Removed the use of web-app context in permission.xml of webapps

9 years ago · 9a68aa92bc
parent 9fca18ae90
commit 9a68aa92bc
7 changed files with 36 additions and 18 deletions
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java
@ -31,6 +31,16 @@ import java.util.List;
 public class PermissionConfiguration {

    private List<Permission> permissions;
+    private String apiVersion;
+
+    public String getApiVersion() {
+        return apiVersion;
+    }
+
+    @XmlElement (name = "APIVersion", required = true)
+    public void setApiVersion(String apiVersion) {
+        this.apiVersion = apiVersion;
+    }

    public List<Permission> getPermissions() {
        return permissions;
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/lifecycle/WebAppDeploymentLifecycleListener.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/lifecycle/WebAppDeploymentLifecycleListener.java
@ -24,9 +24,11 @@ import org.apache.catalina.LifecycleListener;
 import org.apache.catalina.core.StandardContext;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
 import org.wso2.carbon.device.mgt.core.config.permission.PermissionConfiguration;
 import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionManagerServiceImpl;
+import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionUtils;

 import javax.servlet.ServletContext;
 import javax.xml.bind.JAXBContext;
@ -34,6 +36,7 @@ import javax.xml.bind.JAXBException;
 import javax.xml.bind.Unmarshaller;
 import java.io.File;
 import java.io.InputStream;
+import java.util.List;

 /**
 * This listener class will initiate the permission addition of permissions defined in
@ -50,6 +53,7 @@ public class WebAppDeploymentLifecycleListener implements LifecycleListener {
 		if (Lifecycle.AFTER_START_EVENT.equals(lifecycleEvent.getType())) {
 			StandardContext context = (StandardContext) lifecycleEvent.getLifecycle();
 			ServletContext servletContext = context.getServletContext();
+			String contextPath = servletContext.getContextPath();
 			try {
 				InputStream permissionStream = servletContext.getResourceAsStream(PERMISSION_CONFIG_PATH);
 				if (permissionStream != null) {
@ -58,10 +62,16 @@ public class WebAppDeploymentLifecycleListener implements LifecycleListener {
 					Unmarshaller unmarshaller = cdmContext.createUnmarshaller();
 					PermissionConfiguration permissionConfiguration = (PermissionConfiguration)
 							unmarshaller.unmarshal(permissionStream);
-					if (permissionConfiguration != null &&
-					    permissionConfiguration.getPermissions() != null) {
-						PermissionManagerServiceImpl.getInstance().addPermissions(
-								permissionConfiguration.getPermissions());
+                    List<Permission> permissions = permissionConfiguration.getPermissions();
+                    String apiVersion = permissionConfiguration.getApiVersion();
+                    if (permissionConfiguration != null && permissions != null) {
+                        for (Permission permission : permissions) {
+                            // update the permission path to absolute permission path
+                            permission.setPath(PermissionUtils.getAbsolutePermissionPath(permission.getPath()));
+                            permission.setUrl(PermissionUtils.getAbsoluteContextPathOfAPI(contextPath, apiVersion,
+                                                                                           permission.getUrl()));
+                            PermissionManagerServiceImpl.getInstance().addPermission(permission);
+                        }
 					}
 				}
 			} catch (JAXBException e) {
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/permission/mgt/PermissionManagerServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/permission/mgt/PermissionManagerServiceImpl.java
@ -51,17 +51,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerService {
        return registryBasedPermissionManager;
    }

-    public boolean addPermissions(List<Permission> permissions) throws PermissionManagementException {
-        for (Permission permission : permissions) {
-            this.addPermission(permission);
-        }
-        return true;
-    }
-
    @Override
    public boolean addPermission(Permission permission) throws PermissionManagementException {
-        // update the permission path to absolute permission path
-        permission.setPath(PermissionUtils.getAbsolutePermissionPath(permission.getPath()));
        // adding a permission to the tree
        permissionTree.addPermission(permission);
        return PermissionUtils.putPermission(permission);
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/permission/mgt/PermissionUtils.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/permission/mgt/PermissionUtils.java
@ -59,6 +59,13 @@ public class PermissionUtils {
 		return PermissionUtils.ADMIN_PERMISSION_REGISTRY_PATH + permissionPath;
 	}

+    public static String getAbsoluteContextPathOfAPI(String contextPath, String version, String url) {
+        if((version != null) && !version.isEmpty()) {
+          return contextPath + "/" + version + url;
+        }
+        return contextPath + url;
+    }
+
 	public static Permission getPermission(String path) throws PermissionManagementException {
 		try {
 			Resource resource = PermissionUtils.getGovernanceRegistry().get(path);
--- a/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/DynamicClientWebAppRegistrationManager.java
+++ b/components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/DynamicClientWebAppRegistrationManager.java
@ -120,10 +120,9 @@ public class DynamicClientWebAppRegistrationManager {
        String requiredDynamicClientRegistration, webAppName;
        ServletContext servletContext;
        RegistrationProfile registrationProfile;
-        OAuthAppDetails oAuthAppDetails = null;
+        OAuthAppDetails oAuthAppDetails;
        DynamicClientWebAppRegistrationManager dynamicClientWebAppRegistrationManager =
                DynamicClientWebAppRegistrationManager.getInstance();
-        //todo move enumeration to while loop
        Enumeration enumeration = new IteratorEnumeration(DynamicClientWebAppRegistrationManager.
                webAppContexts.keySet().iterator());
        if (log.isDebugEnabled()) {
--- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java
+++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java
@ -51,6 +51,7 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
        public static final String WRITE = "write";
        public static final String DELETE = "delete";
        public static final String ACTION = "action";
+        public static final String UI_EXECUTE = "ui.execute";
    }

    private static final Log log = LogFactory.getLog(PermissionBasedScopeValidator.class);
@ -77,7 +78,7 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
                if (userRealm != null && userRealm.getAuthorizationManager() != null) {
                    status = userRealm.getAuthorizationManager()
                                      .isUserAuthorized(username, permission.getPath(),
-                                                        PermissionMethod.READ);
+                                                        PermissionMethod.UI_EXECUTE);
                }
            }
        } catch (PermissionManagementException e) {
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
@ -81,8 +81,8 @@ public class OAuthAuthenticator implements WebappAuthenticator {
            authenticationInfo.setStatus(Status.CONTINUE);
        }
        String apiVersion = tokenizer.nextToken();
-        String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod);
-        //String authLevel = "any";
+        //String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod);
+        String authLevel = "any";
        try {
            if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) {
                AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion,