From e14f09b8a87b522c9a7a26994cff69fe87a3adf1 Mon Sep 17 00:00:00 2001 From: harshanl Date: Fri, 13 Nov 2015 21:33:33 +0530 Subject: [PATCH] Added requireDeviceAuthorization support --- .../device/mgt/common/DeviceManager.java | 7 +++++++ .../core/DeviceManagementPluginRepository.java | 3 +++ .../DeviceAccessAuthorizationServiceImpl.java | 18 +++++++++--------- .../internal/DeviceManagementDataHolder.java | 10 +++++----- .../device/mgt/core/TestDeviceManager.java | 5 +++++ 5 files changed, 29 insertions(+), 14 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/DeviceManager.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/DeviceManager.java index 3481dc8e17e..c0192767684 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/DeviceManager.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/DeviceManager.java @@ -150,4 +150,11 @@ public interface DeviceManager { void addLicense(License license) throws LicenseManagementException; + /** + * Method to enable to device-authentication for the device-platform. + * + * @return Returns boolean status to enable or disable device-authentication. + */ + boolean requireDeviceAuthorization(); + } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementPluginRepository.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementPluginRepository.java index 971212b9232..24b88903d8c 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementPluginRepository.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/DeviceManagementPluginRepository.java @@ -21,6 +21,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.device.mgt.common.DeviceManagementException; import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService; +import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder; import org.wso2.carbon.device.mgt.core.internal.DeviceManagementServiceComponent; import org.wso2.carbon.device.mgt.core.internal.DeviceManagerStartupListener; import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil; @@ -48,6 +49,8 @@ public class DeviceManagementPluginRepository implements DeviceManagerStartupLis /* Initializing Device Management Service Provider */ provider.init(); DeviceManagerUtil.registerDeviceType(deviceType); + DeviceManagementDataHolder.getInstance().setRequireDeviceAuthorization(deviceType, + provider.getDeviceManager().requireDeviceAuthorization()); } } catch (DeviceManagementException e) { throw new DeviceManagementException("Error occurred while adding device management provider '" + diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java index 15958737370..bed880e72c1 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java @@ -21,10 +21,7 @@ package org.wso2.carbon.device.mgt.core.authorization; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.context.PrivilegedCarbonContext; -import org.wso2.carbon.device.mgt.common.Device; -import org.wso2.carbon.device.mgt.common.DeviceIdentifier; -import org.wso2.carbon.device.mgt.common.DeviceManagementException; -import org.wso2.carbon.device.mgt.common.EnrolmentInfo; +import org.wso2.carbon.device.mgt.common.*; import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException; import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService; import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult; @@ -74,7 +71,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori String username = this.getUserName(); int tenantId = this.getTenantId(); if (username == null || username.isEmpty()) { - return false; + return !DeviceManagementDataHolder.getInstance().requireDeviceAuthorization(deviceIdentifier.getType()); } try { //Check for admin users. If the user is an admin user we authorize the access to that device. @@ -227,11 +224,14 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori private String getUserName() { String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername(); - String tenantDomain = MultitenantUtils.getTenantDomain(username); - if (username.endsWith(tenantDomain)) { - return username.substring(0, username.lastIndexOf("@")); + if (username != null && username.isEmpty()) { + String tenantDomain = MultitenantUtils.getTenantDomain(username); + if (username.endsWith(tenantDomain)) { + return username.substring(0, username.lastIndexOf("@")); + } + return username; } - return username; + return null; } private int getTenantId() { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementDataHolder.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementDataHolder.java index b618288b9cf..0921ef50810 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementDataHolder.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/internal/DeviceManagementDataHolder.java @@ -44,7 +44,7 @@ public class DeviceManagementDataHolder { private AppManagementConfig appManagerConfig; private OperationManager operationManager; private ConfigurationContextService configurationContextService; - private HashMap isUserLevelAutherizationAllowMap; + private HashMap requireDeviceAuthorization = new HashMap<>(); private DeviceAccessAuthorizationService deviceAccessAuthorizationService; private static DeviceManagementDataHolder thisInstance = new DeviceManagementDataHolder(); @@ -148,12 +148,12 @@ public class DeviceManagementDataHolder { this.configurationContextService = configurationContextService; } - public void setIsUserLevelAutherizationAllow(String pluginType, boolean isAllowUserAuthentication) { - isUserLevelAutherizationAllowMap.put(pluginType,isAllowUserAuthentication); + public void setRequireDeviceAuthorization(String pluginType, boolean requireAuthentication) { + requireDeviceAuthorization.put(pluginType,requireAuthentication); } - public boolean getIsUserLevelAutherizationAllow(String pluginType) { - return isUserLevelAutherizationAllowMap.get(pluginType); + public boolean requireDeviceAuthorization(String pluginType) { + return requireDeviceAuthorization.get(pluginType); } public DeviceAccessAuthorizationService getDeviceAccessAuthorizationService() { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/TestDeviceManager.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/TestDeviceManager.java index a9ff90f96c9..d8ed7a6dc64 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/TestDeviceManager.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/test/java/org/wso2/carbon/device/mgt/core/TestDeviceManager.java @@ -116,4 +116,9 @@ public class TestDeviceManager implements DeviceManager { } + @Override + public boolean requireDeviceAuthorization() { + return false; + } + }