( name = "Manage group sharing with a user", description = "Manage group sharing with a user", key = "perm:groups:share", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/share"} ), @Scope( name = "View list of roles of a device group", description = "View list of roles of a device group", key = "perm:groups:roles", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/roles/view"} ), @Scope( name = "View list of devices in the device group", description = "View list of devices in the device group", key = "perm:groups:devices", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/devices/view"} ), @Scope( name = "View list of device count in the device group", description = "View list of device count in the device group", key = "perm:groups:devices-count", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/devices/view"} ), @Scope( name = "Add devices to group", description = "Add devices to group", key = "perm:groups:devices-add", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/devices/add"} ), @Scope( name = "Remove devices from group", description = "Remove devices from group", key = "perm:groups:devices-remove", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/devices/remove"} ), @Scope( name = "Assign devices to groups", description = "Assign devices to groups", key = "perm:groups:assign", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/devices/add"} ), @Scope( name = "List of groups that have the device", description = "List of groups that have the device", key = "perm:groups:device", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/groups/devices/view"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/MetadataService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/MetadataService.java index 7f6ab365df..446944729b 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/MetadataService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/MetadataService.java @@ -73,28 +73,28 @@ import javax.ws.rs.core.Response; name = "View metadata records", description = "View metadata records", key = "perm:metadata:view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/metadata/view"} ), @Scope( name = "Create a metadata record", description = "Create a metadata record", key = "perm:metadata:create", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/metadata/create"} ), @Scope( name = "Update a metadata record", description = "Updating a specified metadata record", key = "perm:metadata:update", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/metadata/update"} ), @Scope( name = "Delete a metadata record", description = "Delete a specified metadata record", key = "perm:metadata:remove", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/metadata/remove"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java index 9d36d1067f..7de2265e59 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java @@ -73,14 +73,14 @@ import javax.ws.rs.core.Response; name = "Getting All Device Notification Details", description = "Getting All Device Notification Details", key = "perm:notifications:view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/notifications/view"} ), @Scope( name = "Updating the Device Notification Status", description = "Updating the Device Notification Status", key = "perm:notifications:mark-checked", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/notifications/view"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java index 4db3de0ab5..a84d4e7f03 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java @@ -79,70 +79,70 @@ import java.util.List; name = "Adding a Policy", description = "Adding a Policy", key = "perm:policies:manage", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Getting Details of Policies", description = "Getting Details of Policies", key = "perm:policies:get-details", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/view"} ), @Scope( name = "Getting Details of a Policy", description = "Getting Details of a Policy", key = "perm:policies:get-policy-details", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/view"} ), @Scope( name = "Updating a Policy", description = "Updating a Policy", key = "perm:policies:update", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Removing Multiple Policies", description = "Removing Multiple Policies", key = "perm:policies:remove", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Activating Policies", description = "Activating Policies", key = "perm:policies:activate", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Deactivating Policies", description = "Deactivating Policies", key = "perm:policies:deactivate", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Applying Changes on Policies", description = "Applying Changes on Policies", key = "perm:policies:changes", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Updating the Policy Priorities", description = "Updating the Policy Priorities", key = "perm:policies:priorities", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Fetching the Effective Policy", description = "Fetching the Effective Policy", key = "perm:policies:effective-policy", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/policies/view"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RemoteSessionService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RemoteSessionService.java index f52a9f1aa7..010e7ffeca 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RemoteSessionService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RemoteSessionService.java @@ -61,7 +61,7 @@ import javax.ws.rs.core.Response; name = "Remote Session Connection", description = "", key = "perm:remote-session-service:connect", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/remote-session"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ReportManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ReportManagementService.java index 41364f8afd..00929b71b0 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ReportManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ReportManagementService.java @@ -66,7 +66,7 @@ import java.util.List; name = "Getting Details of Registered Devices", description = "Getting Details of Registered Devices", key = "perm:devices:view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java index d3cbb88469..d0e8f0d201 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java @@ -53,56 +53,56 @@ import java.util.List; name = "Getting the List of Roles", description = "Getting the List of Roles", key = "perm:roles:view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/roles/view"} ), @Scope( name = "Getting Permission Details of a Role", description = "Getting Permission Details of a Role", key = "perm:roles:permissions", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/roles/view"} ), @Scope( name = "Getting the List of Roles", description = "Getting the List of Roles", key = "perm:roles:details", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/roles/view"} ), @Scope( name = "Adding a Role", description = "Adding a Role", key = "perm:roles:add", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Adding a combined Role", description = "Adding a combined Role", key = "perm:roles:create-combined-role", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Updating Role Details", description = "Updating Role Details", key = "perm:roles:update", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Deleting a Role", description = "Deleting a Role", key = "perm:roles:delete", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Adding Users to a Role", description = "Adding Users to a Role", key = "perm:roles:add-users", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/roles/manage"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java index 5be208a448..f27d740099 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java @@ -97,91 +97,91 @@ import javax.ws.rs.core.Response; name = "Adding a User", description = "Adding a User", key = "perm:users:add", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/users/manage"} ), @Scope( name = "Getting Details of a User", description = "Getting Details of a User", key = "perm:users:details", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/users/view"} ), @Scope( name = "Updating Details of a User", description = "Updating Details of a User", key = "perm:users:update", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/users/manage"} ), @Scope( name = "Deleting a User", description = "Deleting a User", key = "perm:users:delete", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/users/manage"} ), @Scope( name = "Getting the Role Details of a User", description = "Getting the Role Details of a User", key = "perm:users:roles", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/users/view"} ), @Scope( name = "Getting Details of Users", description = "Getting Details of Users", key = "perm:users:user-details", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/users/view"} ), @Scope( name = "Getting the User Count", description = "Getting the User Count", key = "perm:users:count", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/users/view"} ), @Scope( name = "Getting the User existence status", description = "Getting the User existence status", key = "perm:users:is-exist", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/users/view"} ), @Scope( name = "Searching for a User Name", description = "Searching for a User Name", key = "perm:users:search", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/users/view"} ), @Scope( name = "Changing the User Password", description = "Adding a User", key = "perm:users:credentials", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/login"} ), @Scope( name = "Sending Enrollment Invitations to Users", description = "Sending Enrollment Invitations to Users", key = "perm:users:send-invitation", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/users/manage"} ), @Scope( name = "Get activities", description = "Get activities", key = "perm:get-activity", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting the Permissions of the User", description = "Getting the Permissions of the User", key = "perm:user:permission-view", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/login"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java index 2ff9bf9783..f87d256ef5 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java @@ -67,14 +67,14 @@ import javax.ws.rs.core.Response; name = "Installing an Application (Internal API)", description = "Installing an Application (Internal API)", key = "perm:applications:install", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/applications/manage"} ), @Scope( name = "Uninstalling an Application (Internal API)", description = "Uninstalling an Application (Internal API)", key = "perm:applications:uninstall", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/applications/manage"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAccessAuthorizationAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAccessAuthorizationAdminService.java index cb23896ea4..45a8fe606b 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAccessAuthorizationAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAccessAuthorizationAdminService.java @@ -67,7 +67,7 @@ import javax.ws.rs.core.Response; name = "Verify device authorization", description = "Verify device authorization", key = "perm:authorization:verify", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/authorization/verify"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAnalyticsArtifactUploaderAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAnalyticsArtifactUploaderAdminService.java index 8722e0cae0..0deeafb2b5 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAnalyticsArtifactUploaderAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceAnalyticsArtifactUploaderAdminService.java @@ -57,7 +57,7 @@ import javax.ws.rs.core.Response; name = "Devicetype deployment", description = "Deploy devicetype", key = "perm:devicetype:deployment", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devicetype/deploy"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java index eb4b10fc41..3079dd4ad3 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java @@ -94,21 +94,21 @@ import java.util.List; name = "Getting Details of a Device", description = "Getting Details of a Device", key = "perm:admin:devices:view", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Update the Device Owner", description = "Update the ownership of the device", key = "perm:admin:devices:update-enrollment", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/devices/update-enrollment"} ), @Scope( name = "Permanently Delete the device specified by device id", description = "Permanently Delete the device specified by device id", key = "perm:devices:permanent-delete", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/devices/permanent-delete"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceTypeManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceTypeManagementAdminService.java index 17224c605e..4449f1e60d 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceTypeManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceTypeManagementAdminService.java @@ -92,21 +92,21 @@ import javax.ws.rs.core.Response; name = "Manage a Device Type", description = "Add, Edit or View a Device Type", key = "perm:admin:device-type", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/device-type"} ), @Scope( name = "Getting Details of a Device Type", description = "Getting Details of a Device Type", key = "perm:admin:device-type:view", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/device-type/view"} ), @Scope( name = "Add Device Type Config", description = "Add Platform Config of a Device Type", key = "perm:admin:device-type:configs", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/device-type/config"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java index 30f2da5714..e430611e90 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java @@ -70,21 +70,21 @@ import javax.ws.rs.core.Response; name = "View groups", description = "", key = "perm:admin-groups:view", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/groups/view"} ), @Scope( name = "Count groups", description = "", key = "perm:admin-groups:count", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/groups/view"} ), @Scope( name = "Add groups", description = "", key = "perm:admin-groups:add", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/admin/groups/add"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java index 9dbfbbc6f8..29260f31e0 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java @@ -53,14 +53,14 @@ import javax.ws.rs.core.Response; name = "View Users", description = "View Users", key = "perm:admin-users:view", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/users/manage"} ), @Scope( name = "Delete Users Device Information", description = "Delete users device details", key = "perm:admin-users:remove", - roles = {"admin"}, + roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/users/manage"} ) } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java index 9bbb385b20..859659bdf5 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementServiceComponent.java @@ -22,6 +22,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.osgi.framework.BundleContext; import org.osgi.service.component.ComponentContext; +import org.wso2.carbon.core.ServerStartupObserver; import org.wso2.carbon.device.mgt.common.app.mgt.ApplicationManagementException; import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService; import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfigurationManagementService; @@ -291,6 +292,9 @@ public class DeviceManagementServiceComponent { TenantCreateObserver listener = new TenantCreateObserver(); bundleContext.registerService(Axis2ConfigurationContextObserver.class.getName(), listener, null); + UserRoleCreateObserver userRoleCreateObserver = new UserRoleCreateObserver(); + bundleContext.registerService(ServerStartupObserver.class.getName(), userRoleCreateObserver, null); + /* Registering Device Management Service */ DeviceManagementProviderService deviceManagementProvider = new DeviceManagementProviderServiceImpl(); DeviceManagementDataHolder.getInstance().setDeviceManagementProvider(deviceManagementProvider); diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/UserRoleCreateObserver.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/UserRoleCreateObserver.java new file mode 100644 index 0000000000..779dd69191 --- /dev/null +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/UserRoleCreateObserver.java @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.wso2.carbon.device.mgt.core.internal; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.core.ServerStartupObserver; +import org.wso2.carbon.device.mgt.core.DeviceManagementConstants; +import org.wso2.carbon.user.api.UserStoreException; +import org.wso2.carbon.user.api.UserStoreManager; +import org.wso2.carbon.utils.multitenancy.MultitenantConstants; + +public class UserRoleCreateObserver implements ServerStartupObserver { + private static final Log log = LogFactory.getLog(UserRoleCreateObserver.class); + @Override + public void completingServerStartup() { + + } + + @Override + public void completedServerStartup() { + String tenantDomain = MultitenantConstants.SUPER_TENANT_DOMAIN_NAME; + String tenantAdminName = "admin"; + + try { + UserStoreManager userStoreManager = + DeviceManagementDataHolder.getInstance().getRealmService().getTenantUserRealm( + MultitenantConstants.SUPER_TENANT_ID).getUserStoreManager(); + userStoreManager.addRole( + DeviceManagementConstants.User.DEFAULT_DEVICE_ADMIN, + new String[]{tenantAdminName}, + DeviceManagementConstants.User.PERMISSIONS_FOR_DEVICE_ADMIN); + userStoreManager.addRole( + DeviceManagementConstants.User.DEFAULT_DEVICE_USER, null, + DeviceManagementConstants.User.PERMISSIONS_FOR_DEVICE_USER); + + if (log.isDebugEnabled()) { + log.debug("Device management roles: " + DeviceManagementConstants.User.DEFAULT_DEVICE_USER + ", " + + DeviceManagementConstants.User.DEFAULT_DEVICE_ADMIN + " created for the tenant:" + tenantDomain + "." + ); + log.debug("Tenant administrator: " + tenantAdminName + "@" + tenantDomain + + " is assigned to the role:" + DeviceManagementConstants.User.DEFAULT_DEVICE_ADMIN + "." + ); + } + } catch (UserStoreException e) { + log.error("Error occurred while creating roles for the tenant: " + tenantDomain + "."); + } + } +} diff --git a/components/transport-mgt/sms-handler/io.entgra.transport.mgt.sms.handler.api/src/main/java/io/entgra/transport/mgt/sms/handler/api/service/ConfigurationManagementService.java b/components/transport-mgt/sms-handler/io.entgra.transport.mgt.sms.handler.api/src/main/java/io/entgra/transport/mgt/sms/handler/api/service/ConfigurationManagementService.java index 3d4f1d9e0f..18d295b53a 100644 --- a/components/transport-mgt/sms-handler/io.entgra.transport.mgt.sms.handler.api/src/main/java/io/entgra/transport/mgt/sms/handler/api/service/ConfigurationManagementService.java +++ b/components/transport-mgt/sms-handler/io.entgra.transport.mgt.sms.handler.api/src/main/java/io/entgra/transport/mgt/sms/handler/api/service/ConfigurationManagementService.java @@ -64,7 +64,7 @@ import javax.ws.rs.core.Response; name = "View configurations", description = "", key = "perm:sms-handler:view-configuration", - roles = {"Internal/everyone"}, + roles = {"Internal/devicemgt-user"}, permissions = {"/sms-handler/platform-configurations/view"} ) })