diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/bean/ApplicationInstallation.java b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/bean/ApplicationInstallation.java index 8a69e2eff9..4c90d42cb6 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/bean/ApplicationInstallation.java +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/bean/ApplicationInstallation.java @@ -44,8 +44,9 @@ public class ApplicationInstallation extends AndroidOperation implements Seriali @ApiModelProperty(name = "url", value = "Application URL", required = true) private String url; - @ApiModelProperty(name = "schedule", value = "Application install schedule.", required = false) - private String schedule; + + @ApiModelProperty(name = "schedule", value = "Schedule of the App installation.") + private String schedule; public String getAppIdentifier() { return appIdentifier; @@ -71,11 +72,13 @@ public class ApplicationInstallation extends AndroidOperation implements Seriali this.url = url; } - public String getSchedule() { - return schedule; - } + @SuppressWarnings("unused") + public String getSchedule() { + return schedule; + } - public void setSchedule(String schedule) { - this.schedule = schedule; - } + @SuppressWarnings("unused") + public void setSchedule(String schedule) { + this.schedule = schedule; + } } diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/bean/UpgradeFirmware.java b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/bean/UpgradeFirmware.java index 1b21523255..748ee0e598 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/bean/UpgradeFirmware.java +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/bean/UpgradeFirmware.java @@ -30,7 +30,7 @@ import java.io.Serializable; description = "This class carries all information related to UpgradeFirmware.") public class UpgradeFirmware extends AndroidOperation implements Serializable { - @ApiModelProperty(name = "schedule", value = "Schedule of the UpgradeFirmware.", required = true) + @ApiModelProperty(name = "schedule", value = "Schedule of the UpgradeFirmware.") private String schedule; @ApiModelProperty(name = "server", value = "Firmware package server.") diff --git a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/impl/DeviceManagementAdminServiceImpl.java b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/impl/DeviceManagementAdminServiceImpl.java index 71e0a1c30d..2ed0a554af 100644 --- a/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/impl/DeviceManagementAdminServiceImpl.java +++ b/components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/services/impl/DeviceManagementAdminServiceImpl.java @@ -21,7 +21,6 @@ package org.wso2.carbon.mdm.services.android.services.impl; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.json.JSONException; -import org.json.JSONObject; import org.wso2.carbon.device.mgt.common.DeviceManagementException; import org.wso2.carbon.device.mgt.common.InvalidDeviceException; import org.wso2.carbon.device.mgt.common.operation.mgt.Operation; @@ -78,9 +77,7 @@ import java.net.URL; import java.net.URLConnection; import java.text.ParseException; import java.text.SimpleDateFormat; -import java.util.Date; import java.util.List; -import java.util.Map; @Path("/admin/devices") @Produces(MediaType.APPLICATION_JSON) @@ -548,45 +545,14 @@ public class DeviceManagementAdminServiceImpl implements DeviceManagementAdminSe } ApplicationInstallation applicationInstallation = applicationInstallationBeanWrapper.getOperation(); - JSONObject payload = new JSONObject(applicationInstallation.toJSON()); - - try { - URL url = new URL(payload.getString("url")); - URLConnection conn = url.openConnection(); - - //get all headers - Map> headerFields = conn.getHeaderFields(); - boolean isFile = false; - for (Map.Entry> entry : headerFields.entrySet()) { - if ("Content-Type".equals(entry.getKey()) && entry.getValue() != null - && entry.getValue().size() > 0 && "application/octet-stream".equals(entry.getValue().get(0))) { - isFile = true; - break; - } - } - if (!isFile) { - String errorMessage = "URL is not pointed to a downloadable file."; - log.error(errorMessage); - throw new BadRequestException( - new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); - } - validateType(payload); - } catch (MalformedURLException e) { - String errorMessage = "Malformed application url."; - log.error(errorMessage); - throw new BadRequestException( - new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); - } catch (IOException e) { - String errorMessage = "Invalid application url."; - log.error(errorMessage); - throw new BadRequestException( - new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); - } + validateApplicationUrl(applicationInstallation.getUrl()); + validateApplicationType(applicationInstallation.getType()); + validateScheduleDate(applicationInstallation.getSchedule()); ProfileOperation operation = new ProfileOperation(); operation.setCode(AndroidConstants.OperationCodes.INSTALL_APPLICATION); operation.setType(Operation.Type.PROFILE); - operation.setPayLoad(payload.toString()); + operation.setPayLoad(applicationInstallation.toJSON()); return AndroidAPIUtils.getOperationResponse(applicationInstallationBeanWrapper.getDeviceIDs(), operation); } catch (JSONException e) { @@ -640,6 +606,10 @@ public class DeviceManagementAdminServiceImpl implements DeviceManagementAdminSe } } ApplicationUpdate applicationUpdate = applicationUpdateBeanWrapper.getOperation(); + validateApplicationUrl(applicationUpdate.getUrl()); + validateApplicationType(applicationUpdate.getType()); + validateScheduleDate(applicationUpdate.getSchedule()); + ProfileOperation operation = new ProfileOperation(); operation.setCode(AndroidConstants.OperationCodes.UPDATE_APPLICATION); operation.setType(Operation.Type.PROFILE); @@ -682,8 +652,7 @@ public class DeviceManagementAdminServiceImpl implements DeviceManagementAdminSe new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); } ApplicationUninstallation applicationUninstallation = applicationUninstallationBeanWrapper.getOperation(); - JSONObject payload = new JSONObject(applicationUninstallation.toJSON()); - validateType(payload); + validateApplicationType(applicationUninstallation.getType()); ProfileOperation operation = new ProfileOperation(); operation.setCode(AndroidConstants.OperationCodes.UNINSTALL_APPLICATION); @@ -710,25 +679,6 @@ public class DeviceManagementAdminServiceImpl implements DeviceManagementAdminSe } } - private void validateType(JSONObject payload) { - if (payload.has("type")) { - String type = payload.getString("type"); - if (!"enterprise".equalsIgnoreCase(type) - && !"public".equalsIgnoreCase(type) - && !"webapp".equalsIgnoreCase(type)) { - String errorMessage = "Invalid application type."; - log.error(errorMessage); - throw new BadRequestException( - new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); - } - } else { - String errorMessage = "Application type is missing."; - log.error(errorMessage); - throw new BadRequestException( - new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); - } - } - @POST @Path("/blacklist-applications") @Override @@ -785,13 +735,7 @@ public class DeviceManagementAdminServiceImpl implements DeviceManagementAdminSe new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); } UpgradeFirmware upgradeFirmware = upgradeFirmwareBeanWrapper.getOperation(); - - //validate date - if(upgradeFirmware != null && upgradeFirmware.getSchedule() != null){ - SimpleDateFormat sdf = new SimpleDateFormat(DATE_FORMAT); - sdf.setLenient(false); - Date date = sdf.parse(upgradeFirmware.getSchedule()); - } + validateScheduleDate(upgradeFirmware.getSchedule()); ProfileOperation operation = new ProfileOperation(); operation.setCode(AndroidConstants.OperationCodes.UPGRADE_FIRMWARE); @@ -813,11 +757,6 @@ public class DeviceManagementAdminServiceImpl implements DeviceManagementAdminSe log.error(errorMessage, e); throw new UnexpectedServerErrorException( new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(errorMessage).build()); - } catch (ParseException e) { - String errorMessage = "Issue in validating the schedule date"; - log.error(errorMessage); - throw new BadRequestException( - new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); } } @@ -1103,4 +1042,71 @@ public class DeviceManagementAdminServiceImpl implements DeviceManagementAdminSe } } + private static boolean hasValidAPKContentType(String contentType){ + if (contentType != null){ + switch (contentType) { + case MediaType.APPLICATION_OCTET_STREAM: + case "application/android": + return true; + } + } + return false; + } + + private static void validateApplicationUrl(String apkUrl) { + try { + URL url = new URL(apkUrl); + URLConnection conn = url.openConnection(); + if (!hasValidAPKContentType(conn.getContentType())) { + String errorMessage = "URL is not pointed to a downloadable file."; + log.error(errorMessage); + throw new BadRequestException( + new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); + } + } catch (MalformedURLException e) { + String errorMessage = "Malformed application url."; + log.error(errorMessage); + throw new BadRequestException( + new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); + } catch (IOException e) { + String errorMessage = "Invalid application url."; + log.error(errorMessage); + throw new BadRequestException( + new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); + } + } + + private static void validateApplicationType(String type) { + if (type != null) { + if (!"enterprise".equalsIgnoreCase(type) + && !"public".equalsIgnoreCase(type) + && !"webapp".equalsIgnoreCase(type)) { + String errorMessage = "Invalid application type."; + log.error(errorMessage); + throw new BadRequestException( + new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); + } + } else { + String errorMessage = "Application type is missing."; + log.error(errorMessage); + throw new BadRequestException( + new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); + } + } + + private static void validateScheduleDate(String dateString){ + try { + if (dateString != null) { + SimpleDateFormat sdf = new SimpleDateFormat(DATE_FORMAT); + sdf.setLenient(false); + sdf.parse(dateString); + } + } catch (ParseException e) { + String errorMessage = "Issue in validating the schedule date"; + log.error(errorMessage); + throw new BadRequestException( + new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage(errorMessage).build()); + } + } + }