diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java index 2007821939a..94df0875c98 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java @@ -170,6 +170,10 @@ public class RoleManagementServiceImpl implements RoleManagementService { @POST @Override public Response addRole(RoleWrapper roleWrapper) { + if (roleWrapper == null) { + log.error("Request body is incorrect or empty"); + return Response.status(Response.Status.BAD_REQUEST).build(); + } try { UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager(); if (log.isDebugEnabled()) { @@ -197,6 +201,10 @@ public class RoleManagementServiceImpl implements RoleManagementService { @Path("/{roleName}") @Override public Response updateRole(@PathParam("roleName") String roleName, RoleWrapper roleWrapper) { + if (roleWrapper == null) { + log.error("Request body is incorrect or empty"); + return Response.status(Response.Status.BAD_REQUEST).build(); + } String newRoleName = roleWrapper.getRoleName(); try { final UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager(); @@ -256,10 +264,14 @@ public class RoleManagementServiceImpl implements RoleManagementService { return Response.status(Response.Status.OK).build(); } - @POST + @PUT @Path("/{roleName}/users") @Override public Response updateUsersOfRole(@PathParam("roleName") String roleName, List users) { + if (users == null || users.size() == 0) { + log.error("No users are found"); + return Response.status(Response.Status.BAD_REQUEST).build(); + } try { final UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager(); if (log.isDebugEnabled()) { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml index a886c71925a..dbf4de5cc48 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml @@ -460,7 +460,7 @@ List roles /device-mgt/admin/roles/list - /roles/permissions + /roles/*/permissions GET @@ -481,22 +481,14 @@ Update role /device-mgt/admin/roles/update - /roles + /roles/* PUT - - - - - - - - Update role /device-mgt/admin/roles/update - /roles/users + /roles/*/users PUT @@ -510,7 +502,7 @@ Remove role /device-mgt/admin/roles/remove - /roles + /roles/* DELETE