adding jaggery app

application-manager-new
Rasika 10 years ago
parent 5ac84ae316
commit 73aaac46b0

20
.gitignore vendored

@ -10,3 +10,23 @@
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid* hs_err_pid*
*.class
# Mobile Tools for Java (J2ME)
.mtj.tmp/
# Package Files #
*.war
*.ear
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*
# Ignore everything in this directory
target
.classpath
.settings
.project
*.iml
.idea

@ -340,6 +340,10 @@
<tasks> <tasks>
<mkdir dir="target/wso2carbon-core-${carbon.kernel.version}/repository/deployment/server/webapps" /> <mkdir dir="target/wso2carbon-core-${carbon.kernel.version}/repository/deployment/server/webapps" />
<copy todir="target/wso2carbon-core-${carbon.kernel.version}/repository/deployment/server/jaggeryapps" overwrite="true">
<fileset dir="src/repository/jaggeryapps"></fileset>
</copy>
<!--<copy todir="target/wso2carbon-core-${carbon.kernel.version}/modules" overwrite="true"> <!--<copy todir="target/wso2carbon-core-${carbon.kernel.version}/modules" overwrite="true">
<fileset dir="src/repository/modules"></fileset> <fileset dir="src/repository/modules"></fileset>
</copy> </copy>

@ -0,0 +1,116 @@
<%
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var uri = request.getRequestURI();
var uriMatcher = new URIMatcher(String(uri));
var log = new Log("api/user-api.jag");
var constants = require("/modules/constants.js");
var mdmProps = require('/config/mdm-props.js').config();
var userModule = require("/modules/user.js").userModule;
var deviceModule = require("/modules/device.js").deviceModule;
var utility = require("/modules/utility.js").utility;
var result;
if (uriMatcher.match("/{context}/api/user/login/")) {
username = request.getParameter("username");
password = request.getParameter("password");
try {
userModule.login(username, password, function(user) {
if (log.isDebugEnabled()) {
log.debug("User Logged In : " + user);
}
utility.insertAppPermissions(userModule, "login");
response.sendRedirect(constants.WEB_APP_CONTEXT);
}, function() {
response.sendRedirect(mdmProps.appContext + "login?#auth-failed");
});
} catch (e) {
log.error("Exception occurred while a user tried to login to MDM", e);
response.sendRedirect(mdmProps.appContext + "login?#error");
}
} else if (uriMatcher.match("/{context}/api/user/logout/")){
userModule.logout(function() {
response.sendRedirect(mdmProps.appContext + "login");
});
} else if (uriMatcher.match("/{context}/api/user/devices/")) {
if (userModule.isAuthorized("/permission/device-mgt/user/devices/list")) {
carbonUser = session.get(constants.USER_SESSION_KEY);
result = deviceModule.listDevicesForUser(carbonUser.username);
} else {
response.sendError(403);
}
} else if (uriMatcher.match("/{context}/api/users/{username}/invite")) {
if (userModule.isAuthorized("/permission/device-mgt/admin/users/invite")) {
elements = uriMatcher.elements();
username = elements.username;
userModule.inviteUser(username);
} else {
response.sendError(403);
}
} else if (uriMatcher.match("/{context}/api/users/add")) {
if (userModule.isAuthorized("/permission/device-mgt/admin/users/add")) {
addUserFormData = request.getContent();
username = addUserFormData.username;
firstname = addUserFormData.firstname;
lastname = addUserFormData.lastname;
emailAddress = addUserFormData.emailAddress;
if (!addUserFormData.userRoles) {
userRoles = null;
} else {
userRoles = String(addUserFormData.userRoles).split(",");
}
try {
result = userModule.addUser(username, firstname, lastname, emailAddress, userRoles);
} catch (e) {
log.error("Exception occurred while trying to add a user to MDM User Store", e);
// http status code 400 refers to - Bad request.
result = 400;
}
} else {
// http status code 403 refers to - forbidden.
result = 403;
}
} else if (uriMatcher.match("/{context}/api/users/{username}/remove")) {
if (userModule.isAuthorized("/permission/device-mgt/admin/users/remove")) {
elements = uriMatcher.elements();
username = elements.username;
try {
result = userModule.removeUser(username);
} catch (e) {
log.error("Exception occurred while trying to remove a user from MDM User Store", e);
// http status code 400 refers to - Bad request.
result = 400;
}
} else {
// http status code 403 refers to - forbidden.
result = 403;
}
}
// returning the result.
if (result) {
print(result);
}
%>

@ -0,0 +1,27 @@
{
"appContext" : "/mdm/",
"apiContext" : "api",
"httpsURL": "%https.ip%",
"httpURL": "%http.ip%",
"iOSConfigRoot": "%https.ip%/ios/",
"device": {
"ios": {
"location": "%http.ip%/mdm/public/asset-download-agent/asset/ios-agent.ipa",
"bundleid": "org.wso2.carbon.mdm.mobileservices.ios.agent.iOSMDMAgent",
"version": "1.0",
"appname": "MDM Agent"
}
},
"androidAgentApp" : "android-agent.apk",
"windowsConfigRoot": "http://10.10.10.198:9763/mdm-windows-api/services/federated/bst/authentication",
"ssoConfiguration": {
"enabled": false,
"issuer": "mdm",
"appName": "mdm",
"identityProviderURL": "%https.ip%/sso/samlsso.jag",
"responseSigningEnabled": "true",
"keyStorePassword": "wso2carbon",
"identityAlias": "wso2carbon",
"keyStoreName": "/repository/resources/security/wso2carbon.jks"
}
}

@ -0,0 +1,27 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var carbonModule = require("carbon");
var carbonServer = new carbonModule.server.Server({
tenanted: true,
url: mdmProps.httpsURL + '/admin'
});
application.put("carbonServer", carbonServer);
var userModule = require("/modules/user.js").userModule;
var utility = require("/modules/utility.js").utility;
utility.insertAppPermissions(userModule, "init");

@ -0,0 +1,39 @@
{
"displayName": "Device Cloud",
"logLevel": "info",
"initScripts": ["/config/init.js"],
"urlMappings": [
{
"url" : "/testb/*",
"path" : "test.jag"
},
{
"url" : "/test/*",
"path" : "test/testExecutor.jag"
},
{
"url": "/api/user/*",
"path": "/api/user-api.jag"
},
{
"url": "/api/users/*",
"path": "/api/user-api.jag"
},
{
"url": "/sso/login",
"path": "/lib/login.jag"
},
{
"url": "/sso/logout",
"path": "/lib/logout.jag"
},
{
"url": "/sso/acs",
"path": "/lib/acs.jag"
},
{
"url": "/*",
"path": "/lib/fuse.jag"
}
]
}

@ -0,0 +1,36 @@
<%
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
(function(){
var constants = require('/modules/constants.js');
if (!session.get(constants.USER_SESSION_KEY)) {
var dataConfig = require('/config/mdm-props.js').config();
var sso = require('/modules/sso.js').sso;
var keyStoreParams = {
keyStoreName : dataConfig.ssoConfiguration.keyStoreName,
keyStorePassword : dataConfig.ssoConfiguration.keyStorePassword,
identityAlias : dataConfig.ssoConfiguration.identityAlias
}
sso.configure(dataConfig.ssoConfiguration.issuer, dataConfig.ssoConfiguration.appName, keyStoreParams,
dataConfig.ssoConfiguration.identityProviderURL);
sso.login();
}else{
response.sendRedirect(dataConfig.appContext);
}
}());
%>

@ -0,0 +1,37 @@
<%
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var constants = require('/modules/constants.js');
var user = session.get(constants.USER_SESSION_KEY);
var dataConfig = require('/config/mdm-props.js').config();
var log = new Log();
if (user === null) {
log.debug("Cannot perform logout. No user session found.");
response.sendRedirect(dataConfig.appContext+'dashboard');
} else {
var sso = require('/modules/sso.js').sso;
var keyStoreParams = {
keyStoreName: dataConfig.ssoConfiguration.keyStoreName,
keyStorePassword: dataConfig.ssoConfiguration.keyStorePassword,
identityAlias: dataConfig.ssoConfiguration.identityAlias
}
sso.configure(dataConfig.ssoConfiguration.issuer, dataConfig.ssoConfiguration.appName, keyStoreParams,
dataConfig.ssoConfiguration.identityProviderURL);
sso.logout(user);
}
%>

@ -0,0 +1,23 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var WEB_APP_TITLE = "WSO2 Device Cloud";
var WEB_APP_CONTEXT = "/iot";
var USER_SESSION_KEY = "USER";
var UNSPECIFIED = "Unspecified";

@ -0,0 +1,161 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http:www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var sso = {};
var ssoMod = require("sso");
var log = new Log();
(function () {
var carbon = require("carbon");
var process = require("process");
var getSSOSessions = function () {
var sso_sessions = application.get('sso_sessions');
if (!sso_sessions) {
application.put('sso_sessions', {});
sso_sessions = application.get('sso_sessions');
}
return sso_sessions;
};
sso.configure = function (issuer, appName, keyStoreParams, address, transport, ssoService, responseSign) {
sso.issuer = issuer;
sso.appName = appName;
sso.relayState = "/" + appName;
sso.transport = (transport ? transport : "https");
sso.ssoService = (ssoService ? ssoService : "/samlsso");
sso.responseSign = (responseSign ? responseSign : true);
sso.log = new Log("SSO Module");
sso.address = carbon.server.address(sso.transport);
sso.keyStoreProps = {
KEY_STORE_NAME: process.getProperty('carbon.home') + keyStoreParams.keyStoreName,
KEY_STORE_PASSWORD: keyStoreParams.keyStorePassword,
IDP_ALIAS: keyStoreParams.identityAlias
};
};
sso.login = function () {
sso.sessionId = session.getId();
var referer = request.getHeader("referer");
sso.relayState = (referer ? referer : sso.relayState);
sso.relayState = sso.relayState;// append query string
var log = new Log();
if (request.getQueryString()) {
sso.relayState += request.getQueryString();
}
sso.encodedSAMLAuthRequest = ssoMod.client.getEncodedSAMLAuthRequest(sso.issuer);
var postUrl = sso.address + sso.ssoService;
if (log.isDebugEnabled()) {
log.debug("Request sent to IdP");
}
print("<div><p>You are now being redirected to SSO Provider. If the redirection fails, please click on the "+
"button below.</p> <form method='post' action='" + postUrl + "'><p><input type='hidden' " +
"name='SAMLRequest' value='" + sso.encodedSAMLAuthRequest + "'/><input type='hidden' " +
"name='RelayState' value='" + sso.relayState + "'/><input type='hidden' name='SSOAuthSessionID' " +
"value='" + sso.sessionId + "'/><button type='submit'>Redirect manually</button></p></form></div>" +
"<script type = 'text/javascript' >document.forms[0].submit();</script>");
};
sso.logout = function (user) {
var sso_sessions = getSSOSessions();
sso.sessionId = session.getId();
sso.sessionIndex = sso_sessions[sso.sessionId];
var referer = request.getHeader("referer");
sso.relayState = (referer ? referer : sso.relayState);
sso.relayState = sso.relayState + request.getQueryString(); // append query string
sso.encodedSAMLLogoutRequest = ssoMod.client.getEncodedSAMLLogoutRequest(user, sso.sessionIndex, sso.issuer);
var postUrl = sso.address + sso.ssoService;
if (log.isDebugEnabled()) {
sso.log.debug("Logout request recieved from session id ::: " + sso.sessionId);
}
print("<div><p>You are now redirected to Stratos Identity. If theredirection fails, please click the post " +
"button.</p> <form id='logoutForm' method='post' action='" + postUrl + "'> <p> <input type='hidden' " +
"name='SAMLRequest' value='" + sso.encodedSAMLLogoutRequest + "'/> <input type='hidden' " +
"name='RelayState' value='" + sso.relayState + "'/> <input type='hidden' name='SSOAuthSessionID' " +
"value='" + sso.sessionId + "'/> <button type='submit'>POST</button> </p> </form> </div> <script " +
"type = 'text/javascript' > document.forms[0].submit(); </script>");
};
sso.acs = function (loginCallback, logoutCallback) {
var sso_sessions = getSSOSessions();
sso.sessionId = session.getId();
var samlResponse = request.getParameter('SAMLResponse');
var samlRequest = request.getParameter('SAMLRequest');
var relayState = request.getParameter('RelayState');
var samlRespObj;
if (samlResponse != null) {
samlRespObj = ssoMod.client.getSamlObject(samlResponse);
if (ssoMod.client.isLogoutResponse(samlRespObj)) {
logoutCallback();
if (log.isDebugEnabled()) {
sso.log.debug('Session Id Invalidated :::' + sso.sessionId);
}
// Invalidating the session after the callback
session.invalidate();
} else {
if (log.isDebugEnabled()) {
sso.log.debug("Login request");
}
// validating the signature
if (sso.responseSign) {
if (ssoMod.client.validateSignature(samlRespObj, sso.keyStoreProps)) {
var sessionObj = ssoMod.client.decodeSAMLLoginResponse(samlRespObj, samlResponse,
sso.sessionId);
if (log.isDebugEnabled()) {
sso.log.debug("Saml object session ID :::" + sessionObj.sessionId);
}
if (sessionObj.sessionIndex != null || sessionObj.sessionIndex != 'undefined') {
sso_sessions[sso_sessions[sessionObj.sessionIndex] = sessionObj.sessionId] =
sessionObj.sessionIndex;
if (log.isDebugEnabled()) {
sso.log.debug("Login successful");
sso.log.debug('User is set :::' + sessionObj.loggedInUser);
}
loginCallback(sessionObj.loggedInUser);
} else {
sso.log.error("Session index invalid");
}
} else {
sso.log.error("Response Signing failed");
}
} else {
if (log.isDebugEnabled()) {
sso.log.debug("Response Signing is disabled");
}
}
}
}
/*
Executed for single logout requests
*/
if (samlRequest != null) {
var index = ssoMod.client.decodeSAMLLogoutRequest(ssoMod.client.getSamlObject(samlRequest));
var jSessionId = getSSOSessions()[index];
delete getSSOSessions()[index];
if (log.isDebugEnabled()) {
sso.log.debug('Backend logout received from store. The index is :::' + index);
sso.log.debug('Session Id Invalidated :::' + jSessionId);
}
session.invalidate();
}
}
})();

@ -0,0 +1,296 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var userModule;
userModule = function () {
var log = new Log("modules/user.js");
var constants = require("/modules/constants.js");
var dataConfig = require("/config/mdm-props.js").config();
var utility = require("/modules/utility.js").utility;
var userManagementService = utility.getUserManagementService();
var deviceManagementService = utility.getDeviceManagementService();
var EmailMessageProperties = Packages.org.wso2.carbon.device.mgt.common.EmailMessageProperties;
var publicMethods = {};
var privateMethods = {};
/**
* Authenticate a user when he or she attempts to login to MDM.
*
* @param username Username of the user
* @param password Password of the user
* @param successCallback Function to be called at the event of successful authentication
* @param failureCallback Function to be called at the event of failed authentication
*/
publicMethods.login = function (username, password, successCallback, failureCallback) {
var carbonModule = require("carbon");
var carbonServer = application.get("carbonServer");
try {
// get tenant specific full user name.
username = username + "@" + carbonModule.server.tenantDomain();
// check if the user is an authenticated user.
var isAuthenticated = carbonServer.authenticate(username, password);
if (isAuthenticated) {
var tenantUser = carbonModule.server.tenantUser(username);
session.put(constants.USER_SESSION_KEY, tenantUser);
successCallback(tenantUser);
} else {
failureCallback();
}
} catch (e) {
throw e;
}
};
/**
* Add user to mdm-user-store.
*
* @param username Username of the user
* @param firstname First name of the user
* @param lastname Last name of the user
* @param emailAddress Email address of the user
* @param userRoles Roles assigned to the user
*
* @returns {number} HTTP Status code 201 if succeeded, 409 if user already exists
*/
publicMethods.addUser = function (username, firstname, lastname, emailAddress, userRoles) {
var carbon = require('carbon');
var tenantId = carbon.server.tenantId();
var url = carbon.server.address('https') + "/admin/services";
var server = new carbon.server.Server(url);
var userManager = new carbon.user.UserManager(server, tenantId);
try {
if (userManager.userExists(username)) {
if (log.isDebugEnabled()) {
log.debug("A user with name '" + username + "' already exists.");
}
// http status code 409 refers to - conflict.
return 409;
} else {
var initialUserPassword = privateMethods.generateInitialUserPassword();
var defaultUserClaims = privateMethods.buildDefaultUserClaims(firstname, lastname, emailAddress);
userManager.addUser(username, initialUserPassword, userRoles, defaultUserClaims, "default");
privateMethods.inviteUserToEnroll(username, initialUserPassword);
if (log.isDebugEnabled()) {
log.debug("A new user with name '" + username + "' was created.");
}
// http status code 201 refers to - created.
return 201;
}
} catch (e) {
throw e;
}
};
/**
* Remove an existing user from mdm-user-store.
*
* @param username Username of the user
* @returns {number} HTTP Status code 200 if succeeded, 409 if the user does not exist
*/
publicMethods.removeUser = function (username) {
var carbon = require('carbon');
var tenantId = carbon.server.tenantId();
var url = carbon.server.address('https') + "/admin/services";
var server = new carbon.server.Server(url);
var userManager = new carbon.user.UserManager(server, tenantId);
try {
if (userManager.userExists(username)) {
userManager.removeUser(username);
if (log.isDebugEnabled()) {
log.debug("An existing user with name '" + username + "' was removed.");
}
// http status code 200 refers to - success.
return 200;
} else {
if (log.isDebugEnabled()) {
log.debug("A user with name '" + username + "' does not exist to remove.");
}
// http status code 409 refers to - conflict.
return 409;
}
} catch (e) {
throw e;
}
};
/**
* Private method to be used by addUser() to
* generate an initial user password for a user.
* This will be the password used by a user for his initial login to the system.
*
* @returns {string} Initial User Password
*/
privateMethods.generateInitialUserPassword = function () {
var passwordLength = 6;
//defining the pool of characters to be used for initial password generation
var lowerCaseCharset = "abcdefghijklmnopqrstuvwxyz";
var upperCaseCharset = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
var numericCharset = "0123456789";
var totalCharset = lowerCaseCharset + upperCaseCharset + numericCharset;
var totalCharsetLength = totalCharset.length;
var initialUserPassword = "";
for (var i = 0; i < passwordLength; ++i) {
initialUserPassword += totalCharset.charAt(Math.floor(Math.random() * totalCharsetLength));
}
if (log.isDebugEnabled()) {
log.debug("Initial password created for new user : " + initialUserPassword);
}
return String(initialUserPassword);
};
/**
* Build default user claims.
*
* @param firstname First name of the user
* @param lastname Last name of the user
* @param emailAddress Email address of the user
*
* @returns {Object} Default user claims to be provided
*/
privateMethods.buildDefaultUserClaims = function (firstname, lastname, emailAddress) {
var defaultUserClaims = {
"http://wso2.org/claims/givenname": firstname,
"http://wso2.org/claims/lastname": lastname,
"http://wso2.org/claims/emailaddress": emailAddress
};
if (log.isDebugEnabled()) {
log.debug("ClaimMap created for new user : " + stringify(defaultUserClaims));
}
return defaultUserClaims;
};
/**
* Send an initial invitation email to a user with username/password attached
* for the very-first enrollment with WSO2 MDM.
*
* @param username Username of the user
* @param password Password of the user
*/
privateMethods.inviteUserToEnroll = function (username, password) {
var enrollmentURL = dataConfig.httpsURL + dataConfig.appContext + "download-agent";
var carbonUser = session.get(constants.USER_SESSION_KEY);
if (!carbonUser) {
log.error("User object was not found in the session");
throw constants.ERRORS.USER_NOT_FOUND;
}
var user = userManagementService.getUser(username, carbonUser.tenantId);
var emailTo = [];
emailTo[0] = user.getEmail();
var emailMessageProperties = new EmailMessageProperties();
emailMessageProperties.setMailTo(emailTo);
emailMessageProperties.setFirstName(user.getFirstName());
emailMessageProperties.setUserName(username);
emailMessageProperties.setPassword(password);
emailMessageProperties.setEnrolmentUrl(enrollmentURL);
deviceManagementService.sendRegistrationEmail(emailMessageProperties);
};
publicMethods.addPermissions = function (permissionList, path, init) {
var carbonModule = require("carbon");
var carbonServer = application.get("carbonServer");
var options = {system: true};
if (init == "login") {
var carbonUser = session.get(constants.USER_SESSION_KEY);
if (carbonUser) {
options.tenantId = carbonUser.tenantId;
}
}
var registry = new carbonModule.registry.Registry(carbonServer, options);
var i, permission, resource;
for (i = 0; i < permissionList.length; i++) {
permission = permissionList[i];
resource = {
collection : true,
name : permission.name,
properties : {
name : permission.name
}
};
registry.put("/_system/governance/permission/" + path + "/" + permission.key, resource);
}
};
publicMethods.inviteUser = function (username) {
var carbonUser = session.get(constants.USER_SESSION_KEY);
if (!carbonUser) {
log.error("User object was not found in the session");
throw constants.ERRORS.USER_NOT_FOUND;
}
var user = userManagementService.getUser(username, carbonUser.tenantId);
var enrollmentURL = dataConfig.httpsURL + dataConfig.appContext + "download-agent";
var emailProperties = new EmailMessageProperties();
var emailTo = [];
emailTo[0] = user.getEmail();
emailProperties.setMailTo(emailTo);
emailProperties.setFirstName(user.getFirstName());
emailProperties.setEnrolmentUrl(enrollmentURL);
deviceManagementService.sendEnrolmentInvitation(emailProperties);
};
publicMethods.getUsers = function () {
var users = [];
var carbonUser = session.get(constants.USER_SESSION_KEY);
if (!carbonUser) {
log.error("User object was not found in the session");
throw constants.ERRORS.USER_NOT_FOUND;
}
var userList = userManagementService.getUsersForTenant(carbonUser.tenantId);
var i, userObject;
for (i = 0; i < userList.size(); i++) {
userObject = userList.get(i);
users.push({
"username" : userObject.getUserName(),
"email" : userObject.getEmail(),
"name" : userObject.getFirstName() + " " + userObject.getLastName()
});
}
return users;
};
publicMethods.isAuthorized = function (permission) {
var carbonModule = require("carbon");
var carbonServer = application.get("carbonServer");
var carbonUser = session.get(constants.USER_SESSION_KEY);
if (!carbonUser) {
log.error("User object was not found in the session");
throw constants.ERRORS.USER_NOT_FOUND;
}
var userManager = new carbonModule.user.UserManager(carbonServer, carbonUser.tenantId);
var user = new carbonModule.user.User(userManager, carbonUser.username);
return user.isAuthorized(permission, "ui.execute");
};
publicMethods.logout = function (successCallback) {
session.invalidate();
successCallback();
};
return publicMethods;
}();

@ -0,0 +1,41 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var utility;
utility = function () {
var JavaClass = Packages.java.lang.Class;
var PrivilegedCarbonContext = Packages.org.wso2.carbon.context.PrivilegedCarbonContext;
var getOsgiService = function (className) {
return PrivilegedCarbonContext.getThreadLocalCarbonContext().getOSGiService(JavaClass.forName(className));
};
var publicMethods = {};
publicMethods.getDeviceManagementService = function () {
return getOsgiService('org.wso2.carbon.device.mgt.core.service.DeviceManagementService');
};
publicMethods.getUserManagementService = function () {
return getOsgiService('org.wso2.carbon.device.mgt.user.core.service.UserManagementService');
};
return publicMethods;
}();

@ -0,0 +1,9 @@
{{authorized}}
{{layout "fluid"}}
{{#zone "title"}}
WSO2 Device Cloud | Add User
{{/zone}}
{{#zone "body"}}
{{unit "appbar"}}
{{unit "add-user"}}
{{/zone}}

@ -0,0 +1,19 @@
{{authorized}}
{{layout "fluid"}}
{{#zone "title"}}
WSO2 MDM | Device Management
{{/zone}}
{{#zone "body"}}
{{unit "appbar"}}
{{unit "extended-search-box"}}
<div class="row">
<div class="col-md-12">
<!-- content -->
<div class="container col-md-12 col-centered wr-content">
{{unit "operation-bar"}}
{{unit "device-listing"}}
</div>
<!-- /content -->
</div>
</div>
{{/zone}}

@ -0,0 +1,7 @@
{{layout "fluid"}}
{{#zone "title"}}
WSO2 Mobile Device Manager | Login
{{/zone}}
{{#zone "body"}}
{{unit "login"}}
{{/zone}}

@ -0,0 +1,9 @@
{{authorized}}
{{layout "fluid"}}
{{#zone "title"}}
User Management
{{/zone}}
{{#zone "body"}}
{{unit "appbar"}}
{{unit "user-listing"}}
{{/zone}}

@ -0,0 +1,12 @@
<%
var userModule = require("/modules/user.js").userModule;
userModule.addPermissions([{key: "device-mgt/", name: "Device Management"}], "");
userModule.addPermissions([{key: "device-mgt/admin", name: "Device Management Admin"}], "");
userModule.addPermissions([{key: "device-mgt/user", name: "Device Management User"}], "");
userModule.addPermissions([{key: "devices", name: "Device"}], "device-mgt/admin");
userModule.addPermissions([{key: "devices", name: "Device"}], "device-mgt/user");
userModule.addPermissions([{key: "devices/list", name: "List all Devices"}], "device-mgt/admin");
userModule.addPermissions([{key: "devices/list", name: "List own Devices"}], "device-mgt/user");
new Log().info(userModule.isAuthorized("/permission/device-mgt/admin/devices/list"));
%>

@ -0,0 +1,20 @@
<%
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
require("jaggery-test").test.run();
%>

@ -0,0 +1,5 @@
# Ignore everything in this directory.
# they are auto generated, should not be committed.
*
# Except this file
!.gitignore

@ -0,0 +1,56 @@
{{#zone "main"}}
<!-- content/body -->
<div class="row">
<div class="col-md-12">
<!-- content -->
<div class="container col-centered wr-content">
<div class="wr-form">
<h1 class="wr-title">Add User</h1>
Please note that * sign represents required fields of data.
<hr />
<span class="wr-validation-summary hidden">
<p></p>
</span>
<div class="row">
<div class="col-lg-8">
<label class="wr-input-label">User Name *</label>
<div class="wr-input-control">
<input type="text" id="username" value="" placeholder="input text"/>
</div>
<label class="wr-input-label">First Name *</label>
<div class="wr-input-control">
<input type="text" id="firstname" value="" placeholder="input text"/>
</div>
<label class="wr-input-label">Last Name *</label>
<div class="wr-input-control">
<input type="text" id="lastname" value="" placeholder="input text"/>
</div>
<label class="wr-input-label">Email Address *</label>
<div class="wr-input-control">
<input type="email" id="email" value="" placeholder="input text"/>
</div>
<label class="wr-input-label">
User Roles
<span class="wr-help-tip glyphicon glyphicon-question-sign"></span>
</label>
<div class="wr-input-control">
<select id="roles" class="form-control select2" multiple="multiple">
{{#each roles}}
<option>{{this}}</option>
{{/each}}
</select>
</div>
</div>
</div>
<button id="add-user-btn" class="wr-btn">Add User</button>
</div>
</div>
<!-- /content -->
</div>
</div>
<!-- /content/body -->
{{/zone}}
{{#zone "bottomJs"}}
<script src="{{self.publicURL}}/js/bottomJs.js"></script>
{{/zone}}

@ -0,0 +1,26 @@
/**
* Returns the dynamic state to be populated by add-user page.
*
* @param context Object that gets updated with the dynamic state of this page to be presented
* @returns {*} A context object that returns the dynamic state of this page to be presented
*/
function onRequest(context) {
var carbon = require('carbon');
var tenantId = carbon.server.tenantId();
var url = carbon.server.address('https') + "/admin/services/";
var server = new carbon.server.Server(url);
var userManager = new carbon.user.UserManager(server, tenantId);
var allRoles = userManager.allRoles();
var i = 0;
var filteredRoles = [];
while (allRoles[i]) {
if (allRoles[i] != "Internal/subscriber" && allRoles[i] != "Internal/everyone") {
filteredRoles.push(allRoles[i]);
}
i++;
}
context.roles = filteredRoles;
return context;
}

@ -0,0 +1,91 @@
$( document ).ready(function() {
$("select.select2").select2({
placeholder : "Select..."
});
$("select.select2[multiple=multiple]").select2({
placeholder : "Select...",
tags : true
});
});
/**
* Checks if an email address has the valid format or not.
*
* @param email Email address
* @returns {boolean} true if email has the valid format, otherwise false.
*/
var emailIsValid = function(email) {
var atPosition = email.indexOf("@");
var dotPosition = email.lastIndexOf(".");
return !(atPosition < 1 || ( dotPosition - atPosition < 2 ));
};
/**
* Following click function would execute
* when a user clicks on "Add User" button
* on Add User page in WSO2 MDM Console.
*/
$("button#add-user-btn").click(function() {
var username = $("input#username").val();
var firstname = $("input#firstname").val();
var lastname = $("input#lastname").val();
var emailAddress = $("input#email").val();
var userRoles = $("select#roles").val();
if (!username) {
$(".wr-validation-summary p").text("Username is a required field. It cannot be empty.");
$(".wr-validation-summary").removeClass("hidden");
} else if (!firstname) {
$(".wr-validation-summary p").text("Firstname is a required field. It cannot be empty.");
$(".wr-validation-summary").removeClass("hidden");
} else if (!lastname) {
$(".wr-validation-summary p").text("Lastname is a required field. It cannot be empty.");
$(".wr-validation-summary").removeClass("hidden");
} else if (!emailAddress) {
$(".wr-validation-summary p").text("Email is a required field. It cannot be empty.");
$(".wr-validation-summary").removeClass("hidden");
} else if (!emailIsValid(emailAddress)) {
$(".wr-validation-summary p").text("Email is not valid. Please enter a correct email address.");
$(".wr-validation-summary").removeClass("hidden");
} else {
var addUserFormData = {};
addUserFormData.username = username;
addUserFormData.firstname = firstname;
addUserFormData.lastname = lastname;
addUserFormData.emailAddress = emailAddress;
addUserFormData.userRoles = userRoles;
var addUserAPI = "/mdm/api/users/add";
$.ajax({
type : "POST",
url : addUserAPI,
contentType : "application/json",
data : JSON.stringify(addUserFormData),
success : function(data) {
if (data == 201) {
$(".wr-validation-summary p").text("User (" + username + ") was added. " +
"An invitation mail will also be sent to this user to initiate a device enrollment.");
// Clearing user input fields.
$("input#username").val("");
$("input#firstname").val("");
$("input#lastname").val("");
$("input#email").val("");
$("select#roles").select2("val", "");
} else if (data == 400) {
$(".wr-validation-summary p").text("Exception occurred at backend.");
} else if (data == 403) {
$(".wr-validation-summary p").text("Action was not permitted.");
} else if (data == 409) {
$(".wr-validation-summary p").text("Sorry, User already exists.");
}
$(".wr-validation-summary").removeClass("hidden");
},
error : function() {
$(".wr-validation-summary p").text("An unexpected error occurred.");
$(".wr-validation-summary").removeClass("hidden");
}
});
}
});

@ -0,0 +1,44 @@
{{#zone "main"}}
<div id="nav" class="row wr-app-bar">
<div class="wr-action-container">
<div class="wr-action-btn-bar">
<!--<a href="javascript:history.go(-1)" class="cu-btn">
<i class="wso2icon wso2-c-left-arrow"></i>Go Back
</a>-->
{{#if permissions.ADD_USER}}
<a href="/mdm/add-user" class="cu-btn">
<span class="wso2icon-stack">
<i class="wso2icon wso2-ring wso2icon-stack-2x"></i>
<i class="wso2icon wso2-add wso2icon-stack-1x"></i>
</span>
Add User
</a>
{{/if}}
{{#if permissions.LIST_USERS}}
<a href="/mdm/users" class="cu-btn">
<span class="wso2icon-stack">
<i class="wso2icon wso2icon-stack-1x"></i>
</span>
User Management
</a>
{{/if}}
{{#if permissions.LIST_DEVICES}}
<a href="/mdm" class="cu-btn">
<span class="wso2icon-stack">
<i class="wso2icon wso2icon-stack-1x"></i>
</span>
Device Management
</a>
{{/if}}
<a href="javascript:openNotificationbar()" class="cu-btn wr-notification-toggle-btn">
<span class="wso2icon-stack-md">
<i class="wso2icon wso2-bell wso2icon-stack-1-5x"></i>
</span>
<span class="wr-notification-bubble">0</span>
</a>
</div>
</div>
</div>
{{/zone}}

@ -0,0 +1,16 @@
function onRequest(context) {
var userModule = require("/modules/user.js").userModule;
var permissions = {};
if (userModule.isAuthorized("/permission/device-mgt/admin/devices/list") ||
userModule.isAuthorized("/permission/device-mgt/user/devices/list")) {
permissions.LIST_DEVICES = true;
}
if (userModule.isAuthorized("/permission/device-mgt/admin/users/list")) {
permissions.LIST_USERS = true;
}
if (userModule.isAuthorized("/permission/device-mgt/admin/users/add")) {
permissions.ADD_USER = true;
}
context.permissions = permissions;
return context;
}
Loading…
Cancel
Save