Merge branch 'master' of https://github.com/wso2/carbon-device-mgt into theme-migration

revert-70aa11f8
Imesh Chandrasiri 8 years ago
commit 613d0ff7be

@ -0,0 +1,42 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.apimgt.annotations.api;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* This class is the representation of custom developed Permission annotation.
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface Permission {
/**
* Represents the permission name.
* @return Returns permission name.
*/
String name();
/**
* Represents the permission string.
* @return Returns permission string.
*/
String permission();
}

@ -44,33 +44,33 @@ public class APIPublisherStartupHandler implements ServerStartupObserver {
@Override @Override
public void completedServerStartup() { public void completedServerStartup() {
APIPublisherDataHolder.getInstance().setServerStarted(true); // APIPublisherDataHolder.getInstance().setServerStarted(true);
currentAPIsStack = APIPublisherDataHolder.getInstance().getUnpublishedApis(); // currentAPIsStack = APIPublisherDataHolder.getInstance().getUnpublishedApis();
Thread t = new Thread(new Runnable() { // Thread t = new Thread(new Runnable() {
@Override // @Override
public void run() { // public void run() {
if (log.isDebugEnabled()) { // if (log.isDebugEnabled()) {
log.debug("Server has just started, hence started publishing unpublished APIs"); // log.debug("Server has just started, hence started publishing unpublished APIs");
log.debug("Total number of unpublished APIs: " // log.debug("Total number of unpublished APIs: "
+ APIPublisherDataHolder.getInstance().getUnpublishedApis().size()); // + APIPublisherDataHolder.getInstance().getUnpublishedApis().size());
} // }
publisher = APIPublisherDataHolder.getInstance().getApiPublisherService(); // publisher = APIPublisherDataHolder.getInstance().getApiPublisherService();
while (!failedAPIsStack.isEmpty() || !currentAPIsStack.isEmpty()) { // while (!failedAPIsStack.isEmpty() || !currentAPIsStack.isEmpty()) {
try { // try {
retryTime = retryTime * CONNECTION_RETRY_FACTOR; // retryTime = retryTime * CONNECTION_RETRY_FACTOR;
Thread.sleep(retryTime); // Thread.sleep(retryTime);
} catch (InterruptedException te) { // } catch (InterruptedException te) {
log.error("Error occurred while sleeping", te); // log.error("Error occurred while sleeping", te);
} // }
if (!APIPublisherDataHolder.getInstance().getUnpublishedApis().isEmpty()) { // if (!APIPublisherDataHolder.getInstance().getUnpublishedApis().isEmpty()) {
publishAPIs(currentAPIsStack, failedAPIsStack); // publishAPIs(currentAPIsStack, failedAPIsStack);
} else { // } else {
publishAPIs(failedAPIsStack, currentAPIsStack); // publishAPIs(failedAPIsStack, currentAPIsStack);
} // }
} // }
} // }
}); // });
t.start(); // t.start();
} }
private void publishAPIs(Stack<API> apis, Stack<API> failedStack) { private void publishAPIs(Stack<API> apis, Stack<API> failedStack) {

@ -49,72 +49,72 @@ public class APIPublisherLifecycleListener implements LifecycleListener {
@Override @Override
public void lifecycleEvent(LifecycleEvent lifecycleEvent) { public void lifecycleEvent(LifecycleEvent lifecycleEvent) {
if (Lifecycle.AFTER_START_EVENT.equals(lifecycleEvent.getType()) && WebappPublisherConfig.getInstance() // if (Lifecycle.AFTER_START_EVENT.equals(lifecycleEvent.getType()) && WebappPublisherConfig.getInstance()
.isPublished()) { // .isPublished()) {
StandardContext context = (StandardContext) lifecycleEvent.getLifecycle(); // StandardContext context = (StandardContext) lifecycleEvent.getLifecycle();
ServletContext servletContext = context.getServletContext(); // ServletContext servletContext = context.getServletContext();
String param = servletContext.getInitParameter(PARAM_MANAGED_API_ENABLED); // String param = servletContext.getInitParameter(PARAM_MANAGED_API_ENABLED);
boolean isManagedApi = (param != null && !param.isEmpty()) && Boolean.parseBoolean(param); // boolean isManagedApi = (param != null && !param.isEmpty()) && Boolean.parseBoolean(param);
//
String profile = System.getProperty(PROPERTY_PROFILE); // String profile = System.getProperty(PROPERTY_PROFILE);
//
if (WebappPublisherConfig.getInstance().getProfiles().getProfile().contains(profile.toLowerCase()) // if (WebappPublisherConfig.getInstance().getProfiles().getProfile().contains(profile.toLowerCase())
&& isManagedApi) { // && isManagedApi) {
try { // try {
AnnotationProcessor annotationProcessor = new AnnotationProcessor(context); // AnnotationProcessor annotationProcessor = new AnnotationProcessor(context);
Set<String> annotatedAPIClasses = annotationProcessor. // Set<String> annotatedAPIClasses = annotationProcessor.
scanStandardContext(org.wso2.carbon.apimgt.annotations.api.API.class.getName()); // scanStandardContext(org.wso2.carbon.apimgt.annotations.api.API.class.getName());
//
List<APIResourceConfiguration> apiDefinitions = annotationProcessor.extractAPIInfo(servletContext, // List<APIResourceConfiguration> apiDefinitions = annotationProcessor.extractAPIInfo(servletContext,
annotatedAPIClasses); // annotatedAPIClasses);
//
for (APIResourceConfiguration apiDefinition : apiDefinitions) { // for (APIResourceConfiguration apiDefinition : apiDefinitions) {
//
APIConfig apiConfig = APIPublisherUtil.buildApiConfig(servletContext, apiDefinition); // APIConfig apiConfig = APIPublisherUtil.buildApiConfig(servletContext, apiDefinition);
//
try { // try {
int tenantId = APIPublisherDataHolder.getInstance().getTenantManager(). // int tenantId = APIPublisherDataHolder.getInstance().getTenantManager().
getTenantId(apiConfig.getTenantDomain()); // getTenantId(apiConfig.getTenantDomain());
//
boolean isTenantActive = APIPublisherDataHolder.getInstance(). // boolean isTenantActive = APIPublisherDataHolder.getInstance().
getTenantManager().isTenantActive(tenantId); // getTenantManager().isTenantActive(tenantId);
//
if (isTenantActive) { // if (isTenantActive) {
apiConfig.init(); // apiConfig.init();
API api = APIPublisherUtil.getAPI(apiConfig); // API api = APIPublisherUtil.getAPI(apiConfig);
boolean isServerStarted = APIPublisherDataHolder.getInstance().isServerStarted(); // boolean isServerStarted = APIPublisherDataHolder.getInstance().isServerStarted();
if (isServerStarted) { // if (isServerStarted) {
APIPublisherService apiPublisherService = // APIPublisherService apiPublisherService =
APIPublisherDataHolder.getInstance().getApiPublisherService(); // APIPublisherDataHolder.getInstance().getApiPublisherService();
if (apiPublisherService == null) { // if (apiPublisherService == null) {
throw new IllegalStateException( // throw new IllegalStateException(
"API Publisher service is not initialized properly"); // "API Publisher service is not initialized properly");
} // }
apiPublisherService.publishAPI(api); // apiPublisherService.publishAPI(api);
} else { // } else {
if (log.isDebugEnabled()) { // if (log.isDebugEnabled()) {
log.debug("Server has not started yet. Hence adding API '" + // log.debug("Server has not started yet. Hence adding API '" +
api.getId().getApiName() + "' to the queue"); // api.getId().getApiName() + "' to the queue");
} // }
APIPublisherDataHolder.getInstance().getUnpublishedApis().push(api); // APIPublisherDataHolder.getInstance().getUnpublishedApis().push(api);
} // }
} else { // } else {
log.error("No tenant [" + apiConfig.getTenantDomain() + "] " + // log.error("No tenant [" + apiConfig.getTenantDomain() + "] " +
"found when publishing the Web app"); // "found when publishing the Web app");
} // }
} catch (Throwable e) { // } catch (Throwable e) {
log.error("Error occurred while publishing API '" + apiConfig.getName() + // log.error("Error occurred while publishing API '" + apiConfig.getName() +
"' with the context '" + apiConfig.getContext() + // "' with the context '" + apiConfig.getContext() +
"' and version '" + apiConfig.getVersion() + "'", e); // "' and version '" + apiConfig.getVersion() + "'", e);
} // }
} // }
} catch (IOException e) { // } catch (IOException e) {
log.error("Error encountered while discovering annotated classes", e); // log.error("Error encountered while discovering annotated classes", e);
} catch (ClassNotFoundException e) { // } catch (ClassNotFoundException e) {
log.error("Error while scanning class for annotations", e); // log.error("Error while scanning class for annotations", e);
} // }
} // }
} // }
} }
//TODO : Need to implemented, to merge API Definitions in cases where implementation of an API Lies in two classes //TODO : Need to implemented, to merge API Definitions in cases where implementation of an API Lies in two classes

@ -4,6 +4,7 @@ import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ApiResponses;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.certificate.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.certificate.mgt.jaxrs.beans.ErrorResponse;
@ -47,6 +48,7 @@ public interface CertificateMgtService {
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "certificate:sign-csr", name = "Sign CSR", description = "") @Scope(key = "certificate:sign-csr", name = "Sign CSR", description = "")
@Permission(name = "Sign CSR", permission = "/device-mgt/certificates/manage")
Response getSignedCertFromCSR( Response getSignedCertFromCSR(
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",

@ -2,6 +2,7 @@ package org.wso2.carbon.certificate.mgt.cert.jaxrs.api;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate;
@ -77,7 +78,7 @@ public interface CertificateManagementAdminService {
message = "Internal Server Error. \n Server error occurred while adding certificates.", message = "Internal Server Error. \n Server error occurred while adding certificates.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "certificate:manage", name = "Add certificates", description = "") @Permission(name = "Manage certificates", permission = "/device-mgt/certificates/manage")
Response addCertificate( Response addCertificate(
@ApiParam( @ApiParam(
name = "enrollmentCertificates", name = "enrollmentCertificates",
@ -135,7 +136,7 @@ public interface CertificateManagementAdminService {
"Server error occurred while retrieving information requested certificate.", "Server error occurred while retrieving information requested certificate.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "certificate:view", name = "View certificates", description = "") @Permission(name = "View certificates", permission = "/device-mgt/certificates/view")
Response getCertificate( Response getCertificate(
@ApiParam(name = "serialNumber", @ApiParam(name = "serialNumber",
value = "Provide the serial number of the certificate that you wish to get the details of", value = "Provide the serial number of the certificate that you wish to get the details of",
@ -207,7 +208,7 @@ public interface CertificateManagementAdminService {
"Server error occurred while retrieving all certificates enrolled in the system.", "Server error occurred while retrieving all certificates enrolled in the system.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "certificate:view", name = "View certificates", description = "") @Permission(name = "View certificates", permission = "/device-mgt/certificates/view")
Response getAllCertificates( Response getAllCertificates(
@ApiParam( @ApiParam(
name = "offset", name = "offset",
@ -250,7 +251,7 @@ public interface CertificateManagementAdminService {
message = "Internal Server Error. \n " + message = "Internal Server Error. \n " +
"Server error occurred while removing the certificate.", "Server error occurred while removing the certificate.",
response = ErrorResponse.class)}) response = ErrorResponse.class)})
@Scope(key = "certificate:manage", name = "Add certificates", description = "") @Permission(name = "Manage certificates", permission = "/device-mgt/certificates/manage")
Response removeCertificate( Response removeCertificate(
@ApiParam( @ApiParam(
name = "serialNumber", name = "serialNumber",

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.beans;
import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty; import io.swagger.annotations.ApiModelProperty;
import org.wso2.carbon.user.mgt.common.UIPermissionNode;
import java.util.List; import java.util.List;
@ -29,12 +30,19 @@ public class RoleInfo {
@ApiModelProperty(name = "roleName", value = "The name of the role.", required = true) @ApiModelProperty(name = "roleName", value = "The name of the role.", required = true)
private String roleName; private String roleName;
@ApiModelProperty(name = "scopes", value = "Lists out all the scopes associated with roles.", @ApiModelProperty(name = "permissions", value = "Lists out all the permissions associated with roles.",
required = true, dataType = "List[java.lang.String]") required = true, dataType = "List[java.lang.String]")
private List<String> scopes; private String[] permissions;
@ApiModelProperty(name = "users", value = "The list of users assigned to the selected role.", @ApiModelProperty(name = "users", value = "The list of users assigned to the selected role.",
required = true, dataType = "List[java.lang.String]") required = true, dataType = "List[java.lang.String]")
private String[] users; private String[] users;
@ApiModelProperty(name = "permissionList", value = "This contain the following, " +
"\n resourcePath\tThe path related to the API.\n " +
"displayName\tThe name of the permission that is shown " +
"in the UI.\n" +
"nodeList\tLists out the nested permissions.",
required = true)
private UIPermissionNode permissionList;
public String getRoleName() { public String getRoleName() {
return roleName; return roleName;
@ -44,12 +52,12 @@ public class RoleInfo {
this.roleName = roleName; this.roleName = roleName;
} }
public List<String> getScopes() { public String[] getPermissions() {
return scopes; return permissions;
} }
public void setScopes(List<String> scopes) { public void setPermissions(String[] permissions) {
this.scopes = scopes; this.permissions = permissions;
} }
public String[] getUsers() { public String[] getUsers() {
@ -60,4 +68,12 @@ public class RoleInfo {
this.users = users; this.users = users;
} }
public UIPermissionNode getPermissionList() {
return permissionList;
}
public void setPermissionList(UIPermissionNode permissionList) {
this.permissionList = permissionList;
}
} }

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList; import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList;
@ -92,7 +93,7 @@ public interface ActivityInfoProviderService {
message = "Internal Server Error. \n Server error occurred while fetching activity data.", message = "Internal Server Error. \n Server error occurred while fetching activity data.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "activity:view", name = "View Activities", description = "") @Permission(name = "View Activities", permission = "/device-mgt/activities/view")
Response getActivity( Response getActivity(
@ApiParam( @ApiParam(
name = "id", name = "id",
@ -153,7 +154,7 @@ public interface ActivityInfoProviderService {
message = "Internal Server Error. \n Server error occurred while fetching activity data.", message = "Internal Server Error. \n Server error occurred while fetching activity data.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "activity:view", name = "View Activities", description = "") @Permission(name = "View Activities", permission = "/device-mgt/activities/view")
Response getActivities( Response getActivities(
@ApiParam( @ApiParam(
name = "since", name = "since",

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration; import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -81,7 +82,7 @@ public interface ConfigurationManagementService {
"platform configuration.", "platform configuration.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "configuration:view", name = "View Configurations", description = "") @Permission(name = "View Configurations", permission = "/device-mgt/configuration/view")
Response getConfiguration( Response getConfiguration(
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",
@ -127,7 +128,7 @@ public interface ConfigurationManagementService {
"Server error occurred while modifying general platform configuration.", "Server error occurred while modifying general platform configuration.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "configuration:modify", name = "Modify Configurations", description = "") @Permission(name = "Manage configurations", permission = "/device-mgt/configuration/manage")
Response updateConfiguration( Response updateConfiguration(
@ApiParam( @ApiParam(
name = "configuration", name = "configuration",

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.Feature; import org.wso2.carbon.device.mgt.common.Feature;
@ -92,7 +93,7 @@ public interface DeviceManagementService {
message = "Internal Server Error. \n Server error occurred while fetching the device list.", message = "Internal Server Error. \n Server error occurred while fetching the device list.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "device:view", name = "View Devices", description = "") @Permission(name = "View Devices", permission = "/device-mgt/devices/view")
Response getDevices( Response getDevices(
@ApiParam( @ApiParam(
name = "name", name = "name",
@ -199,7 +200,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving information requested device.", "Server error occurred while retrieving information requested device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "device:view", name = "View Devices", description = "") @Permission(name = "View Devices", permission = "/device-mgt/devices/view")
Response getDevice( Response getDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -281,7 +282,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving feature list of the device.", "Server error occurred while retrieving feature list of the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "device:view", name = "View Devices", description = "") @Permission(name = "View Devices", permission = "/device-mgt/devices/view")
Response getFeaturesOfDevice( Response getFeaturesOfDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -357,7 +358,7 @@ public interface DeviceManagementService {
"Server error occurred while enrolling the device.", "Server error occurred while enrolling the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "device:view", name = "View Devices", description = "") @Permission(name = "View Devices", permission = "/device-mgt/devices/view")
Response searchDevices( Response searchDevices(
@ApiParam( @ApiParam(
name = "offset", name = "offset",
@ -436,8 +437,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving installed application list of the device.", "Server error occurred while retrieving installed application list of the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "device:view", name = "View Devices", description = "") @Permission(name = "View Devices", permission = "/device-mgt/devices/view")
Response getInstalledApplications( Response getInstalledApplications(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -533,7 +533,7 @@ public interface DeviceManagementService {
"Server error occurred while retrieving operation list scheduled for the device.", "Server error occurred while retrieving operation list scheduled for the device.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "device:view", name = "View Devices", description = "") @Permission(name = "View Devices", permission = "/device-mgt/devices/view")
Response getDeviceOperations( Response getDeviceOperations(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -631,7 +631,7 @@ public interface DeviceManagementService {
response = ErrorResponse.class) response = ErrorResponse.class)
} }
) )
@Scope(key = "device:view", name = "View Devices", description = "") @Permission(name = "View Devices", permission = "/device-mgt/devices/view")
Response getEffectivePolicyOfDevice( Response getEffectivePolicyOfDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",
@ -683,7 +683,7 @@ public interface DeviceManagementService {
response = ErrorResponse.class) response = ErrorResponse.class)
} }
) )
@Scope(key = "device:view", name = "View Devices", description = "") @Permission(name = "View Devices", permission = "/device-mgt/devices/view")
Response getComplianceDataOfDevice( Response getComplianceDataOfDevice(
@ApiParam( @ApiParam(
name = "type", name = "type",

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceTypeList; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceTypeList;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -78,7 +79,7 @@ public interface DeviceTypeManagementService {
response = ErrorResponse.class) response = ErrorResponse.class)
} }
) )
@Scope(key = "device-type:admin:view", name = "View device types", description = "") @Permission(name = "View Device Types", permission = "/device-mgt/devices/view")
Response getDeviceTypes( Response getDeviceTypes(
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.notification.mgt.Notification; import org.wso2.carbon.device.mgt.common.notification.mgt.Notification;
import org.wso2.carbon.device.mgt.jaxrs.NotificationList; import org.wso2.carbon.device.mgt.jaxrs.NotificationList;
@ -90,7 +91,7 @@ public interface NotificationManagementService {
"\n Server error occurred while fetching the notification list.", "\n Server error occurred while fetching the notification list.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "notification:view", name = "View and manage notifications", description = "") @Permission(name = "View notifications", permission = "/device-mgt/notifications/view")
Response getNotifications( Response getNotifications(
@ApiParam( @ApiParam(
name = "status", name = "status",
@ -142,7 +143,7 @@ public interface NotificationManagementService {
message = "Error occurred while updating notification status.") message = "Error occurred while updating notification status.")
} }
) )
@Scope(key = "notification:view", name = "View and manage notifications", description = "") @Permission(name = "View notifications", permission = "/device-mgt/notifications/view")
Response updateNotificationStatus( Response updateNotificationStatus(
@ApiParam( @ApiParam(
name = "id", name = "id",

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper;
@ -100,7 +101,7 @@ public interface PolicyManagementService {
"Server error occurred while adding a new policy.", "Server error occurred while adding a new policy.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "policy:manage", name = "Add policies", description = "") @Permission(name = "Manage policies", permission = "/device-mgt/policies/manage")
Response addPolicy( Response addPolicy(
@ApiParam( @ApiParam(
name = "policy", name = "policy",
@ -154,7 +155,7 @@ public interface PolicyManagementService {
"policies."), "policies."),
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "policy:view", name = "Views policies", description = "") @Permission(name = "View policies", permission = "/device-mgt/policies/view")
Response getPolicies( Response getPolicies(
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",
@ -220,7 +221,7 @@ public interface PolicyManagementService {
"policy.", "policy.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "policy:view", name = "View policies", description = "") @Permission(name = "View policies", permission = "/device-mgt/policies/view")
Response getPolicy( Response getPolicy(
@ApiParam( @ApiParam(
name = "id", name = "id",
@ -284,7 +285,7 @@ public interface PolicyManagementService {
"Server error occurred while updating the policy.", "Server error occurred while updating the policy.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "policy:manage", name = "Add policies", description = "") @Permission(name = "Manage policies", permission = "/device-mgt/policies/manage")
Response updatePolicy( Response updatePolicy(
@ApiParam( @ApiParam(
name = "id", name = "id",
@ -330,7 +331,7 @@ public interface PolicyManagementService {
"Server error occurred while bulk removing policies.", "Server error occurred while bulk removing policies.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "policy:manage", name = "Add policies", description = "") @Permission(name = "Manage policies", permission = "/device-mgt/policies/manage")
Response removePolicies( Response removePolicies(
@ApiParam( @ApiParam(
name = "policyIds", name = "policyIds",
@ -366,7 +367,7 @@ public interface PolicyManagementService {
message = "ErrorResponse in activating policies.", message = "ErrorResponse in activating policies.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "policy:manage", name = "Add policies", description = "") @Permission(name = "Manage policies", permission = "/device-mgt/policies/manage")
Response activatePolicies( Response activatePolicies(
@ApiParam( @ApiParam(
name = "policyIds", name = "policyIds",
@ -374,7 +375,7 @@ public interface PolicyManagementService {
required = true) required = true)
List<Integer> policyIds); List<Integer> policyIds);
@PUT @POST
@Path("/deactivate-policy") @Path("/deactivate-policy")
@ApiOperation( @ApiOperation(
consumes = MediaType.APPLICATION_JSON, consumes = MediaType.APPLICATION_JSON,
@ -402,7 +403,7 @@ public interface PolicyManagementService {
message = "ErrorResponse in deactivating policies.", message = "ErrorResponse in deactivating policies.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "policy:manage", name = "Add policies", description = "") @Permission(name = "Manage policies", permission = "/device-mgt/policies/manage")
Response deactivatePolicies( Response deactivatePolicies(
@ApiParam( @ApiParam(
name = "policyIds", name = "policyIds",
@ -435,7 +436,7 @@ public interface PolicyManagementService {
message = "ErrorResponse in deactivating policies.", message = "ErrorResponse in deactivating policies.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "policy:manage", name = "Add policies", description = "") @Permission(name = "Manage policies", permission = "/device-mgt/policies/manage")
Response applyChanges(); Response applyChanges();
@ -464,7 +465,7 @@ public interface PolicyManagementService {
message = "Exception in updating policy priorities.", message = "Exception in updating policy priorities.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "policy:manage", name = "Add policies", description = "") @Permission(name = "Manage policies", permission = "/device-mgt/policies/manage")
Response updatePolicyPriorities( Response updatePolicyPriorities(
@ApiParam( @ApiParam(
name = "priorityUpdatedPolicies", name = "priorityUpdatedPolicies",

@ -20,10 +20,12 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
import org.wso2.carbon.device.mgt.jaxrs.beans.Scope; import org.wso2.carbon.device.mgt.jaxrs.beans.Scope;
import org.wso2.carbon.user.mgt.common.UIPermissionNode;
import javax.ws.rs.*; import javax.ws.rs.*;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
@ -76,7 +78,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while fetching requested list of roles.", message = "Internal Server Error. \n Server error occurred while fetching requested list of roles.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:view", name = "View roles", description = "") @Permission(name = "View Roles", permission = "/device-mgt/roles/view")
Response getRoles( Response getRoles(
@ApiParam( @ApiParam(
name = "filter", name = "filter",
@ -105,16 +107,16 @@ public interface RoleManagementService {
@QueryParam("limit") int limit); @QueryParam("limit") int limit);
@GET @GET
@Path("/scopes") @Path("/{roleName}/permissions")
@ApiOperation( @ApiOperation(
produces = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON,
httpMethod = "GET", httpMethod = "GET",
value = "Getting authorization scopes.", value = "Getting permission details of a role.",
notes = "In an organization an individual is associated a with set of responsibilities based on their " + notes = "In an organization an individual is associated a with set of responsibilities based on their " +
"role. In EMM you are able to configure scopes based on the responsibilities carried " + "role. In EMM you are able to configure permissions based on the responsibilities carried " +
"out by a role. Therefore if you wish to retrieve the scopes details of roles, you can do " + "out by a role. Therefore if you wish to retrieve the permission details of a role, you can do " +
"so using this REST API.", "so using this REST API.",
response = List.class, response = UIPermissionNode.class,
responseContainer = "List", responseContainer = "List",
tags = "Role Management" tags = "Role Management"
) )
@ -122,8 +124,8 @@ public interface RoleManagementService {
value = { value = {
@ApiResponse( @ApiResponse(
code = 200, code = 200,
message = "OK. \n Successfully fetched the scopes list.", message = "OK. \n Successfully fetched the permission list of the given role.",
response = List.class, response = UIPermissionNode.class,
responseContainer = "List", responseContainer = "List",
responseHeaders = { responseHeaders = {
@ResponseHeader( @ResponseHeader(
@ -158,8 +160,13 @@ public interface RoleManagementService {
message = "Internal Server ErrorResponse. \n Server error occurred while fetching the permission list of the requested role.", message = "Internal Server ErrorResponse. \n Server error occurred while fetching the permission list of the requested role.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:view", name = "View roles", description = "") @Permission(name = "View Roles", permission = "/device-mgt/roles/view")
Response getScopes( Response getPermissionsOfRole(
@ApiParam(
name = "roleName",
value = "Name of the role.",
required = true)
@PathParam("roleName") String roleName,
@ApiParam( @ApiParam(
name = "If-Modified-Since", name = "If-Modified-Since",
value = "Validates if the requested variant has not been modified since the time specified", value = "Validates if the requested variant has not been modified since the time specified",
@ -216,7 +223,7 @@ public interface RoleManagementService {
"requested role.", "requested role.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:view", name = "View roles", description = "") @Permission(name = "View Roles", permission = "/device-mgt/roles/view")
Response getRole( Response getRole(
@ApiParam( @ApiParam(
name = "roleName", name = "roleName",
@ -276,7 +283,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while adding a new role.", message = "Internal Server Error. \n Server error occurred while adding a new role.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "") @Permission(name = "Manage Roles", permission = "/device-mgt/roles/manage")
Response addRole( Response addRole(
@ApiParam( @ApiParam(
name = "role", name = "role",
@ -326,7 +333,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while updating the role.", message = "Internal Server Error. \n Server error occurred while updating the role.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "") @Permission(name = "Manage Roles", permission = "/device-mgt/roles/manage")
Response updateRole( Response updateRole(
@ApiParam( @ApiParam(
name = "roleName", name = "roleName",
@ -363,7 +370,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while removing the role.", message = "Internal Server Error. \n Server error occurred while removing the role.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "") @Permission(name = "Manage Roles", permission = "/device-mgt/roles/manage")
Response deleteRole( Response deleteRole(
@ApiParam( @ApiParam(
name = "roleName", name = "roleName",
@ -421,7 +428,7 @@ public interface RoleManagementService {
"Server error occurred while updating the user list of the role.", "Server error occurred while updating the user list of the role.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "") @Permission(name = "Manage Roles", permission = "/device-mgt/roles/manage")
Response updateUsersOfRole( Response updateUsersOfRole(
@ApiParam( @ApiParam(
name = "roleName", name = "roleName",

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.*; import org.wso2.carbon.device.mgt.jaxrs.beans.*;
@ -83,7 +84,7 @@ public interface UserManagementService {
message = "Internal Server Error. \n Server error occurred while adding a new user.", message = "Internal Server Error. \n Server error occurred while adding a new user.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "user:manage", name = "Add users", description = "") @Permission(name = "Manage Users", permission = "/device-mgt/users/manage")
Response addUser( Response addUser(
@ApiParam( @ApiParam(
name = "user", name = "user",
@ -135,7 +136,7 @@ public interface UserManagementService {
" fetching the requested user.", " fetching the requested user.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "user:view", name = "View users", description = "") @Permission(name = "View Users", permission = "/device-mgt/users/view")
Response getUser( Response getUser(
@ApiParam( @ApiParam(
name = "username", name = "username",
@ -192,7 +193,7 @@ public interface UserManagementService {
"Server error occurred while updating the user.", "Server error occurred while updating the user.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "user:manage", name = "Add users", description = "") @Permission(name = "Manage Users", permission = "/device-mgt/users/manage")
Response updateUser( Response updateUser(
@ApiParam( @ApiParam(
name = "username", name = "username",
@ -227,7 +228,7 @@ public interface UserManagementService {
response = ErrorResponse.class response = ErrorResponse.class
) )
}) })
@Scope(key = "user:manage", name = "Add users", description = "") @Permission(name = "Manage Users", permission = "/device-mgt/users/manage")
Response removeUser( Response removeUser(
@ApiParam(name = "username", value = "Username of the user to be deleted.", required = true) @ApiParam(name = "username", value = "Username of the user to be deleted.", required = true)
@PathParam("username") String username); @PathParam("username") String username);
@ -276,7 +277,7 @@ public interface UserManagementService {
" assigned to the user.", " assigned to the user.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "user:view", name = "View users", description = "") @Permission(name = "View Users", permission = "/device-mgt/users/view")
Response getRolesOfUser( Response getRolesOfUser(
@ApiParam(name = "username", value = "Username of the user.", required = true) @ApiParam(name = "username", value = "Username of the user.", required = true)
@PathParam("username") String username); @PathParam("username") String username);
@ -319,7 +320,7 @@ public interface UserManagementService {
message = "Internal Server Error. \n Server error occurred while fetching the user list.", message = "Internal Server Error. \n Server error occurred while fetching the user list.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "user:view", name = "View users", description = "") @Permission(name = "View Users", permission = "/device-mgt/users/view")
Response getUsers( Response getUsers(
@ApiParam( @ApiParam(
name = "filter", name = "filter",
@ -386,7 +387,7 @@ public interface UserManagementService {
"list that matches the given filter.", "list that matches the given filter.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "user:view", name = "View users", description = "") @Permission(name = "View Users", permission = "/device-mgt/users/view")
Response getUserNames( Response getUserNames(
@ApiParam( @ApiParam(
name = "filter", name = "filter",
@ -440,7 +441,7 @@ public interface UserManagementService {
"Server error occurred while updating credentials of the user.", "Server error occurred while updating credentials of the user.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "user:view", name = "View users", description = "") @Permission(name = "View Users", permission = "/device-mgt/users/view")
Response resetPassword( Response resetPassword(
@ApiParam( @ApiParam(
name = "username", name = "username",
@ -483,7 +484,7 @@ public interface UserManagementService {
"Server error occurred while updating credentials of the user.", "Server error occurred while updating credentials of the user.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "user:manage", name = "Add users", description = "") @Permission(name = "Manage Users", permission = "/device-mgt/users/manage")
Response inviteExistingUsersToEnrollDevice( Response inviteExistingUsersToEnrollDevice(
@ApiParam( @ApiParam(
name = "users", name = "users",

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper;
@ -74,7 +75,7 @@ public interface ApplicationManagementAdminService {
"a given set of devices.", "a given set of devices.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "application:manage", name = "Install/Uninstall applications", description = "") @Permission(name = "Install/Uninstall applications", permission = "/device-mgt/applications/manage")
Response installApplication( Response installApplication(
@ApiParam( @ApiParam(
name = "applicationWrapper", name = "applicationWrapper",
@ -113,7 +114,7 @@ public interface ApplicationManagementAdminService {
"a given set of devices.", "a given set of devices.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "application:manage", name = "Install/Uninstall applications", description = "") @Permission(name = "Install/Uninstall applications", permission = "/device-mgt/applications/manage")
Response uninstallApplication( Response uninstallApplication(
@ApiParam( @ApiParam(
name = "applicationWrapper", name = "applicationWrapper",

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -85,7 +86,7 @@ public interface DeviceManagementAdminService {
message = "Internal Server Error. \n Server error occurred while fetching the device list.", message = "Internal Server Error. \n Server error occurred while fetching the device list.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "device:admin:view", name = "View Devices", description = "") @Permission(name = "View Devices", permission = "/device-mgt/admin/devices/view")
Response getDevicesByName( Response getDevicesByName(
@ApiParam( @ApiParam(
name = "name", name = "name",

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper;
@ -68,7 +69,7 @@ public interface UserManagementAdminService {
"Server error occurred while updating credentials of the user.", "Server error occurred while updating credentials of the user.",
response = ErrorResponse.class) response = ErrorResponse.class)
}) })
@Scope(key = "user:admin:reset-password", name = "View users", description = "") @Permission(name = "View Users", permission = "/device-mgt/admin/users/view")
Response resetUserPassword( Response resetUserPassword(
@ApiParam( @ApiParam(
name = "username", name = "username",

@ -254,7 +254,7 @@ public class PolicyManagementServiceImpl implements PolicyManagementService {
} }
} }
@PUT @POST
@Path("/activate-policy") @Path("/activate-policy")
@Override @Override
public Response activatePolicies(List<Integer> policyIds) { public Response activatePolicies(List<Integer> policyIds) {
@ -286,7 +286,7 @@ public class PolicyManagementServiceImpl implements PolicyManagementService {
} }
} }
@PUT @POST
@Path("/deactivate-policy") @Path("/deactivate-policy")
@Override @Override
public Response deactivatePolicies(List<Integer> policyIds) { public Response deactivatePolicies(List<Integer> policyIds) {

@ -20,6 +20,8 @@ package org.wso2.carbon.device.mgt.jaxrs.service.impl;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException; import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService; import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -32,11 +34,11 @@ import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils; import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtUtil; import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.SetReferenceTransformer; import org.wso2.carbon.device.mgt.jaxrs.util.SetReferenceTransformer;
import org.wso2.carbon.user.api.AuthorizationManager; import org.wso2.carbon.user.api.*;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager; import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.mgt.UserRealmProxy;
import org.wso2.carbon.user.mgt.common.UIPermissionNode;
import org.wso2.carbon.user.mgt.common.UserAdminException;
import javax.ws.rs.*; import javax.ws.rs.*;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
@ -90,28 +92,66 @@ public class RoleManagementServiceImpl implements RoleManagementService {
} }
@GET @GET
@Path("/scopes") @Path("/{roleName}/permissions")
@Override @Override
public Response getScopes( public Response getPermissionsOfRole(
@PathParam("roleName") String roleName,
@HeaderParam("If-Modified-Since") String ifModifiedSince) { @HeaderParam("If-Modified-Since") String ifModifiedSince) {
RequestValidationUtil.validateRoleName(roleName);
List<Scope> scopes = new ArrayList<>();
try { try {
ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService(); final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
if (scopeManagementService == null) { if (!userRealm.getUserStoreManager().isExistingRole(roleName)) {
log.error("Scope management service initialization is failed, hence scopes will not be retrieved"); return Response.status(404).entity(new ErrorResponse.ErrorResponseBuilder().setMessage(
} else { "No role exists with the name '" + roleName + "'").build()).build();
scopes = DeviceMgtUtil.convertAPIScopestoScopes(scopeManagementService.getAllScopes()); }
final UIPermissionNode rolePermissions = this.getUIPermissionNode(roleName, userRealm);
if (rolePermissions == null) {
if (log.isDebugEnabled()) {
log.debug("No permissions found for the role '" + roleName + "'");
}
} }
return Response.status(Response.Status.OK).entity(scopes).build(); return Response.status(Response.Status.OK).entity(rolePermissions).build();
} catch (ScopeManagementException e) { } catch (UserAdminException e) {
String msg = "Error occurred while retrieving the scopes"; String msg = "Error occurred while retrieving the permissions of role '" + roleName + "'";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} catch (UserStoreException e) {
String msg = "Error occurred while retrieving the underlying user realm attached to the " +
"current logged in user";
log.error(msg, e); log.error(msg, e);
return Response.serverError().entity( return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} }
} }
private UIPermissionNode getUIPermissionNode(String roleName, UserRealm userRealm)
throws UserAdminException {
org.wso2.carbon.user.core.UserRealm userRealmCore = null;
if (userRealm instanceof org.wso2.carbon.user.core.UserRealm) {
userRealmCore = (org.wso2.carbon.user.core.UserRealm) userRealm;
}
final UserRealmProxy userRealmProxy = new UserRealmProxy(userRealmCore);
final UIPermissionNode rolePermissions =
userRealmProxy.getRolePermissions(roleName, MultitenantConstants.SUPER_TENANT_ID);
UIPermissionNode[] deviceMgtPermissions = new UIPermissionNode[2];
for (UIPermissionNode permissionNode : rolePermissions.getNodeList()) {
if (permissionNode.getResourcePath().equals("/permission/admin")) {
for (UIPermissionNode node : permissionNode.getNodeList()) {
if (node.getResourcePath().equals("/permission/admin/device-mgt")) {
deviceMgtPermissions[0] = node;
} else if (node.getResourcePath().equals("/permission/admin/login")) {
deviceMgtPermissions[1] = node;
}
}
}
}
rolePermissions.setNodeList(deviceMgtPermissions);
return rolePermissions;
}
@GET @GET
@Path("/{roleName}") @Path("/{roleName}")
@Override @Override
@ -122,49 +162,62 @@ public class RoleManagementServiceImpl implements RoleManagementService {
} }
RequestValidationUtil.validateRoleName(roleName); RequestValidationUtil.validateRoleName(roleName);
RoleInfo roleInfo = new RoleInfo(); RoleInfo roleInfo = new RoleInfo();
List<String> scopes = new ArrayList<>();
try { try {
final UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager(); final UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
if (!userStoreManager.isExistingRole(roleName)) { if (!userStoreManager.isExistingRole(roleName)) {
return Response.status(Response.Status.NOT_FOUND).entity( return Response.status(404).entity(
new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" + new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" +
roleName + "'").build()).build(); roleName + "'").build()).build();
} }
ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
if (scopeManagementService == null) {
log.error("Scope management service initialization is failed, hence scopes will not be retrieved");
} else {
scopes = DeviceMgtUtil.convertAPIScopesToScopeKeys(scopeManagementService.getScopesOfRole(roleName));
}
roleInfo.setRoleName(roleName); roleInfo.setRoleName(roleName);
roleInfo.setUsers(userStoreManager.getUserListOfRole(roleName)); roleInfo.setUsers(userStoreManager.getUserListOfRole(roleName));
roleInfo.setScopes(scopes); // Get the permission nodes and hand picking only device management and login perms
final UIPermissionNode rolePermissions = this.getUIPermissionNode(roleName, userRealm);
List<String> permList = new ArrayList<>();
this.iteratePermissions(rolePermissions, permList);
roleInfo.setPermissionList(rolePermissions);
String[] permListAr = new String[permList.size()];
roleInfo.setPermissions(permList.toArray(permListAr));
return Response.status(Response.Status.OK).entity(roleInfo).build(); return Response.status(Response.Status.OK).entity(roleInfo).build();
} catch (UserStoreException e) { } catch (UserStoreException | UserAdminException e) {
String msg = "Error occurred while retrieving the user role '" + roleName + "'"; String msg = "Error occurred while retrieving the user role '" + roleName + "'";
log.error(msg, e); log.error(msg, e);
return Response.serverError().entity( return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} catch (ScopeManagementException e) {
String msg = "Error occurred while retrieving the scopes";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} }
} }
private List<String> iteratePermissions(UIPermissionNode uiPermissionNode, List<String> list) {
for (UIPermissionNode permissionNode : uiPermissionNode.getNodeList()) {
list.add(permissionNode.getResourcePath());
if (permissionNode.getNodeList() != null && permissionNode.getNodeList().length > 0) {
iteratePermissions(permissionNode, list);
}
}
return list;
}
@POST @POST
@Override @Override
public Response addRole(RoleInfo roleInfo) { public Response addRole(RoleInfo roleInfo) {
RequestValidationUtil.validateRoleDetails(roleInfo); RequestValidationUtil.validateRoleDetails(roleInfo);
RequestValidationUtil.validateRoleName(roleInfo.getRoleName()); RequestValidationUtil.validateRoleName(roleInfo.getRoleName());
try { try {
UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager(); UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("Persisting the role in the underlying user store"); log.debug("Persisting the role in the underlying user store");
} }
userStoreManager.addRole(roleInfo.getRoleName(), roleInfo.getUsers(), null); Permission[] permissions = null;
if (roleInfo.getPermissions() != null && roleInfo.getPermissions().length > 0) {
permissions = new Permission[roleInfo.getPermissions().length];
for (int i = 0; i < permissions.length; i++) {
String permission = roleInfo.getPermissions()[i];
permissions[i] = new Permission(permission, CarbonConstants.UI_PERMISSION_ACTION);
}
}
userStoreManager.addRole(roleInfo.getRoleName(), roleInfo.getUsers(), permissions);
//TODO fix what's returned in the entity //TODO fix what's returned in the entity
return Response.created(new URI(API_BASE_PATH + "/" + roleInfo.getRoleName())).entity( return Response.created(new URI(API_BASE_PATH + "/" + roleInfo.getRoleName())).entity(
@ -194,7 +247,7 @@ public class RoleManagementServiceImpl implements RoleManagementService {
final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm(); final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
final UserStoreManager userStoreManager = userRealm.getUserStoreManager(); final UserStoreManager userStoreManager = userRealm.getUserStoreManager();
if (!userStoreManager.isExistingRole(roleName)) { if (!userStoreManager.isExistingRole(roleName)) {
return Response.status(Response.Status.NOT_FOUND).entity( return Response.status(404).entity(
new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" + new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" +
roleName + "'").build()).build(); roleName + "'").build()).build();
} }
@ -220,12 +273,14 @@ public class RoleManagementServiceImpl implements RoleManagementService {
userStoreManager.updateUserListOfRole(newRoleName, usersToDelete, usersToAdd); userStoreManager.updateUserListOfRole(newRoleName, usersToDelete, usersToAdd);
} }
if (roleInfo.getScopes() != null) { if (roleInfo.getPermissions() != null) {
ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService(); // Delete all authorizations for the current role before authorizing the permission tree
if (scopeManagementService == null) { authorizationManager.clearRoleAuthorization(roleName);
log.error("Scope management service initialization is failed, hence scopes will not be updated"); if (roleInfo.getPermissions().length > 0) {
} else { for (int i = 0; i < roleInfo.getPermissions().length; i++) {
scopeManagementService.updateScopes(roleInfo.getScopes(), roleName); String permission = roleInfo.getPermissions()[i];
authorizationManager.authorizeRole(roleName, permission, CarbonConstants.UI_PERMISSION_ACTION);
}
} }
} }
//TODO: Need to send the updated role information in the entity back to the client //TODO: Need to send the updated role information in the entity back to the client
@ -236,11 +291,6 @@ public class RoleManagementServiceImpl implements RoleManagementService {
log.error(msg, e); log.error(msg, e);
return Response.serverError().entity( return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} catch (ScopeManagementException e) {
String msg = "Error occurred while updating scopes of role '" + roleName + "'";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} }
} }
@ -249,12 +299,11 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@Override @Override
public Response deleteRole(@PathParam("roleName") String roleName) { public Response deleteRole(@PathParam("roleName") String roleName) {
RequestValidationUtil.validateRoleName(roleName); RequestValidationUtil.validateRoleName(roleName);
try { try {
final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm(); final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
final UserStoreManager userStoreManager = userRealm.getUserStoreManager(); final UserStoreManager userStoreManager = userRealm.getUserStoreManager();
if (!userStoreManager.isExistingRole(roleName)) { if (!userStoreManager.isExistingRole(roleName)) {
return Response.status(Response.Status.NOT_FOUND).entity( return Response.status(404).entity(
new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" + new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" +
roleName + "'").build()).build(); roleName + "'").build()).build();
} }
@ -267,26 +316,12 @@ public class RoleManagementServiceImpl implements RoleManagementService {
// Delete all authorizations for the current role before deleting // Delete all authorizations for the current role before deleting
authorizationManager.clearRoleAuthorization(roleName); authorizationManager.clearRoleAuthorization(roleName);
//removing scopes return Response.status(Response.Status.OK).build();
ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
if (scopeManagementService == null) {
log.error("Scope management service initialization is failed, hence scopes will not be updated");
} else {
scopeManagementService.removeScopes(roleName);
}
return Response.status(Response.Status.OK).entity("Role '" + roleName + "' has " +
"successfully been deleted").build();
} catch (UserStoreException e) { } catch (UserStoreException e) {
String msg = "Error occurred while deleting the role '" + roleName + "'"; String msg = "Error occurred while deleting the role '" + roleName + "'";
log.error(msg, e); log.error(msg, e);
return Response.serverError().entity( return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build(); new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} catch (ScopeManagementException e) {
String msg = "Error occurred while deleting scopes of role '" + roleName + "'";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} }
} }

@ -26,18 +26,10 @@ import javax.xml.bind.annotation.XmlRootElement;
*/ */
public class Permission { public class Permission {
private String name; // permission name
private String path; // permission string
private String url; // url of the resource private String url; // url of the resource
private String urlTemplate; // resource template
private String method; // http method private String method; // http method
private String context;
public String getContext() {
return context;
}
public void setContext(String context) {
this.context = context;
}
public String getUrl() { public String getUrl() {
return url; return url;
@ -55,11 +47,19 @@ public class Permission {
this.method = method; this.method = method;
} }
public String getUrlTemplate() { public String getName() {
return urlTemplate; return name;
}
public void setName(String name) {
this.name = name;
}
public String getPath() {
return path;
} }
public void setUrlTemplate(String urlTemplate) { public void setPath(String path) {
this.urlTemplate = urlTemplate; this.path = path;
} }
} }

@ -32,7 +32,7 @@ public interface PermissionManagerService {
* @throws PermissionManagementException If some unusual behaviour is observed while adding the * @throws PermissionManagementException If some unusual behaviour is observed while adding the
* permission. * permission.
*/ */
void addPermission(Permission permission) throws PermissionManagementException; boolean addPermission(Permission permission) throws PermissionManagementException;
/** /**
* *

@ -18,9 +18,6 @@
package org.wso2.carbon.device.mgt.core.app.mgt; package org.wso2.carbon.device.mgt.core.app.mgt;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.context.CarbonContext;
@ -30,18 +27,10 @@ import org.wso2.carbon.device.mgt.common.app.mgt.ApplicationManagementException;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.common.operation.mgt.Operation; import org.wso2.carbon.device.mgt.common.operation.mgt.Operation;
import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException; import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
import org.wso2.carbon.device.mgt.core.app.mgt.config.AppManagementConfig; import org.wso2.carbon.device.mgt.core.app.mgt.config.AppManagementConfig;
import org.wso2.carbon.device.mgt.core.app.mgt.oauth.ServiceAuthenticator;
import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
import org.wso2.carbon.device.mgt.core.config.identity.IdentityConfigurations;
import org.wso2.carbon.device.mgt.core.dao.*; import org.wso2.carbon.device.mgt.core.dao.*;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder; import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
import org.wso2.carbon.identity.oauth.stub.OAuthAdminServiceException;
import org.wso2.carbon.identity.oauth.stub.OAuthAdminServiceStub;
import org.wso2.carbon.identity.oauth.stub.dto.OAuthConsumerAppDTO;
import java.rmi.RemoteException;
import java.sql.SQLException; import java.sql.SQLException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;

@ -48,6 +48,7 @@ import java.util.Map;
public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthorizationService { public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthorizationService {
private final static String CDM_ADMIN_PERMISSION = "/device-mgt/admin"; private final static String CDM_ADMIN_PERMISSION = "/device-mgt/admin";
private final static String CDM_ADMIN = "Device Management Administrator";
private static Log log = LogFactory.getLog(DeviceAccessAuthorizationServiceImpl.class); private static Log log = LogFactory.getLog(DeviceAccessAuthorizationServiceImpl.class);
public DeviceAccessAuthorizationServiceImpl() { public DeviceAccessAuthorizationServiceImpl() {
@ -243,7 +244,10 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
} }
private boolean addAdminPermissionToRegistry() throws PermissionManagementException { private boolean addAdminPermissionToRegistry() throws PermissionManagementException {
return PermissionUtils.putPermission(PermissionUtils.getAbsolutePermissionPath(CDM_ADMIN_PERMISSION)); Permission permission = new Permission();
permission.setName(CDM_ADMIN);
permission.setPath(CDM_ADMIN_PERMISSION);
return PermissionUtils.putPermission(permission);
} }
private Map<String, String> getOwnershipOfDevices(List<Device> devices) { private Map<String, String> getOwnershipOfDevices(List<Device> devices) {

@ -21,8 +21,8 @@ package org.wso2.carbon.device.mgt.core.config.permission;
import org.apache.catalina.core.StandardContext; import org.apache.catalina.core.StandardContext;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.scannotation.AnnotationDB;
import org.wso2.carbon.apimgt.annotations.api.API; import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
import javax.servlet.ServletContext; import javax.servlet.ServletContext;
import javax.ws.rs.*; import javax.ws.rs.*;
@ -91,21 +91,20 @@ public class AnnotationProcessor {
* @param entityClasses * @param entityClasses
* @return * @return
*/ */
public List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> public List<Permission>
extractPermissions(Set<String> entityClasses) { extractPermissions(Set<String> entityClasses) {
List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> permissions = new ArrayList<>(); List<Permission> permissions = new ArrayList<>();
if (entityClasses != null && !entityClasses.isEmpty()) { if (entityClasses != null && !entityClasses.isEmpty()) {
for (final String className : entityClasses) { for (final String className : entityClasses) {
List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> resourcePermissions = List<Permission> resourcePermissions =
AccessController.doPrivileged(new PrivilegedAction<List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission>>() { AccessController.doPrivileged(new PrivilegedAction<List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission>>() {
public List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> run() { public List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> run() {
Class<?> clazz; Class<?> clazz;
List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> apiPermissions = List<Permission> apiPermissions = new ArrayList<>();
new ArrayList<>();
try { try {
clazz = classLoader.loadClass(className); clazz = classLoader.loadClass(className);
@ -114,7 +113,7 @@ public class AnnotationProcessor {
.class.getName()); .class.getName());
Annotation apiAnno = clazz.getAnnotation(apiClazz); Annotation apiAnno = clazz.getAnnotation(apiClazz);
List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> resourceList; List<Permission> resourceList;
if (apiAnno != null) { if (apiAnno != null) {
@ -170,15 +169,13 @@ public class AnnotationProcessor {
* @return * @return
* @throws Throwable * @throws Throwable
*/ */
private List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> private List<Permission> getApiResources(String resourceRootContext, Method[] annotatedMethods) throws Throwable {
getApiResources(String resourceRootContext, Method[] annotatedMethods) throws Throwable {
List<org.wso2.carbon.device.mgt.common.permission.mgt.Permission> permissions = new ArrayList<>(); List<Permission> permissions = new ArrayList<>();
Permission permission;
String subCtx; String subCtx;
for (Method method : annotatedMethods) { for (Method method : annotatedMethods) {
Annotation[] annotations = method.getDeclaredAnnotations(); Annotation[] annotations = method.getDeclaredAnnotations();
org.wso2.carbon.device.mgt.common.permission.mgt.Permission permission =
new org.wso2.carbon.device.mgt.common.permission.mgt.Permission();
if (isHttpMethodAvailable(annotations)) { if (isHttpMethodAvailable(annotations)) {
Annotation methodContextAnno = method.getAnnotation(pathClazz); Annotation methodContextAnno = method.getAnnotation(pathClazz);
@ -187,9 +184,7 @@ public class AnnotationProcessor {
} else { } else {
subCtx = WILD_CARD; subCtx = WILD_CARD;
} }
permission.setContext(makeContextURLReady(resourceRootContext)); permission = new Permission();
permission.setUrlTemplate(makeContextURLReady(subCtx));
// this check is added to avoid url resolving conflict which happens due // this check is added to avoid url resolving conflict which happens due
// to adding of '*' notation for dynamic path variables. // to adding of '*' notation for dynamic path variables.
if (WILD_CARD.equals(subCtx)) { if (WILD_CARD.equals(subCtx)) {
@ -203,10 +198,14 @@ public class AnnotationProcessor {
httpMethod = getHTTPMethodAnnotation(annotations[i]); httpMethod = getHTTPMethodAnnotation(annotations[i]);
if (httpMethod != null) { if (httpMethod != null) {
permission.setMethod(httpMethod); permission.setMethod(httpMethod);
break; }
if (annotations[i].annotationType().getName().
equals(org.wso2.carbon.apimgt.annotations.api.Permission.class.getName())) {
this.setPermission(method, permission);
} }
} }
permissions.add(permission); permissions.add(permission);
} }
} }
return permissions; return permissions;
@ -214,6 +213,7 @@ public class AnnotationProcessor {
/** /**
* Read Method annotations indicating HTTP Methods * Read Method annotations indicating HTTP Methods
*
* @param annotation * @param annotation
*/ */
private String getHTTPMethodAnnotation(Annotation annotation) { private String getHTTPMethodAnnotation(Annotation annotation) {
@ -294,19 +294,15 @@ public class AnnotationProcessor {
* @param servletContext * @param servletContext
* @return null if cannot determin /WEB-INF/classes * @return null if cannot determin /WEB-INF/classes
*/ */
public static URL findWebInfClassesPath(ServletContext servletContext) public static URL findWebInfClassesPath(ServletContext servletContext) {
{
String path = servletContext.getRealPath("/WEB-INF/classes"); String path = servletContext.getRealPath("/WEB-INF/classes");
if (path == null) return null; if (path == null) return null;
File fp = new File(path); File fp = new File(path);
if (fp.exists() == false) return null; if (fp.exists() == false) return null;
try try {
{
URI uri = fp.toURI(); URI uri = fp.toURI();
return uri.toURL(); return uri.toURL();
} } catch (MalformedURLException e) {
catch (MalformedURLException e)
{
throw new RuntimeException(e); throw new RuntimeException(e);
} }
} }
@ -329,4 +325,24 @@ public class AnnotationProcessor {
return replacedPath.toString(); return replacedPath.toString();
} }
private void setPermission(Method currentMethod, Permission permission) throws Throwable {
Class<org.wso2.carbon.apimgt.annotations.api.Permission> permissionClass =
(Class<org.wso2.carbon.apimgt.annotations.api.Permission>) classLoader.
loadClass(org.wso2.carbon.apimgt.annotations.api.Permission.class.getName());
Annotation permissionAnnotation = currentMethod.getAnnotation(permissionClass);
if (permissionClass != null) {
Method[] permissionClassMethods = permissionClass.getMethods();
for (Method method : permissionClassMethods) {
switch (method.getName()) {
case "name":
permission.setName(invokeMethod(method, permissionAnnotation, STRING));
break;
case "permission":
permission.setPath(invokeMethod(method, permissionAnnotation, STRING));
break;
}
}
}
}
} }

@ -1,51 +0,0 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.core.config.permission;
import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
import java.util.List;
/**
* This class represents the information related to permissions.
*/
public class PermissionConfiguration {
private String scopeName;
private String[] permissions;
public String getScopeName() {
return scopeName;
}
public void setScopeName(String scope) {
this.scopeName = scope;
}
public String[] getPermissions() {
return permissions;
}
public void setPermissions(String[] permissions) {
this.permissions = permissions;
}
}

@ -28,17 +28,10 @@ import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException; import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService; import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
import org.wso2.carbon.device.mgt.core.config.permission.AnnotationProcessor; import org.wso2.carbon.device.mgt.core.config.permission.AnnotationProcessor;
import org.wso2.carbon.device.mgt.core.config.permission.PermissionConfiguration;
import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionManagerServiceImpl; import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionManagerServiceImpl;
import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionUtils;
import javax.servlet.ServletContext; import javax.servlet.ServletContext;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;

@ -763,10 +763,9 @@ public abstract class AbstractDeviceDAOImpl implements DeviceDAO {
ResultSet rs = null; ResultSet rs = null;
try { try {
conn = this.getConnection(); conn = this.getConnection();
String sql = "SELECT ID AS ENROLMENT_ID FROM DM_ENROLMENT WHERE DEVICE_ID = (SELECT DISTINCT d.ID " + String sql = "SELECT e.ID AS ENROLMENT_ID FROM DM_ENROLMENT e, (SELECT d.ID FROM DM_DEVICE d, DM_DEVICE_TYPE t " +
"FROM DM_DEVICE d, DM_DEVICE_TYPE t WHERE d.DEVICE_TYPE_ID = t.ID " + "WHERE d.DEVICE_TYPE_ID = t.ID AND d.DEVICE_IDENTIFICATION = ? AND t.NAME = ? AND d.TENANT_ID = ?) dtm " +
"AND d.DEVICE_IDENTIFICATION = ? AND t.NAME = ? AND d.TENANT_ID = ?) " + "WHERE e.DEVICE_ID = dtm.ID AND e.STATUS = ? AND e.TENANT_ID = ?;";
"AND STATUS = ? AND TENANT_ID = ?";
stmt = conn.prepareStatement(sql); stmt = conn.prepareStatement(sql);
stmt.setString(1, deviceId.getId()); stmt.setString(1, deviceId.getId());
stmt.setString(2, deviceId.getType()); stmt.setString(2, deviceId.getType());

@ -31,6 +31,7 @@ import java.sql.PreparedStatement;
import java.sql.ResultSet; import java.sql.ResultSet;
import java.sql.SQLException; import java.sql.SQLException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Date;
import java.util.List; import java.util.List;
/** /**
@ -55,6 +56,8 @@ public class OracleDeviceDAOImpl extends AbstractDeviceDAOImpl {
boolean isOwnershipProvided = false; boolean isOwnershipProvided = false;
String status = request.getStatus(); String status = request.getStatus();
boolean isStatusProvided = false; boolean isStatusProvided = false;
Date since = request.getSince();
boolean isSinceProvided = false;
try { try {
conn = this.getConnection(); conn = this.getConnection();
String sql = "SELECT * FROM (SELECT ROWNUM offset, rs.* FROM (SELECT d1.ID AS DEVICE_ID, " + String sql = "SELECT * FROM (SELECT ROWNUM offset, rs.* FROM (SELECT d1.ID AS DEVICE_ID, " +
@ -62,7 +65,20 @@ public class OracleDeviceDAOImpl extends AbstractDeviceDAOImpl {
"e.OWNERSHIP, e.STATUS, e.DATE_OF_LAST_UPDATE, e.DATE_OF_ENROLMENT, " + "e.OWNERSHIP, e.STATUS, e.DATE_OF_LAST_UPDATE, e.DATE_OF_ENROLMENT, " +
"e.ID AS ENROLMENT_ID FROM DM_ENROLMENT e, (SELECT d.ID, d.DESCRIPTION, d.NAME, " + "e.ID AS ENROLMENT_ID FROM DM_ENROLMENT e, (SELECT d.ID, d.DESCRIPTION, d.NAME, " +
"d.DEVICE_IDENTIFICATION, t.NAME AS DEVICE_TYPE FROM DM_DEVICE d, " + "d.DEVICE_IDENTIFICATION, t.NAME AS DEVICE_TYPE FROM DM_DEVICE d, " +
"DM_DEVICE_TYPE t WHERE DEVICE_TYPE_ID = t.ID AND d.TENANT_ID = ?"; "DM_DEVICE_TYPE t ";
//Add the query to filter active devices on timestamp
if (since != null) {
sql = sql + ", DM_DEVICE_DETAIL dt";
isSinceProvided = true;
}
sql = sql + " WHERE DEVICE_TYPE_ID = t.ID AND d.TENANT_ID = ?";
//Add query for last updated timestamp
if (isSinceProvided) {
sql = sql + " AND dt.DEVICE_ID = d.ID AND dt.UPDATE_TIMESTAMP > ?";
}
//Add the query for device-type //Add the query for device-type
if (deviceType != null && !deviceType.isEmpty()) { if (deviceType != null && !deviceType.isEmpty()) {
@ -98,6 +114,9 @@ public class OracleDeviceDAOImpl extends AbstractDeviceDAOImpl {
stmt = conn.prepareStatement(sql); stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
int paramIdx = 2; int paramIdx = 2;
if (isSinceProvided) {
stmt.setLong(paramIdx++, since.getTime());
}
if (isDeviceTypeProvided) { if (isDeviceTypeProvided) {
stmt.setString(paramIdx++, request.getDeviceType()); stmt.setString(paramIdx++, request.getDeviceType());
} }

@ -30,6 +30,7 @@ import java.sql.PreparedStatement;
import java.sql.ResultSet; import java.sql.ResultSet;
import java.sql.SQLException; import java.sql.SQLException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Date;
import java.util.List; import java.util.List;
/** /**
@ -54,6 +55,8 @@ public class PostgreSQLDeviceDAOImpl extends AbstractDeviceDAOImpl {
boolean isOwnershipProvided = false; boolean isOwnershipProvided = false;
String status = request.getStatus(); String status = request.getStatus();
boolean isStatusProvided = false; boolean isStatusProvided = false;
Date since = request.getSince();
boolean isSinceProvided = false;
try { try {
conn = this.getConnection(); conn = this.getConnection();
String sql = "SELECT d1.ID AS DEVICE_ID, d1.DESCRIPTION, d1.NAME AS DEVICE_NAME, d1.DEVICE_TYPE, " + String sql = "SELECT d1.ID AS DEVICE_ID, d1.DESCRIPTION, d1.NAME AS DEVICE_NAME, d1.DEVICE_TYPE, " +

@ -30,6 +30,7 @@ import java.sql.PreparedStatement;
import java.sql.ResultSet; import java.sql.ResultSet;
import java.sql.SQLException; import java.sql.SQLException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Date;
import java.util.List; import java.util.List;
/** /**
@ -54,13 +55,28 @@ public class SQLServerDeviceDAOImpl extends AbstractDeviceDAOImpl {
boolean isOwnershipProvided = false; boolean isOwnershipProvided = false;
String status = request.getStatus(); String status = request.getStatus();
boolean isStatusProvided = false; boolean isStatusProvided = false;
Date since = request.getSince();
boolean isSinceProvided = false;
try { try {
conn = this.getConnection(); conn = this.getConnection();
String sql = "SELECT d1.ID AS DEVICE_ID, d1.DESCRIPTION, d1.NAME AS DEVICE_NAME, d1.DEVICE_TYPE, " + String sql = "SELECT d1.ID AS DEVICE_ID, d1.DESCRIPTION, d1.NAME AS DEVICE_NAME, d1.DEVICE_TYPE, " +
"d1.DEVICE_IDENTIFICATION, e.OWNER, e.OWNERSHIP, e.STATUS, e.DATE_OF_LAST_UPDATE, " + "d1.DEVICE_IDENTIFICATION, e.OWNER, e.OWNERSHIP, e.STATUS, e.DATE_OF_LAST_UPDATE, " +
"e.DATE_OF_ENROLMENT, e.ID AS ENROLMENT_ID FROM DM_ENROLMENT e, (SELECT d.ID, d.DESCRIPTION, " + "e.DATE_OF_ENROLMENT, e.ID AS ENROLMENT_ID FROM DM_ENROLMENT e, (SELECT d.ID, d.DESCRIPTION, " +
"d.NAME, d.DEVICE_IDENTIFICATION, t.NAME AS DEVICE_TYPE FROM DM_DEVICE d, DM_DEVICE_TYPE t " + "d.NAME, d.DEVICE_IDENTIFICATION, t.NAME AS DEVICE_TYPE " +
"WHERE DEVICE_TYPE_ID = t.ID AND d.TENANT_ID = ?"; "FROM DM_DEVICE d, DM_DEVICE_TYPE t ";
//Add the query to filter active devices on timestamp
if (since != null) {
sql = sql + ", DM_DEVICE_DETAIL dt";
isSinceProvided = true;
}
sql = sql + " WHERE DEVICE_TYPE_ID = t.ID AND d.TENANT_ID = ?";
//Add query for last updated timestamp
if (isSinceProvided) {
sql = sql + " AND dt.DEVICE_ID = d.ID AND dt.UPDATE_TIMESTAMP > ?";
}
//Add the query for device-type //Add the query for device-type
if (deviceType != null && !deviceType.isEmpty()) { if (deviceType != null && !deviceType.isEmpty()) {
@ -96,6 +112,9 @@ public class SQLServerDeviceDAOImpl extends AbstractDeviceDAOImpl {
stmt = conn.prepareStatement(sql); stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId); stmt.setInt(1, tenantId);
int paramIdx = 2; int paramIdx = 2;
if (isSinceProvided) {
stmt.setLong(paramIdx++, since.getTime());
}
if (isDeviceTypeProvided) { if (isDeviceTypeProvided) {
stmt.setString(paramIdx++, request.getDeviceType()); stmt.setString(paramIdx++, request.getDeviceType());
} }

@ -31,7 +31,6 @@ import org.wso2.carbon.device.mgt.common.notification.mgt.NotificationManagement
import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException; import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManager; import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManager;
import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService; import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagerService;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService; import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService;
import org.wso2.carbon.device.mgt.core.DeviceManagementConstants; import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
import org.wso2.carbon.device.mgt.core.DeviceManagementPluginRepository; import org.wso2.carbon.device.mgt.core.DeviceManagementPluginRepository;
@ -52,7 +51,6 @@ import org.wso2.carbon.device.mgt.core.operation.mgt.OperationManagerImpl;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.OperationManagementDAOFactory; import org.wso2.carbon.device.mgt.core.operation.mgt.dao.OperationManagementDAOFactory;
import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionManagerServiceImpl; import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionManagerServiceImpl;
import org.wso2.carbon.device.mgt.core.push.notification.mgt.PushNotificationProviderRepository; import org.wso2.carbon.device.mgt.core.push.notification.mgt.PushNotificationProviderRepository;
import org.wso2.carbon.device.mgt.core.scope.mgt.ScopeManagementServiceImpl;
import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOFactory; import org.wso2.carbon.device.mgt.core.scope.mgt.dao.ScopeManagementDAOFactory;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService; import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl; import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderServiceImpl;
@ -243,9 +241,10 @@ public class DeviceManagementServiceComponent {
= new NotificationManagementServiceImpl(); = new NotificationManagementServiceImpl();
bundleContext.registerService(NotificationManagementService.class.getName(), notificationManagementService, null); bundleContext.registerService(NotificationManagementService.class.getName(), notificationManagementService, null);
/* Registering Scope Management Service */ /* Registering PermissionManager Service */
ScopeManagementService scopeManagementService = new ScopeManagementServiceImpl(); PermissionManagerService permissionManagerService
bundleContext.registerService(ScopeManagementService.class.getName(), scopeManagementService, null); = PermissionManagerServiceImpl.getInstance();
bundleContext.registerService(PermissionManagerService.class.getName(), permissionManagerService, null);
/* Registering DeviceAccessAuthorization Service */ /* Registering DeviceAccessAuthorization Service */
DeviceAccessAuthorizationService deviceAccessAuthorizationService = new DeviceAccessAuthorizationServiceImpl(); DeviceAccessAuthorizationService deviceAccessAuthorizationService = new DeviceAccessAuthorizationServiceImpl();

@ -28,7 +28,6 @@ import org.wso2.carbon.device.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.device.mgt.core.config.datasource.JNDILookupDefinition; import org.wso2.carbon.device.mgt.core.config.datasource.JNDILookupDefinition;
import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil; import org.wso2.carbon.device.mgt.core.dao.util.DeviceManagementDAOUtil;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.*; import org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.*;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.operation.H2OperationDAOImpl;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.operation.MySQLOperationDAOImpl; import org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.operation.MySQLOperationDAOImpl;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.operation.OracleOperationDAOImpl; import org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.operation.OracleOperationDAOImpl;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.operation.PostgreSQLOperationDAOImpl; import org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.operation.PostgreSQLOperationDAOImpl;
@ -77,7 +76,7 @@ public class OperationManagementDAOFactory {
case DeviceManagementConstants.DataBaseTypes.DB_TYPE_POSTGRESQL: case DeviceManagementConstants.DataBaseTypes.DB_TYPE_POSTGRESQL:
return new PostgreSQLOperationDAOImpl(); return new PostgreSQLOperationDAOImpl();
case DeviceManagementConstants.DataBaseTypes.DB_TYPE_H2: case DeviceManagementConstants.DataBaseTypes.DB_TYPE_H2:
return new H2OperationDAOImpl(); return new GenericOperationDAOImpl();
case DeviceManagementConstants.DataBaseTypes.DB_TYPE_MYSQL: case DeviceManagementConstants.DataBaseTypes.DB_TYPE_MYSQL:
return new MySQLOperationDAOImpl(); return new MySQLOperationDAOImpl();
default: default:

@ -1,174 +0,0 @@
/*
* Copyright (c) 2016a, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.operation;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.common.operation.mgt.ActivityStatus;
import org.wso2.carbon.device.mgt.common.operation.mgt.OperationResponse;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.OperationManagementDAOException;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.OperationManagementDAOFactory;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.OperationManagementDAOUtil;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.impl.GenericOperationDAOImpl;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.util.OperationDAOUtil;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
/**
* This class holds the implementation of OperationDAO which can be used to support H2 db syntax.
*/
public class H2OperationDAOImpl extends GenericOperationDAOImpl {
@Override
public List<Activity> getActivitiesUpdatedAfter(long timestamp, int limit, int offset) throws OperationManagementDAOException {
PreparedStatement stmt = null;
ResultSet rs = null;
List<Activity> activities = new ArrayList<>();
try {
Connection conn = OperationManagementDAOFactory.getConnection();
String sql = "SELECT feom.ENROLMENT_ID, feom.OPERATION_ID, feom.CREATED_TIMESTAMP, o.TYPE AS OPERATION_TYPE, " +
"o.OPERATION_CODE, orsp.OPERATION_RESPONSE, orsp.LATEST_RECEIVED_TIMESTAMP AS RECEIVED_TIMESTAMP, " +
"orsp.ID AS OP_RES_ID, feom.STATUS, feom.UPDATED_TIMESTAMP, feom.DEVICE_IDENTIFICATION, " +
"feom.DEVICE_TYPE FROM (SELECT eom.ENROLMENT_ID, eom.OPERATION_ID, eom.STATUS, eom.CREATED_TIMESTAMP, " +
"eom.UPDATED_TIMESTAMP, fe.DEVICE_IDENTIFICATION, fe.DEVICE_TYPE FROM " +
"(SELECT ENROLMENT_ID, OPERATION_ID, STATUS, CREATED_TIMESTAMP, UPDATED_TIMESTAMP " +
"FROM DM_ENROLMENT_OP_MAPPING WHERE UPDATED_TIMESTAMP > ? ORDER BY OPERATION_ID LIMIT ? OFFSET ?) eom " +
"LEFT OUTER JOIN (SELECT e.ID AS ENROLMENT_ID, d.ID AS DEVICE_ID, d.DEVICE_IDENTIFICATION, " +
"t.NAME AS DEVICE_TYPE FROM DM_ENROLMENT e LEFT OUTER JOIN DM_DEVICE d ON e.DEVICE_ID = d.ID " +
"LEFT OUTER JOIN DM_DEVICE_TYPE t ON d.DEVICE_TYPE_ID = t.ID WHERE d.TENANT_ID = ? AND " +
"e.TENANT_ID = ?) fe ON fe.ENROLMENT_ID = eom.ENROLMENT_ID) feom LEFT OUTER JOIN DM_OPERATION o " +
"ON feom.OPERATION_ID = o.ID LEFT OUTER JOIN (SELECT ID, ENROLMENT_ID, OPERATION_ID, " +
"OPERATION_RESPONSE, MAX(RECEIVED_TIMESTAMP) LATEST_RECEIVED_TIMESTAMP " +
"FROM DM_DEVICE_OPERATION_RESPONSE GROUP BY ENROLMENT_ID , OPERATION_ID) orsp " +
"ON o.ID = orsp.OPERATION_ID AND feom.ENROLMENT_ID = orsp.ENROLMENT_ID GROUP BY feom.ENROLMENT_ID, " +
"feom.OPERATION_ID, feom.CREATED_TIMESTAMP, o.TYPE, o.OPERATION_CODE, orsp.OPERATION_RESPONSE, " +
"orsp.LATEST_RECEIVED_TIMESTAMP, orsp.ID, feom.STATUS, feom.UPDATED_TIMESTAMP, " +
"feom.DEVICE_IDENTIFICATION, feom.DEVICE_TYPE";
stmt = conn.prepareStatement(sql);
stmt.setLong(1, timestamp);
stmt.setInt(2, limit);
stmt.setInt(3, offset);
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
stmt.setInt(4, tenantId);
stmt.setInt(5, tenantId);
rs = stmt.executeQuery();
int operationId = 0;
int enrolmentId = 0;
int responseId = 0;
Activity activity = null;
ActivityStatus activityStatus = null;
while (rs.next()) {
if (operationId != rs.getInt("OPERATION_ID")) {
activity = new Activity();
activities.add(activity);
List<ActivityStatus> statusList = new ArrayList<>();
activityStatus = new ActivityStatus();
operationId = rs.getInt("OPERATION_ID");
enrolmentId = rs.getInt("ENROLMENT_ID");
activity.setType(Activity.Type.valueOf(rs.getString("OPERATION_TYPE")));
activity.setCreatedTimeStamp(new java.util.Date(rs.getLong(("CREATED_TIMESTAMP")) * 1000).toString());
activity.setCode(rs.getString("OPERATION_CODE"));
DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
deviceIdentifier.setId(rs.getString("DEVICE_IDENTIFICATION"));
deviceIdentifier.setType(rs.getString("DEVICE_TYPE"));
activityStatus.setDeviceIdentifier(deviceIdentifier);
activityStatus.setStatus(ActivityStatus.Status.valueOf(rs.getString("STATUS")));
List<OperationResponse> operationResponses = new ArrayList<>();
if (rs.getInt("UPDATED_TIMESTAMP") != 0) {
activityStatus.setUpdatedTimestamp(new java.util.Date(
rs.getLong(("UPDATED_TIMESTAMP")) * 1000).toString());
}
if (rs.getTimestamp("RECEIVED_TIMESTAMP") != (null)) {
operationResponses.add(OperationDAOUtil.getOperationResponse(rs));
responseId = rs.getInt("OP_RES_ID");
}
activityStatus.setResponses(operationResponses);
statusList.add(activityStatus);
activity.setActivityStatus(statusList);
activity.setActivityId(OperationDAOUtil.getActivityId(rs.getInt("OPERATION_ID")));
}
if (operationId == rs.getInt("OPERATION_ID") && enrolmentId != rs.getInt("ENROLMENT_ID")) {
activityStatus = new ActivityStatus();
activity.setType(Activity.Type.valueOf(rs.getString("OPERATION_TYPE")));
activity.setCreatedTimeStamp(new java.util.Date(rs.getLong(("CREATED_TIMESTAMP")) * 1000).toString());
activity.setCode(rs.getString("OPERATION_CODE"));
DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
deviceIdentifier.setId(rs.getString("DEVICE_IDENTIFICATION"));
deviceIdentifier.setType(rs.getString("DEVICE_TYPE"));
activityStatus.setDeviceIdentifier(deviceIdentifier);
activityStatus.setStatus(ActivityStatus.Status.valueOf(rs.getString("STATUS")));
List<OperationResponse> operationResponses = new ArrayList<>();
if (rs.getInt("UPDATED_TIMESTAMP") != 0) {
activityStatus.setUpdatedTimestamp(new java.util.Date(
rs.getLong(("UPDATED_TIMESTAMP")) * 1000).toString());
}
if (rs.getTimestamp("RECEIVED_TIMESTAMP") != (null)) {
operationResponses.add(OperationDAOUtil.getOperationResponse(rs));
responseId = rs.getInt("OP_RES_ID");
}
activityStatus.setResponses(operationResponses);
activity.getActivityStatus().add(activityStatus);
enrolmentId = rs.getInt("ENROLMENT_ID");
}
if (rs.getInt("OP_RES_ID") != 0 && responseId != rs.getInt("OP_RES_ID")) {
if (rs.getTimestamp("RECEIVED_TIMESTAMP") != (null)) {
activityStatus.getResponses().add(OperationDAOUtil.getOperationResponse(rs));
responseId = rs.getInt("OP_RES_ID");
}
}
}
} catch (SQLException e) {
throw new OperationManagementDAOException("Error occurred while getting the operation details from " +
"the database.", e);
} catch (ClassNotFoundException e) {
throw new OperationManagementDAOException("Error occurred while converting the operation response to string.", e);
} catch (IOException e) {
throw new OperationManagementDAOException("IO exception occurred while converting the operations responses.", e);
} finally {
OperationManagementDAOUtil.cleanupResources(stmt, rs);
}
return activities;
}
}

@ -53,9 +53,11 @@ public class PermissionManagerServiceImpl implements PermissionManagerService {
} }
@Override @Override
public void addPermission(Permission permission) throws PermissionManagementException { public boolean addPermission(Permission permission) throws PermissionManagementException {
// adding a permission to the tree // adding a permission to the tree
permission.setPath(PermissionUtils.getAbsolutePermissionPath(permission.getPath()));
permissionTree.addPermission(permission); permissionTree.addPermission(permission);
return PermissionUtils.putPermission(permission);
} }
@Override @Override

@ -66,24 +66,23 @@ public class PermissionUtils {
return contextPath + url; return contextPath + url;
} }
// public static Permission getPermission(String path) throws PermissionManagementException { public static Permission getPermission(String path) throws PermissionManagementException {
// try { try {
// Resource resource = PermissionUtils.getGovernanceRegistry().get(path); Resource resource = PermissionUtils.getGovernanceRegistry().get(path);
// Permission permission = new Permission(); Permission permission = new Permission();
// permission.setName(resource.getProperty(PERMISSION_PROPERTY_NAME)); permission.setName(resource.getProperty(PERMISSION_PROPERTY_NAME));
// permission.setPath(resource.getPath()); permission.setPath(resource.getPath());
// return permission; return permission;
// } catch (RegistryException e) { } catch (RegistryException e) {
// throw new PermissionManagementException("Error in retrieving registry resource : " + throw new PermissionManagementException("Error in retrieving registry resource : " +
// e.getMessage(), e); e.getMessage(), e);
// } }
// } }
//
public static boolean putPermission(String permissionPath) public static boolean putPermission(Permission permission) throws PermissionManagementException {
throws PermissionManagementException {
boolean status; boolean status;
try { try {
StringTokenizer tokenizer = new StringTokenizer(permissionPath, "/"); StringTokenizer tokenizer = new StringTokenizer(permission.getPath(), "/");
String lastToken = "", currentToken, tempPath; String lastToken = "", currentToken, tempPath;
while (tokenizer.hasMoreTokens()) { while (tokenizer.hasMoreTokens()) {
currentToken = tokenizer.nextToken(); currentToken = tokenizer.nextToken();
@ -95,7 +94,8 @@ public class PermissionUtils {
} }
status = true; status = true;
} catch (RegistryException e) { } catch (RegistryException e) {
throw new PermissionManagementException("Error occurred while persisting permission", e); throw new PermissionManagementException("Error occurred while persisting permission : " +
permission.getName(), e);
} }
return status; return status;
} }

@ -45,7 +45,12 @@ policyModule = function () {
policyObjectToView["priorityId"] = policyObjectFromRestEndpoint["priorityId"]; policyObjectToView["priorityId"] = policyObjectFromRestEndpoint["priorityId"];
policyObjectToView["name"] = policyObjectFromRestEndpoint["policyName"]; policyObjectToView["name"] = policyObjectFromRestEndpoint["policyName"];
policyObjectToView["platform"] = policyObjectFromRestEndpoint["profile"]["deviceType"]; policyObjectToView["platform"] = policyObjectFromRestEndpoint["profile"]["deviceType"];
policyObjectToView["icon"] = utility.getDeviceThumb(policyObjectToView["platform"]); if (policyObjectToView["platform"] == "ios") {
policyObjectToView["deviceTypeIcon"] = "apple";
} else {
policyObjectToView["deviceTypeIcon"] = policyObjectToView["platform"];
}
//policyObjectToView["icon"] = utility.getDeviceThumb(policyObjectToView["platform"]);
policyObjectToView["ownershipType"] = policyObjectFromRestEndpoint["ownershipType"]; policyObjectToView["ownershipType"] = policyObjectFromRestEndpoint["ownershipType"];
var assignedRoleCount = policyObjectFromRestEndpoint["roles"].length; var assignedRoleCount = policyObjectFromRestEndpoint["roles"].length;

@ -19,8 +19,8 @@
/** /**
* Returns the dynamic state to be populated by add-user page. * Returns the dynamic state to be populated by add-user page.
* *
* @param context Object that gets updated with the dynamic state of this page to be presented * @param viewModel Object that gets updated with the dynamic state of this page to be presented
* @returns {*} A context object that returns the dynamic state of this page to be presented * @returns {*} A viewModel object that returns the dynamic state of this page to be presented
*/ */
function onRequest(context) { function onRequest(context) {
// var log = new Log("units/user-create/create.js"); // var log = new Log("units/user-create/create.js");
@ -29,17 +29,17 @@ function onRequest(context) {
var response = userModule.getRolesByUserStore(); var response = userModule.getRolesByUserStore();
if (response["status"] == "success") { if (response["status"] == "success") {
context["roles"] = response["content"]; viewModel["roles"] = response["content"];
} }
context["charLimit"] = mdmProps["usernameLength"]; viewModel["charLimit"] = mdmProps["usernameLength"];
context["usernameJSRegEx"] = mdmProps["userValidationConfig"]["usernameJSRegEx"]; viewModel["usernameJSRegEx"] = mdmProps["userValidationConfig"]["usernameJSRegEx"];
context["usernameHelpText"] = mdmProps["userValidationConfig"]["usernameHelpMsg"]; viewModel["usernameHelpText"] = mdmProps["userValidationConfig"]["usernameHelpMsg"];
context["usernameRegExViolationErrorMsg"] = mdmProps["userValidationConfig"]["usernameRegExViolationErrorMsg"]; viewModel["usernameRegExViolationErrorMsg"] = mdmProps["userValidationConfig"]["usernameRegExViolationErrorMsg"];
context["firstnameJSRegEx"] = mdmProps["userValidationConfig"]["firstnameJSRegEx"]; viewModel["firstnameJSRegEx"] = mdmProps["userValidationConfig"]["firstnameJSRegEx"];
context["firstnameRegExViolationErrorMsg"] = mdmProps["userValidationConfig"]["firstnameRegExViolationErrorMsg"]; viewModel["firstnameRegExViolationErrorMsg"] = mdmProps["userValidationConfig"]["firstnameRegExViolationErrorMsg"];
context["lastnameJSRegEx"] = mdmProps["userValidationConfig"]["lastnameJSRegEx"]; viewModel["lastnameJSRegEx"] = mdmProps["userValidationConfig"]["lastnameJSRegEx"];
context["lastnameRegExViolationErrorMsg"] = mdmProps["userValidationConfig"]["lastnameRegExViolationErrorMsg"]; viewModel["lastnameRegExViolationErrorMsg"] = mdmProps["userValidationConfig"]["lastnameRegExViolationErrorMsg"];
return context; return viewModel;
} }

@ -1,15 +1,16 @@
function onRequest(context) { function onRequest(context) {
var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var mdmProps = require("/app/modules/conf-reader/main.js")["conf"]; var mdmProps = require("/app/modules/conf-reader/main.js")["conf"];
var viewModel = {};
context["permissions"] = userModule.getUIPermissions();
if (userModule.isAuthorized("/permission/admin/device-mgt/emm-admin/certificate/Get")) { if (userModule.isAuthorized("/permission/admin/device-mgt/certificates/manage")) {
context["removePermitted"] = true; viewModel["removePermitted"] = true;
} }
if (userModule.isAuthorized("/permission/admin/device-mgt/emm-admin/certificate/Get")) { if (userModule.isAuthorized("/permission/admin/device-mgt/certificates/view")) {
context["viewPermitted"] = true; viewModel["viewPermitted"] = true;
} }
context["adminUser"] = mdmProps.adminUser;
return context; viewModel.adminUser = mdmProps.adminUser;
return viewModel;
} }

@ -40,7 +40,7 @@
{{/zone}} {{/zone}}
{{#zone "navbarActions"}} {{#zone "navbarActions"}}
{{#if permissions.ADD_ADMIN_POLICY}} {{#if managePermitted}}
<li> <li>
<a href="{{@app.context}}/policy/add" class="cu-btn"> <a href="{{@app.context}}/policy/add" class="cu-btn">
<span class="icon fw-stack"> <span class="icon fw-stack">
@ -50,8 +50,6 @@
Add Policy Add Policy
</a> </a>
</li> </li>
{{/if}}
{{#if permissions.CHANGE_POLICY_PRIORITY}}
{{#equal noPolicy false}} {{#equal noPolicy false}}
<li> <li>
<a href="{{@app.context}}/policy/priority" class="cu-btn"> <a href="{{@app.context}}/policy/priority" class="cu-btn">
@ -81,7 +79,7 @@
<div class="ctrl-info-panel col-centered text-center wr-login"> <div class="ctrl-info-panel col-centered text-center wr-login">
<h2>You don't have any policy at the moment.</h2> <h2>You don't have any policy at the moment.</h2>
<br/> <br/>
{{#if permissions.ADD_ADMIN_POLICY}} {{#if managePermitted}}
<p class="text-center"> <p class="text-center">
<a href="{{@app.context}}/policy/add" class="wr-btn"> <a href="{{@app.context}}/policy/add" class="wr-btn">
<span class="fw-stack"> <span class="fw-stack">
@ -142,7 +140,7 @@
<tr class="bulk-action-row"> <tr class="bulk-action-row">
<th colspan="9"> <th colspan="9">
<ul class="tiles"> <ul class="tiles">
{{#if removePermitted}} {{#if managePermitted}}
<li class="square"> <li class="square">
<a href="#" data-click-event="remove-form" <a href="#" data-click-event="remove-form"
class="btn square-element policy-remove-link" class="btn square-element policy-remove-link"

@ -56,15 +56,8 @@ function onRequest(context) {
page["noPolicy"] = true; page["noPolicy"] = true;
} }
if (userModule.isAuthorized("/permission/admin/device-mgt/policies/delete")) { if (userModule.isAuthorized("/permission/admin/device-mgt/policies/manage")) {
page["removePermitted"] = true; page.managePermitted = true;
} }
if (userModule.isAuthorized("/permission/admin/device-mgt/policies/remove")) {
page["removePermitted"] = true;
}
if (userModule.isAuthorized("/permission/admin/device-mgt/policies/update")) {
page["editPermitted"] = true;
}
page.permissions = userModule.getUIPermissions();
return page; return page;
} }

@ -38,5 +38,14 @@
{{/zone}} {{/zone}}
{{#zone "content"}} {{#zone "content"}}
{{#if isAuthorized}}
{{unit "cdmf.unit.policy.priority"}} {{unit "cdmf.unit.policy.priority"}}
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter Policy Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}

@ -26,4 +26,7 @@ function onRequest(context){
return options.fn(this); return options.fn(this);
} }
}); });
var viewModel = {};
viewModel.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage");
return viewModel;
} }

@ -36,6 +36,7 @@
{{/zone}} {{/zone}}
{{#zone "content"}} {{#zone "content"}}
{{#if canManage}}
<!-- content/body --> <!-- content/body -->
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
@ -140,6 +141,14 @@
<!-- /content --> <!-- /content -->
</div> </div>
</div> </div>
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter User Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "bottomJs"}} {{#zone "bottomJs"}}

@ -32,6 +32,9 @@ function onRequest() {
page["roles"] = response["content"]; page["roles"] = response["content"];
} }
if (userModule.isAuthorized("/permission/admin/device-mgt/users/manage")) {
page.canManage = true;
}
var userStores = userModule.getSecondaryUserStores(); var userStores = userModule.getSecondaryUserStores();
page["userStores"] = userStores; page["userStores"] = userStores;
page["charLimit"] = devicemgtProps["usernameLength"]; page["charLimit"] = devicemgtProps["usernameLength"];

@ -36,7 +36,7 @@
{{/zone}} {{/zone}}
{{#zone "content"}} {{#zone "content"}}
{{#if canManage}}
<!-- content/body --> <!-- content/body -->
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
@ -137,6 +137,15 @@
</div> </div>
</div> </div>
<!-- /content/body --> <!-- /content/body -->
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter User Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "bottomJs"}} {{#zone "bottomJs"}}

@ -60,6 +60,10 @@ function onRequest() {
page["rolesByUserStore"] = rolesByUserStore; page["rolesByUserStore"] = rolesByUserStore;
} }
if (userModule.isAuthorized("/permission/admin/device-mgt/users/manage")) {
page.canManage = true;
}
page["usernameJSRegEx"] = devicemgtProps["userValidationConfig"]["usernameJSRegEx"]; page["usernameJSRegEx"] = devicemgtProps["userValidationConfig"]["usernameJSRegEx"];
page["usernameRegExViolationErrorMsg"] = devicemgtProps["userValidationConfig"]["usernameRegExViolationErrorMsg"]; page["usernameRegExViolationErrorMsg"] = devicemgtProps["userValidationConfig"]["usernameRegExViolationErrorMsg"];
page["firstnameJSRegEx"] = devicemgtProps["userValidationConfig"]["firstnameJSRegEx"]; page["firstnameJSRegEx"] = devicemgtProps["userValidationConfig"]["firstnameJSRegEx"];

@ -36,6 +36,7 @@
{{/zone}} {{/zone}}
{{#zone "content"}} {{#zone "content"}}
{{#if canView}}}
{{#zone "contentTitle"}} {{#zone "contentTitle"}}
<div class="row wr-device-board"> <div class="row wr-device-board">
<div class="col-lg-12 wr-secondary-bar"> <div class="col-lg-12 wr-secondary-bar">
@ -166,4 +167,12 @@
{{/defineZone}} {{/defineZone}}
</div> </div>
</div> </div>
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter User Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}

@ -40,5 +40,10 @@ function onRequest(context) {
var deviceModule = require("/app/modules/business-controllers/device.js")["deviceModule"]; var deviceModule = require("/app/modules/business-controllers/device.js")["deviceModule"];
devices = deviceModule.getDevices(userName); devices = deviceModule.getDevices(userName);
} }
return {"user": user, "userRoles": userRoles, "devices": devices};
var canView = false;
if (userModule.isAuthorized("/permission/admin/device-mgt/users/view")) {
canView = true;
}
return {"user": user, "userRoles": userRoles, "devices": devices, "canView": canView};
} }

@ -50,28 +50,24 @@
<!-- content --> <!-- content -->
<div id="loading-content" class="col-centered"> <div id="loading-content" class="col-centered">
{{#if removePermitted}} {{#if canManage}}
<input type="hidden" id="can-remove" value="true"/> <input type="hidden" id="can-remove" value="true"/>
{{/if}}
{{#if editPermitted}}
<input type="hidden" id="can-edit" value="true"/> <input type="hidden" id="can-edit" value="true"/>
{{/if}}
{{#if viewPermitted}}
<input type="hidden" id="can-view" value="true"/>
{{/if}}
{{#if invitePermitted}}
<input type="hidden" id="can-invite" value="true"/> <input type="hidden" id="can-invite" value="true"/>
{{/if}}
{{#if resetPasswordPermitted}}
<input type="hidden" id="can-reset-password" value="true"/> <input type="hidden" id="can-reset-password" value="true"/>
{{/if}} {{/if}}
{{#if canView}}
<input type="hidden" id="can-view" value="true"/>
{{/if}}
<i class="fw fw-settings fw-spin fw-2x"></i> <i class="fw fw-settings fw-spin fw-2x"></i>
Loading users . . . Loading users . . .
<br> <br>
</div> </div>
<div id="user-table" data-user={{adminUser}}> <div id="user-table" data-user={{adminUser}}>
<table class="table table-striped table-hover list-table display responsive nowrap data-table grid-view" id="user-grid"> <table class="table table-striped table-hover list-table display responsive nowrap data-table grid-view"
id="user-grid">
<thead> <thead>
<tr class="sort-row"> <tr class="sort-row">
<th>By Username</th> <th>By Username</th>
@ -105,7 +101,8 @@
<div id="invite-user-modal-content" class="hide"> <div id="invite-user-modal-content" class="hide">
<div class="modal-header"> <div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i></button> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i>
</button>
</div> </div>
<div class="modal-body add-margin-top-2x add-margin-bottom-2x"> <div class="modal-body add-margin-top-2x add-margin-bottom-2x">
<h4> <h4>
@ -145,7 +142,8 @@
</span> </span>
Unexpected Error Unexpected Error
</h3> </h3>
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i></button> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i>
</button>
</div> </div>
<div class="modal-body add-margin-top-2x add-margin-bottom-2x"> <div class="modal-body add-margin-top-2x add-margin-bottom-2x">
<h4> <h4>
@ -164,7 +162,8 @@
<h3 class="pull-left modal-title"> <h3 class="pull-left modal-title">
Remove User Remove User
</h3> </h3>
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i></button> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i>
</button>
</div> </div>
<div class="modal-body add-margin-top-2x add-margin-bottom-2x"> <div class="modal-body add-margin-top-2x add-margin-bottom-2x">
<h4> <h4>
@ -184,7 +183,8 @@
<h3 class="pull-left modal-title"> <h3 class="pull-left modal-title">
User Removed. User Removed.
</h3> </h3>
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i></button> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i>
</button>
</div> </div>
<div class="modal-body add-margin-top-2x add-margin-bottom-2x"> <div class="modal-body add-margin-top-2x add-margin-bottom-2x">
<h4> <h4>
@ -207,7 +207,8 @@
</span> </span>
Unexpected Error Unexpected Error
</h3> </h3>
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i></button> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i>
</button>
</div> </div>
<div class="modal-body add-margin-top-2x add-margin-bottom-2x"> <div class="modal-body add-margin-top-2x add-margin-bottom-2x">
<h4> <h4>
@ -230,7 +231,8 @@
</span> </span>
Operation cannot be performed ! Operation cannot be performed !
</h3> </h3>
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i></button> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i>
</button>
</div> </div>
<div class="modal-body add-margin-top-2x add-margin-bottom-2x"> <div class="modal-body add-margin-top-2x add-margin-bottom-2x">
<h4> <h4>
@ -249,7 +251,8 @@
<h3 class="pull-left modal-title"> <h3 class="pull-left modal-title">
Unauthorized action! Unauthorized action!
</h3> </h3>
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i></button> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i>
</button>
</div> </div>
</div> </div>
@ -263,7 +266,8 @@
</span> </span>
Reset Password Reset Password
</h3> </h3>
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i></button> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i>
</button>
</div> </div>
<div class="modal-body add-margin-top-2x add-margin-bottom-2x"> <div class="modal-body add-margin-top-2x add-margin-bottom-2x">
<div id="notification-error-msg" class="alert alert-danger hidden" role="alert"> <div id="notification-error-msg" class="alert alert-danger hidden" role="alert">
@ -273,13 +277,15 @@
Enter new password Enter new password
<br><br> <br><br>
<div> <div>
<input type="password" class="form-control modal-input operationDataKeys" id="new-password" data-key="message"/> <input type="password" class="form-control modal-input operationDataKeys" id="new-password"
data-key="message"/>
</div> </div>
<br> <br>
Retype new password Retype new password
<br><br> <br><br>
<div> <div>
<input type="password" class="form-control modal-input operationDataKeys" id="confirmed-password" data-key="message"/> <input type="password" class="form-control modal-input operationDataKeys" id="confirmed-password"
data-key="message"/>
</div> </div>
<br> <br>
</h4> </h4>
@ -287,11 +293,11 @@
<div class="modal-footer"> <div class="modal-footer">
<div class="buttons"> <div class="buttons">
<a href="#" id="reset-password-yes-link" class="btn-operations"> <a href="#" id="reset-password-yes-link" class="btn-operations">
&nbsp;&nbsp;&nbsp;&nbsp;Save&nbsp;&nbsp;&nbsp;&nbsp; Save
</a> </a>
&nbsp;&nbsp;
<a href="#" id="reset-password-cancel-link" class="btn-operations"> <a href="#" id="reset-password-cancel-link" class="btn-operations">
&nbsp;&nbsp;&nbsp;&nbsp;Cancel&nbsp;&nbsp;&nbsp;&nbsp; Cancel
</a> </a>
</div> </div>
</div> </div>
@ -302,12 +308,13 @@
<h3 class="pull-left modal-title"> <h3 class="pull-left modal-title">
Password reset is successful. Password reset is successful.
</h3> </h3>
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i></button> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fw fw-cancel"></i>
</button>
</div> </div>
<div class="modal-footer"> <div class="modal-footer">
<div class="buttons"> <div class="buttons">
<a href="#" id="reset-password-success-link" class="btn-operations"> <a href="#" id="reset-password-success-link" class="btn-operations">
&nbsp;&nbsp;&nbsp;&nbsp;Ok&nbsp;&nbsp;&nbsp;&nbsp; Ok
</a> </a>
</div> </div>
</div> </div>

@ -32,24 +32,15 @@ function onRequest(context) {
var deviceMgtProps = require("/app/modules/conf-reader/main.js")["conf"]; var deviceMgtProps = require("/app/modules/conf-reader/main.js")["conf"];
page["adminUser"] = deviceMgtProps["adminUser"]; page["adminUser"] = deviceMgtProps["adminUser"];
page["permissions"] = userModule.getUIPermissions();
if (userModule.isAuthorized("/permission/admin/device-mgt/users/remove")) { if (userModule.isAuthorized("/permission/admin/device-mgt/users/manage")) {
page["removePermitted"] = true; page.canManage = true;
} }
if (userModule.isAuthorized("/permission/admin/device-mgt/users/update")) {
page["editPermitted"] = true;
}
if (userModule.isAuthorized("/permission/admin/device-mgt/users/view")) { if (userModule.isAuthorized("/permission/admin/device-mgt/users/view")) {
page["viewPermitted"] = true; page.canView = true;
}
if (userModule.isAuthorized("/permission/admin/device-mgt/users/invite")) {
page["invitePermitted"] = true;
}
if (userModule.isAuthorized("/permission/admin/device-mgt/users/reset-password")) {
page["resetPasswordPermitted"] = true;
} }
return page; return page;
} }

@ -108,12 +108,13 @@ $.fn.datatables_extended_serverside_paging = function (settings , url, dataFilte
.draw(); .draw();
if (filterColumn.eq(column.index()).hasClass('data-platform')) { if (filterColumn.eq(column.index()).hasClass('data-platform')) {
if (val == null || val == undefined || val == "") { if (!val) {
$("#operation-bar").hide(); $("#operation-bar").addClass("hidden");
$("#operation-guide").show(); $("#operation-guide").removeClass("hidden");
} else { } else {
$("#operation-guide").hide(); $("#operation-guide").addClass("hidden");
$("#operation-bar").show(); $("#operation-bar").removeClass("hidden");
//noinspection JSUnresolvedFunction
loadOperationBar(val); loadOperationBar(val);
} }
} }
@ -141,13 +142,9 @@ $.fn.datatables_extended_serverside_paging = function (settings , url, dataFilte
var title = filterColumn.eq(column.index()).attr('data-for'); var title = filterColumn.eq(column.index()).attr('data-for');
$(filterColumn.eq(column.index()).empty()).html('<input type="text" class="form-control" placeholder="Search ' + title + '" />'); $(filterColumn.eq(column.index()).empty()).html('<input type="text" class="form-control" placeholder="Search ' + title + '" />');
//noinspection SpellCheckingInspection
filterColumn.eq(column.index()).find('input').on('keyup change', function () { filterColumn.eq(column.index()).find('input').on('keyup change', function () {
column.search($(this).val()).draw(); column.search($(this).val()).draw();
if ($('.dataTables_empty').length > 0) {
$('.bulk-action-row').addClass("hidden");
} else {
$('.bulk-action-row').removeClass("hidden");
}
}); });
} }
@ -285,5 +282,4 @@ $.fn.datatables_extended_serverside_paging = function (settings , url, dataFilte
} }
},settings) },settings)
); );
}; };

@ -15,7 +15,8 @@
specific language governing permissions and limitations specific language governing permissions and limitations
under the License. under the License.
}} }}
<div class="wr-operations" style="height: 87px;"></div>
<div class="wr-operations"></div>
{{#zone "bottomJs"}} {{#zone "bottomJs"}}
<script id="operations-bar" src="{{@unit.publicUri}}/templates/operations.hbs" <script id="operations-bar" src="{{@unit.publicUri}}/templates/operations.hbs"

@ -115,8 +115,8 @@ var operationModule = function () {
var featureMap = { var featureMap = {
"DEVICE_LOCK": "lock", "DEVICE_LOCK": "lock",
"VPN": "vpn", "VPN": "vpn",
"PER_APP_VPN": "perappvpn", "PER_APP_VPN": "per-app-vpn",
"APP_TO_PER_APP_VPN_MAPPING": "apptoperappvpnmapping", "APP_TO_PER_APP_VPN_MAPPING": "app-to-per-app-vpn-mapping",
"RING": "ring", "RING": "ring",
"LOCATION": "location", "LOCATION": "location",
"NOTIFICATION": "notification", "NOTIFICATION": "notification",
@ -124,12 +124,12 @@ var operationModule = function () {
"RESTRICTION": "restriction", "RESTRICTION": "restriction",
"CELLULAR": "cellular", "CELLULAR": "cellular",
"WIFI": "wifi", "WIFI": "wifi",
"INSTALL_STORE_APPLICATION": "storeapplication", "INSTALL_STORE_APPLICATION": "store-application",
"INSTALL_ENTERPRISE_APPLICATION": "enterpriseapplication", "INSTALL_ENTERPRISE_APPLICATION": "enterprise-application",
"REMOVE_APPLICATION": "removeapplication", "REMOVE_APPLICATION": "remove-application",
"ENTERPRISE_WIPE": "enterprisewipe" "ENTERPRISE_WIPE": "enterprise-wipe"
}; };
return "/ios/operation/" + featureMap[operationCode]; return "/api/device-mgt/ios/v1.0/admin/devices/" + featureMap[operationCode];
}; };
/** /**

@ -21,7 +21,7 @@ function onRequest(context) {
var constants = require("/app/modules/constants.js"); var constants = require("/app/modules/constants.js");
var viewModel = {}; var viewModel = {};
var permissions = []; var permissions = [];
if (userModule.isAuthorized("/permission/admin/device-mgt/emm-admin/notifications/list")) { if (userModule.isAuthorized("/permission/admin/device-mgt/notifications/view")) {
permissions.push("LIST_NOTIFICATIONS"); permissions.push("LIST_NOTIFICATIONS");
} }
var currentUser = session.get(constants.USER_SESSION_KEY); var currentUser = session.get(constants.USER_SESSION_KEY);

@ -16,6 +16,7 @@
under the License. under the License.
}} }}
{{#zone "content"}} {{#zone "content"}}
{{#if isAuthorized}}
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
<!-- content --> <!-- content -->
@ -117,6 +118,14 @@
<!-- /content --> <!-- /content -->
</div> </div>
</div> </div>
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter General and Platform Specific Server Setting Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "bottomJs"}} {{#zone "bottomJs"}}
{{js "js/platform-configuration.js"}} {{js "js/platform-configuration.js"}}

@ -20,6 +20,10 @@ function onRequest(context) {
var utility = require("/app/modules/utility.js").utility; var utility = require("/app/modules/utility.js").utility;
var deviceModule = require("/app/modules/business-controllers/device.js")["deviceModule"]; var deviceModule = require("/app/modules/business-controllers/device.js")["deviceModule"];
//get all device types //get all device types
var isAuthorized = false;
if (userModule.isAuthorized("/permission/admin/device-mgt/notifications/view")) {
isAuthorized = true;
}
var deviceTypesArray = []; var deviceTypesArray = [];
var typesListResponse = deviceModule.getDeviceTypes(); var typesListResponse = deviceModule.getDeviceTypes();
if (typesListResponse["status"] == "success") { if (typesListResponse["status"] == "success") {
@ -43,5 +47,8 @@ function onRequest(context) {
} }
} }
} }
return {"deviceTypes" : deviceTypesArray}; return {
"deviceTypes": deviceTypesArray,
"isAuthorized": isAuthorized
};
} }

@ -16,6 +16,7 @@
under the License. under the License.
}} }}
{{#zone "content"}} {{#zone "content"}}
{{#if isAuthorized}}
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
<div class="container col-centered wr-content policy-platform"> <div class="container col-centered wr-content policy-platform">
@ -82,4 +83,12 @@
<!-- content --> <!-- content -->
</div> </div>
</div> </div>
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter Policy Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}

@ -24,6 +24,8 @@ function onRequest(context) {
var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
var types = {}; var types = {};
types.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage");
types["types"] = []; types["types"] = [];
var typesListResponse = deviceModule.getDeviceTypes(); var typesListResponse = deviceModule.getDeviceTypes();
if (typesListResponse["status"] == "success") { if (typesListResponse["status"] == "success") {

@ -1,29 +1,41 @@
{{#zone "content"}} {{#zone "content"}}
{{#if isAuthorized }}
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
<div class="wr-steps hidden"> <div class="wr-steps hidden">
<div class="col-md-3 col-xs-3"> <div class="col-md-3 col-xs-3">
<div class="itm-wiz itm-wiz-current" data-step="policy-profile"><div class="wiz-no">1</div><div class="wiz-lbl hidden-xs"><span>Edit current profile</span></div></div> <div class="itm-wiz itm-wiz-current" data-step="policy-profile">
<div class="wiz-no">1</div>
<div class="wiz-lbl hidden-xs"><span>Edit current profile</span></div>
</div>
<br class="c-both"/> <br class="c-both"/>
</div> </div>
<div class="col-md-3 col-xs-3"> <div class="col-md-3 col-xs-3">
<div class="itm-wiz" data-step="policy-criteria"><div class="wiz-no">2</div><div class="wiz-lbl hidden-xs"><span>Edit assignment groups</span></div></div> <div class="itm-wiz" data-step="policy-criteria">
<div class="wiz-no">2</div>
<div class="wiz-lbl hidden-xs"><span>Edit assignment groups</span></div>
</div>
<br class="c-both"/> <br class="c-both"/>
</div> </div>
<div class="col-md-3 col-xs-3"> <div class="col-md-3 col-xs-3">
<div class="itm-wiz" data-step="policy-naming"><div class="wiz-no">3</div><div class="wiz-lbl hidden-xs"><span>Republish to devices</span></div></div> <div class="itm-wiz" data-step="policy-naming">
<div class="wiz-no">3</div>
<div class="wiz-lbl hidden-xs"><span>Republish to devices</span></div>
</div>
<br class="c-both"/> <br class="c-both"/>
</div> </div>
</div> </div>
<div class="container col-centered wr-content policy-message hidden"> <div class="container col-centered wr-content policy-message hidden">
<div class="wr-form"> <div class="wr-form">
<h1 id="policy-message-page-wizard-title" class="page-sub-title">Policy is successfully re-configured.</h1> <h1 id="policy-message-page-wizard-title" class="page-sub-title">Policy is successfully
re-configured.</h1>
<br>Please click <b>"Add Another Policy"</b>, if you wish to add another policy or click <br>Please click <b>"Add Another Policy"</b>, if you wish to add another policy or click
<b>"View policy list"</b> to complete the process and go back to the policy list. <b>"View policy list"</b> to complete the process and go back to the policy list.
<hr> <hr>
<button class="wr-btn wizard-stepper" data-current="policy-message" data-direct="/emm/policies/"> <button class="wr-btn wizard-stepper" data-current="policy-message"
data-direct="/emm/policies/">
View policy list View policy list
</button> </button>
<a href="/emm/policies/add-policy" class="cu-btn-inner"> <a href="/emm/policies/add-policy" class="cu-btn-inner">
@ -56,30 +68,36 @@
</label> </label>
<div id="policy-name-field" class="form-group wr-input-control"> <div id="policy-name-field" class="form-group wr-input-control">
<div class="cus-col-50"> <div class="cus-col-50">
<input id="policy-name-input" class="form-control" type="text" value="" placeholder="[ Required field ]"/> <input id="policy-name-input" class="form-control" type="text" value=""
placeholder="[ Required field ]"/>
</div> </div>
<br class="c-both"/> <br class="c-both"/>
<span class=" nameError hidden glyphicon glyphicon-remove form-control-feedback"></span> <span class=" nameError hidden glyphicon glyphicon-remove form-control-feedback"></span>
<label class="error nameEmpty hidden" for="summary">Policy name is required & Should be be 1-to-30 characters long.</label> <label class="error nameEmpty hidden" for="summary">Policy name is required &
Should be be 1-to-30 characters long.</label>
</div> </div>
<label class="wr-input-label"> <label class="wr-input-label">
Add a description Add a description
</label> </label>
<div class="wr-input-control"> <div class="wr-input-control">
<div class="cus-col-50"> <div class="cus-col-50">
<textarea id="policy-description-input" class="form-control" rows="10" placeholder="[ Optional field ]"></textarea> <textarea id="policy-description-input" class="form-control" rows="10"
placeholder="[ Optional field ]"></textarea>
</div> </div>
<br class="c-both"/> <br class="c-both"/>
</div> </div>
</div> </div>
<div class="wr-input-control wr-btn-grp"> <div class="wr-input-control wr-btn-grp">
<a href="#" class="wr-btn wizard-stepper" data-is-back-btn="true" data-current="policy-naming" data-next="policy-criteria"> <a href="#" class="wr-btn wizard-stepper" data-is-back-btn="true"
data-current="policy-naming" data-next="policy-criteria">
Back Back
</a> </a>
<a href="#" class="wr-btn wizard-stepper" data-current="policy-naming-publish" data-next="policy-message" data-validate="true"> <a href="#" class="wr-btn wizard-stepper" data-current="policy-naming-publish"
data-next="policy-message" data-validate="true">
Save & Publish Save & Publish
</a> </a>
<a href="#" class="wr-btn wizard-stepper" data-current="policy-naming" data-next="policy-message" data-validate="true"> <a href="#" class="wr-btn wizard-stepper" data-current="policy-naming"
data-next="policy-message" data-validate="true">
Save Save
</a> </a>
@ -118,18 +136,21 @@
</div> </div>
<div class="wr-input-control"> <div class="wr-input-control">
<label class="wr-input-control radio light"> <label class="wr-input-control radio light">
<input id="user-roles-radio-btn" type="radio" name="select-users-radio-btn" class="select-users-radio" checked/> <input id="user-roles-radio-btn" type="radio" name="select-users-radio-btn"
class="select-users-radio" checked/>
<span class="helper">&nbsp;Set user role(s)</span> <span class="helper">&nbsp;Set user role(s)</span>
</label> </label>
<label class="wr-input-control radio light" rel="assetfilter"> <label class="wr-input-control radio light" rel="assetfilter">
<input id="users-radio-btn" type="radio" name="select-users-radio-btn" class="select-users-radio" /> <input id="users-radio-btn" type="radio" name="select-users-radio-btn"
class="select-users-radio"/>
<span class="helper">&nbsp;Set user(s)</span> <span class="helper">&nbsp;Set user(s)</span>
</label> </label>
</div> </div>
<div id="user-roles-select-field" class="select-users"> <div id="user-roles-select-field" class="select-users">
<div class="wr-input-control"> <div class="wr-input-control">
<div class="cus-col-50"> <div class="cus-col-50">
<select id="user-roles-input" class="form-control select2" multiple="multiple"> <select id="user-roles-input" class="form-control select2"
multiple="multiple">
<option value="ANY" selected>ANY</option> <option value="ANY" selected>ANY</option>
{{#each roles}} {{#each roles}}
<option>{{this}}</option> <option>{{this}}</option>
@ -142,7 +163,8 @@
<div id="users-select-field" class="select-users"> <div id="users-select-field" class="select-users">
<div class="wr-input-control"> <div class="wr-input-control">
<div class="cus-col-50"> <div class="cus-col-50">
<select id="users-input" class="form-control select2" multiple="multiple"> <select id="users-input" class="form-control select2"
multiple="multiple">
<option value="ANY" selected>ANY</option> <option value="ANY" selected>ANY</option>
{{#each users}} {{#each users}}
<option>{{username}}</option> <option>{{username}}</option>
@ -168,10 +190,12 @@
</div> </div>
</div> </div>
<div class="wr-input-control wr-btn-grp"> <div class="wr-input-control wr-btn-grp">
<a href="#" class="wr-btn wizard-stepper" data-is-back-btn="true" data-current="policy-criteria" data-next="policy-profile"> <a href="#" class="wr-btn wizard-stepper" data-is-back-btn="true"
data-current="policy-criteria" data-next="policy-profile">
Back Back
</a> </a>
<a href="#" class="wr-btn wizard-stepper" data-current="policy-criteria" data-next="policy-naming" data-validate="true"> <a href="#" class="wr-btn wizard-stepper" data-current="policy-criteria"
data-next="policy-naming" data-validate="true">
Continue Continue
</a> </a>
</div> </div>
@ -204,7 +228,8 @@
</div> </div>
</div> </div>
<div class="wr-input-control wr-btn-grp"> <div class="wr-input-control wr-btn-grp">
<a href="#" class="wr-btn wizard-stepper" data-current="policy-profile" data-next="policy-criteria" data-validate="true"> <a href="#" class="wr-btn wizard-stepper" data-current="policy-profile"
data-next="policy-criteria" data-validate="true">
Continue Continue
</a> </a>
</div> </div>
@ -217,6 +242,14 @@
</div> </div>
</div> </div>
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter Policy Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "bottomJs"}} {{#zone "bottomJs"}}
<!--suppress HtmlUnknownTarget --> <!--suppress HtmlUnknownTarget -->

@ -24,13 +24,13 @@ function onRequest(context) {
var rolesResult = userModule.getRoles(); var rolesResult = userModule.getRoles();
if (rolesResult.status == "success") { if (rolesResult.status == "success") {
context.roles = rolesResult.content; viewModel.roles = rolesResult.content;
} }
var usersResult = userModule.getUsers(); var usersResult = userModule.getUsers();
if (usersResult.status == "success") { if (usersResult.status == "success") {
context.users = usersResult.content; viewModel.users = usersResult.content;
} }
viewModel.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/manage");
return context; return viewModel;
} }

@ -1,4 +1,5 @@
{{#zone "content"}} {{#zone "content"}}
{{#if isAuthorized}}
{{#defineZone "policy-profile-top"}} {{#defineZone "policy-profile-top"}}
<div class="row wr-device-board"> <div class="row wr-device-board">
<div class="col-lg-12 wr-secondary-bar"> <div class="col-lg-12 wr-secondary-bar">
@ -46,7 +47,8 @@
</tbody> </tbody>
</table> </table>
{{/defineZone}} {{/defineZone}}
<div style="background: #11375B; color: #fff; padding: 10px; margin-bottom: 5px">Description</div> <div style="background: #11375B; color: #fff; padding: 10px; margin-bottom: 5px">Description
</div>
<div class="add-margin-top-4x"> <div class="add-margin-top-4x">
<div id="policy-description" class="panel-title-description"></div> <div id="policy-description" class="panel-title-description"></div>
</div> </div>
@ -72,6 +74,14 @@
</div> </div>
</div> </div>
</div> </div>
{{else}}
<h1 class="page-sub-title">
Permission Denied
</h1>
<br>
You not authorized to enter Policy Management Section.
<br>
{{/if}}
{{/zone}} {{/zone}}
{{#zone "bottomJs"}} {{#zone "bottomJs"}}
<!--suppress HtmlUnknownTarget --> <!--suppress HtmlUnknownTarget -->

@ -21,5 +21,6 @@ function onRequest(context) {
// var userModule = require("/app/modules/business-controllers/user.js")["userModule"]; // var userModule = require("/app/modules/business-controllers/user.js")["userModule"];
// context.roles = userModule.getRoles(); // context.roles = userModule.getRoles();
context.isAuthorized = userModule.isAuthorized("/permission/admin/device-mgt/policies/view");
return context; return context;
} }

@ -3193,7 +3193,7 @@ a.ast-type-item:hover {
clear:both; clear:both;
/*margin-left:17px;*/ /*margin-left:17px;*/
margin-bottom:15px; margin-bottom:15px;
border-bottom:1px solid #f0f0f0; /*border-bottom:1px solid #f0f0f0;*/
} }
.wr-operations a { .wr-operations a {

@ -18,7 +18,7 @@
{{#zone "topCss" override=false}} {{#zone "topCss" override=false}}
{{css "css/custom-theme.css"}} {{css "css/custom-theme.css"}}
{{css "css/custom-common.css"}} {{css "css/custom-common.css"}}
{{css "css/custom-desktop.css"}} {{css "css/custom-desktop.css" combine=false}}
{{css "css/docs.min.css"}} {{css "css/docs.min.css"}}
{{css "css/modal.css"}} {{css "css/modal.css"}}
{{/zone}} {{/zone}}

@ -4431,7 +4431,7 @@ a.thumbnail.active {
.thumbnail.icon { .thumbnail.icon {
border: none; border: none;
margin: 0; margin: 0;
background: #004675; background: #11375b;
color: #fff; color: #fff;
text-align: center; text-align: center;
overflow: hidden; overflow: hidden;
@ -5398,6 +5398,9 @@ button.close {
-moz-border-radius: 0; -moz-border-radius: 0;
border-radius: 0; border-radius: 0;
} }
.panel-body .message {
margin:0px;
}
.message h4 { .message h4 {
margin-top: 0; margin-top: 0;
margin-bottom: 5px; margin-bottom: 5px;
@ -7438,17 +7441,13 @@ ul.sidebar-messages > li {
* ======================================================================== */ * ======================================================================== */
.body-wrapper { .body-wrapper {
padding: 40px; padding: 40px;
margin-bottom:40px;
} }
.body-wrapper a.btn:hover,.body-wrapper a:hover { .body-wrapper a.btn:hover,.body-wrapper a:hover {
text-decoration: none; text-decoration: none;
} }
@media (max-width: 767px) {
.body-wrapper {
padding: 40px 0px;
}
}
.page-header { .page-header {
margin: 0 0 20px; margin: 0 0 20px;
} }
@ -7791,9 +7790,16 @@ ul.sidebar-messages > li {
background: transparent; background: transparent;
font-size: 24px; font-size: 24px;
font-weight: 300; font-weight: 300;
border-bottom: 1px solid #e4e4e4; }
padding-bottom: 10px;
margin-bottom: 20px; .panel-default > .panel-heading a[data-toggle="collapse"]{
display:block;
padding:10px;
}
.media.tab-responsive .panel-group .panel-heading + .panel-collapse > .panel-body,
.media.tab-responsive .panel-group .panel-heading + .panel-collapse > .list-group{
border:none;
border-top:1px solid #ddd;
} }
/* ======================================================================== /* ========================================================================
@ -8321,7 +8327,6 @@ a.list-group-item:hover {
border-style: solid; border-style: solid;
border-color: #ddd; border-color: #ddd;
padding: 20px; padding: 20px;
min-height: 300px;
} }

@ -26,7 +26,7 @@
{{~css "lib/font-wso2_1.2/css/font-wso2.css" combine=false}} {{~css "lib/font-wso2_1.2/css/font-wso2.css" combine=false}}
<!-- Theme LESS --> <!-- Theme LESS -->
{{~css "less/theme.less" combine=false}} {{~css "less/theme.less" combine=false}}
{{~css "css/theme-wso2.css"}} {{~css "css/theme-wso2.css" combine=false}}
{{/zone}} {{/zone}}
{{~#zone "topJs"}} {{~#zone "topJs"}}

@ -60,7 +60,7 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
@Override @Override
public boolean validateScope(AccessTokenDO accessTokenDO, String resource) public boolean validateScope(AccessTokenDO accessTokenDO, String resource)
throws IdentityOAuth2Exception { throws IdentityOAuth2Exception {
boolean status = false; boolean status = true;
//Extract the url & http method //Extract the url & http method
int idx = resource.lastIndexOf(':'); int idx = resource.lastIndexOf(':');
String url = resource.substring(0, idx); String url = resource.substring(0, idx);
@ -80,6 +80,12 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
Permission permission = permissionManagerService.getPermission(properties); Permission permission = permissionManagerService.getPermission(properties);
User authzUser = accessTokenDO.getAuthzUser(); User authzUser = accessTokenDO.getAuthzUser();
if ((permission != null) && (authzUser != null)) { if ((permission != null) && (authzUser != null)) {
if (permission.getPath() == null) {
if (log.isDebugEnabled()) {
log.debug("Permission is not defined for the resource '" + resource + "'");
}
return true;
}
String username = authzUser.getUserName(); String username = authzUser.getUserName();
String userStore = authzUser.getUserStoreDomain(); String userStore = authzUser.getUserStoreDomain();
int tenantId = OAuthExtUtils.getTenantId(authzUser.getTenantDomain()); int tenantId = OAuthExtUtils.getTenantId(authzUser.getTenantDomain());
@ -87,11 +93,11 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
if (userRealm != null && userRealm.getAuthorizationManager() != null) { if (userRealm != null && userRealm.getAuthorizationManager() != null) {
if (userStore != null) { if (userStore != null) {
status = userRealm.getAuthorizationManager() status = userRealm.getAuthorizationManager()
.isUserAuthorized(userStore + "/" + username, permission.getUrl(), .isUserAuthorized(userStore + "/" + username, permission.getPath(),
PermissionMethod.UI_EXECUTE); PermissionMethod.UI_EXECUTE);
} else { } else {
status = userRealm.getAuthorizationManager() status = userRealm.getAuthorizationManager()
.isUserAuthorized(username, permission.getUrl(), PermissionMethod.UI_EXECUTE); .isUserAuthorized(username, permission.getPath(), PermissionMethod.UI_EXECUTE);
} }
} }
} }

@ -86,15 +86,4 @@ public class Utils {
} }
} }
public static String getResourceUri(String url, String httpMethod) throws PermissionManagementException {
properties = new Properties();
properties.put(URL_PROPERTY, url);
properties.put(HTTP_METHOD_PROPERTY, httpMethod);
permission = permissionManagerService.getPermission(properties);
if (permission != null) {
return permission.getContext() + "/1.0.0/1.0.0" + permission.getUrlTemplate() + ":" + permission.getMethod();
}
return null;
}
} }

@ -121,17 +121,7 @@ public class OAuthAuthenticator implements WebappAuthenticator {
} else { } else {
String bearerToken = getBearerToken(request); String bearerToken = getBearerToken(request);
int urlParamIndex = requestUri.indexOf('?'); String resource = requestUri + ":" + requestMethod;
if(urlParamIndex > 0) {
requestUri = requestUri.substring(0, urlParamIndex);
}
String resource = Utils.getResourceUri(requestUri, requestMethod);
if (resource == null || resource.isEmpty()) {
authenticationInfo.setStatus(Status.FAILURE);
authenticationInfo.setMessage("Authorization failed. Requested API resource does not exist");
return authenticationInfo;
}
OAuthValidationResponse oAuthValidationResponse = OAuthValidationResponse oAuthValidationResponse =
this.tokenValidator.validateToken(bearerToken, resource); this.tokenValidator.validateToken(bearerToken, resource);
@ -153,8 +143,6 @@ public class OAuthAuthenticator implements WebappAuthenticator {
log.error("Failed to authenticate the incoming request", e); log.error("Failed to authenticate the incoming request", e);
} catch (OAuthTokenValidationException e) { } catch (OAuthTokenValidationException e) {
log.error("Failed to authenticate the incoming request due to oauth token validation error.", e); log.error("Failed to authenticate the incoming request due to oauth token validation error.", e);
} catch (PermissionManagementException e) {
log.error("Failed to authenticate the incoming request due to error in permission initialization", e);
} }
return authenticationInfo; return authenticationInfo;
} }

@ -145,10 +145,6 @@ CREATE TABLE IF NOT EXISTS DM_PROFILE (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
CREATE TABLE IF NOT EXISTS DM_POLICY ( CREATE TABLE IF NOT EXISTS DM_POLICY (
ID INT(11) NOT NULL AUTO_INCREMENT , ID INT(11) NOT NULL AUTO_INCREMENT ,
NAME VARCHAR(45) DEFAULT NULL , NAME VARCHAR(45) DEFAULT NULL ,
@ -168,9 +164,6 @@ CREATE TABLE IF NOT EXISTS DM_POLICY (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
CREATE TABLE IF NOT EXISTS DM_DEVICE_POLICY ( CREATE TABLE IF NOT EXISTS DM_DEVICE_POLICY (
ID INT(11) NOT NULL AUTO_INCREMENT , ID INT(11) NOT NULL AUTO_INCREMENT ,
DEVICE_ID INT(11) NOT NULL , DEVICE_ID INT(11) NOT NULL ,
@ -190,9 +183,6 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE_POLICY (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
CREATE TABLE IF NOT EXISTS DM_DEVICE_TYPE_POLICY ( CREATE TABLE IF NOT EXISTS DM_DEVICE_TYPE_POLICY (
ID INT(11) NOT NULL , ID INT(11) NOT NULL ,
DEVICE_TYPE VARCHAR(300) NOT NULL , DEVICE_TYPE VARCHAR(300) NOT NULL ,
@ -210,10 +200,6 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE_TYPE_POLICY (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
CREATE TABLE IF NOT EXISTS DM_PROFILE_FEATURES ( CREATE TABLE IF NOT EXISTS DM_PROFILE_FEATURES (
ID INT(11) NOT NULL AUTO_INCREMENT, ID INT(11) NOT NULL AUTO_INCREMENT,
PROFILE_ID INT(11) NOT NULL, PROFILE_ID INT(11) NOT NULL,
@ -229,9 +215,6 @@ CREATE TABLE IF NOT EXISTS DM_PROFILE_FEATURES (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
CREATE TABLE IF NOT EXISTS DM_ROLE_POLICY ( CREATE TABLE IF NOT EXISTS DM_ROLE_POLICY (
ID INT(11) NOT NULL AUTO_INCREMENT , ID INT(11) NOT NULL AUTO_INCREMENT ,
ROLE_NAME VARCHAR(45) NOT NULL , ROLE_NAME VARCHAR(45) NOT NULL ,
@ -244,9 +227,6 @@ CREATE TABLE IF NOT EXISTS DM_ROLE_POLICY (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
CREATE TABLE IF NOT EXISTS DM_USER_POLICY ( CREATE TABLE IF NOT EXISTS DM_USER_POLICY (
ID INT NOT NULL AUTO_INCREMENT , ID INT NOT NULL AUTO_INCREMENT ,
POLICY_ID INT NOT NULL , POLICY_ID INT NOT NULL ,
@ -259,7 +239,6 @@ CREATE TABLE IF NOT EXISTS DM_USER_POLICY (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
CREATE TABLE IF NOT EXISTS DM_DEVICE_POLICY_APPLIED ( CREATE TABLE IF NOT EXISTS DM_DEVICE_POLICY_APPLIED (
ID INT NOT NULL AUTO_INCREMENT , ID INT NOT NULL AUTO_INCREMENT ,
DEVICE_ID INT NOT NULL , DEVICE_ID INT NOT NULL ,
@ -279,8 +258,6 @@ CREATE TABLE IF NOT EXISTS DM_USER_POLICY (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
CREATE TABLE IF NOT EXISTS DM_CRITERIA ( CREATE TABLE IF NOT EXISTS DM_CRITERIA (
ID INT NOT NULL AUTO_INCREMENT, ID INT NOT NULL AUTO_INCREMENT,
TENANT_ID INT NOT NULL, TENANT_ID INT NOT NULL,
@ -288,8 +265,6 @@ CREATE TABLE IF NOT EXISTS DM_CRITERIA (
PRIMARY KEY (ID) PRIMARY KEY (ID)
); );
CREATE TABLE IF NOT EXISTS DM_POLICY_CRITERIA ( CREATE TABLE IF NOT EXISTS DM_POLICY_CRITERIA (
ID INT NOT NULL AUTO_INCREMENT, ID INT NOT NULL AUTO_INCREMENT,
CRITERIA_ID INT NOT NULL, CRITERIA_ID INT NOT NULL,
@ -335,7 +310,6 @@ CREATE TABLE IF NOT EXISTS DM_POLICY_COMPLIANCE_STATUS (
PRIMARY KEY (ID) PRIMARY KEY (ID)
); );
CREATE TABLE IF NOT EXISTS DM_POLICY_CHANGE_MGT ( CREATE TABLE IF NOT EXISTS DM_POLICY_CHANGE_MGT (
ID INT NOT NULL AUTO_INCREMENT, ID INT NOT NULL AUTO_INCREMENT,
POLICY_ID INT NOT NULL, POLICY_ID INT NOT NULL,
@ -344,7 +318,6 @@ CREATE TABLE IF NOT EXISTS DM_POLICY_CHANGE_MGT (
PRIMARY KEY (ID) PRIMARY KEY (ID)
); );
CREATE TABLE IF NOT EXISTS DM_POLICY_COMPLIANCE_FEATURES ( CREATE TABLE IF NOT EXISTS DM_POLICY_COMPLIANCE_FEATURES (
ID INT NOT NULL AUTO_INCREMENT, ID INT NOT NULL AUTO_INCREMENT,
COMPLIANCE_STATUS_ID INT NOT NULL, COMPLIANCE_STATUS_ID INT NOT NULL,
@ -406,8 +379,6 @@ CREATE TABLE IF NOT EXISTS DM_NOTIFICATION (
); );
-- NOTIFICATION TABLE END -- -- NOTIFICATION TABLE END --
DROP TABLE IF EXISTS DM_DEVICE_INFO;
CREATE TABLE IF NOT EXISTS DM_DEVICE_INFO ( CREATE TABLE IF NOT EXISTS DM_DEVICE_INFO (
ID INTEGER AUTO_INCREMENT NOT NULL, ID INTEGER AUTO_INCREMENT NOT NULL,
DEVICE_ID INT NULL, DEVICE_ID INT NULL,
@ -421,10 +392,6 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE_INFO (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
DROP TABLE IF EXISTS DM_DEVICE_LOCATION;
CREATE TABLE IF NOT EXISTS DM_DEVICE_LOCATION ( CREATE TABLE IF NOT EXISTS DM_DEVICE_LOCATION (
ID INTEGER AUTO_INCREMENT NOT NULL, ID INTEGER AUTO_INCREMENT NOT NULL,
DEVICE_ID INT NULL, DEVICE_ID INT NULL,
@ -445,7 +412,6 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE_LOCATION (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
CREATE TABLE IF NOT EXISTS DM_DEVICE_DETAIL ( CREATE TABLE IF NOT EXISTS DM_DEVICE_DETAIL (
ID INT NOT NULL AUTO_INCREMENT, ID INT NOT NULL AUTO_INCREMENT,
DEVICE_ID INT NOT NULL, DEVICE_ID INT NOT NULL,
@ -473,9 +439,7 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE_DETAIL (
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
-- POLICY AND DEVICE GROUP MAPPING -- -- POLICY AND DEVICE GROUP MAPPING --
CREATE TABLE IF NOT EXISTS DM_DEVICE_GROUP_POLICY ( CREATE TABLE IF NOT EXISTS DM_DEVICE_GROUP_POLICY (
ID INT NOT NULL AUTO_INCREMENT, ID INT NOT NULL AUTO_INCREMENT,
DEVICE_GROUP_ID INT NOT NULL, DEVICE_GROUP_ID INT NOT NULL,
@ -493,11 +457,9 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE_GROUP_POLICY (
ON DELETE NO ACTION ON DELETE NO ACTION
ON UPDATE NO ACTION ON UPDATE NO ACTION
); );
-- END OF POLICY AND DEVICE GROUP MAPPING -- -- END OF POLICY AND DEVICE GROUP MAPPING --
-- DASHBOARD RELATED VIEWS -- -- DASHBOARD RELATED VIEWS --
CREATE VIEW POLICY_COMPLIANCE_INFO AS CREATE VIEW POLICY_COMPLIANCE_INFO AS
SELECT SELECT
DEVICE_INFO.DEVICE_ID, DEVICE_INFO.DEVICE_ID,

@ -1,31 +1,31 @@
CREATE TABLE DM_DEVICE_TYPE ( CREATE TABLE DM_DEVICE_TYPE (
ID INTEGER IDENTITY(1,1) NOT NULL, ID INTEGER IDENTITY(1,1) NOT NULL,
NAME VARCHAR(50) DEFAULT NULL, NAME VARCHAR(300) DEFAULT NULL,
PROVIDER_TENANT_ID INTEGER NULL,
SHARED_WITH_ALL_TENANTS BIT NOT NULL DEFAULT 0,
PRIMARY KEY (ID) PRIMARY KEY (ID)
); );
CREATE TABLE DM_DEVICE_CERTIFICATE ( CREATE INDEX IDX_DEVICE_TYPE ON DM_DEVICE_TYPE (NAME);
ID INTEGER IDENTITY(1,1) NOT NULL,
SERIAL_NUMBER VARCHAR(50) DEFAULT NULL,
CERTIFICATE VARBINARY(255) DEFAULT NULL,
PRIMARY KEY (ID)
);
CREATE TABLE DM_DEVICE ( CREATE TABLE DM_DEVICE (
ID INTEGER IDENTITY(1,1) NOT NULL, ID INTEGER IDENTITY(1,1) NOT NULL,
DESCRIPTION TEXT DEFAULT NULL, DESCRIPTION VARCHAR(MAX) DEFAULT NULL,
NAME VARCHAR(50) DEFAULT NULL, NAME VARCHAR(100) DEFAULT NULL,
DEVICE_TYPE_ID INTEGER DEFAULT NULL, DEVICE_TYPE_ID INTEGER DEFAULT NULL,
DEVICE_IDENTIFICATION VARCHAR(50) DEFAULT NULL, DEVICE_IDENTIFICATION VARCHAR(300) DEFAULT NULL,
LAST_UPDATED_TIMESTAMP DATETIME2 NOT NULL,
TENANT_ID INTEGER DEFAULT 0, TENANT_ID INTEGER DEFAULT 0,
PRIMARY KEY (ID), PRIMARY KEY (ID),
CONSTRAINT FK_DM_DEVICE_DM_DEVICE_TYPE2 FOREIGN KEY (DEVICE_TYPE_ID) CONSTRAINT FK_DM_DEVICE_DM_DEVICE_TYPE2 FOREIGN KEY (DEVICE_TYPE_ID)
REFERENCES DM_DEVICE_TYPE (ID) ON DELETE NO ACTION ON UPDATE NO ACTION REFERENCES DM_DEVICE_TYPE (ID) ON DELETE NO ACTION ON UPDATE NO ACTION
); );
CREATE INDEX IDX_DM_DEVICE ON DM_DEVICE(TENANT_ID, DEVICE_TYPE_ID);
CREATE TABLE DM_OPERATION ( CREATE TABLE DM_OPERATION (
ID INTEGER IDENTITY(1,1) NOT NULL, ID INTEGER IDENTITY(1,1) NOT NULL,
TYPE VARCHAR(50) NOT NULL, TYPE VARCHAR(20) NOT NULL,
CREATED_TIMESTAMP DATETIME2 NOT NULL, CREATED_TIMESTAMP DATETIME2 NOT NULL,
RECEIVED_TIMESTAMP DATETIME2 NULL, RECEIVED_TIMESTAMP DATETIME2 NULL,
OPERATION_CODE VARCHAR(50) NOT NULL, OPERATION_CODE VARCHAR(50) NOT NULL,
@ -80,11 +80,16 @@ CREATE TABLE DM_ENROLMENT (
DM_DEVICE (ID) ON DELETE NO ACTION ON UPDATE NO ACTION DM_DEVICE (ID) ON DELETE NO ACTION ON UPDATE NO ACTION
); );
CREATE INDEX IDX_ENROLMENT_FK_DEVICE_ID ON DM_ENROLMENT(DEVICE_ID);
CREATE INDEX IDX_ENROLMENT_DEVICE_ID_TENANT_ID ON DM_ENROLMENT(DEVICE_ID, TENANT_ID);
CREATE TABLE DM_ENROLMENT_OP_MAPPING ( CREATE TABLE DM_ENROLMENT_OP_MAPPING (
ID INTEGER IDENTITY(1,1) NOT NULL, ID INTEGER IDENTITY(1,1) NOT NULL,
ENROLMENT_ID INTEGER NOT NULL, ENROLMENT_ID INTEGER NOT NULL,
OPERATION_ID INTEGER NOT NULL, OPERATION_ID INTEGER NOT NULL,
STATUS VARCHAR(50) NULL, STATUS VARCHAR(50) NULL,
CREATED_TIMESTAMP INTEGER NOT NULL,
UPDATED_TIMESTAMP INTEGER NOT NULL,
PRIMARY KEY (ID), PRIMARY KEY (ID),
CONSTRAINT FK_DM_DEVICE_OPERATION_MAPPING_DEVICE FOREIGN KEY (ENROLMENT_ID) REFERENCES CONSTRAINT FK_DM_DEVICE_OPERATION_MAPPING_DEVICE FOREIGN KEY (ENROLMENT_ID) REFERENCES
DM_ENROLMENT (ID) ON DELETE NO ACTION ON UPDATE NO ACTION, DM_ENROLMENT (ID) ON DELETE NO ACTION ON UPDATE NO ACTION,
@ -92,11 +97,16 @@ CREATE TABLE DM_ENROLMENT_OP_MAPPING (
DM_OPERATION (ID) ON DELETE NO ACTION ON UPDATE NO ACTION DM_OPERATION (ID) ON DELETE NO ACTION ON UPDATE NO ACTION
); );
CREATE INDEX IDX_ENROLMENT_OP_MAPPING ON DM_ENROLMENT_OP_MAPPING (UPDATED_TIMESTAMP);
CREATE INDEX IDX_EN_OP_MAPPING_EN_ID ON DM_ENROLMENT_OP_MAPPING(ENROLMENT_ID);
CREATE INDEX IDX_EN_OP_MAPPING_OP_ID ON DM_ENROLMENT_OP_MAPPING(OPERATION_ID);
CREATE TABLE DM_DEVICE_OPERATION_RESPONSE ( CREATE TABLE DM_DEVICE_OPERATION_RESPONSE (
ID INTEGER IDENTITY(1,1) NOT NULL, ID INTEGER IDENTITY(1,1) NOT NULL,
ENROLMENT_ID INTEGER NOT NULL, ENROLMENT_ID INTEGER NOT NULL,
OPERATION_ID INTEGER NOT NULL, OPERATION_ID INTEGER NOT NULL,
OPERATION_RESPONSE VARBINARY(255) DEFAULT NULL, OPERATION_RESPONSE VARBINARY(255) DEFAULT NULL,
RECEIVED_TIMESTAMP DATETIME2 DEFAULT NULL
PRIMARY KEY (ID), PRIMARY KEY (ID),
CONSTRAINT FK_DM_DEVICE_OPERATION_RESP_ENROLMENT FOREIGN KEY (ENROLMENT_ID) REFERENCES CONSTRAINT FK_DM_DEVICE_OPERATION_RESP_ENROLMENT FOREIGN KEY (ENROLMENT_ID) REFERENCES
DM_ENROLMENT (ID) ON DELETE NO ACTION ON UPDATE NO ACTION, DM_ENROLMENT (ID) ON DELETE NO ACTION ON UPDATE NO ACTION,
@ -104,10 +114,12 @@ CREATE TABLE DM_DEVICE_OPERATION_RESPONSE (
DM_OPERATION (ID) ON DELETE NO ACTION ON UPDATE NO ACTION DM_OPERATION (ID) ON DELETE NO ACTION ON UPDATE NO ACTION
); );
CREATE INDEX IDX_ENID_OPID ON DM_DEVICE_OPERATION_RESPONSE(OPERATION_ID, ENROLMENT_ID);
-- POLICY RELATED TABLES -- -- POLICY RELATED TABLES --
CREATE TABLE DM_PROFILE ( CREATE TABLE DM_PROFILE (
ID INTEGER NOT NULL IDENTITY(1,1) , ID INTEGER IDENTITY(1,1) NOT NULL,
PROFILE_NAME VARCHAR(45) NOT NULL , PROFILE_NAME VARCHAR(45) NOT NULL ,
TENANT_ID INTEGER NOT NULL , TENANT_ID INTEGER NOT NULL ,
DEVICE_TYPE_ID INTEGER NOT NULL , DEVICE_TYPE_ID INTEGER NOT NULL ,
@ -119,7 +131,7 @@ CREATE TABLE DM_PROFILE (
); );
CREATE TABLE DM_POLICY ( CREATE TABLE DM_POLICY (
ID INTEGER NOT NULL IDENTITY(1,1) , ID INTEGER IDENTITY(1,1) NOT NULL,
NAME VARCHAR(45) DEFAULT NULL , NAME VARCHAR(45) DEFAULT NULL ,
DESCRIPTION VARCHAR(1000) NULL, DESCRIPTION VARCHAR(1000) NULL,
TENANT_ID INTEGER NOT NULL , TENANT_ID INTEGER NOT NULL ,
@ -135,7 +147,7 @@ CREATE TABLE DM_POLICY (
); );
CREATE TABLE DM_DEVICE_POLICY ( CREATE TABLE DM_DEVICE_POLICY (
ID INTEGER NOT NULL IDENTITY(1,1) , ID INTEGER IDENTITY(1,1) NOT NULL,
DEVICE_ID INTEGER NOT NULL , DEVICE_ID INTEGER NOT NULL ,
ENROLMENT_ID INTEGER NOT NULL, ENROLMENT_ID INTEGER NOT NULL,
DEVICE VARBINARY(255) NOT NULL, DEVICE VARBINARY(255) NOT NULL,
@ -148,7 +160,7 @@ CREATE TABLE DM_DEVICE_POLICY (
); );
CREATE TABLE DM_DEVICE_TYPE_POLICY ( CREATE TABLE DM_DEVICE_TYPE_POLICY (
ID INTEGER NOT NULL , ID INTEGER IDENTITY(1,1) NOT NULL,
DEVICE_TYPE_ID INTEGER NOT NULL , DEVICE_TYPE_ID INTEGER NOT NULL ,
POLICY_ID INTEGER NOT NULL , POLICY_ID INTEGER NOT NULL ,
PRIMARY KEY (ID) , PRIMARY KEY (ID) ,
@ -159,10 +171,10 @@ CREATE TABLE DM_DEVICE_TYPE_POLICY (
); );
CREATE TABLE DM_PROFILE_FEATURES ( CREATE TABLE DM_PROFILE_FEATURES (
ID INTEGER NOT NULL IDENTITY(1,1), ID INTEGER IDENTITY(1,1) NOT NULL,
PROFILE_ID INTEGER NOT NULL, PROFILE_ID INTEGER NOT NULL,
FEATURE_CODE VARCHAR(30) NOT NULL, FEATURE_CODE VARCHAR(100) NOT NULL,
DEVICE_TYPE_ID INTEGER NOT NULL, DEVICE_TYPE VARCHAR(300) NOT NULL,
TENANT_ID INTEGER NOT NULL , TENANT_ID INTEGER NOT NULL ,
CONTENT VARBINARY(255) NULL DEFAULT NULL, CONTENT VARBINARY(255) NULL DEFAULT NULL,
PRIMARY KEY (ID), PRIMARY KEY (ID),
@ -171,7 +183,7 @@ CREATE TABLE DM_PROFILE_FEATURES (
); );
CREATE TABLE DM_ROLE_POLICY ( CREATE TABLE DM_ROLE_POLICY (
ID INTEGER NOT NULL IDENTITY(1,1) , ID INTEGER IDENTITY(1,1) NOT NULL,
ROLE_NAME VARCHAR(45) NOT NULL , ROLE_NAME VARCHAR(45) NOT NULL ,
POLICY_ID INTEGER NOT NULL , POLICY_ID INTEGER NOT NULL ,
PRIMARY KEY (ID) , PRIMARY KEY (ID) ,
@ -180,7 +192,7 @@ CREATE TABLE DM_ROLE_POLICY (
); );
CREATE TABLE DM_USER_POLICY ( CREATE TABLE DM_USER_POLICY (
ID INTEGER NOT NULL IDENTITY(1,1) , ID INTEGER IDENTITY(1,1) NOT NULL,
POLICY_ID INTEGER NOT NULL , POLICY_ID INTEGER NOT NULL ,
USERNAME VARCHAR(45) NOT NULL , USERNAME VARCHAR(45) NOT NULL ,
PRIMARY KEY (ID) , PRIMARY KEY (ID) ,
@ -189,7 +201,7 @@ CREATE TABLE DM_USER_POLICY (
); );
CREATE TABLE DM_DEVICE_POLICY_APPLIED ( CREATE TABLE DM_DEVICE_POLICY_APPLIED (
ID INTEGER NOT NULL IDENTITY(1,1) , ID INTEGER IDENTITY(1,1) NOT NULL,
DEVICE_ID INTEGER NOT NULL , DEVICE_ID INTEGER NOT NULL ,
ENROLMENT_ID INTEGER NOT NULL, ENROLMENT_ID INTEGER NOT NULL,
POLICY_ID INTEGER NOT NULL , POLICY_ID INTEGER NOT NULL ,
@ -205,14 +217,14 @@ CREATE TABLE DM_USER_POLICY (
); );
CREATE TABLE DM_CRITERIA ( CREATE TABLE DM_CRITERIA (
ID INTEGER NOT NULL IDENTITY(1,1), ID INTEGER IDENTITY(1,1) NOT NULL,
TENANT_ID INTEGER NOT NULL, TENANT_ID INTEGER NOT NULL,
NAME VARCHAR(50) NULL, NAME VARCHAR(50) NULL,
PRIMARY KEY (ID) PRIMARY KEY (ID)
); );
CREATE TABLE DM_POLICY_CRITERIA ( CREATE TABLE DM_POLICY_CRITERIA (
ID INTEGER NOT NULL IDENTITY(1,1), ID INTEGER IDENTITY(1,1) NOT NULL,
CRITERIA_ID INTEGER NOT NULL, CRITERIA_ID INTEGER NOT NULL,
POLICY_ID INTEGER NOT NULL, POLICY_ID INTEGER NOT NULL,
PRIMARY KEY (ID), PRIMARY KEY (ID),
@ -223,7 +235,7 @@ CREATE TABLE DM_POLICY_CRITERIA (
); );
CREATE TABLE DM_POLICY_CRITERIA_PROPERTIES ( CREATE TABLE DM_POLICY_CRITERIA_PROPERTIES (
ID INTEGER NOT NULL IDENTITY(1,1), ID INTEGER IDENTITY(1,1) NOT NULL,
POLICY_CRITERION_ID INTEGER NOT NULL, POLICY_CRITERION_ID INTEGER NOT NULL,
PROP_KEY VARCHAR(45) NULL, PROP_KEY VARCHAR(45) NULL,
PROP_VALUE VARCHAR(100) NULL, PROP_VALUE VARCHAR(100) NULL,
@ -234,7 +246,7 @@ CREATE TABLE DM_POLICY_CRITERIA_PROPERTIES (
); );
CREATE TABLE DM_POLICY_COMPLIANCE_STATUS ( CREATE TABLE DM_POLICY_COMPLIANCE_STATUS (
ID INTEGER NOT NULL IDENTITY(1,1), ID INTEGER IDENTITY(1,1) NOT NULL,
DEVICE_ID INTEGER NOT NULL, DEVICE_ID INTEGER NOT NULL,
ENROLMENT_ID INTEGER NOT NULL, ENROLMENT_ID INTEGER NOT NULL,
POLICY_ID INTEGER NOT NULL, POLICY_ID INTEGER NOT NULL,
@ -248,18 +260,18 @@ CREATE TABLE DM_POLICY_COMPLIANCE_STATUS (
); );
CREATE TABLE DM_POLICY_CHANGE_MGT ( CREATE TABLE DM_POLICY_CHANGE_MGT (
ID INTEGER NOT NULL IDENTITY(1,1), ID INTEGER IDENTITY(1,1) NOT NULL,
POLICY_ID INTEGER NOT NULL, POLICY_ID INTEGER NOT NULL,
DEVICE_TYPE_ID INTEGER NOT NULL, DEVICE_TYPE VARCHAR(300) NOT NULL,
TENANT_ID INTEGER NOT NULL, TENANT_ID INTEGER NOT NULL,
PRIMARY KEY (ID) PRIMARY KEY (ID)
); );
CREATE TABLE DM_POLICY_COMPLIANCE_FEATURES ( CREATE TABLE DM_POLICY_COMPLIANCE_FEATURES (
ID INTEGER NOT NULL IDENTITY(1,1), ID INTEGER IDENTITY(1,1) NOT NULL,
COMPLIANCE_STATUS_ID INTEGER NOT NULL, COMPLIANCE_STATUS_ID INTEGER NOT NULL,
TENANT_ID INTEGER NOT NULL, TENANT_ID INTEGER NOT NULL,
FEATURE_CODE VARCHAR(15) NOT NULL, FEATURE_CODE VARCHAR(100) NOT NULL,
STATUS INTEGER NULL, STATUS INTEGER NULL,
PRIMARY KEY (ID), PRIMARY KEY (ID),
CONSTRAINT FK_COMPLIANCE_FEATURES_STATUS FOREIGN KEY (COMPLIANCE_STATUS_ID) REFERENCES DM_POLICY_COMPLIANCE_STATUS (ID) CONSTRAINT FK_COMPLIANCE_FEATURES_STATUS FOREIGN KEY (COMPLIANCE_STATUS_ID) REFERENCES DM_POLICY_COMPLIANCE_STATUS (ID)
@ -277,6 +289,8 @@ CREATE TABLE DM_APPLICATION (
LOCATION_URL VARCHAR(100) DEFAULT NULL, LOCATION_URL VARCHAR(100) DEFAULT NULL,
IMAGE_URL VARCHAR(100) DEFAULT NULL, IMAGE_URL VARCHAR(100) DEFAULT NULL,
APP_PROPERTIES VARBINARY(255) NULL, APP_PROPERTIES VARBINARY(255) NULL,
MEMORY_USAGE INTEGER NULL,
IS_ACTIVE BIT NOT NULL DEFAULT 0,
TENANT_ID INTEGER NOT NULL, TENANT_ID INTEGER NOT NULL,
PRIMARY KEY (ID) PRIMARY KEY (ID)
); );
@ -295,6 +309,56 @@ CREATE TABLE DM_DEVICE_APPLICATION_MAPPING (
-- POLICY RELATED TABLES FINISHED -- -- POLICY RELATED TABLES FINISHED --
-- DEVICE GROUP TABLES --
CREATE TABLE DM_GROUP (
ID INTEGER IDENTITY(1,1) NOT NULL,
GROUP_NAME VARCHAR(100) DEFAULT NULL,
DESCRIPTION VARCHAR(MAX) DEFAULT NULL,
DATE_OF_CREATE BIGINT DEFAULT NULL,
DATE_OF_LAST_UPDATE BIGINT DEFAULT NULL,
OWNER VARCHAR(45) DEFAULT NULL,
TENANT_ID INTEGER NOT NULL,
PRIMARY KEY (ID)
);
CREATE TABLE DM_DEVICE_GROUP_MAP (
ID INTEGER IDENTITY(1,1) NOT NULL,
DEVICE_ID INTEGER DEFAULT NULL,
GROUP_ID INTEGER DEFAULT NULL,
TENANT_ID INTEGER NOT NULL,
PRIMARY KEY (ID),
CONSTRAINT fk_DM_DEVICE_GROUP_MAP_DM_DEVICE2 FOREIGN KEY (DEVICE_ID)
REFERENCES DM_DEVICE (ID) ON DELETE NO ACTION ON UPDATE NO ACTION,
CONSTRAINT fk_DM_DEVICE_GROUP_MAP_DM_GROUP2 FOREIGN KEY (GROUP_ID)
REFERENCES DM_GROUP (ID) ON DELETE NO ACTION ON UPDATE NO ACTION
);
-- END OF DEVICE GROUP TABLES --
-- POLICY AND DEVICE GROUP MAPPING --
CREATE TABLE DM_DEVICE_GROUP_POLICY (
ID INTEGER IDENTITY(1,1) NOT NULL,
DEVICE_GROUP_ID INTEGER NOT NULL,
POLICY_ID INTEGER NOT NULL,
TENANT_ID INTEGER NOT NULL,
PRIMARY KEY (ID),
CONSTRAINT FK_DM_DEVICE_GROUP_POLICY
FOREIGN KEY (DEVICE_GROUP_ID)
REFERENCES DM_GROUP (ID)
ON DELETE NO ACTION
ON UPDATE NO ACTION,
CONSTRAINT FK_DM_DEVICE_GROUP_DM_POLICY
FOREIGN KEY (POLICY_ID)
REFERENCES DM_POLICY (ID)
ON DELETE NO ACTION
ON UPDATE NO ACTION
);
-- END OF POLICY AND DEVICE GROUP MAPPING --
-- NOTIFICATION TABLE -- -- NOTIFICATION TABLE --
CREATE TABLE DM_NOTIFICATION ( CREATE TABLE DM_NOTIFICATION (
NOTIFICATION_ID INTEGER IDENTITY(1,1) NOT NULL, NOTIFICATION_ID INTEGER IDENTITY(1,1) NOT NULL,
@ -311,3 +375,126 @@ CREATE TABLE DM_NOTIFICATION (
); );
-- NOTIFICATION TABLE END -- -- NOTIFICATION TABLE END --
CREATE TABLE DM_DEVICE_INFO (
ID INTEGER IDENTITY(1,1) NOT NULL,
DEVICE_ID INTEGER NULL,
KEY_FIELD VARCHAR(45) NULL,
VALUE_FIELD VARCHAR(100) NULL,
PRIMARY KEY (ID),
INDEX DM_DEVICE_INFO_DEVICE_idx (DEVICE_ID ASC),
CONSTRAINT DM_DEVICE_INFO_DEVICE FOREIGN KEY (DEVICE_ID) REFERENCES DM_DEVICE (ID) ON DELETE NO ACTION
ON UPDATE NO ACTION
);
CREATE TABLE DM_DEVICE_LOCATION (
ID INTEGER IDENTITY(1,1) NOT NULL,
DEVICE_ID INTEGER NULL,
LATITUDE FLOAT NULL,
LONGITUDE FLOAT NULL,
STREET1 VARCHAR(45) NULL,
STREET2 VARCHAR(45) NULL,
CITY VARCHAR(45) NULL,
ZIP VARCHAR(10) NULL,
STATE VARCHAR(45) NULL,
COUNTRY VARCHAR(45) NULL,
UPDATE_TIMESTAMP INTEGER NOT NULL,
PRIMARY KEY (ID),
INDEX DM_DEVICE_LOCATION_DEVICE_idx (DEVICE_ID ASC),
CONSTRAINT DM_DEVICE_LOCATION_DEVICE
FOREIGN KEY (DEVICE_ID)
REFERENCES DM_DEVICE (ID)
ON DELETE NO ACTION
ON UPDATE NO ACTION
);
CREATE TABLE DM_DEVICE_DETAIL (
ID INTEGER IDENTITY(1,1) NOT NULL,
DEVICE_ID INTEGER NOT NULL,
DEVICE_MODEL VARCHAR(45) NULL,
VENDOR VARCHAR(45) NULL,
OS_VERSION VARCHAR(45) NULL,
OS_BUILD_DATE VARCHAR(100) NULL,
BATTERY_LEVEL DECIMAL(4) NULL,
INTERNAL_TOTAL_MEMORY DECIMAL(30,3) NULL,
INTERNAL_AVAILABLE_MEMORY DECIMAL(30,3) NULL,
EXTERNAL_TOTAL_MEMORY DECIMAL(30,3) NULL,
EXTERNAL_AVAILABLE_MEMORY DECIMAL(30,3) NULL,
CONNECTION_TYPE VARCHAR(10) NULL,
SSID VARCHAR(45) NULL,
CPU_USAGE DECIMAL(5) NULL,
TOTAL_RAM_MEMORY DECIMAL(30,3) NULL,
AVAILABLE_RAM_MEMORY DECIMAL(30,3) NULL,
PLUGGED_IN INTEGER NULL,
UPDATE_TIMESTAMP INTEGER NOT NULL,
PRIMARY KEY (ID),
INDEX FK_DM_DEVICE_DETAILS_DEVICE_idx (DEVICE_ID ASC),
CONSTRAINT FK_DM_DEVICE_DETAILS_DEVICE
FOREIGN KEY (DEVICE_ID)
REFERENCES DM_DEVICE (ID)
ON DELETE NO ACTION
ON UPDATE NO ACTION
);
-- DASHBOARD RELATED VIEWS --
CREATE VIEW DEVICE_INFO_VIEW AS
SELECT
DM_DEVICE.ID AS DEVICE_ID,
DM_DEVICE.DEVICE_IDENTIFICATION,
DM_DEVICE_TYPE.NAME AS PLATFORM,
DM_ENROLMENT.OWNERSHIP,
DM_ENROLMENT.STATUS AS CONNECTIVITY_STATUS,
DM_DEVICE.TENANT_ID
FROM DM_DEVICE, DM_DEVICE_TYPE, DM_ENROLMENT
WHERE DM_DEVICE.DEVICE_TYPE_ID = DM_DEVICE_TYPE.ID AND DM_DEVICE.ID = DM_ENROLMENT.DEVICE_ID;
CREATE VIEW DEVICE_WITH_POLICY_INFO_VIEW AS
SELECT
DEVICE_ID,
POLICY_ID,
STATUS AS IS_COMPLIANT
FROM DM_POLICY_COMPLIANCE_STATUS;
CREATE VIEW POLICY_COMPLIANCE_INFO AS
SELECT
DEVICE_INFO_VIEW.DEVICE_ID,
DEVICE_INFO_VIEW.DEVICE_IDENTIFICATION,
DEVICE_INFO_VIEW.PLATFORM,
DEVICE_INFO_VIEW.OWNERSHIP,
DEVICE_INFO_VIEW.CONNECTIVITY_STATUS,
IFNULL(DEVICE_WITH_POLICY_INFO_VIEW.POLICY_ID, -1) AS POLICY_ID,
IFNULL(DEVICE_WITH_POLICY_INFO_VIEW.IS_COMPLIANT, -1) AS IS_COMPLIANT,
DEVICE_INFO_VIEW.TENANT_ID
FROM
DEVICE_INFO_VIEW
LEFT JOIN
DEVICE_WITH_POLICY_INFO_VIEW
ON DEVICE_INFO_VIEW.DEVICE_ID = DEVICE_WITH_POLICY_INFO_VIEW.DEVICE_ID
ORDER BY DEVICE_INFO_VIEW.DEVICE_ID;
CREATE VIEW FEATURE_NON_COMPLIANCE_INFO AS
SELECT
DM_DEVICE.ID AS DEVICE_ID,
DM_DEVICE.DEVICE_IDENTIFICATION,
DM_DEVICE_DETAIL.DEVICE_MODEL,
DM_DEVICE_DETAIL.VENDOR,
DM_DEVICE_DETAIL.OS_VERSION,
DM_ENROLMENT.OWNERSHIP,
DM_ENROLMENT.OWNER,
DM_ENROLMENT.STATUS AS CONNECTIVITY_STATUS,
DM_POLICY_COMPLIANCE_STATUS.POLICY_ID,
DM_DEVICE_TYPE.NAME AS PLATFORM,
DM_POLICY_COMPLIANCE_FEATURES.FEATURE_CODE,
DM_POLICY_COMPLIANCE_FEATURES.STATUS AS IS_COMPLAINT,
DM_DEVICE.TENANT_ID
FROM
DM_POLICY_COMPLIANCE_FEATURES, DM_POLICY_COMPLIANCE_STATUS, DM_ENROLMENT, DM_DEVICE, DM_DEVICE_TYPE, DM_DEVICE_DETAIL
WHERE
DM_POLICY_COMPLIANCE_FEATURES.COMPLIANCE_STATUS_ID = DM_POLICY_COMPLIANCE_STATUS.ID AND
DM_POLICY_COMPLIANCE_STATUS.ENROLMENT_ID = DM_ENROLMENT.ID AND
DM_POLICY_COMPLIANCE_STATUS.DEVICE_ID = DM_DEVICE.ID AND
DM_DEVICE.DEVICE_TYPE_ID = DM_DEVICE_TYPE.ID AND
DM_DEVICE.ID = DM_DEVICE_DETAIL.DEVICE_ID
ORDER BY TENANT_ID, DEVICE_ID;
-- END OF DASHBOARD RELATED VIEWS --

@ -336,22 +336,6 @@ CREATE TABLE IF NOT EXISTS DM_POLICY_COMPLIANCE_FEATURES (
ON UPDATE NO ACTION ON UPDATE NO ACTION
)ENGINE = InnoDB; )ENGINE = InnoDB;
CREATE TABLE IF NOT EXISTS DM_ENROLMENT (
ID INTEGER AUTO_INCREMENT NOT NULL,
DEVICE_ID INTEGER NOT NULL,
OWNER VARCHAR(50) NOT NULL,
OWNERSHIP VARCHAR(45) DEFAULT NULL,
STATUS VARCHAR(50) NULL,
DATE_OF_ENROLMENT TIMESTAMP NULL DEFAULT NULL,
DATE_OF_LAST_UPDATE TIMESTAMP NULL DEFAULT NULL,
TENANT_ID INT NOT NULL,
PRIMARY KEY (ID),
CONSTRAINT fk_dm_device_enrolment FOREIGN KEY (DEVICE_ID) REFERENCES
DM_DEVICE (ID) ON DELETE NO ACTION ON UPDATE NO ACTION
)ENGINE = InnoDB;
CREATE TABLE IF NOT EXISTS DM_APPLICATION ( CREATE TABLE IF NOT EXISTS DM_APPLICATION (
ID INTEGER AUTO_INCREMENT NOT NULL, ID INTEGER AUTO_INCREMENT NOT NULL,
NAME VARCHAR(150) NOT NULL, NAME VARCHAR(150) NOT NULL,
@ -454,9 +438,6 @@ CREATE TABLE IF NOT EXISTS DM_NOTIFICATION (
-- END NOTIFICATION TABLES -- -- END NOTIFICATION TABLES --
DROP TABLE IF EXISTS DM_DEVICE_INFO;
CREATE TABLE IF NOT EXISTS DM_DEVICE_INFO ( CREATE TABLE IF NOT EXISTS DM_DEVICE_INFO (
ID INTEGER AUTO_INCREMENT NOT NULL, ID INTEGER AUTO_INCREMENT NOT NULL,
DEVICE_ID INT NULL, DEVICE_ID INT NULL,
@ -472,10 +453,6 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE_INFO (
) )
ENGINE = InnoDB; ENGINE = InnoDB;
DROP TABLE IF EXISTS DM_DEVICE_LOCATION;
CREATE TABLE IF NOT EXISTS DM_DEVICE_LOCATION ( CREATE TABLE IF NOT EXISTS DM_DEVICE_LOCATION (
ID INTEGER AUTO_INCREMENT NOT NULL, ID INTEGER AUTO_INCREMENT NOT NULL,
DEVICE_ID INT NULL, DEVICE_ID INT NULL,
@ -498,8 +475,6 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE_LOCATION (
) )
ENGINE = InnoDB; ENGINE = InnoDB;
DROP TABLE IF EXISTS DM_DEVICE_DETAIL ;
CREATE TABLE IF NOT EXISTS DM_DEVICE_DETAIL ( CREATE TABLE IF NOT EXISTS DM_DEVICE_DETAIL (
ID INT NOT NULL AUTO_INCREMENT, ID INT NOT NULL AUTO_INCREMENT,
DEVICE_ID INT NOT NULL, DEVICE_ID INT NOT NULL,

@ -764,13 +764,6 @@ WHEN (NEW.ID IS NULL)
END; END;
/ /
BEGIN
EXECUTE IMMEDIATE 'DROP TABLE DM_DEVICE_LOCATION';
EXCEPTION
WHEN OTHERS THEN NULL;
END;
/
CREATE TABLE DM_DEVICE_LOCATION ( CREATE TABLE DM_DEVICE_LOCATION (
ID NUMBER(10) NOT NULL, ID NUMBER(10) NOT NULL,
DEVICE_ID NUMBER(10) NULL, DEVICE_ID NUMBER(10) NULL,
@ -802,13 +795,6 @@ WHEN (NEW.ID IS NULL)
END; END;
/ /
BEGIN
EXECUTE IMMEDIATE 'DROP TABLE DM_DEVICE_DETAIL';
EXCEPTION
WHEN OTHERS THEN NULL;
END;
/
CREATE TABLE DM_DEVICE_DETAIL ( CREATE TABLE DM_DEVICE_DETAIL (
ID NUMBER(10) NOT NULL, ID NUMBER(10) NOT NULL,
DEVICE_ID NUMBER(10) NOT NULL, DEVICE_ID NUMBER(10) NOT NULL,

@ -6,6 +6,8 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE_TYPE (
UNIQUE(NAME) UNIQUE(NAME)
); );
CREATE INDEX IDX_DEVICE_TYPE ON DM_DEVICE_TYPE (NAME);
CREATE TABLE IF NOT EXISTS DM_DEVICE ( CREATE TABLE IF NOT EXISTS DM_DEVICE (
ID BIGSERIAL NOT NULL PRIMARY KEY, ID BIGSERIAL NOT NULL PRIMARY KEY,
DESCRIPTION TEXT DEFAULT NULL, DESCRIPTION TEXT DEFAULT NULL,
@ -18,6 +20,8 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE (
REFERENCES DM_DEVICE_TYPE (ID) ON DELETE NO ACTION ON UPDATE NO ACTION REFERENCES DM_DEVICE_TYPE (ID) ON DELETE NO ACTION ON UPDATE NO ACTION
); );
CREATE INDEX IDX_DM_DEVICE ON DM_DEVICE(TENANT_ID, DEVICE_TYPE_ID);
CREATE TABLE IF NOT EXISTS DM_OPERATION ( CREATE TABLE IF NOT EXISTS DM_OPERATION (
ID BIGSERIAL NOT NULL PRIMARY KEY, ID BIGSERIAL NOT NULL PRIMARY KEY,
TYPE VARCHAR(50) NOT NULL, TYPE VARCHAR(50) NOT NULL,
@ -73,6 +77,9 @@ CREATE TABLE IF NOT EXISTS DM_ENROLMENT (
DM_DEVICE (ID) ON DELETE NO ACTION ON UPDATE NO ACTION DM_DEVICE (ID) ON DELETE NO ACTION ON UPDATE NO ACTION
); );
CREATE INDEX IDX_ENROLMENT_FK_DEVICE_ID ON DM_ENROLMENT(DEVICE_ID);
CREATE INDEX IDX_ENROLMENT_DEVICE_ID_TENANT_ID ON DM_ENROLMENT(DEVICE_ID, TENANT_ID);
CREATE TABLE IF NOT EXISTS DM_ENROLMENT_OP_MAPPING ( CREATE TABLE IF NOT EXISTS DM_ENROLMENT_OP_MAPPING (
ID BIGSERIAL NOT NULL PRIMARY KEY, ID BIGSERIAL NOT NULL PRIMARY KEY,
ENROLMENT_ID INTEGER NOT NULL, ENROLMENT_ID INTEGER NOT NULL,
@ -86,6 +93,10 @@ CREATE TABLE IF NOT EXISTS DM_ENROLMENT_OP_MAPPING (
DM_OPERATION (ID) ON DELETE NO ACTION ON UPDATE NO ACTION DM_OPERATION (ID) ON DELETE NO ACTION ON UPDATE NO ACTION
); );
CREATE INDEX IDX_ENROLMENT_OP_MAPPING ON DM_ENROLMENT_OP_MAPPING (UPDATED_TIMESTAMP);
CREATE INDEX IDX_EN_OP_MAPPING_EN_ID ON DM_ENROLMENT_OP_MAPPING(ENROLMENT_ID);
CREATE INDEX IDX_EN_OP_MAPPING_OP_ID ON DM_ENROLMENT_OP_MAPPING(OPERATION_ID);
CREATE TABLE IF NOT EXISTS DM_DEVICE_OPERATION_RESPONSE ( CREATE TABLE IF NOT EXISTS DM_DEVICE_OPERATION_RESPONSE (
ID BIGSERIAL NOT NULL PRIMARY KEY, ID BIGSERIAL NOT NULL PRIMARY KEY,
ENROLMENT_ID INTEGER NOT NULL, ENROLMENT_ID INTEGER NOT NULL,
@ -98,6 +109,7 @@ CREATE TABLE IF NOT EXISTS DM_DEVICE_OPERATION_RESPONSE (
DM_OPERATION (ID) ON DELETE NO ACTION ON UPDATE NO ACTION DM_OPERATION (ID) ON DELETE NO ACTION ON UPDATE NO ACTION
); );
CREATE INDEX IDX_ENID_OPID ON DM_DEVICE_OPERATION_RESPONSE(OPERATION_ID, ENROLMENT_ID);
-- POLICY RELATED TABLES --- -- POLICY RELATED TABLES ---
CREATE TABLE IF NOT EXISTS DM_PROFILE ( CREATE TABLE IF NOT EXISTS DM_PROFILE (

Loading…
Cancel
Save