From 8180baefd9fc55062db51639bda0635c56be8d4e Mon Sep 17 00:00:00 2001 From: Viranga Gunarathna Date: Thu, 28 Sep 2023 00:00:44 +0530 Subject: [PATCH 1/2] Modify scope keys --- .../service/impl/VirtualFireAlarmService.java | 8 +- .../client/OAuthRequestInterceptor.java | 2 +- .../client/OAuthRequestInterceptor.java | 2 +- .../service/MQTTManagementAdminService.java | 4 +- .../client/OAuthRequestInterceptor.java | 2 +- .../client/OAuthRequestInterceptor.java | 2 +- .../DeviceManagementAdminService.java | 104 +++++++++--------- .../api/services/DeviceManagementService.java | 18 +-- .../DeviceTypeConfigurationService.java | 12 +- .../api/services/EventReceiverService.java | 6 +- .../private/config.json | 61 +++++----- 11 files changed, 111 insertions(+), 110 deletions(-) diff --git a/components/device-types/virtual-fire-alarm-plugin/io.entgra.device.mgt.plugins.virtualfirealarm.api/src/main/java/io/entgra/device/mgt/plugins/virtualfirealarm/api/service/impl/VirtualFireAlarmService.java b/components/device-types/virtual-fire-alarm-plugin/io.entgra.device.mgt.plugins.virtualfirealarm.api/src/main/java/io/entgra/device/mgt/plugins/virtualfirealarm/api/service/impl/VirtualFireAlarmService.java index 2dc7820897..656dcea75b 100644 --- a/components/device-types/virtual-fire-alarm-plugin/io.entgra.device.mgt.plugins.virtualfirealarm.api/src/main/java/io/entgra/device/mgt/plugins/virtualfirealarm/api/service/impl/VirtualFireAlarmService.java +++ b/components/device-types/virtual-fire-alarm-plugin/io.entgra.device.mgt.plugins.virtualfirealarm.api/src/main/java/io/entgra/device/mgt/plugins/virtualfirealarm/api/service/impl/VirtualFireAlarmService.java @@ -53,7 +53,7 @@ import javax.ws.rs.core.Response; @Scope( name = "Enroll device", description = "", - key = "perm:firealarm:enroll", + key = "dm:firealarm:enroll", permissions = {"/device-mgt/devices/enroll/firealarm"}, roles = {"Internal/devicemgt-user"} ) @@ -83,7 +83,7 @@ public interface VirtualFireAlarmService { tags = "virtual_firealarm", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "perm:firealarm:enroll") + @ExtensionProperty(name = SCOPE, value = "dm:firealarm:enroll") }) } ) @@ -104,7 +104,7 @@ public interface VirtualFireAlarmService { tags = "virtual_firealarm", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "perm:firealarm:enroll") + @ExtensionProperty(name = SCOPE, value = "dm:firealarm:enroll") }) } ) @@ -125,7 +125,7 @@ public interface VirtualFireAlarmService { tags = "virtual_firealarm", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "perm:firealarm:enroll") + @ExtensionProperty(name = SCOPE, value = "dm:firealarm:enroll") }) } ) diff --git a/components/extensions/cdmf-transport-adapters/input/io.entgra.device.mgt.plugins.input.adapter.http/src/main/java/io/entgra/device/mgt/plugins/input/adapter/http/authorization/client/OAuthRequestInterceptor.java b/components/extensions/cdmf-transport-adapters/input/io.entgra.device.mgt.plugins.input.adapter.http/src/main/java/io/entgra/device/mgt/plugins/input/adapter/http/authorization/client/OAuthRequestInterceptor.java index 513082af97..399039937d 100755 --- a/components/extensions/cdmf-transport-adapters/input/io.entgra.device.mgt.plugins.input.adapter.http/src/main/java/io/entgra/device/mgt/plugins/input/adapter/http/authorization/client/OAuthRequestInterceptor.java +++ b/components/extensions/cdmf-transport-adapters/input/io.entgra.device.mgt.plugins.input.adapter.http/src/main/java/io/entgra/device/mgt/plugins/input/adapter/http/authorization/client/OAuthRequestInterceptor.java @@ -58,7 +58,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { private static final String APPLICATION_NAME = "websocket-app"; private static final String PASSWORD_GRANT_TYPE = "password"; private static final String REFRESH_GRANT_TYPE = "refresh_token"; - private static final String REQUIRED_SCOPE = "perm:authorization:verify"; + private static final String REQUIRED_SCOPE = "dm:authorization:verify"; private ApiApplicationRegistrationService apiApplicationRegistrationService; private TokenIssuerService tokenIssuerService; diff --git a/components/extensions/cdmf-transport-adapters/output/io.entgra.device.mgt.plugins.output.adapter.websocket/src/main/java/io/entgra/device/mgt/plugins/output/adapter/websocket/authorization/client/OAuthRequestInterceptor.java b/components/extensions/cdmf-transport-adapters/output/io.entgra.device.mgt.plugins.output.adapter.websocket/src/main/java/io/entgra/device/mgt/plugins/output/adapter/websocket/authorization/client/OAuthRequestInterceptor.java index 245275d34f..1eaef17597 100755 --- a/components/extensions/cdmf-transport-adapters/output/io.entgra.device.mgt.plugins.output.adapter.websocket/src/main/java/io/entgra/device/mgt/plugins/output/adapter/websocket/authorization/client/OAuthRequestInterceptor.java +++ b/components/extensions/cdmf-transport-adapters/output/io.entgra.device.mgt.plugins.output.adapter.websocket/src/main/java/io/entgra/device/mgt/plugins/output/adapter/websocket/authorization/client/OAuthRequestInterceptor.java @@ -70,7 +70,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { private static final String APPLICATION_NAME = "websocket-app"; private static final String PASSWORD_GRANT_TYPE = "password"; private static final String REFRESH_GRANT_TYPE = "refresh_token"; - private static final String REQUIRED_SCOPE = "perm:authorization:verify"; + private static final String REQUIRED_SCOPE = "dm:authorization:verify"; private ApiApplicationRegistrationService apiApplicationRegistrationService; private TokenIssuerService tokenIssuerService; private ApiApplicationKey apiApplicationKey; diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/service/MQTTManagementAdminService.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/service/MQTTManagementAdminService.java index 96dfbaa0ee..9057da87ab 100644 --- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/service/MQTTManagementAdminService.java +++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.api/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/jaxrs/service/MQTTManagementAdminService.java @@ -64,7 +64,7 @@ import javax.ws.rs.core.Response; @Scope( name = "Getting Details of Topics", description = "Getting Details of Topics", - key = "perm:admin:topics:view", + key = "dm:admin:topics:view", permissions = {"/device-mgt/topics/view"} ) } @@ -82,7 +82,7 @@ public interface MQTTManagementAdminService { tags = "MQTT Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "perm:admin:topics:view") + @ExtensionProperty(name = Constants.SCOPE, value = "dm:admin:topics:view") }) } ) diff --git a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java index 1cde68b66d..9d91477eb2 100755 --- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java +++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java @@ -58,7 +58,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor { private static final String APPLICATION_NAME = "mqtt_broker"; private static final String PASSWORD_GRANT_TYPE = "password"; private static final String REFRESH_GRANT_TYPE = "refresh_token"; - private static final String REQUIRED_SCOPE = "perm:authorization:verify"; + private static final String REQUIRED_SCOPE = "dm:authorization:verify"; private ApiApplicationRegistrationService apiApplicationRegistrationService; private TokenIssuerService tokenIssuerService; private static Log log = LogFactory.getLog(OAuthRequestInterceptor.class); diff --git a/components/extensions/siddhi-extensions/io.entgra.device.mgt.plugins.extension.siddhi.device/src/main/java/io/entgra/device/mgt/plugins/extension/siddhi/device/client/OAuthRequestInterceptor.java b/components/extensions/siddhi-extensions/io.entgra.device.mgt.plugins.extension.siddhi.device/src/main/java/io/entgra/device/mgt/plugins/extension/siddhi/device/client/OAuthRequestInterceptor.java index 9f0f189462..6d14f1cd65 100755 --- a/components/extensions/siddhi-extensions/io.entgra.device.mgt.plugins.extension.siddhi.device/src/main/java/io/entgra/device/mgt/plugins/extension/siddhi/device/client/OAuthRequestInterceptor.java +++ b/components/extensions/siddhi-extensions/io.entgra.device.mgt.plugins.extension.siddhi.device/src/main/java/io/entgra/device/mgt/plugins/extension/siddhi/device/client/OAuthRequestInterceptor.java @@ -50,7 +50,7 @@ import io.entgra.device.mgt.plugins.extension.siddhi.device.utils.DeviceUtils; public class OAuthRequestInterceptor implements RequestInterceptor { private static final String APPLICATION_NAME = "siddhi_extension_client"; - private static final String REQUIRED_SCOPES = "perm:devices:operations"; + private static final String REQUIRED_SCOPES = "dm:devices:ops:view"; private static final String[] API_TAGS = {"device_management"}; private DCRService dcrService; private static OAuthApplication oAuthApplication; diff --git a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceManagementAdminService.java b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceManagementAdminService.java index 29a2b03f59..7743701238 100644 --- a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceManagementAdminService.java +++ b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceManagementAdminService.java @@ -71,182 +71,182 @@ import java.util.List; @Scope( name = "Lock Device", description = "Hard lock own device", - key = "perm:android:lock-devices", + key = "and:ops:lock-devices", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/lock"} ), @Scope( name = "Unlock Device", description = "Unlock permanently locked device", - key = "perm:android:unlock-devices", + key = "and:ops:unlock-devices", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/unlock"} ), @Scope( name = "Get Location", description = "Request device location coordinates", - key = "perm:android:location", + key = "and:ops:location", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/location"} ), @Scope( name = "Clear Password", description = "Clear the password on Android devices", - key = "perm:android:clear-password", + key = "and:ops:clear-password", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/clear-password"} ), @Scope( name = "Control Camera", description = "Enabling or Disabling the Camera on Android Devices", - key = "perm:android:control-camera", + key = "and:ops:control-camera", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/camera"} ), @Scope( name = "Get Info", description = "Requesting device information from Android Devices", - key = "perm:android:info", + key = "and:ops:device-info", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/info"} ), @Scope( name = "Get Logs", description = "Requesting Logcat Details from Android Devices", - key = "perm:android:logcat", + key = "and:ops:logcat", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/logcat"} ), @Scope( name = "Enterprise Wipe", description = "Enterprise Wiping Android Devices", - key = "perm:android:enterprise-wipe", + key = "and:ops:enterprise-wipe", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/enterprise-wipe"} ), @Scope( name = "Factory Reset", description = "Factory Resetting Android Devices", - key = "perm:android:wipe", + key = "and:ops:wipe", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/wipe"} ), @Scope( name = "Get Installed Applications", description = "Get list of installed applications", - key = "perm:android:applications", + key = "and:ops:app-list", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/applications"} ), @Scope( name = "Ring Device", description = "Ring Android devices", - key = "perm:android:ring", + key = "and:ops:ring", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/ring"} ), @Scope( name = "Reboot Device", description = "Reboot Android devices", - key = "perm:android:reboot", + key = "and:ops:reboot", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/reboot"} ), @Scope( name = "Mute Device", description = "Mute Android devices", - key = "perm:android:mute", + key = "and:ops:mute", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/mute"} ), @Scope( name = "Install Applications", description = "Installing an Application on Android Devices", - key = "perm:android:install-application", + key = "and:ops:install-app", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/install-app"} ), @Scope( name = "Update Applications", description = "Updating an Application on Android Devices", - key = "perm:android:update-application", + key = "and:ops:update-app", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/update-app"} ), @Scope( name = "Uninstall Applications", description = "Uninstalling an Application on Android Devices", - key = "perm:android:uninstall-application", + key = "and:ops:uninstall-app", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/uninstall-app"} ), @Scope( name = "Blacklist Applications", description = "Blacklisting applications on Android Devices", - key = "perm:android:blacklist-applications", + key = "and:ops:blacklist-app", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/blacklist-app"} ), @Scope( name = "Upgrade Firmware", description = "Upgrading Firmware of Android Devices", - key = "perm:android:upgrade-firmware", + key = "and:ops:upgrade-firmware", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/upgrade"} ), @Scope( name = "Configure VPN", description = "Configure VPN on Android Device", - key = "perm:android:configure-vpn", + key = "and:ops:configure-vpn", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/vpn"} ), @Scope( name = "Send Notification", description = "Sending a notification to Android Device", - key = "perm:android:send-notification", + key = "and:ops:send-notif", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/send-notification"} ), @Scope( name = "Configure Wi-Fi", description = "Configure Wi-Fi on Android Device", - key = "perm:android:configure-wifi", + key = "and:ops:configure-wifi", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/wifi"} ), @Scope( name = "Encrypt Storage", description = "Encrypting storage on Android Device", - key = "perm:android:encrypt-storage", + key = "and:ops:encrypt-storage", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/encrypt"} ), @Scope( name = "Change Password", description = "Changing the lock code of an Android Device", - key = "perm:android:change-lock-code", + key = "and:ops:change-lock-code", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/change-lock-code"} ), @Scope( name = "Password Policy", description = "Set password policy of an Android Device", - key = "perm:android:set-password-policy", + key = "and:ops:password-policy", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/password-policy"} ), @Scope( name = "Add Web clip", description = "Setting a Web Clip on Android Devices", - key = "perm:android:set-webclip", + key = "and:ops:set-webclip", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/webclip"} ), @Scope( name = "File Transfer", description = "Transferring a file to android devices", - key = "perm:android:file-transfer", + key = "and:ops:file-transfer", roles = {"Internal/devicemgt-admin"}, permissions = {"/device-mgt/devices/owning-device/operations/android/file-transfer"} ) @@ -266,7 +266,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:file-transfer") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:file-transfer") }) } ) @@ -327,7 +327,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:lock-devices") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:lock-devices") }) } ) @@ -390,7 +390,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:unlock-devices") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:unlock-devices") }) } ) @@ -453,7 +453,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:location") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:location") }) } ) @@ -512,7 +512,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:clear-password") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:clear-password") }) } ) @@ -570,7 +570,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:control-camera") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:control-camera") }) }) @ApiResponses(value = { @@ -635,7 +635,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:info") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:device-info") }) } ) @@ -698,7 +698,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:logcat") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:logcat") }) } ) @@ -760,7 +760,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:enterprise-wipe") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:enterprise-wipe") }) } ) @@ -820,7 +820,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:wipe") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:wipe") }) } ) @@ -884,7 +884,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:applications") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:app-list") }) } ) @@ -944,7 +944,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:ring") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:ring") }) } ) @@ -1004,7 +1004,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:reboot") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:reboot") }) } ) @@ -1064,7 +1064,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:mute") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:mute") }) } ) @@ -1126,7 +1126,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:install-application") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:install-app") }) } ) @@ -1191,7 +1191,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:update-application") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:update-app") }) } ) @@ -1253,7 +1253,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:uninstall-application") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:uninstall-app") }) } ) @@ -1319,7 +1319,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:blacklist-applications") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:blacklist-app") }) } ) @@ -1381,7 +1381,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:upgrade-firmware") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:upgrade-firmware") }) } ) @@ -1445,7 +1445,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:configure-vpn") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:configure-vpn") }) } ) @@ -1505,7 +1505,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:send-notification") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:send-notif") }) } ) @@ -1566,7 +1566,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:configure-wifi") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:configure-wifi") }) } ) @@ -1628,7 +1628,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:encrypt-storage") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:encrypt-storage") }) } ) @@ -1690,7 +1690,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:change-lock-code") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:change-lock-code") }) } ) @@ -1752,7 +1752,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:set-password-policy") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:password-policy") }) } ) @@ -1812,7 +1812,7 @@ public interface DeviceManagementAdminService { tags = "Android Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:set-webclip") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:ops:set-webclip") }) } ) diff --git a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceManagementService.java b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceManagementService.java index aa010c3996..ee422a3b7e 100644 --- a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceManagementService.java +++ b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceManagementService.java @@ -70,14 +70,14 @@ import java.util.List; @Scope( name = "Enroll Device", description = "Register an Android device", - key = "perm:android:enroll", + key = "and:devices:enroll", roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/enroll/android"} ), @Scope( name = "Un-enroll Device", description = "Unregister an Android device", - key = "perm:android:disenroll", + key = "and:devices:disenroll", roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/disenroll/android"} ) @@ -96,7 +96,7 @@ public interface DeviceManagementService { tags = "Android Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:devices:enroll") }) } ) @@ -161,7 +161,7 @@ public interface DeviceManagementService { tags = "Android Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:devices:enroll") }) } ) @@ -222,7 +222,7 @@ public interface DeviceManagementService { tags = "Android Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:devices:enroll") }) } ) @@ -284,7 +284,7 @@ public interface DeviceManagementService { tags = "Android Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:devices:enroll") }) } ) @@ -339,7 +339,7 @@ public interface DeviceManagementService { tags = "Android Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:devices:enroll") }) } ) @@ -392,7 +392,7 @@ public interface DeviceManagementService { tags = "Android Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:devices:enroll") }) } ) @@ -448,7 +448,7 @@ public interface DeviceManagementService { tags = "Android Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:disenroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:devices:disenroll") }) } ) diff --git a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceTypeConfigurationService.java b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceTypeConfigurationService.java index 28665d3400..85d90c3351 100644 --- a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceTypeConfigurationService.java +++ b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceTypeConfigurationService.java @@ -67,21 +67,21 @@ import javax.ws.rs.core.Response; @Scope( name = "Enroll Device", description = "Register an Android device", - key = "perm:android:enroll", + key = "and:conf:devices:enroll", roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/enroll/android"} ), @Scope( name = "View Configurations", description = "Getting Android Platform Configurations", - key = "perm:android:view-configuration", + key = "and:conf:view", roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/enroll/android"} ), @Scope( name = "Manage Configurations", description = "Updating Android Platform Configurations", - key = "perm:android:manage-configuration", + key = "and:conf:manage", roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/platform-configurations/manage"} ) @@ -99,7 +99,7 @@ public interface DeviceTypeConfigurationService { tags = "Android Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:view-configuration") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:conf:view") }) } ) @@ -153,7 +153,7 @@ public interface DeviceTypeConfigurationService { tags = "Android Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:manage-configuration") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:conf:manage") }) } ) @@ -208,7 +208,7 @@ public interface DeviceTypeConfigurationService { tags = "Android Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:conf:devices:enroll") }) } ) diff --git a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/EventReceiverService.java b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/EventReceiverService.java index 7fa858c07b..cf8260c66e 100644 --- a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/EventReceiverService.java +++ b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/EventReceiverService.java @@ -67,7 +67,7 @@ import javax.ws.rs.core.Response; @Scope( name = "Enroll Device", description = "Register an Android device", - key = "perm:android:enroll", + key = "and:event:devices:enroll", roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/enroll/android"} ) @@ -86,7 +86,7 @@ public interface EventReceiverService { tags = "Event Receiver", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:event:devices:enroll") }) } ) @@ -149,7 +149,7 @@ public interface EventReceiverService { tags = "Event Receiver", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:android:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:event:devices:enroll") }) } ) diff --git a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/private/config.json b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/private/config.json index e6ab55c5d7..4c9ba95457 100644 --- a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/private/config.json +++ b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/private/config.json @@ -6,36 +6,37 @@ "analyticsEnabled": "false", "groupingEnabled": "true", "scopes" : [ - "perm:android:file-transfer", - "perm:android:enroll", - "perm:android:wipe", - "perm:android:ring", - "perm:android:lock-devices", - "perm:android:configure-vpn", - "perm:android:configure-wifi", - "perm:android:enroll", - "perm:android:uninstall-application", - "perm:android:manage-configuration", - "perm:android:location", - "perm:android:install-application", - "perm:android:mute", - "perm:android:change-lock-code", - "perm:android:blacklist-applications", - "perm:android:set-password-policy", - "perm:android:encrypt-storage", - "perm:android:clear-password", - "perm:android:enterprise-wipe", - "perm:android:info", - "perm:android:view-configuration", - "perm:android:upgrade-firmware", - "perm:android:set-webclip", - "perm:android:send-notification", - "perm:android:disenroll", - "perm:android:update-application", - "perm:android:unlock-devices", - "perm:android:control-camera", - "perm:android:reboot", - "perm:android:logcat" + "and:ops:file-transfer", + "and:devices:enroll", + "and:ops:wipe", + "and:ops:ring", + "and:ops:lock-devices", + "and:ops:configure-vpn", + "and:ops:configure-wifi", + "and:conf:devices:enroll", + "and:event:devices:enroll", + "and:ops:uninstall-app", + "and:conf:manage", + "and:ops:location", + "and:ops:install-app", + "and:ops:mute", + "and:ops:change-lock-code", + "and:ops:blacklist-app", + "and:ops:password-policy", + "and:ops:encrypt-storage", + "and:ops:clear-password", + "and:ops:enterprise-wipe", + "and:ops:device-info", + "and:conf:view", + "and:ops:upgrade-firmware", + "and:ops:set-webclip", + "and:ops:send-notif", + "and:devices:disenroll", + "and:ops:update-app", + "and:ops:unlock-devices", + "and:ops:control-camera", + "and:ops:reboot", + "and:ops:logcat" ], "features": { "DEVICE_RING": { From 939b2c7e83692d1a02bdb8d66dd0991cbbf15835 Mon Sep 17 00:00:00 2001 From: Viranga Gunarathna Date: Thu, 28 Sep 2023 21:20:37 +0530 Subject: [PATCH 2/2] Duplicate keys for same permission in different files --- .../api/services/DeviceTypeConfigurationService.java | 4 ++-- .../mobile/android/api/services/EventReceiverService.java | 6 +++--- .../private/config.json | 3 +-- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceTypeConfigurationService.java b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceTypeConfigurationService.java index 85d90c3351..6ef1252dc6 100644 --- a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceTypeConfigurationService.java +++ b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/DeviceTypeConfigurationService.java @@ -67,7 +67,7 @@ import javax.ws.rs.core.Response; @Scope( name = "Enroll Device", description = "Register an Android device", - key = "and:conf:devices:enroll", + key = "and:devices:enroll", roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/enroll/android"} ), @@ -208,7 +208,7 @@ public interface DeviceTypeConfigurationService { tags = "Android Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:conf:devices:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:devices:enroll") }) } ) diff --git a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/EventReceiverService.java b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/EventReceiverService.java index cf8260c66e..af83e6c05b 100644 --- a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/EventReceiverService.java +++ b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.api/src/main/java/io/entgra/device/mgt/plugins/mobile/android/api/services/EventReceiverService.java @@ -67,7 +67,7 @@ import javax.ws.rs.core.Response; @Scope( name = "Enroll Device", description = "Register an Android device", - key = "and:event:devices:enroll", + key = "and:devices:enroll", roles = {"Internal/devicemgt-user"}, permissions = {"/device-mgt/devices/enroll/android"} ) @@ -86,7 +86,7 @@ public interface EventReceiverService { tags = "Event Receiver", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:event:devices:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:devices:enroll") }) } ) @@ -149,7 +149,7 @@ public interface EventReceiverService { tags = "Event Receiver", extensions = { @Extension(properties = { - @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:event:devices:enroll") + @ExtensionProperty(name = AndroidConstants.SCOPE, value = "and:devices:enroll") }) } ) diff --git a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/private/config.json b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/private/config.json index 4c9ba95457..ece5617ae2 100644 --- a/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/private/config.json +++ b/components/mobile-plugins/android-plugin/io.entgra.device.mgt.plugins.mobile.android.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.type.android.type-view/private/config.json @@ -13,8 +13,7 @@ "and:ops:lock-devices", "and:ops:configure-vpn", "and:ops:configure-wifi", - "and:conf:devices:enroll", - "and:event:devices:enroll", + "and:devices:enroll", "and:ops:uninstall-app", "and:conf:manage", "and:ops:location",