From dd353e1bfb9554274a066c1bf32949714e458f54 Mon Sep 17 00:00:00 2001 From: Milan Perera Date: Thu, 8 Dec 2016 20:30:49 +0530 Subject: [PATCH 01/14] Commiting permission-scope mapping improvements --- .../pom.xml | 2 +- .../apimgt/annotations/api/Permission.java | 42 ----- .../carbon/apimgt/annotations/api/Scope.java | 38 +---- .../carbon/apimgt/annotations/api/Scopes.java | 35 +++++ .../lifecycle/util/AnnotationProcessor.java | 79 +++++++++- .../mgt/jaxrs/api/CertificateMgtService.java | 37 +++-- .../CertificateManagementAdminService.java | 73 +++++---- .../api/ActivityInfoProviderService.java | 47 +++--- .../api/ConfigurationManagementService.java | 36 +++-- .../mgt/jaxrs/service/api/Dashboard.java | 143 ++++++++---------- .../ApplicationManagementAdminService.java | 1 - ...DeviceAccessAuthorizationAdminService.java | 1 - .../SecurityDefinitionConfigurator.java | 4 + .../device/mgt/jaxrs/util/Constants.java | 1 + .../permission/AnnotationProcessor.java | 105 +++++++++---- pom.xml | 4 +- 16 files changed, 365 insertions(+), 283 deletions(-) delete mode 100644 components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Permission.java create mode 100644 components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scopes.java diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/pom.xml b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/pom.xml index 339110eac71..fd9e89ee02d 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/pom.xml +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/pom.xml @@ -79,7 +79,7 @@ javax.servlet, javax.xml.*, javax.xml.parsers;version="${javax.xml.parsers.import.pkg.version}";resolution:=optional, - org.apache.commons.lang, + org.apache.commons.lang scribe;scope=compile|runtime;inline=false; diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Permission.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Permission.java deleted file mode 100644 index 14d447ac2c0..00000000000 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Permission.java +++ /dev/null @@ -1,42 +0,0 @@ -/* -* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package org.wso2.carbon.apimgt.annotations.api; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -/** - * This class is the representation of custom developed Permission annotation. - */ -@Target(ElementType.METHOD) -@Retention(RetentionPolicy.RUNTIME) -public @interface Permission { - - /** - * Represents the permission name. - * @return Returns permission name. - */ - String name(); - - /** - * Represents the permission string. - * @return Returns permission string. - */ - String permission(); - -} \ No newline at end of file diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scope.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scope.java index 9e0068635be..701a6f183c5 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scope.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scope.java @@ -1,21 +1,3 @@ -/* - * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - package org.wso2.carbon.apimgt.annotations.api; import java.lang.annotation.ElementType; @@ -24,28 +6,18 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** - * This class is the representation of custom developed Permission annotation. + * This class is the representation of custom developed Scopes annotation. */ @Target(ElementType.METHOD) @Retention(RetentionPolicy.RUNTIME) public @interface Scope { - /** - * Represents the scope key which should be unique. - * @return Returns scope key. - */ - String key(); - - /** - * Represents the scope name. - * @return Returns scope name. - */ String name(); - /** - * Represents the scope description. - * @return Returns scope description. - */ String description(); + String key(); + + String[] permissions(); + } diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scopes.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scopes.java new file mode 100644 index 00000000000..ebbda6f9d49 --- /dev/null +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scopes.java @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.apimgt.annotations.api; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * This class is the representation of custom developed Scopes annotation. + */ +@Target(ElementType.TYPE) +@Retention(RetentionPolicy.RUNTIME) +public @interface Scopes { + + Scope[] scopes(); + +} diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java index d36e1442f48..86fe3816936 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java @@ -16,10 +16,12 @@ package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util; +import io.swagger.annotations.ApiOperation; import io.swagger.annotations.SwaggerDefinition; import org.apache.catalina.core.StandardContext; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.apimgt.api.model.Scope; import org.wso2.carbon.apimgt.webapp.publisher.APIPublisherUtil; import org.wso2.carbon.apimgt.webapp.publisher.config.APIResource; import org.wso2.carbon.apimgt.webapp.publisher.config.APIResourceConfiguration; @@ -37,9 +39,7 @@ import java.net.URI; import java.net.URL; import java.security.AccessController; import java.security.PrivilegedAction; -import java.util.ArrayList; -import java.util.List; -import java.util.Set; +import java.util.*; public class AnnotationProcessor { @@ -58,9 +58,13 @@ public class AnnotationProcessor { private static final String SWAGGER_ANNOTATIONS_EXTENSIONS = "extensions"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES = "properties"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_NAME = "name"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_DESCRIPTION = "description"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_KEY = "key"; + private static final String SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS = "permissions"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VERSION = "version"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_CONTEXT = "context"; private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VALUE = "value"; + private static final String ANNOTATIONS_SCOPES = "scopes"; private StandardContext context; @@ -75,6 +79,10 @@ public class AnnotationProcessor { private Class tagClass; private Class extensionClass; private Class extensionPropertyClass; + private Class apiOperation; + private Class scopeClass; + private Class scopesClass; + private Map apiScopes; public AnnotationProcessor(final StandardContext context) { servletContext = context.getServletContext(); @@ -91,7 +99,13 @@ public class AnnotationProcessor { extensionClass = (Class)classLoader .loadClass((io.swagger.annotations.Extension.class.getName())); extensionPropertyClass = (Class)classLoader - .loadClass((io.swagger.annotations.ExtensionProperty.class.getName())); + .loadClass(io.swagger.annotations.ExtensionProperty.class.getName()); + scopeClass = (Class) classLoader + .loadClass(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName()); + scopesClass = (Class) classLoader + .loadClass(org.wso2.carbon.apimgt.annotations.api.Scopes.class.getName()); + apiOperation = (Class)classLoader + .loadClass((io.swagger.annotations.ApiOperation.class.getName())); } catch (ClassNotFoundException e) { log.error("An error has occurred while loading classes ", e); } @@ -127,6 +141,7 @@ public class AnnotationProcessor { } try { apiResourceConfig = processAPIAnnotation(swaggerDefinition); + apiScopes = processAPIScopes(swaggerDefinition); if(apiResourceConfig != null){ String rootContext = servletContext.getContextPath(); pathClazzMethods = pathClazz.getMethods(); @@ -158,7 +173,7 @@ public class AnnotationProcessor { } catch (ClassNotFoundException e1) { String msg = "Failed to load service class " + className + " for publishing APIs." + " This API will not be published."; - log.error(msg); + log.error(msg, e1); } catch (RuntimeException e) { log.error("Unexpected error has been occurred while publishing "+ className +"hence, this API will not be published."); @@ -174,6 +189,37 @@ public class AnnotationProcessor { return apiResourceConfigs; } + private Map processAPIScopes(Annotation annotation) throws Throwable { + Map scopes = new HashMap<>(); + + InvocationHandler methodHandler = Proxy.getInvocationHandler(annotation); + Annotation[] annotatedScopes = (Annotation[]) methodHandler.invoke(annotation, scopesClass + .getMethod(ANNOTATIONS_SCOPES, null), null); + + Scope scope; + String permissions[]; + StringBuilder aggregatedPermissions = new StringBuilder(); + for(int i=0; i apiOperation; private Class authorizationClass; private Class authorizationScopeClass; + private Class extensionClass; + private Class extensionPropertyClass; + private Class scopeClass; + private Class scopesClass; + private Map apiScopes; public AnnotationProcessor(final StandardContext context) { @@ -90,6 +96,15 @@ public class AnnotationProcessor { .loadClass((io.swagger.annotations.Authorization.class.getName())); authorizationScopeClass = (Class)classLoader .loadClass((io.swagger.annotations.AuthorizationScope.class.getName())); + extensionClass = (Class)classLoader + .loadClass((io.swagger.annotations.Extension.class.getName())); + extensionPropertyClass = (Class)classLoader + .loadClass(io.swagger.annotations.ExtensionProperty.class.getName()); + scopeClass = (Class) classLoader + .loadClass(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName()); + scopesClass = (Class) classLoader + .loadClass(org.wso2.carbon.apimgt.annotations.api.Scopes.class.getName()); + } catch (ClassNotFoundException e) { log.error("An error has occurred while loading classes ", e); } @@ -135,6 +150,7 @@ public class AnnotationProcessor { try { clazz = classLoader.loadClass(className); Annotation apiAnno = clazz.getAnnotation(apiClazz); + apiScopes = processAPIScopes(apiAnno); List resourceList; if (apiAnno != null) { if (log.isDebugEnabled()) { @@ -165,7 +181,9 @@ public class AnnotationProcessor { } } } catch (ClassNotFoundException e) { - log.error("Error when passing the api annotation for device type apis."); + log.error("Error when passing the api annotation for device type apis.", e); + } catch (Throwable e) { + log.error("Error when passing the scopes annotation for device type apis.", e); } return apiPermissions; } @@ -342,28 +360,53 @@ public class AnnotationProcessor { private void setPermission(Annotation currentMethod, Permission permission) throws Throwable { InvocationHandler methodHandler = Proxy.getInvocationHandler(currentMethod); - Annotation[] authorizations = (Annotation[]) methodHandler.invoke(currentMethod - , apiOperation.getMethod(SWAGGER_ANNOTATIONS_AUTHORIZATIONS,null),null); - for(int i=0; i processAPIScopes(Annotation annotation) throws Throwable { + Map scopes = new HashMap<>(); + + InvocationHandler methodHandler = Proxy.getInvocationHandler(annotation); + Annotation[] annotatedScopes = (Annotation[]) methodHandler.invoke(annotation, scopesClass + .getMethod(ANNOTATIONS_SCOPES, null), null); + + Scope scope; + String permissions[]; + StringBuilder aggregatedPermissions = new StringBuilder(); + for(int i=0; i 5.2.2 - 5.1.3 + 5.2.7 5.1.1 @@ -1837,7 +1837,7 @@ [2.6.0,3.0.0) - 6.0.5 + 6.1.2-SNAPSHOT (5.0.0,7.0.0] From 36ee55f493d9ea22d21d558ad28aa096beae3656 Mon Sep 17 00:00:00 2001 From: Milan Perera Date: Wed, 14 Dec 2016 08:45:42 +0530 Subject: [PATCH 02/14] Implemented permission-scope mapping for IoTs --- .../lifecycle/util/AnnotationProcessor.java | 7 ++-- .../ApplicationManagementAdminService.java | 33 ++++++++++++------- .../admin/DeviceManagementAdminService.java | 23 +++++++++---- .../admin/GroupManagementAdminService.java | 23 +++++++++---- .../permission/AnnotationProcessor.java | 5 ++- pom.xml | 4 +-- 6 files changed, 66 insertions(+), 29 deletions(-) diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java index 86fe3816936..54f1c416d31 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java @@ -134,6 +134,7 @@ public class AnnotationProcessor { try { clazz = classLoader.loadClass(className); Annotation swaggerDefinition = clazz.getAnnotation(apiClazz); + Annotation Scopes = clazz.getAnnotation(scopesClass); List resourceList; if (swaggerDefinition != null) { if (log.isDebugEnabled()) { @@ -141,7 +142,9 @@ public class AnnotationProcessor { } try { apiResourceConfig = processAPIAnnotation(swaggerDefinition); - apiScopes = processAPIScopes(swaggerDefinition); + if (Scopes != null) { + apiScopes = processAPIScopes(Scopes); + } if(apiResourceConfig != null){ String rootContext = servletContext.getContextPath(); pathClazzMethods = pathClazz.getMethods(); @@ -214,7 +217,7 @@ public class AnnotationProcessor { aggregatedPermissions.append(permission); aggregatedPermissions.append(" "); } - scope.setRoles(aggregatedPermissions.toString()); + scope.setRoles(aggregatedPermissions.toString().trim()); scopes.put(scope.getKey(), scope); } return scopes; diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java index 6f462837c23..8f492612023 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java @@ -19,9 +19,12 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin; import io.swagger.annotations.*; +import org.wso2.carbon.apimgt.annotations.api.*; +import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.Consumes; import javax.ws.rs.POST; @@ -49,6 +52,16 @@ import javax.ws.rs.core.Response; @Api(value = "Application Management Administrative Service", description = "This an API intended to be used by " + "'internal' components to log in as an admin user and do a selected number of operations. " + "Further, this is strictly restricted to admin users only ") +@Scopes( + scopes = { + @Scope( + name = "Manage application", + description = "", + key = "cdmf:manage-application", + permissions = {"/device-mgt/applications/manage"} + ) + } +) @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) public interface ApplicationManagementAdminService { @@ -63,12 +76,10 @@ public interface ApplicationManagementAdminService { notes = "This is an internal API that can be used to install an application on a device.", response = Activity.class, tags = "Application Management Administrative Service", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/applications/manage", description - = "Install/Uninstall applications") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-application") + }) } ) @ApiResponses(value = { @@ -109,12 +120,10 @@ public interface ApplicationManagementAdminService { notes = "This is an internal API that can be used to uninstall an application.", response = Activity.class, tags = "Application Management Administrative Service", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/applications/manage", description - = "Install/Uninstall applications") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-application") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java index 6266a9b737e..a2e80bcbf9d 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java @@ -31,8 +31,11 @@ import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -60,6 +63,16 @@ import javax.ws.rs.core.Response; "Further, this is strictly restricted to admin users only ") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) +@Scopes( + scopes = { + @Scope( + name = "Manage device", + description = "", + key = "cdmf:manage-own-device", + permissions = {"/device-mgt/devices/owning-device/view"} + ) + } +) public interface DeviceManagementAdminService { @GET @@ -71,12 +84,10 @@ public interface DeviceManagementAdminService { response = Device.class, responseContainer = "List", tags = "Device Management Administrative Service", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", description - = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-own-device") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java index daffe2a6c5e..b5716e9db39 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java @@ -33,8 +33,11 @@ import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; import org.apache.axis2.transport.http.HTTPConstants; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceGroupList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.*; import javax.ws.rs.core.MediaType; @@ -61,6 +64,16 @@ import javax.ws.rs.core.Response; @Api(value = "Group Management Administrative Service", description = "This an API intended to be used by " + "'internal' components to log in as an admin user and do a selected number of operations. " + "Further, this is strictly restricted to admin users only ") +@Scopes( + scopes = { + @Scope( + name = "View groups", + description = "", + key = "cdmf:view-groups", + permissions = {"/device-mgt/admin/groups/view"} + ) + } +) public interface GroupManagementAdminService { @GET @@ -70,12 +83,10 @@ public interface GroupManagementAdminService { value = "Get the list of groups.", notes = "Returns all groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/admin/groups/view", description - = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:view-groups") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java index c28604fc4c0..ee2ebb4c2ef 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java @@ -150,7 +150,10 @@ public class AnnotationProcessor { try { clazz = classLoader.loadClass(className); Annotation apiAnno = clazz.getAnnotation(apiClazz); - apiScopes = processAPIScopes(apiAnno); + Annotation scopesAnno = clazz.getAnnotation(scopesClass); + if (scopesAnno != null) { + apiScopes = processAPIScopes(scopesAnno); + } List resourceList; if (apiAnno != null) { if (log.isDebugEnabled()) { diff --git a/pom.xml b/pom.xml index d3c359fff7b..5f59f54b6a4 100644 --- a/pom.xml +++ b/pom.xml @@ -1812,7 +1812,7 @@ 5.2.2 - 5.2.7 + 5.1.1 5.1.1 @@ -1837,7 +1837,7 @@ [2.6.0,3.0.0) - 6.1.2-SNAPSHOT + 6.0.6-SNAPSHOT (5.0.0,7.0.0] From 649879f998dc7e2210cc615fab1442cf903e2328 Mon Sep 17 00:00:00 2001 From: GPrathap Date: Sun, 1 Jan 2017 21:13:53 +0530 Subject: [PATCH 03/14] removed setting APIs secured as default. Because if secured is enabled, it is to be needed to provided parameters which are related to basic oauth, when this is false, jwt token is being used. --- .../webapp/publisher/APIPublisherUtil.java | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java index 6d1bc7695bb..630aa32d133 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java @@ -50,7 +50,7 @@ public class APIPublisherUtil { private static final String PARAM_PROVIDER_TENANT_DOMAIN = "providerTenantDomain"; - public static API getAPI(APIConfig config) throws APIManagementException { + public static API PARAM_MANAGED_API_IS_SECURED(APIConfig config) throws APIManagementException { APIProvider provider = config.getProvider(); String apiVersion = config.getVersion(); @@ -75,7 +75,7 @@ public class APIPublisherUtil { api.setUrl(config.getEndpoint()); api.addAvailableTiers(provider.getTiers()); - api.setEndpointSecured(true); + api.setEndpointSecured(false); api.setStatus(APIStatus.CREATED); api.setTransports(config.getTransports()); api.setApiLevelPolicy(config.getPolicy()); @@ -261,18 +261,7 @@ public class APIPublisherUtil { } apiConfig.setOwner(owner); - String isSecuredParam = servletContext.getInitParameter(PARAM_MANAGED_API_IS_SECURED); - boolean isSecured; - if (isSecuredParam == null || isSecuredParam.isEmpty()) { - if (log.isDebugEnabled()) { - log.debug("'managed-api-isSecured' attribute is not configured. Therefore, using the default, " + - "which is 'true'"); - } - isSecured = false; - } else { - isSecured = Boolean.parseBoolean(isSecuredParam); - } - apiConfig.setSecured(isSecured); + apiConfig.setSecured(false); String transports = servletContext.getInitParameter(PARAM_MANAGED_API_TRANSPORTS); if (transports == null || transports.isEmpty()) { From 4c9578ebe24b5930c2b8c1cbdb4ba4fa031deecb Mon Sep 17 00:00:00 2001 From: GPrathap Date: Sun, 1 Jan 2017 21:53:53 +0530 Subject: [PATCH 04/14] resized buffer size to 0 for each scope --- .../device/mgt/core/config/permission/AnnotationProcessor.java | 1 + 1 file changed, 1 insertion(+) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java index ee2ebb4c2ef..b20936c8f37 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/AnnotationProcessor.java @@ -403,6 +403,7 @@ public class AnnotationProcessor { .getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_KEY), annotatedScopes[i], STRING)); permissions = (String[])methodHandler.invoke(annotatedScopes[i], scopeClass .getMethod(SWAGGER_ANNOTATIONS_PROPERTIES_PERMISSIONS, null),null); + aggregatedPermissions.setLength(0); for (String permission : permissions) { aggregatedPermissions.append(permission); aggregatedPermissions.append(" "); From f508bcfd0e7e11d3b401f899b9eb2270d8f25827 Mon Sep 17 00:00:00 2001 From: GPrathap Date: Sun, 1 Jan 2017 22:03:50 +0530 Subject: [PATCH 05/14] corrected method name --- .../wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java index 630aa32d133..ce194ebb3cb 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java @@ -50,7 +50,7 @@ public class APIPublisherUtil { private static final String PARAM_PROVIDER_TENANT_DOMAIN = "providerTenantDomain"; - public static API PARAM_MANAGED_API_IS_SECURED(APIConfig config) throws APIManagementException { + public static API getAPI(APIConfig config) throws APIManagementException { APIProvider provider = config.getProvider(); String apiVersion = config.getVersion(); From 3c3c56a63c6aa19e86efe47feb53f0d0197a5665 Mon Sep 17 00:00:00 2001 From: Ace Date: Mon, 2 Jan 2017 15:27:53 +0530 Subject: [PATCH 06/14] Bumping IS versions to latest ones --- pom.xml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pom.xml b/pom.xml index e49aee71a49..773950ed596 100644 --- a/pom.xml +++ b/pom.xml @@ -1865,7 +1865,7 @@ 2.2.1 6.1.1 - 4.4.10 + 4.4.11 4.4.9 [4.4.0, 5.0.0) 1.5.4 @@ -1909,12 +1909,12 @@ 4.7.2 - 5.6.89 - 5.2.33 - 5.2.14 + 5.7.0 + 5.3.1 + 5.3.0 - [5.6.0, 6.0.0) + [5.7.0, 6.0.0) [5.2.0, 6.0.0) [5.1.0, 6.0.0) @@ -1940,7 +1940,7 @@ [2.6.0,3.0.0) - 6.1.2 + 6.1.20-SNAPSHOT (6.0.0,7.0.0] From 2619c626b29e51784f9b6242b906f54772807721 Mon Sep 17 00:00:00 2001 From: GPrathap Date: Mon, 19 Dec 2016 18:23:06 +0530 Subject: [PATCH 07/14] added scope annotation --- .../CertificateManagementAdminService.java | 48 +++-- .../api/ActivityInfoProviderService.java | 22 +- .../api/ConfigurationManagementService.java | 10 +- .../mgt/jaxrs/service/api/Dashboard.java | 160 +++++++++++++- .../service/api/DeviceManagementService.java | 166 ++++++++------ .../api/DeviceTypeManagementService.java | 42 ++-- .../service/api/GroupManagementService.java | 202 +++++++++++------- .../api/NotificationManagementService.java | 41 ++-- .../service/api/PolicyManagementService.java | 155 +++++++++----- .../service/api/RoleManagementService.java | 135 +++++++----- .../service/api/UserManagementService.java | 180 ++++++++++------ .../ApplicationManagementAdminService.java | 31 ++- .../admin/DeviceManagementAdminService.java | 12 +- .../admin/GroupManagementAdminService.java | 22 +- .../api/admin/UserManagementAdminService.java | 25 ++- 15 files changed, 851 insertions(+), 400 deletions(-) diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java index 3f849cba9ce..df92a10eb33 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java @@ -1,6 +1,16 @@ package org.wso2.carbon.certificate.mgt.cert.jaxrs.api; -import io.swagger.annotations.*; +import io.swagger.annotations.SwaggerDefinition; +import io.swagger.annotations.Info; +import io.swagger.annotations.ExtensionProperty; +import io.swagger.annotations.Extension; +import io.swagger.annotations.Tag; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; +import io.swagger.annotations.ResponseHeader; import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList; @@ -31,16 +41,28 @@ import javax.ws.rs.core.Response; @Path("/admin/certificates") @Scopes(scopes = { @Scope( - name = "Manage certificates", - description = "", - key = "cdmf:manage-certificate", - permissions = {"/device-mgt/certificates/manage"} + name = "Adding a new SSL certificate", + description = "Adding a new SSL certificate", + key = "cdmf:admin:certificates:add", + permissions = {"/device-mgt/admin/certificates/add"} ), @Scope( - name = "View certificate", - description = "", - key = "cdmf:view-certificate", - permissions = {"/device-mgt/certificates/view"} + name = "Getting Details of an SSL Certificate", + description = "Getting Details of an SSL Certificate", + key = "cdmf:admin:certificates:details", + permissions = {"/device-mgt/admin/certificates/details"} + ), + @Scope( + name = "Getting Details of Certificates", + description = "Getting Details of Certificates", + key = "cdmf:admin:certificates:view", + permissions = {"/device-mgt/admin/certificates/view"} + ), + @Scope( + name = "Deleting an SSL Certificate", + description = "Deleting an SSL Certificate", + key = "cdmf:admin:certificates:delete", + permissions = {"/device-mgt/admin/certificates/delete"} ) } ) @@ -67,7 +89,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:manage-certificate") + @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:add") }) } ) @@ -136,7 +158,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:view-certificate") + @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:details") }) } ) @@ -207,7 +229,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:view-certificate") + @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:view") }) } ) @@ -286,7 +308,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:manage-certificate") + @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:delete") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java index 9c3e2c4f5bc..3a040fa2161 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java @@ -18,7 +18,17 @@ */ package org.wso2.carbon.device.mgt.jaxrs.service.api; -import io.swagger.annotations.*; +import io.swagger.annotations.SwaggerDefinition; +import io.swagger.annotations.Info; +import io.swagger.annotations.ExtensionProperty; +import io.swagger.annotations.Extension; +import io.swagger.annotations.Tag; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; +import io.swagger.annotations.ResponseHeader; import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; @@ -55,9 +65,9 @@ import javax.ws.rs.core.Response; @Scopes( scopes = { @Scope( - name = "Get activities", - description = "Get activities", - key = "cdmf:get-activity", + name = "Getting Details of an Activity", + description = "Getting Details of an Activity", + key = "cdmf:activities:details", permissions = {"/device-mgt/devices/owning-device/view"} ) } @@ -77,7 +87,7 @@ public interface ActivityInfoProviderService { tags = "Activity Info Provider", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:activities:details") }) } ) @@ -150,7 +160,7 @@ public interface ActivityInfoProviderService { tags = "Activity Info Provider", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:activities:details") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java index 504bd75f1d7..87fa47c5d3e 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java @@ -24,8 +24,6 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; @@ -68,13 +66,13 @@ import javax.ws.rs.core.Response; @Scope( name = "View configurations", description = "", - key = "cdmf:view-configuration", + key = "cdmf:configuration:view", permissions = {"/device-mgt/platform-configurations/view"} ), @Scope( name = "Manage configurations", description = "", - key = "cdmf:manage-configuration", + key = "cdmf:configuration:manage", permissions = {"/device-mgt/platform-configurations/manage"} ) } @@ -92,7 +90,7 @@ public interface ConfigurationManagementService { tags = "Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:view-configuration") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:configuration:view") }) } ) @@ -151,7 +149,7 @@ public interface ConfigurationManagementService { tags = "Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-configuration") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:configuration:manage") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java index 903c92e5cde..8251ff40ae1 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java @@ -1,15 +1,23 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api; +import io.swagger.annotations.SwaggerDefinition; +import io.swagger.annotations.Info; +import io.swagger.annotations.ExtensionProperty; +import io.swagger.annotations.Extension; +import io.swagger.annotations.Tag; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceCountByGroup; import org.wso2.carbon.device.mgt.jaxrs.beans.DashboardGadgetDataWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.DashboardPaginationGadgetDataWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.*; import javax.ws.rs.core.MediaType; @@ -18,9 +26,89 @@ import javax.ws.rs.core.Response; /** * Device Analytics Dashboard related REST-APIs. This can be used to obtain device related analytics. */ +@SwaggerDefinition( + info = @Info( + version = "1.0.0", + title = "", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = "name", value = "DeviceAnalyticsDashboard"), + @ExtensionProperty(name = "context", value = "/api/device-mgt/v1.0/dashboard"), + }) + } + ), + tags = { + @Tag(name = "device_management", description = "Device Analytics Dashboard related information APIs" + + " are described here.") + } +) @Path("/dashboard") @Api(value = "Device Analytics Dashboard", description = "Device Analytics Dashboard related information APIs are described here.") +@Scopes( + scopes = { + @Scope( + name = "Device Count Overview", + description = "Device Count Overview", + key = "cdmf:dashboard:count-overview", + permissions = {"/device-mgt/dashboard/device-count"} + ), + @Scope( + name = "Device Counts by Potential Vulnerabilities", + description = "Device Counts by Potential Vulnerabilities", + key = "cdmf:dashboard:vulnerabilities", + permissions = {"/device-mgt/dashboard/vulnerabilities"} + ), + @Scope( + name = "Get the number of devices that have not complied to a policy", + description = "Get the number of devices that have not complied to a policy", + key = "cdmf:dashboard:non-compliant", + permissions = {"/device-mgt/dashboard/features"} + ), + @Scope( + name = "Get the number of devices for a given device type, such as connectivity status, " + + "potential vulnerability, platform, and ownership", + description = "Get the number of devices for a given device type, such as connectivity status, " + + "potential vulnerability, platform, and ownership", + key = "cdmf:dashboard:by-groups", + permissions = {"/device-mgt/dashboard/groups"} + ), + @Scope( + name = "Get the number of devices that have not complied to a given policy based on a particular", + description = "Get the number of devices that have not complied to a given policy based on a particular", + key = "cdmf:dashboard:device-counts", + permissions = {"/device-mgt/dashboard/groups"} + ), + @Scope( + name = "Get the number of devices that have not complied to a given policy based on a particular" + + " device type.", + description = "Get the number of devices that have not complied to a given policy based on a " + + "particular device type.", + key = "cdmf:dashboard:filtered-count", + permissions = {"/device-mgt/dashboard/total"} + ), + @Scope( + name = "Get the number of devices that have not complied to a given policy over the total" + + " number of devices registered with WSO2 EMM.\n", + description = "Get the number of devices that have not complied to a given policy over the total" + + " number of devices registered with WSO2 EMM.\n", + key = "cdmf:dashboard:non-compliant-count", + permissions = {"/device-mgt/dashboard/total"} + ), + @Scope( + name = "Get device details of devices based on a particular device type.", + description = "Get device details of devices based on a particular device type.", + key = "cdmf:dashboard:details", + permissions = {"/device-mgt/dashboard/details"} + ), + @Scope( + name = "Get device details of non-compliant devices which do not comply to a given policy.", + description = "Get device details of non-compliant devices which do not comply to a given policy.", + key = "cdmf:dashboard:feature-non-compliant", + permissions = {"/device-mgt/dashboard/details"} + ) + } +) @Produces(MediaType.APPLICATION_JSON) @SuppressWarnings("NonJaxWsWebServices") public interface Dashboard { @@ -43,7 +131,13 @@ public interface Dashboard { value = "Get the details of registered devices in WSO2 EMM.", notes = "Get the details of active, inactive, removed and total number of registered devices in" + " WSO2 EMM.", - tags = "Dashboard") + tags = "Dashboard", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:count-overview") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -93,7 +187,13 @@ public interface Dashboard { produces = MediaType.APPLICATION_JSON, httpMethod = "GET", value = "Get the number of unmonitored and non-compliant devices in WSO2 EMM.", - tags = "Dashboard") + tags = "Dashboard", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:vulnerabilities") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -144,7 +244,13 @@ public interface Dashboard { httpMethod = "GET", value = "Get the number of devices that have not complied to a policy that was enforced on a " + "device.", - tags = "Dashboard") + tags = "Dashboard", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:non-compliant") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -208,7 +314,13 @@ public interface Dashboard { httpMethod = "GET", value = "Get the number of devices for a given device type, such as connectivity status, " + "potential vulnerability, platform, and ownership.\n", - tags = "Dashboard") + tags = "Dashboard", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:by-groups") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -291,7 +403,13 @@ public interface Dashboard { httpMethod = "GET", value = "Get the number of devices that have not complied to a given policy based on a particular" + " device type.", - tags = "Dashboard") + tags = "Dashboard", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:device-counts") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -364,7 +482,13 @@ public interface Dashboard { + "Connectivity status of the device, such as active, inactive or removed.\n" + "The device ownership type, such as BYOD or COPE.\n" + "The device platform.\n" + "The potential vulnerabilities faced by the devices.", - tags = "Dashboard") + tags = "Dashboard", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:filtered-count") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -450,7 +574,13 @@ public interface Dashboard { httpMethod = "GET", value = "Get the number of devices that have not complied to a given policy over the total" + " number of devices registered with WSO2 EMM.\n", - tags = "Dashboard") + tags = "Dashboard", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:non-compliant-count") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -519,7 +649,13 @@ public interface Dashboard { produces = MediaType.APPLICATION_JSON, httpMethod = "GET", value = "Get device details of devices based on a particular device type.", - tags = "Dashboard") + tags = "Dashboard", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:details") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -615,7 +751,13 @@ public interface Dashboard { produces = MediaType.APPLICATION_JSON, httpMethod = "GET", value = "Get device details of non-compliant devices which do not comply to a given policy.", - tags = "Dashboard") + tags = "Dashboard", + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:feature-non-compliant") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java index 650ae34f7b6..ed9290df4ca 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java @@ -24,13 +24,13 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.Feature; import org.wso2.carbon.device.mgt.common.app.mgt.Application; @@ -38,6 +38,7 @@ import org.wso2.carbon.device.mgt.common.operation.mgt.Operation; import org.wso2.carbon.device.mgt.common.search.SearchContext; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.policy.mgt.common.Policy; import org.wso2.carbon.policy.mgt.common.monitor.ComplianceData; @@ -64,6 +65,64 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting Details of Registered Devices", + description = "Getting Details of Registered Devices", + key = "cdmf:devices:view", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Getting Details of a Device", + description = "Getting Details of a Device", + key = "cdmf:devices:details", + permissions = {"/device-mgt/devices/owning-device/details"} + ), + @Scope( + name = "Delete the device specified by device id", + description = "Delete the device specified by device id", + key = "cdmf:devices:delete", + permissions = {"/device-mgt/devices/owning-device/delete"} + ), + @Scope( + name = "Getting Feature Details of a Device", + description = "Getting Feature Details of a Device", + key = "cdmf:devices:features", + permissions = {"/device-mgt/devices/owning-device/features"} + ), + @Scope( + name = "Advanced Search for Devices", + description = "Advanced Search for Devices", + key = "cdmf:devices:search", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Getting Installed Application Details of a Device", + description = "Getting Installed Application Details of a Device", + key = "cdmf:devices:applications", + permissions = {"/device-mgt/devices/owning-device/applications"} + ), + @Scope( + name = "Getting Device Operation Details", + description = "Getting Device Operation Details", + key = "cdmf:devices:operations", + permissions = {"/device-mgt/devices/owning-device/operations"} + ), + @Scope( + name = "Get the details of the policy that is enforced on a device.", + description = "Get the details of the policy that is enforced on a device.", + key = "cdmf:devices:effective-policy", + permissions = {"/device-mgt/devices/owning-device/effective-policy"} + ), + @Scope( + name = "Getting Policy Compliance Details of a Device", + description = "Getting Policy Compliance Details of a Device", + key = "cdmf:devices:compliance-data", + permissions = {"/device-mgt/devices/owning-device/compliance-data"} + ) + } +) @Path("/devices") @Api(value = "Device Management", description = "This API carries all device management related operations " + "such as get all the available devices, etc.") @@ -78,13 +137,11 @@ public interface DeviceManagementService { value = "Getting Details of Registered Devices", notes = "Provides details of all the devices enrolled with WSO2 EMM.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view" - , description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:view") + }) + } ) @ApiResponses(value = { @ApiResponse(code = 200, message = "OK. \n Successfully fetched the list of devices.", @@ -205,12 +262,10 @@ public interface DeviceManagementService { value = "Getting Details of a Device", notes = "Get the details of a device by specifying the device type and device identifier.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:details") + }) } ) @ApiResponses( @@ -282,15 +337,13 @@ public interface DeviceManagementService { @ApiOperation( produces = MediaType.APPLICATION_JSON, httpMethod = "DELETE", - value = "Delete the device speccified by device id", + value = "Delete the device specified by device id", notes = "Returns the status of the deleted device operation.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:delete") + }) } ) @ApiResponses( @@ -359,13 +412,11 @@ public interface DeviceManagementService { "Using this REST API you can get the features that can be carried out on a preferred device type," + " such as iOS, Android or Windows.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:features") + }) + } ) @ApiResponses( value = { @@ -450,12 +501,10 @@ public interface DeviceManagementService { value = "Advanced Search for Devices", notes = "Search for devices by filtering the search result through the specified search terms.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:search") + }) } ) @ApiResponses( @@ -529,13 +578,12 @@ public interface DeviceManagementService { value = "Getting Installed Application Details of a Device", notes = "Get the list of applications subscribed to by a device.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:applications") + }) + + } ) @ApiResponses( value = { @@ -633,13 +681,11 @@ public interface DeviceManagementService { value = "Getting Device Operation Details", notes = "Get the details of operations carried out on a selected device.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:operations") + }) + } ) @ApiResponses( value = { @@ -746,13 +792,11 @@ public interface DeviceManagementService { "WSO2 EMM filters the policies based on the device platform (device type)," + "the device ownership type, the user role or name and finally, the policy that matches these filters will be enforced on the device.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:effective-policy") + }) + } ) @ApiResponses( value = { @@ -837,12 +881,10 @@ public interface DeviceManagementService { notes = "A policy is enforced on the devices that register with WSO2 EMM. " + "The server checks if the settings in the device comply with the policy that is enforced on the device using this REST API.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:compliance-data") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java index 94b06ea7513..963edc84f75 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java @@ -24,15 +24,16 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceTypeList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -54,6 +55,22 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting the Supported Device Platforms", + description = "Getting the Supported Device Platforms", + key = "cdmf:device-types:types", + permissions = {"/device-mgt/device-types/types"} + ), + @Scope( + name = "Get Feature Details of a Device Type", + description = "Get Feature Details of a Device Type", + key = "cdmf:device-types:features", + permissions = {"/device-mgt/device-types/features"} + ) + } +) @Path("/device-types") @Api(value = "Device Type Management", description = "This API corresponds to all tasks related to device " + "type management") @@ -68,12 +85,10 @@ public interface DeviceTypeManagementService { value = "Getting the Supported Device Platforms", notes = "Get the list of device platforms supported by WSO2 EMM.", tags = "Device Type Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Device Types") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:device-types:types") + }) } ) @ApiResponses( @@ -123,6 +138,7 @@ public interface DeviceTypeManagementService { String ifModifiedSince); @GET + @Path("/{type}/features") @ApiOperation( produces = MediaType.APPLICATION_JSON, httpMethod = "GET", @@ -131,12 +147,10 @@ public interface DeviceTypeManagementService { "Using this REST API you can get the features that can be carried out on a preferred device type," + " such as iOS, Android or Windows.", tags = "Device Type Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Device Types") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:device-types:features") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java index a982a3c3d53..aff13f24375 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java @@ -24,8 +24,6 @@ import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; -import io.swagger.annotations.Authorization; -import io.swagger.annotations.AuthorizationScope; import io.swagger.annotations.Extension; import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Info; @@ -33,12 +31,15 @@ import io.swagger.annotations.ResponseHeader; import io.swagger.annotations.SwaggerDefinition; import io.swagger.annotations.Tag; import org.apache.axis2.transport.http.HTTPConstants; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.DeviceIdentifier; import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceGroupList; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.Valid; import javax.ws.rs.Consumes; @@ -74,6 +75,82 @@ import java.util.List; "details.") } ) +@Scopes( + scopes = { + @Scope( + name = "Get the list of groups belongs to current user.", + description = "Get the list of groups belongs to current user.", + key = "cdmf:groups:groups", + permissions = {"/device-mgt/groups/groups"} + ), + @Scope( + name = "Get the count of groups belongs to current user.", + description = "Get the count of groups belongs to current user.", + key = "cdmf:groups:count", + permissions = {"/device-mgt/groups/count"} + ), + @Scope( + name = "Add new device group to the system.", + description = "Add new device group to the system.", + key = "cdmf:groups:add", + permissions = {"/device-mgt/groups/add"} + ), + @Scope( + name = "View group specified", + description = "View group specified", + key = "cdmf:groups:groups-view", + permissions = {"/device-mgt/groups/groups-view"} + ), + @Scope( + name = "Update a group", + description = "Update a group", + key = "cdmf:groups:update", + permissions = {"/device-mgt/groups/update"} + ), + @Scope( + name = "Delete a group", + description = "Delete a group", + key = "cdmf:groups:remove", + permissions = {"/device-mgt/groups/remove"} + ), + @Scope( + name = "Manage group sharing with a user", + description = "Manage group sharing with a user", + key = "cdmf:groups:share", + permissions = {"/device-mgt/groups/share"} + ), + @Scope( + name = "View list of roles of a device group", + description = "View list of roles of a device group", + key = "cdmf:groups:roles", + permissions = {"/device-mgt/groups/roles"} + ), + @Scope( + name = "View list of devices in the device group", + description = "View list of devices in the device group", + key = "cdmf:groups:devices", + permissions = {"/device-mgt/groups/devices"} + ), + @Scope( + name = "View list of device count in the device group", + description = "View list of device count in the device group", + key = "cdmf:groups:devices-count", + permissions = {"/device-mgt/groups/devices/devices-count"} + ), + @Scope( + name = "Add devices to group", + description = "Add devices to group", + key = "cdmf:groups:devices-add", + permissions = {"/device-mgt/groups/devices/devices-add"} + ), + @Scope( + name = "Remove devices from group", + description = "Remove devices from group", + key = "cdmf:groups:devices-remove", + permissions = {"/device-mgt/groups/devices/devices-remove"} + ) + } +) @Path("/groups") @Api(value = "Device Group Management", description = "This API carries all device group management related " + "operations such as get all the available groups, etc.") @@ -88,12 +165,10 @@ public interface GroupManagementService { value = "Get the list of groups belongs to current user.", notes = "Returns all permitted groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", - description = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:groups") + }) } ) @ApiResponses(value = { @@ -153,13 +228,12 @@ public interface GroupManagementService { value = "Get the count of groups belongs to current user.", notes = "Returns count of all permitted groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", - description = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:count") + }) } + ) @ApiResponses(value = { @ApiResponse(code = 200, message = "OK. \n Successfully fetched the device group count.", @@ -202,12 +276,10 @@ public interface GroupManagementService { value = "Add new device group to the system.", notes = "Add device group with current user as the owner.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/add", - description = "Add Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:add") + }) } ) @ApiResponses( @@ -270,12 +342,10 @@ public interface GroupManagementService { value = "View group specified.", notes = "Returns details of group enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", - description = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:groups-view") + }) } ) @ApiResponses(value = { @@ -325,12 +395,10 @@ public interface GroupManagementService { notes = "If you wish to make changes to an existing group, that can be done by updating the group using " + "this resource.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/update", - description = "Update Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:update") + }) } ) @ApiResponses(value = { @@ -384,12 +452,10 @@ public interface GroupManagementService { notes = "If you wish to remove an existing group, that can be done by updating the group using " + "this resource.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/remove", - description = "Remove Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:remove") + }) } ) @ApiResponses(value = { @@ -438,12 +504,10 @@ public interface GroupManagementService { notes = "If you wish to share /un share an existing group with a user under defined sharing roles, " + "that can be done using this resource.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/share", - description = "Share Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:share") + }) } ) @ApiResponses(value = { @@ -496,12 +560,10 @@ public interface GroupManagementService { value = "View list of roles of a device group.", notes = "Returns details of roles which particular group has been shared with.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/roles/view", - description = "View roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:roles") + }) } ) @ApiResponses(value = { @@ -550,12 +612,10 @@ public interface GroupManagementService { value = "View list of devices in the device group.", notes = "Returns list of devices in the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/view", - description = "View devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices") + }) } ) @ApiResponses(value = { @@ -612,12 +672,10 @@ public interface GroupManagementService { value = "View list of device count in the device group.", notes = "Returns device count in the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/view", - description = "View devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-count") + }) } ) @ApiResponses(value = { @@ -666,12 +724,10 @@ public interface GroupManagementService { value = "Add devices to group.", notes = "Add existing devices to the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/add", - description = "Add devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-add") + }) } ) @ApiResponses(value = { @@ -724,12 +780,10 @@ public interface GroupManagementService { value = "Remove devices from group.", notes = "Remove existing devices from the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/remove", - description = "Remove devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-remove") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java index 0a2998251c8..a3d0d556f3b 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java @@ -24,16 +24,17 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.notification.mgt.Notification; import org.wso2.carbon.device.mgt.jaxrs.NotificationList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Max; import javax.validation.constraints.Size; @@ -60,6 +61,22 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting All Device Notification Details", + description = "Getting All Device Notification Details", + key = "cdmf:notifications:view", + permissions = {"/device-mgt/notifications/view"} + ), + @Scope( + name = "Updating the Device Notification Status", + description = "Updating the Device Notification Status", + key = "cdmf:notifications:mark-checked", + permissions = {"/device-mgt/notifications/mark-checked"} + ) + } +) @Api(value = "Device Notification Management", description = "Device notification related operations can be found here.") @Path("/notifications") @Produces(MediaType.APPLICATION_JSON) @@ -73,12 +90,10 @@ public interface NotificationManagementService { value = "Getting All Device Notification Details", notes = "Get the details of all the notifications that were pushed to the devices registered with WSO2 EMM using this REST API.", tags = "Device Notification Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/notifications/view", - description = "View notifications") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:notifications:view") + }) } ) @ApiResponses( @@ -164,12 +179,10 @@ public interface NotificationManagementService { notes = "When a user has read the the device notification the device notification status must " + "change from NEW to CHECKED. This API is used to update device notification status.", tags = "Device Notification Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/notifications/view", - description = "View notifications") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:notifications:mark-checked") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java index 6a77938b0fe..2994994ac00 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java @@ -24,16 +24,17 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.PriorityUpdatedPolicyWrapper; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.policy.mgt.common.Policy; import javax.validation.Valid; @@ -62,6 +63,64 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Adding a Policy", + description = "Adding a Policy", + key = "cdmf:policies:manage", + permissions = {"/device-mgt/policies/manage"} + ), + @Scope( + name = "Getting Details of Policies", + description = "Getting Details of Policies", + key = "cdmf:policies:get-details", + permissions = {"/device-mgt/policies/get-details"} + ), + @Scope( + name = "Getting Details of a Policy", + description = "Getting Details of a Policy", + key = "cdmf:policies:get-policy-details", + permissions = {"/device-mgt/policies/get-policy-details"} + ), + @Scope( + name = "Updating a Policy", + description = "Updating a Policy", + key = "cdmf:policies:update", + permissions = {"/device-mgt/policies/update"} + ), + @Scope( + name = "Removing Multiple Policies", + description = "Removing Multiple Policies", + key = "cdmf:policies:remove", + permissions = {"/device-mgt/policies/remove"} + ), + @Scope( + name = "Activating Policies", + description = "Activating Policies", + key = "cdmf:policies:activate", + permissions = {"/device-mgt/policies/activate"} + ), + @Scope( + name = "Deactivating Policies", + description = "Deactivating Policies", + key = "cdmf:policies:deactivate", + permissions = {"/device-mgt/policies/deactivate"} + ), + @Scope( + name = "Applying Changes on Policies", + description = "Applying Changes on Policies", + key = "cdmf:policies:changes", + permissions = {"/device-mgt/policies/changes"} + ), + @Scope( + name = "Updating the Policy Priorities", + description = "Updating the Policy Priorities", + key = "cdmf:policies:priorities", + permissions = {"/device-mgt/policies/priorities"} + ) + } +) @Api(value = "Device Policy Management", description = "This API includes the functionality around device policy management") @Path("/policies") @Produces(MediaType.APPLICATION_JSON) @@ -77,12 +136,10 @@ public interface PolicyManagementService { notes = "Add a policy using this REST API command. When adding a policy you will have the option of saving the policy or saving and publishing the policy." + "Using this REST API you are able to save a created Policy and this policy will be in the inactive state.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:manage") + }) } ) @ApiResponses( @@ -147,12 +204,10 @@ public interface PolicyManagementService { notes = "Retrieve the details of all the policies in WSO2 EMM.", response = Policy.class, tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/view", - description = "View policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:get-details") + }) } ) @ApiResponses( @@ -224,12 +279,10 @@ public interface PolicyManagementService { notes = "Retrieve the details of a policy that is in WSO2 EMM.", response = Policy.class, tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/view", - description = "View policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:get-policy-details") + }) } ) @ApiResponses( @@ -294,12 +347,10 @@ public interface PolicyManagementService { value = "Updating a Policy", notes = "Make changes to an existing policy by updating the policy using this resource.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:update") + }) } ) @ApiResponses( @@ -364,12 +415,10 @@ public interface PolicyManagementService { value = "Removing Multiple Policies", notes = "Delete one or more than one policy using this API.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:remove") + }) } ) @ApiResponses( @@ -412,12 +461,10 @@ public interface PolicyManagementService { value = "Activating Policies", notes = "Publish a policy using this API to bring a policy that is in the inactive state to the active state.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:activate") + }) } ) @ApiResponses( @@ -455,12 +502,10 @@ public interface PolicyManagementService { value = "Deactivating Policies", notes = "Unpublish a policy using this API to bring a policy that is in the active state to the inactive state.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:deactivate") + }) } ) @ApiResponses( @@ -503,12 +548,10 @@ public interface PolicyManagementService { " devices will not receive these changes immediately. Once all the required changes are made" + " you need to apply the changes to push the policy changes to the existing devices.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:changes") + }) } ) @ApiResponses( @@ -533,13 +576,11 @@ public interface PolicyManagementService { value = "Updating the Policy Priorities", notes = "Make changes to the existing policy priority order by updating the priority order using this API.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:priorities") + }) + } ) @ApiResponses( value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java index cc894b9c0b0..b308ddc9702 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java @@ -24,16 +24,17 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.user.mgt.common.UIPermissionNode; import javax.ws.rs.*; @@ -56,6 +57,58 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting the List of Roles", + description = "Getting the List of Roles", + key = "cdmf:roles:view", + permissions = {"/device-mgt/roles/view"} + ), + @Scope( + name = "Getting Permission Details of a Role", + description = "Getting Permission Details of a Role", + key = "cdmf:roles:permissions", + permissions = {"/device-mgt/roles/permissions"} + ), + @Scope( + name = "Getting the List of Roles", + description = "Getting the List of Roles", + key = "cdmf:roles:details", + permissions = {"/device-mgt/roles/details"} + ), + @Scope( + name = "Adding a Role", + description = "Adding a Role", + key = "cdmf:roles:add", + permissions = {"/device-mgt/roles/add"} + ), + @Scope( + name = "Adding a combined Role", + description = "Adding a combined Role", + key = "cdmf:roles:create-combined-role", + permissions = {"/device-mgt/roles/create-combined-role"} + ), + @Scope( + name = "Updating Role Details", + description = "Updating Role Details", + key = "cdmf:roles:update", + permissions = {"/device-mgt/roles/update"} + ), + @Scope( + name = "Deleting a Role", + description = "Deleting a Role", + key = "cdmf:roles:delete", + permissions = {"/device-mgt/roles/delete"} + ), + @Scope( + name = "Adding Users to a Role", + description = "Adding Users to a Role", + key = "cdmf:roles:add-users", + permissions = {"/device-mgt/roles/add-users"} + ) + } +) @Path("/roles") @Api(value = "Role Management", description = "Role management related operations can be found here.") @Produces(MediaType.APPLICATION_JSON) @@ -70,11 +123,10 @@ public interface RoleManagementService { notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Using this API you can the list of roles that are in WSO2 EMM.\n" + "Note: Internal roles, roles created for service-providers, and application related roles will not be given in the output.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", description = "View Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:view") + }) } ) @ApiResponses( @@ -151,11 +203,10 @@ public interface RoleManagementService { response = UIPermissionNode.class, responseContainer = "List", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", description = "View Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:permissions") + }) } ) @ApiResponses( @@ -227,12 +278,10 @@ public interface RoleManagementService { notes = "Get the permissions associated with a role and role specific details using this REST API.", response = RoleInfo.class, tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", - description = "View Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:details") + }) } ) @ApiResponses( @@ -303,12 +352,10 @@ public interface RoleManagementService { value = "Adding a Role", notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Add a new role to WSO2 EMM using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:add") + }) } ) @ApiResponses(value = { @@ -365,12 +412,10 @@ public interface RoleManagementService { value = "Adding a combined Role", notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Add a new combined role to WSO2 EMM using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:create-combined-role") + }) } ) @ApiResponses(value = { @@ -430,12 +475,10 @@ public interface RoleManagementService { notes = "There will be situations where you need to update the role details, such as the permissions" + " or the role name. Update the role details using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:update") + }) } ) @ApiResponses(value = { @@ -498,12 +541,10 @@ public interface RoleManagementService { notes = "Roles become obsolete over time due to various reasons. In a situation where your Organization identifies that a specific role is no longer required, you " + "can delete a role using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:delete") + }) } ) @ApiResponses(value = { @@ -550,12 +591,10 @@ public interface RoleManagementService { "be cumbersome. Therefore, you can define all the new employees that belong to the engineering " + "role using this API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:add-users") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java index b211a3a1012..e7154089c60 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java @@ -24,14 +24,14 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.*; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.*; import javax.ws.rs.core.MediaType; @@ -53,6 +53,76 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Adding a User", + description = "Adding a User", + key = "cdmf:users:add", + permissions = {"/device-mgt/users/add"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Getting Details of a User", + description = "Getting Details of a User", + key = "cdmf:users:details", + permissions = {"/device-mgt/users/details"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Updating Details of a User", + description = "Updating Details of a User", + key = "cdmf:users:update", + permissions = {"/device-mgt/policies/update"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Deleting a User", + description = "Deleting a User", + key = "cdmf:users:delete", + permissions = {"/device-mgt/policies/delete"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Getting the Role Details of a User", + description = "Getting the Role Details of a User", + key = "cdmf:users:roles", + permissions = {"/device-mgt/policies/roles"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Getting Details of Users", + description = "Getting Details of Users", + key = "cdmf:users:user-details", + permissions = {"/device-mgt/policies/user-details"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Getting the User Count", + description = "Getting the User Count", + key = "cdmf:users:count", + permissions = {"/device-mgt/policies/count"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Getting the User existence status", + description = "Getting the User existence status", + key = "cdmf:users:is-exist", + permissions = {"/device-mgt/policies/is-exist"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Searching for a User Name", + description = "Searching for a User Name", + key = "cdmf:users:search", + permissions = {"/device-mgt/policies/search"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Changing the User Password", + description = "Adding a User", + key = "cdmf:users:credentials", + permissions = {"/device-mgt/policies/credentials"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Sending Enrollment Invitations to Users", + description = "Sending Enrollment Invitations to Users", + key = "cdmf:users:send-invitation", + permissions = {"/device-mgt/policies/send-invitation"} + ) + } +) @Path("/users") @Api(value = "User Management", description = "User management related operations can be found here.") @Produces(MediaType.APPLICATION_JSON) @@ -67,12 +137,10 @@ public interface UserManagementService { value = "Adding a User", notes = "WSO2 EMM supports user management. Add a new user to the WSO2 EMM user management system via this REST API", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", - description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:add") + }) } ) @ApiResponses( @@ -129,12 +197,10 @@ public interface UserManagementService { notes = "Get the details of a user registered with WSO2 EMM using the REST API.", response = BasicUserInfo.class, tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:details") + }) } ) @ApiResponses(value = { @@ -202,12 +268,10 @@ public interface UserManagementService { notes = "There will be situations where you will want to update the user details. In such " + "situation you can update the user details using this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", - description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:update") + }) } ) @ApiResponses(value = { @@ -269,12 +333,10 @@ public interface UserManagementService { value = "Deleting a User", notes = "When an employee leaves the organization, you can remove the user details from WSO2 EMM using this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", - description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:delete") + }) } ) @ApiResponses(value = { @@ -314,12 +376,10 @@ public interface UserManagementService { value = "Getting the Role Details of a User", notes = "A user can be assigned to one or more role in EMM. Using this REST API you can get the role/roles a user is assigned to.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:roles") + }) } ) @ApiResponses(value = { @@ -378,12 +438,10 @@ public interface UserManagementService { notes = "You are able to manage users in WSO2 EMM by adding, updating and removing users. If you wish to get the list of users registered with WSO2 EMM, you can do so " + "using this REST API", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:user-details") + }) } ) @ApiResponses(value = { @@ -451,11 +509,10 @@ public interface UserManagementService { value = "Getting the User Count", notes = "Get the number of users in WSO2 EMM via this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:count") + }) } ) @ApiResponses(value = { @@ -487,12 +544,10 @@ public interface UserManagementService { value = "Getting the User existence status", notes = "Check if the user exists in the user store.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:is-exist") + }) } ) @ApiResponses(value = { @@ -532,11 +587,10 @@ public interface UserManagementService { + "You will be given a list of users having the user name in the exact order of the " + "characters you provided.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:search") + }) } ) @ApiResponses(value = { @@ -610,11 +664,10 @@ public interface UserManagementService { value = "Changing the User Password", notes = "A user is able to change the password to secure their WSO2 EMM profile via this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/login", description = "Reset user password") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:credentials") + }) } ) @ApiResponses(value = { @@ -656,11 +709,10 @@ public interface UserManagementService { notes = "Send the users a mail inviting them to download the EMM mobile application on their devices using the REST API given below.\n" + "Before running the REST API command to send the enrollment invitations to users make sure to configure WSO2 EMM as explained in step 4, under the WSO2 EMM general server configurations documentation.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:send-invitation") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java index 8f492612023..450b3a3778d 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java @@ -18,9 +18,18 @@ */ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin; -import io.swagger.annotations.*; -import org.wso2.carbon.apimgt.annotations.api.*; +import io.swagger.annotations.SwaggerDefinition; +import io.swagger.annotations.Info; +import io.swagger.annotations.ExtensionProperty; +import io.swagger.annotations.Extension; +import io.swagger.annotations.Tag; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; @@ -55,10 +64,16 @@ import javax.ws.rs.core.Response; @Scopes( scopes = { @Scope( - name = "Manage application", - description = "", - key = "cdmf:manage-application", - permissions = {"/device-mgt/applications/manage"} + name = "Installing an Application (Internal API)", + description = "Installing an Application (Internal API)", + key = "cdmf:applications:install", + permissions = {"/device-mgt/applications/install"} + ), + @Scope( + name = "Uninstalling an Application (Internal API)", + description = "Uninstalling an Application (Internal API)", + key = "cdmf:applications:uninstall", + permissions = {"/device-mgt/applications/uninstall"} ) } ) @@ -78,7 +93,7 @@ public interface ApplicationManagementAdminService { tags = "Application Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-application") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:applications:install") }) } ) @@ -122,7 +137,7 @@ public interface ApplicationManagementAdminService { tags = "Application Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-application") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:applications:uninstall") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java index a2e80bcbf9d..72ba18d5065 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java @@ -24,8 +24,6 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; @@ -66,10 +64,10 @@ import javax.ws.rs.core.Response; @Scopes( scopes = { @Scope( - name = "Manage device", - description = "", - key = "cdmf:manage-own-device", - permissions = {"/device-mgt/devices/owning-device/view"} + name = "Getting Details of a Device", + description = "Getting Details of a Device", + key = "cdmf:admin:devices:view", + permissions = {"/device-mgt/devices/admin/devices/view"} ) } ) @@ -86,7 +84,7 @@ public interface DeviceManagementAdminService { tags = "Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-own-device") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin:devices:view") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java index b5716e9db39..06d0842985f 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java @@ -25,8 +25,6 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; @@ -69,8 +67,14 @@ import javax.ws.rs.core.Response; @Scope( name = "View groups", description = "", - key = "cdmf:view-groups", + key = "cdmf:admin-groups:view", permissions = {"/device-mgt/admin/groups/view"} + ), + @Scope( + name = "Count groups", + description = "", + key = "cdmf:admin-groups:count", + permissions = {"/device-mgt/admin/groups/count"} ) } ) @@ -85,7 +89,7 @@ public interface GroupManagementAdminService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:view-groups") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-groups:view") }) } ) @@ -146,12 +150,10 @@ public interface GroupManagementAdminService { value = "Get the count of groups belongs to current user.", notes = "Returns count of all permitted groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/admin/groups/view", description - = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-groups:count") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java index 99914a94aba..fbb3603e569 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java @@ -24,14 +24,15 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -53,6 +54,16 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "View Users", + description = "View Users", + key = "cdmf:admin-users:view", + permissions = {"/device-mgt/admin/users/view"} + ) + } +) @Path("/admin/users") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) @@ -71,12 +82,10 @@ public interface UserManagementAdminService { notes = "The EMM administrator is able to change the password of the users in " + "the system and block them from logging into their EMM profile using this REST API.", tags = "User Management Administrative Service", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", description - = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-users:view") + }) } ) @ApiResponses(value = { From a829c384d3c32ce7cf0f8db60209cb70d41171f4 Mon Sep 17 00:00:00 2001 From: Milan Perera Date: Thu, 5 Jan 2017 11:21:28 +0530 Subject: [PATCH 08/14] Updated to APIM latest snapshot version --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 1127a873b2c..d6026cf72fc 100644 --- a/pom.xml +++ b/pom.xml @@ -1910,7 +1910,7 @@ 5.7.0 - 5.3.2-SNAPSHOT + 5.3.1 5.3.0 @@ -1940,7 +1940,7 @@ [2.6.0,3.0.0) - 6.1.20-SNAPSHOT + 6.1.30-SNAPSHOT (6.0.0,7.0.0] From 6860c6688283c04e2fef5ae82784e7c93be52bed Mon Sep 17 00:00:00 2001 From: GPrathap Date: Thu, 5 Jan 2017 12:05:40 +0530 Subject: [PATCH 09/14] Revert "added scope annotation" This reverts commit 2619c626b29e51784f9b6242b906f54772807721. --- .../CertificateManagementAdminService.java | 48 ++--- .../api/ActivityInfoProviderService.java | 22 +- .../api/ConfigurationManagementService.java | 10 +- .../mgt/jaxrs/service/api/Dashboard.java | 160 +------------- .../service/api/DeviceManagementService.java | 166 ++++++-------- .../api/DeviceTypeManagementService.java | 42 ++-- .../service/api/GroupManagementService.java | 202 +++++++----------- .../api/NotificationManagementService.java | 41 ++-- .../service/api/PolicyManagementService.java | 155 +++++--------- .../service/api/RoleManagementService.java | 135 +++++------- .../service/api/UserManagementService.java | 180 ++++++---------- .../ApplicationManagementAdminService.java | 31 +-- .../admin/DeviceManagementAdminService.java | 12 +- .../admin/GroupManagementAdminService.java | 22 +- .../api/admin/UserManagementAdminService.java | 25 +-- 15 files changed, 400 insertions(+), 851 deletions(-) diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java index df92a10eb33..3f849cba9ce 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java @@ -1,16 +1,6 @@ package org.wso2.carbon.certificate.mgt.cert.jaxrs.api; -import io.swagger.annotations.SwaggerDefinition; -import io.swagger.annotations.Info; -import io.swagger.annotations.ExtensionProperty; -import io.swagger.annotations.Extension; -import io.swagger.annotations.Tag; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; -import io.swagger.annotations.ApiResponse; -import io.swagger.annotations.ApiResponses; -import io.swagger.annotations.ResponseHeader; +import io.swagger.annotations.*; import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList; @@ -41,28 +31,16 @@ import javax.ws.rs.core.Response; @Path("/admin/certificates") @Scopes(scopes = { @Scope( - name = "Adding a new SSL certificate", - description = "Adding a new SSL certificate", - key = "cdmf:admin:certificates:add", - permissions = {"/device-mgt/admin/certificates/add"} + name = "Manage certificates", + description = "", + key = "cdmf:manage-certificate", + permissions = {"/device-mgt/certificates/manage"} ), @Scope( - name = "Getting Details of an SSL Certificate", - description = "Getting Details of an SSL Certificate", - key = "cdmf:admin:certificates:details", - permissions = {"/device-mgt/admin/certificates/details"} - ), - @Scope( - name = "Getting Details of Certificates", - description = "Getting Details of Certificates", - key = "cdmf:admin:certificates:view", - permissions = {"/device-mgt/admin/certificates/view"} - ), - @Scope( - name = "Deleting an SSL Certificate", - description = "Deleting an SSL Certificate", - key = "cdmf:admin:certificates:delete", - permissions = {"/device-mgt/admin/certificates/delete"} + name = "View certificate", + description = "", + key = "cdmf:view-certificate", + permissions = {"/device-mgt/certificates/view"} ) } ) @@ -89,7 +67,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:add") + @ExtensionProperty(name = SCOPE, value = "cdmf:manage-certificate") }) } ) @@ -158,7 +136,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:details") + @ExtensionProperty(name = SCOPE, value = "cdmf:view-certificate") }) } ) @@ -229,7 +207,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:view") + @ExtensionProperty(name = SCOPE, value = "cdmf:view-certificate") }) } ) @@ -308,7 +286,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:delete") + @ExtensionProperty(name = SCOPE, value = "cdmf:manage-certificate") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java index 3a040fa2161..9c3e2c4f5bc 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java @@ -18,17 +18,7 @@ */ package org.wso2.carbon.device.mgt.jaxrs.service.api; -import io.swagger.annotations.SwaggerDefinition; -import io.swagger.annotations.Info; -import io.swagger.annotations.ExtensionProperty; -import io.swagger.annotations.Extension; -import io.swagger.annotations.Tag; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; -import io.swagger.annotations.ApiResponse; -import io.swagger.annotations.ApiResponses; -import io.swagger.annotations.ResponseHeader; +import io.swagger.annotations.*; import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; @@ -65,9 +55,9 @@ import javax.ws.rs.core.Response; @Scopes( scopes = { @Scope( - name = "Getting Details of an Activity", - description = "Getting Details of an Activity", - key = "cdmf:activities:details", + name = "Get activities", + description = "Get activities", + key = "cdmf:get-activity", permissions = {"/device-mgt/devices/owning-device/view"} ) } @@ -87,7 +77,7 @@ public interface ActivityInfoProviderService { tags = "Activity Info Provider", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:activities:details") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity") }) } ) @@ -160,7 +150,7 @@ public interface ActivityInfoProviderService { tags = "Activity Info Provider", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:activities:details") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java index 87fa47c5d3e..504bd75f1d7 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java @@ -24,6 +24,8 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; @@ -66,13 +68,13 @@ import javax.ws.rs.core.Response; @Scope( name = "View configurations", description = "", - key = "cdmf:configuration:view", + key = "cdmf:view-configuration", permissions = {"/device-mgt/platform-configurations/view"} ), @Scope( name = "Manage configurations", description = "", - key = "cdmf:configuration:manage", + key = "cdmf:manage-configuration", permissions = {"/device-mgt/platform-configurations/manage"} ) } @@ -90,7 +92,7 @@ public interface ConfigurationManagementService { tags = "Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:configuration:view") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:view-configuration") }) } ) @@ -149,7 +151,7 @@ public interface ConfigurationManagementService { tags = "Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:configuration:manage") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-configuration") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java index 8251ff40ae1..903c92e5cde 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java @@ -1,23 +1,15 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api; -import io.swagger.annotations.SwaggerDefinition; -import io.swagger.annotations.Info; -import io.swagger.annotations.ExtensionProperty; -import io.swagger.annotations.Extension; -import io.swagger.annotations.Tag; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; -import org.wso2.carbon.apimgt.annotations.api.Scope; -import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceCountByGroup; import org.wso2.carbon.device.mgt.jaxrs.beans.DashboardGadgetDataWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.DashboardPaginationGadgetDataWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; -import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.*; import javax.ws.rs.core.MediaType; @@ -26,89 +18,9 @@ import javax.ws.rs.core.Response; /** * Device Analytics Dashboard related REST-APIs. This can be used to obtain device related analytics. */ -@SwaggerDefinition( - info = @Info( - version = "1.0.0", - title = "", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = "name", value = "DeviceAnalyticsDashboard"), - @ExtensionProperty(name = "context", value = "/api/device-mgt/v1.0/dashboard"), - }) - } - ), - tags = { - @Tag(name = "device_management", description = "Device Analytics Dashboard related information APIs" + - " are described here.") - } -) @Path("/dashboard") @Api(value = "Device Analytics Dashboard", description = "Device Analytics Dashboard related information APIs are described here.") -@Scopes( - scopes = { - @Scope( - name = "Device Count Overview", - description = "Device Count Overview", - key = "cdmf:dashboard:count-overview", - permissions = {"/device-mgt/dashboard/device-count"} - ), - @Scope( - name = "Device Counts by Potential Vulnerabilities", - description = "Device Counts by Potential Vulnerabilities", - key = "cdmf:dashboard:vulnerabilities", - permissions = {"/device-mgt/dashboard/vulnerabilities"} - ), - @Scope( - name = "Get the number of devices that have not complied to a policy", - description = "Get the number of devices that have not complied to a policy", - key = "cdmf:dashboard:non-compliant", - permissions = {"/device-mgt/dashboard/features"} - ), - @Scope( - name = "Get the number of devices for a given device type, such as connectivity status, " - + "potential vulnerability, platform, and ownership", - description = "Get the number of devices for a given device type, such as connectivity status, " - + "potential vulnerability, platform, and ownership", - key = "cdmf:dashboard:by-groups", - permissions = {"/device-mgt/dashboard/groups"} - ), - @Scope( - name = "Get the number of devices that have not complied to a given policy based on a particular", - description = "Get the number of devices that have not complied to a given policy based on a particular", - key = "cdmf:dashboard:device-counts", - permissions = {"/device-mgt/dashboard/groups"} - ), - @Scope( - name = "Get the number of devices that have not complied to a given policy based on a particular" - + " device type.", - description = "Get the number of devices that have not complied to a given policy based on a " + - "particular device type.", - key = "cdmf:dashboard:filtered-count", - permissions = {"/device-mgt/dashboard/total"} - ), - @Scope( - name = "Get the number of devices that have not complied to a given policy over the total" - + " number of devices registered with WSO2 EMM.\n", - description = "Get the number of devices that have not complied to a given policy over the total" - + " number of devices registered with WSO2 EMM.\n", - key = "cdmf:dashboard:non-compliant-count", - permissions = {"/device-mgt/dashboard/total"} - ), - @Scope( - name = "Get device details of devices based on a particular device type.", - description = "Get device details of devices based on a particular device type.", - key = "cdmf:dashboard:details", - permissions = {"/device-mgt/dashboard/details"} - ), - @Scope( - name = "Get device details of non-compliant devices which do not comply to a given policy.", - description = "Get device details of non-compliant devices which do not comply to a given policy.", - key = "cdmf:dashboard:feature-non-compliant", - permissions = {"/device-mgt/dashboard/details"} - ) - } -) @Produces(MediaType.APPLICATION_JSON) @SuppressWarnings("NonJaxWsWebServices") public interface Dashboard { @@ -131,13 +43,7 @@ public interface Dashboard { value = "Get the details of registered devices in WSO2 EMM.", notes = "Get the details of active, inactive, removed and total number of registered devices in" + " WSO2 EMM.", - tags = "Dashboard", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:count-overview") - }) - } - ) + tags = "Dashboard") @ApiResponses(value = { @ApiResponse( code = 200, @@ -187,13 +93,7 @@ public interface Dashboard { produces = MediaType.APPLICATION_JSON, httpMethod = "GET", value = "Get the number of unmonitored and non-compliant devices in WSO2 EMM.", - tags = "Dashboard", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:vulnerabilities") - }) - } - ) + tags = "Dashboard") @ApiResponses(value = { @ApiResponse( code = 200, @@ -244,13 +144,7 @@ public interface Dashboard { httpMethod = "GET", value = "Get the number of devices that have not complied to a policy that was enforced on a " + "device.", - tags = "Dashboard", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:non-compliant") - }) - } - ) + tags = "Dashboard") @ApiResponses(value = { @ApiResponse( code = 200, @@ -314,13 +208,7 @@ public interface Dashboard { httpMethod = "GET", value = "Get the number of devices for a given device type, such as connectivity status, " + "potential vulnerability, platform, and ownership.\n", - tags = "Dashboard", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:by-groups") - }) - } - ) + tags = "Dashboard") @ApiResponses(value = { @ApiResponse( code = 200, @@ -403,13 +291,7 @@ public interface Dashboard { httpMethod = "GET", value = "Get the number of devices that have not complied to a given policy based on a particular" + " device type.", - tags = "Dashboard", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:device-counts") - }) - } - ) + tags = "Dashboard") @ApiResponses(value = { @ApiResponse( code = 200, @@ -482,13 +364,7 @@ public interface Dashboard { + "Connectivity status of the device, such as active, inactive or removed.\n" + "The device ownership type, such as BYOD or COPE.\n" + "The device platform.\n" + "The potential vulnerabilities faced by the devices.", - tags = "Dashboard", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:filtered-count") - }) - } - ) + tags = "Dashboard") @ApiResponses(value = { @ApiResponse( code = 200, @@ -574,13 +450,7 @@ public interface Dashboard { httpMethod = "GET", value = "Get the number of devices that have not complied to a given policy over the total" + " number of devices registered with WSO2 EMM.\n", - tags = "Dashboard", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:non-compliant-count") - }) - } - ) + tags = "Dashboard") @ApiResponses(value = { @ApiResponse( code = 200, @@ -649,13 +519,7 @@ public interface Dashboard { produces = MediaType.APPLICATION_JSON, httpMethod = "GET", value = "Get device details of devices based on a particular device type.", - tags = "Dashboard", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:details") - }) - } - ) + tags = "Dashboard") @ApiResponses(value = { @ApiResponse( code = 200, @@ -751,13 +615,7 @@ public interface Dashboard { produces = MediaType.APPLICATION_JSON, httpMethod = "GET", value = "Get device details of non-compliant devices which do not comply to a given policy.", - tags = "Dashboard", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:feature-non-compliant") - }) - } - ) + tags = "Dashboard") @ApiResponses(value = { @ApiResponse( code = 200, diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java index ed9290df4ca..650ae34f7b6 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java @@ -24,13 +24,13 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; -import org.wso2.carbon.apimgt.annotations.api.Scope; -import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.Feature; import org.wso2.carbon.device.mgt.common.app.mgt.Application; @@ -38,7 +38,6 @@ import org.wso2.carbon.device.mgt.common.operation.mgt.Operation; import org.wso2.carbon.device.mgt.common.search.SearchContext; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; -import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.policy.mgt.common.Policy; import org.wso2.carbon.policy.mgt.common.monitor.ComplianceData; @@ -65,64 +64,6 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) -@Scopes( - scopes = { - @Scope( - name = "Getting Details of Registered Devices", - description = "Getting Details of Registered Devices", - key = "cdmf:devices:view", - permissions = {"/device-mgt/devices/owning-device/view"} - ), - @Scope( - name = "Getting Details of a Device", - description = "Getting Details of a Device", - key = "cdmf:devices:details", - permissions = {"/device-mgt/devices/owning-device/details"} - ), - @Scope( - name = "Delete the device specified by device id", - description = "Delete the device specified by device id", - key = "cdmf:devices:delete", - permissions = {"/device-mgt/devices/owning-device/delete"} - ), - @Scope( - name = "Getting Feature Details of a Device", - description = "Getting Feature Details of a Device", - key = "cdmf:devices:features", - permissions = {"/device-mgt/devices/owning-device/features"} - ), - @Scope( - name = "Advanced Search for Devices", - description = "Advanced Search for Devices", - key = "cdmf:devices:search", - permissions = {"/device-mgt/devices/owning-device/view"} - ), - @Scope( - name = "Getting Installed Application Details of a Device", - description = "Getting Installed Application Details of a Device", - key = "cdmf:devices:applications", - permissions = {"/device-mgt/devices/owning-device/applications"} - ), - @Scope( - name = "Getting Device Operation Details", - description = "Getting Device Operation Details", - key = "cdmf:devices:operations", - permissions = {"/device-mgt/devices/owning-device/operations"} - ), - @Scope( - name = "Get the details of the policy that is enforced on a device.", - description = "Get the details of the policy that is enforced on a device.", - key = "cdmf:devices:effective-policy", - permissions = {"/device-mgt/devices/owning-device/effective-policy"} - ), - @Scope( - name = "Getting Policy Compliance Details of a Device", - description = "Getting Policy Compliance Details of a Device", - key = "cdmf:devices:compliance-data", - permissions = {"/device-mgt/devices/owning-device/compliance-data"} - ) - } -) @Path("/devices") @Api(value = "Device Management", description = "This API carries all device management related operations " + "such as get all the available devices, etc.") @@ -137,11 +78,13 @@ public interface DeviceManagementService { value = "Getting Details of Registered Devices", notes = "Provides details of all the devices enrolled with WSO2 EMM.", tags = "Device Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:view") - }) - } + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view" + , description = "View Devices") } + ) + } ) @ApiResponses(value = { @ApiResponse(code = 200, message = "OK. \n Successfully fetched the list of devices.", @@ -262,10 +205,12 @@ public interface DeviceManagementService { value = "Getting Details of a Device", notes = "Get the details of a device by specifying the device type and device identifier.", tags = "Device Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:details") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", + description = "View Devices") } + ) } ) @ApiResponses( @@ -337,13 +282,15 @@ public interface DeviceManagementService { @ApiOperation( produces = MediaType.APPLICATION_JSON, httpMethod = "DELETE", - value = "Delete the device specified by device id", + value = "Delete the device speccified by device id", notes = "Returns the status of the deleted device operation.", tags = "Device Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:delete") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", + description = "View Devices") } + ) } ) @ApiResponses( @@ -412,11 +359,13 @@ public interface DeviceManagementService { "Using this REST API you can get the features that can be carried out on a preferred device type," + " such as iOS, Android or Windows.", tags = "Device Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:features") - }) - } + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", + description = "View Devices") } + ) + } ) @ApiResponses( value = { @@ -501,10 +450,12 @@ public interface DeviceManagementService { value = "Advanced Search for Devices", notes = "Search for devices by filtering the search result through the specified search terms.", tags = "Device Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:search") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", + description = "View Devices") } + ) } ) @ApiResponses( @@ -578,12 +529,13 @@ public interface DeviceManagementService { value = "Getting Installed Application Details of a Device", notes = "Get the list of applications subscribed to by a device.", tags = "Device Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:applications") - }) - - } + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", + description = "View Devices") } + ) + } ) @ApiResponses( value = { @@ -681,11 +633,13 @@ public interface DeviceManagementService { value = "Getting Device Operation Details", notes = "Get the details of operations carried out on a selected device.", tags = "Device Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:operations") - }) - } + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", + description = "View Devices") } + ) + } ) @ApiResponses( value = { @@ -792,11 +746,13 @@ public interface DeviceManagementService { "WSO2 EMM filters the policies based on the device platform (device type)," + "the device ownership type, the user role or name and finally, the policy that matches these filters will be enforced on the device.", tags = "Device Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:effective-policy") - }) - } + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", + description = "View Devices") } + ) + } ) @ApiResponses( value = { @@ -881,10 +837,12 @@ public interface DeviceManagementService { notes = "A policy is enforced on the devices that register with WSO2 EMM. " + "The server checks if the settings in the device comply with the policy that is enforced on the device using this REST API.", tags = "Device Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:compliance-data") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", + description = "View Devices") } + ) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java index 963edc84f75..94b06ea7513 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java @@ -24,16 +24,15 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; -import org.wso2.carbon.apimgt.annotations.api.Scope; -import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceTypeList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; -import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -55,22 +54,6 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) -@Scopes( - scopes = { - @Scope( - name = "Getting the Supported Device Platforms", - description = "Getting the Supported Device Platforms", - key = "cdmf:device-types:types", - permissions = {"/device-mgt/device-types/types"} - ), - @Scope( - name = "Get Feature Details of a Device Type", - description = "Get Feature Details of a Device Type", - key = "cdmf:device-types:features", - permissions = {"/device-mgt/device-types/features"} - ) - } -) @Path("/device-types") @Api(value = "Device Type Management", description = "This API corresponds to all tasks related to device " + "type management") @@ -85,10 +68,12 @@ public interface DeviceTypeManagementService { value = "Getting the Supported Device Platforms", notes = "Get the list of device platforms supported by WSO2 EMM.", tags = "Device Type Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:device-types:types") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", + description = "View Device Types") } + ) } ) @ApiResponses( @@ -138,7 +123,6 @@ public interface DeviceTypeManagementService { String ifModifiedSince); @GET - @Path("/{type}/features") @ApiOperation( produces = MediaType.APPLICATION_JSON, httpMethod = "GET", @@ -147,10 +131,12 @@ public interface DeviceTypeManagementService { "Using this REST API you can get the features that can be carried out on a preferred device type," + " such as iOS, Android or Windows.", tags = "Device Type Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:device-types:features") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", + description = "View Device Types") } + ) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java index aff13f24375..a982a3c3d53 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java @@ -24,6 +24,8 @@ import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; +import io.swagger.annotations.Authorization; +import io.swagger.annotations.AuthorizationScope; import io.swagger.annotations.Extension; import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Info; @@ -31,15 +33,12 @@ import io.swagger.annotations.ResponseHeader; import io.swagger.annotations.SwaggerDefinition; import io.swagger.annotations.Tag; import org.apache.axis2.transport.http.HTTPConstants; -import org.wso2.carbon.apimgt.annotations.api.Scope; -import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.DeviceIdentifier; import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceGroupList; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; -import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.Valid; import javax.ws.rs.Consumes; @@ -75,82 +74,6 @@ import java.util.List; "details.") } ) -@Scopes( - scopes = { - @Scope( - name = "Get the list of groups belongs to current user.", - description = "Get the list of groups belongs to current user.", - key = "cdmf:groups:groups", - permissions = {"/device-mgt/groups/groups"} - ), - @Scope( - name = "Get the count of groups belongs to current user.", - description = "Get the count of groups belongs to current user.", - key = "cdmf:groups:count", - permissions = {"/device-mgt/groups/count"} - ), - @Scope( - name = "Add new device group to the system.", - description = "Add new device group to the system.", - key = "cdmf:groups:add", - permissions = {"/device-mgt/groups/add"} - ), - @Scope( - name = "View group specified", - description = "View group specified", - key = "cdmf:groups:groups-view", - permissions = {"/device-mgt/groups/groups-view"} - ), - @Scope( - name = "Update a group", - description = "Update a group", - key = "cdmf:groups:update", - permissions = {"/device-mgt/groups/update"} - ), - @Scope( - name = "Delete a group", - description = "Delete a group", - key = "cdmf:groups:remove", - permissions = {"/device-mgt/groups/remove"} - ), - @Scope( - name = "Manage group sharing with a user", - description = "Manage group sharing with a user", - key = "cdmf:groups:share", - permissions = {"/device-mgt/groups/share"} - ), - @Scope( - name = "View list of roles of a device group", - description = "View list of roles of a device group", - key = "cdmf:groups:roles", - permissions = {"/device-mgt/groups/roles"} - ), - @Scope( - name = "View list of devices in the device group", - description = "View list of devices in the device group", - key = "cdmf:groups:devices", - permissions = {"/device-mgt/groups/devices"} - ), - @Scope( - name = "View list of device count in the device group", - description = "View list of device count in the device group", - key = "cdmf:groups:devices-count", - permissions = {"/device-mgt/groups/devices/devices-count"} - ), - @Scope( - name = "Add devices to group", - description = "Add devices to group", - key = "cdmf:groups:devices-add", - permissions = {"/device-mgt/groups/devices/devices-add"} - ), - @Scope( - name = "Remove devices from group", - description = "Remove devices from group", - key = "cdmf:groups:devices-remove", - permissions = {"/device-mgt/groups/devices/devices-remove"} - ) - } -) @Path("/groups") @Api(value = "Device Group Management", description = "This API carries all device group management related " + "operations such as get all the available groups, etc.") @@ -165,10 +88,12 @@ public interface GroupManagementService { value = "Get the list of groups belongs to current user.", notes = "Returns all permitted groups enrolled with the system.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:groups") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", + description = "View Groups") } + ) } ) @ApiResponses(value = { @@ -228,12 +153,13 @@ public interface GroupManagementService { value = "Get the count of groups belongs to current user.", notes = "Returns count of all permitted groups enrolled with the system.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:count") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", + description = "View Groups") } + ) } - ) @ApiResponses(value = { @ApiResponse(code = 200, message = "OK. \n Successfully fetched the device group count.", @@ -276,10 +202,12 @@ public interface GroupManagementService { value = "Add new device group to the system.", notes = "Add device group with current user as the owner.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:add") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/add", + description = "Add Group") } + ) } ) @ApiResponses( @@ -342,10 +270,12 @@ public interface GroupManagementService { value = "View group specified.", notes = "Returns details of group enrolled with the system.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:groups-view") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", + description = "View Groups") } + ) } ) @ApiResponses(value = { @@ -395,10 +325,12 @@ public interface GroupManagementService { notes = "If you wish to make changes to an existing group, that can be done by updating the group using " + "this resource.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:update") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/update", + description = "Update Group") } + ) } ) @ApiResponses(value = { @@ -452,10 +384,12 @@ public interface GroupManagementService { notes = "If you wish to remove an existing group, that can be done by updating the group using " + "this resource.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:remove") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/remove", + description = "Remove Group") } + ) } ) @ApiResponses(value = { @@ -504,10 +438,12 @@ public interface GroupManagementService { notes = "If you wish to share /un share an existing group with a user under defined sharing roles, " + "that can be done using this resource.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:share") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/share", + description = "Share Group") } + ) } ) @ApiResponses(value = { @@ -560,10 +496,12 @@ public interface GroupManagementService { value = "View list of roles of a device group.", notes = "Returns details of roles which particular group has been shared with.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:roles") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/roles/view", + description = "View roles") } + ) } ) @ApiResponses(value = { @@ -612,10 +550,12 @@ public interface GroupManagementService { value = "View list of devices in the device group.", notes = "Returns list of devices in the device group.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/view", + description = "View devices") } + ) } ) @ApiResponses(value = { @@ -672,10 +612,12 @@ public interface GroupManagementService { value = "View list of device count in the device group.", notes = "Returns device count in the device group.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-count") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/view", + description = "View devices") } + ) } ) @ApiResponses(value = { @@ -724,10 +666,12 @@ public interface GroupManagementService { value = "Add devices to group.", notes = "Add existing devices to the device group.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-add") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/add", + description = "Add devices") } + ) } ) @ApiResponses(value = { @@ -780,10 +724,12 @@ public interface GroupManagementService { value = "Remove devices from group.", notes = "Remove existing devices from the device group.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-remove") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/remove", + description = "Remove devices") } + ) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java index a3d0d556f3b..0a2998251c8 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java @@ -24,17 +24,16 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; -import org.wso2.carbon.apimgt.annotations.api.Scope; -import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.notification.mgt.Notification; import org.wso2.carbon.device.mgt.jaxrs.NotificationList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; -import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Max; import javax.validation.constraints.Size; @@ -61,22 +60,6 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) -@Scopes( - scopes = { - @Scope( - name = "Getting All Device Notification Details", - description = "Getting All Device Notification Details", - key = "cdmf:notifications:view", - permissions = {"/device-mgt/notifications/view"} - ), - @Scope( - name = "Updating the Device Notification Status", - description = "Updating the Device Notification Status", - key = "cdmf:notifications:mark-checked", - permissions = {"/device-mgt/notifications/mark-checked"} - ) - } -) @Api(value = "Device Notification Management", description = "Device notification related operations can be found here.") @Path("/notifications") @Produces(MediaType.APPLICATION_JSON) @@ -90,10 +73,12 @@ public interface NotificationManagementService { value = "Getting All Device Notification Details", notes = "Get the details of all the notifications that were pushed to the devices registered with WSO2 EMM using this REST API.", tags = "Device Notification Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:notifications:view") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/notifications/view", + description = "View notifications") } + ) } ) @ApiResponses( @@ -179,10 +164,12 @@ public interface NotificationManagementService { notes = "When a user has read the the device notification the device notification status must " + "change from NEW to CHECKED. This API is used to update device notification status.", tags = "Device Notification Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:notifications:mark-checked") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/notifications/view", + description = "View notifications") } + ) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java index 2994994ac00..6a77938b0fe 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java @@ -24,17 +24,16 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; -import org.wso2.carbon.apimgt.annotations.api.Scope; -import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.PriorityUpdatedPolicyWrapper; -import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.policy.mgt.common.Policy; import javax.validation.Valid; @@ -63,64 +62,6 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) -@Scopes( - scopes = { - @Scope( - name = "Adding a Policy", - description = "Adding a Policy", - key = "cdmf:policies:manage", - permissions = {"/device-mgt/policies/manage"} - ), - @Scope( - name = "Getting Details of Policies", - description = "Getting Details of Policies", - key = "cdmf:policies:get-details", - permissions = {"/device-mgt/policies/get-details"} - ), - @Scope( - name = "Getting Details of a Policy", - description = "Getting Details of a Policy", - key = "cdmf:policies:get-policy-details", - permissions = {"/device-mgt/policies/get-policy-details"} - ), - @Scope( - name = "Updating a Policy", - description = "Updating a Policy", - key = "cdmf:policies:update", - permissions = {"/device-mgt/policies/update"} - ), - @Scope( - name = "Removing Multiple Policies", - description = "Removing Multiple Policies", - key = "cdmf:policies:remove", - permissions = {"/device-mgt/policies/remove"} - ), - @Scope( - name = "Activating Policies", - description = "Activating Policies", - key = "cdmf:policies:activate", - permissions = {"/device-mgt/policies/activate"} - ), - @Scope( - name = "Deactivating Policies", - description = "Deactivating Policies", - key = "cdmf:policies:deactivate", - permissions = {"/device-mgt/policies/deactivate"} - ), - @Scope( - name = "Applying Changes on Policies", - description = "Applying Changes on Policies", - key = "cdmf:policies:changes", - permissions = {"/device-mgt/policies/changes"} - ), - @Scope( - name = "Updating the Policy Priorities", - description = "Updating the Policy Priorities", - key = "cdmf:policies:priorities", - permissions = {"/device-mgt/policies/priorities"} - ) - } -) @Api(value = "Device Policy Management", description = "This API includes the functionality around device policy management") @Path("/policies") @Produces(MediaType.APPLICATION_JSON) @@ -136,10 +77,12 @@ public interface PolicyManagementService { notes = "Add a policy using this REST API command. When adding a policy you will have the option of saving the policy or saving and publishing the policy." + "Using this REST API you are able to save a created Policy and this policy will be in the inactive state.", tags = "Device Policy Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:manage") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", + description = "Manage policies") } + ) } ) @ApiResponses( @@ -204,10 +147,12 @@ public interface PolicyManagementService { notes = "Retrieve the details of all the policies in WSO2 EMM.", response = Policy.class, tags = "Device Policy Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:get-details") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/policies/view", + description = "View policies") } + ) } ) @ApiResponses( @@ -279,10 +224,12 @@ public interface PolicyManagementService { notes = "Retrieve the details of a policy that is in WSO2 EMM.", response = Policy.class, tags = "Device Policy Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:get-policy-details") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/policies/view", + description = "View policies") } + ) } ) @ApiResponses( @@ -347,10 +294,12 @@ public interface PolicyManagementService { value = "Updating a Policy", notes = "Make changes to an existing policy by updating the policy using this resource.", tags = "Device Policy Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:update") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", + description = "Manage policies") } + ) } ) @ApiResponses( @@ -415,10 +364,12 @@ public interface PolicyManagementService { value = "Removing Multiple Policies", notes = "Delete one or more than one policy using this API.", tags = "Device Policy Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:remove") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", + description = "Manage policies") } + ) } ) @ApiResponses( @@ -461,10 +412,12 @@ public interface PolicyManagementService { value = "Activating Policies", notes = "Publish a policy using this API to bring a policy that is in the inactive state to the active state.", tags = "Device Policy Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:activate") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", + description = "Manage policies") } + ) } ) @ApiResponses( @@ -502,10 +455,12 @@ public interface PolicyManagementService { value = "Deactivating Policies", notes = "Unpublish a policy using this API to bring a policy that is in the active state to the inactive state.", tags = "Device Policy Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:deactivate") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", + description = "Manage policies") } + ) } ) @ApiResponses( @@ -548,10 +503,12 @@ public interface PolicyManagementService { " devices will not receive these changes immediately. Once all the required changes are made" + " you need to apply the changes to push the policy changes to the existing devices.", tags = "Device Policy Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:changes") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", + description = "Manage policies") } + ) } ) @ApiResponses( @@ -576,11 +533,13 @@ public interface PolicyManagementService { value = "Updating the Policy Priorities", notes = "Make changes to the existing policy priority order by updating the priority order using this API.", tags = "Device Policy Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:priorities") - }) - } + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", + description = "Manage policies") } + ) + } ) @ApiResponses( value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java index b308ddc9702..cc894b9c0b0 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java @@ -24,17 +24,16 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; -import org.wso2.carbon.apimgt.annotations.api.Scope; -import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; -import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.user.mgt.common.UIPermissionNode; import javax.ws.rs.*; @@ -57,58 +56,6 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) -@Scopes( - scopes = { - @Scope( - name = "Getting the List of Roles", - description = "Getting the List of Roles", - key = "cdmf:roles:view", - permissions = {"/device-mgt/roles/view"} - ), - @Scope( - name = "Getting Permission Details of a Role", - description = "Getting Permission Details of a Role", - key = "cdmf:roles:permissions", - permissions = {"/device-mgt/roles/permissions"} - ), - @Scope( - name = "Getting the List of Roles", - description = "Getting the List of Roles", - key = "cdmf:roles:details", - permissions = {"/device-mgt/roles/details"} - ), - @Scope( - name = "Adding a Role", - description = "Adding a Role", - key = "cdmf:roles:add", - permissions = {"/device-mgt/roles/add"} - ), - @Scope( - name = "Adding a combined Role", - description = "Adding a combined Role", - key = "cdmf:roles:create-combined-role", - permissions = {"/device-mgt/roles/create-combined-role"} - ), - @Scope( - name = "Updating Role Details", - description = "Updating Role Details", - key = "cdmf:roles:update", - permissions = {"/device-mgt/roles/update"} - ), - @Scope( - name = "Deleting a Role", - description = "Deleting a Role", - key = "cdmf:roles:delete", - permissions = {"/device-mgt/roles/delete"} - ), - @Scope( - name = "Adding Users to a Role", - description = "Adding Users to a Role", - key = "cdmf:roles:add-users", - permissions = {"/device-mgt/roles/add-users"} - ) - } -) @Path("/roles") @Api(value = "Role Management", description = "Role management related operations can be found here.") @Produces(MediaType.APPLICATION_JSON) @@ -123,10 +70,11 @@ public interface RoleManagementService { notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Using this API you can the list of roles that are in WSO2 EMM.\n" + "Note: Internal roles, roles created for service-providers, and application related roles will not be given in the output.", tags = "Role Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:view") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", description = "View Roles") } + ) } ) @ApiResponses( @@ -203,10 +151,11 @@ public interface RoleManagementService { response = UIPermissionNode.class, responseContainer = "List", tags = "Role Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:permissions") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", description = "View Roles") } + ) } ) @ApiResponses( @@ -278,10 +227,12 @@ public interface RoleManagementService { notes = "Get the permissions associated with a role and role specific details using this REST API.", response = RoleInfo.class, tags = "Role Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:details") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", + description = "View Roles") } + ) } ) @ApiResponses( @@ -352,10 +303,12 @@ public interface RoleManagementService { value = "Adding a Role", notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Add a new role to WSO2 EMM using this REST API.", tags = "Role Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:add") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", + description = "Manage Roles") } + ) } ) @ApiResponses(value = { @@ -412,10 +365,12 @@ public interface RoleManagementService { value = "Adding a combined Role", notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Add a new combined role to WSO2 EMM using this REST API.", tags = "Role Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:create-combined-role") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", + description = "Manage Roles") } + ) } ) @ApiResponses(value = { @@ -475,10 +430,12 @@ public interface RoleManagementService { notes = "There will be situations where you need to update the role details, such as the permissions" + " or the role name. Update the role details using this REST API.", tags = "Role Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:update") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", + description = "Manage Roles") } + ) } ) @ApiResponses(value = { @@ -541,10 +498,12 @@ public interface RoleManagementService { notes = "Roles become obsolete over time due to various reasons. In a situation where your Organization identifies that a specific role is no longer required, you " + "can delete a role using this REST API.", tags = "Role Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:delete") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", + description = "Manage Roles") } + ) } ) @ApiResponses(value = { @@ -591,10 +550,12 @@ public interface RoleManagementService { "be cumbersome. Therefore, you can define all the new employees that belong to the engineering " + "role using this API.", tags = "Role Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:add-users") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", + description = "Manage Roles") } + ) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java index e7154089c60..b211a3a1012 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java @@ -24,14 +24,14 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; -import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.*; -import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.*; import javax.ws.rs.core.MediaType; @@ -53,76 +53,6 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) -@Scopes( - scopes = { - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Adding a User", - description = "Adding a User", - key = "cdmf:users:add", - permissions = {"/device-mgt/users/add"} - ), - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Getting Details of a User", - description = "Getting Details of a User", - key = "cdmf:users:details", - permissions = {"/device-mgt/users/details"} - ), - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Updating Details of a User", - description = "Updating Details of a User", - key = "cdmf:users:update", - permissions = {"/device-mgt/policies/update"} - ), - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Deleting a User", - description = "Deleting a User", - key = "cdmf:users:delete", - permissions = {"/device-mgt/policies/delete"} - ), - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Getting the Role Details of a User", - description = "Getting the Role Details of a User", - key = "cdmf:users:roles", - permissions = {"/device-mgt/policies/roles"} - ), - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Getting Details of Users", - description = "Getting Details of Users", - key = "cdmf:users:user-details", - permissions = {"/device-mgt/policies/user-details"} - ), - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Getting the User Count", - description = "Getting the User Count", - key = "cdmf:users:count", - permissions = {"/device-mgt/policies/count"} - ), - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Getting the User existence status", - description = "Getting the User existence status", - key = "cdmf:users:is-exist", - permissions = {"/device-mgt/policies/is-exist"} - ), - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Searching for a User Name", - description = "Searching for a User Name", - key = "cdmf:users:search", - permissions = {"/device-mgt/policies/search"} - ), - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Changing the User Password", - description = "Adding a User", - key = "cdmf:users:credentials", - permissions = {"/device-mgt/policies/credentials"} - ), - @org.wso2.carbon.apimgt.annotations.api.Scope( - name = "Sending Enrollment Invitations to Users", - description = "Sending Enrollment Invitations to Users", - key = "cdmf:users:send-invitation", - permissions = {"/device-mgt/policies/send-invitation"} - ) - } -) @Path("/users") @Api(value = "User Management", description = "User management related operations can be found here.") @Produces(MediaType.APPLICATION_JSON) @@ -137,10 +67,12 @@ public interface UserManagementService { value = "Adding a User", notes = "WSO2 EMM supports user management. Add a new user to the WSO2 EMM user management system via this REST API", tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:add") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", + description = "Manage Users") } + ) } ) @ApiResponses( @@ -197,10 +129,12 @@ public interface UserManagementService { notes = "Get the details of a user registered with WSO2 EMM using the REST API.", response = BasicUserInfo.class, tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:details") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", + description = "View Users") } + ) } ) @ApiResponses(value = { @@ -268,10 +202,12 @@ public interface UserManagementService { notes = "There will be situations where you will want to update the user details. In such " + "situation you can update the user details using this REST API.", tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:update") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", + description = "Manage Users") } + ) } ) @ApiResponses(value = { @@ -333,10 +269,12 @@ public interface UserManagementService { value = "Deleting a User", notes = "When an employee leaves the organization, you can remove the user details from WSO2 EMM using this REST API.", tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:delete") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", + description = "Manage Users") } + ) } ) @ApiResponses(value = { @@ -376,10 +314,12 @@ public interface UserManagementService { value = "Getting the Role Details of a User", notes = "A user can be assigned to one or more role in EMM. Using this REST API you can get the role/roles a user is assigned to.", tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:roles") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", + description = "View Users") } + ) } ) @ApiResponses(value = { @@ -438,10 +378,12 @@ public interface UserManagementService { notes = "You are able to manage users in WSO2 EMM by adding, updating and removing users. If you wish to get the list of users registered with WSO2 EMM, you can do so " + "using this REST API", tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:user-details") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", + description = "View Users") } + ) } ) @ApiResponses(value = { @@ -509,10 +451,11 @@ public interface UserManagementService { value = "Getting the User Count", notes = "Get the number of users in WSO2 EMM via this REST API.", tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:count") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", description = "View Users") } + ) } ) @ApiResponses(value = { @@ -544,10 +487,12 @@ public interface UserManagementService { value = "Getting the User existence status", notes = "Check if the user exists in the user store.", tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:is-exist") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", + description = "View Users") } + ) } ) @ApiResponses(value = { @@ -587,10 +532,11 @@ public interface UserManagementService { + "You will be given a list of users having the user name in the exact order of the " + "characters you provided.", tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:search") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", description = "View Users") } + ) } ) @ApiResponses(value = { @@ -664,10 +610,11 @@ public interface UserManagementService { value = "Changing the User Password", notes = "A user is able to change the password to secure their WSO2 EMM profile via this REST API.", tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:credentials") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/login", description = "Reset user password") } + ) } ) @ApiResponses(value = { @@ -709,10 +656,11 @@ public interface UserManagementService { notes = "Send the users a mail inviting them to download the EMM mobile application on their devices using the REST API given below.\n" + "Before running the REST API command to send the enrollment invitations to users make sure to configure WSO2 EMM as explained in step 4, under the WSO2 EMM general server configurations documentation.", tags = "User Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:send-invitation") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", description = "Manage Users") } + ) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java index 450b3a3778d..8f492612023 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java @@ -18,18 +18,9 @@ */ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin; -import io.swagger.annotations.SwaggerDefinition; -import io.swagger.annotations.Info; -import io.swagger.annotations.ExtensionProperty; -import io.swagger.annotations.Extension; -import io.swagger.annotations.Tag; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; -import io.swagger.annotations.ApiResponse; -import io.swagger.annotations.ApiResponses; +import io.swagger.annotations.*; +import org.wso2.carbon.apimgt.annotations.api.*; import org.wso2.carbon.apimgt.annotations.api.Scope; -import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; @@ -64,16 +55,10 @@ import javax.ws.rs.core.Response; @Scopes( scopes = { @Scope( - name = "Installing an Application (Internal API)", - description = "Installing an Application (Internal API)", - key = "cdmf:applications:install", - permissions = {"/device-mgt/applications/install"} - ), - @Scope( - name = "Uninstalling an Application (Internal API)", - description = "Uninstalling an Application (Internal API)", - key = "cdmf:applications:uninstall", - permissions = {"/device-mgt/applications/uninstall"} + name = "Manage application", + description = "", + key = "cdmf:manage-application", + permissions = {"/device-mgt/applications/manage"} ) } ) @@ -93,7 +78,7 @@ public interface ApplicationManagementAdminService { tags = "Application Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:applications:install") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-application") }) } ) @@ -137,7 +122,7 @@ public interface ApplicationManagementAdminService { tags = "Application Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:applications:uninstall") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-application") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java index 72ba18d5065..a2e80bcbf9d 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java @@ -24,6 +24,8 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; @@ -64,10 +66,10 @@ import javax.ws.rs.core.Response; @Scopes( scopes = { @Scope( - name = "Getting Details of a Device", - description = "Getting Details of a Device", - key = "cdmf:admin:devices:view", - permissions = {"/device-mgt/devices/admin/devices/view"} + name = "Manage device", + description = "", + key = "cdmf:manage-own-device", + permissions = {"/device-mgt/devices/owning-device/view"} ) } ) @@ -84,7 +86,7 @@ public interface DeviceManagementAdminService { tags = "Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin:devices:view") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-own-device") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java index 06d0842985f..b5716e9db39 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java @@ -25,6 +25,8 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; @@ -67,14 +69,8 @@ import javax.ws.rs.core.Response; @Scope( name = "View groups", description = "", - key = "cdmf:admin-groups:view", + key = "cdmf:view-groups", permissions = {"/device-mgt/admin/groups/view"} - ), - @Scope( - name = "Count groups", - description = "", - key = "cdmf:admin-groups:count", - permissions = {"/device-mgt/admin/groups/count"} ) } ) @@ -89,7 +85,7 @@ public interface GroupManagementAdminService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-groups:view") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:view-groups") }) } ) @@ -150,10 +146,12 @@ public interface GroupManagementAdminService { value = "Get the count of groups belongs to current user.", notes = "Returns count of all permitted groups enrolled with the system.", tags = "Device Group Management", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-groups:count") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/admin/groups/view", description + = "View Groups") } + ) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java index fbb3603e569..99914a94aba 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java @@ -24,15 +24,14 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; -import org.wso2.carbon.apimgt.annotations.api.Scope; -import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper; -import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -54,16 +53,6 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) -@Scopes( - scopes = { - @Scope( - name = "View Users", - description = "View Users", - key = "cdmf:admin-users:view", - permissions = {"/device-mgt/admin/users/view"} - ) - } -) @Path("/admin/users") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) @@ -82,10 +71,12 @@ public interface UserManagementAdminService { notes = "The EMM administrator is able to change the password of the users in " + "the system and block them from logging into their EMM profile using this REST API.", tags = "User Management Administrative Service", - extensions = { - @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-users:view") - }) + authorizations = { + @Authorization( + value="permission", + scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", description + = "View Users") } + ) } ) @ApiResponses(value = { From 0bd7b90e9aa9a6a363acea28ed6724c804b79201 Mon Sep 17 00:00:00 2001 From: GPrathap Date: Mon, 19 Dec 2016 18:23:06 +0530 Subject: [PATCH 10/14] added scope annotation --- .../CertificateManagementAdminService.java | 48 +++-- .../api/ActivityInfoProviderService.java | 22 +- .../api/ConfigurationManagementService.java | 10 +- .../service/api/DeviceManagementService.java | 166 ++++++++------ .../api/DeviceTypeManagementService.java | 42 ++-- .../service/api/GroupManagementService.java | 202 +++++++++++------- .../api/NotificationManagementService.java | 41 ++-- .../service/api/PolicyManagementService.java | 155 +++++++++----- .../service/api/RoleManagementService.java | 135 +++++++----- .../service/api/UserManagementService.java | 183 ++++++++++------ .../ApplicationManagementAdminService.java | 31 ++- .../admin/DeviceManagementAdminService.java | 12 +- .../admin/GroupManagementAdminService.java | 22 +- .../api/admin/UserManagementAdminService.java | 25 ++- 14 files changed, 705 insertions(+), 389 deletions(-) diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java index 3f849cba9ce..df92a10eb33 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java @@ -1,6 +1,16 @@ package org.wso2.carbon.certificate.mgt.cert.jaxrs.api; -import io.swagger.annotations.*; +import io.swagger.annotations.SwaggerDefinition; +import io.swagger.annotations.Info; +import io.swagger.annotations.ExtensionProperty; +import io.swagger.annotations.Extension; +import io.swagger.annotations.Tag; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; +import io.swagger.annotations.ResponseHeader; import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList; @@ -31,16 +41,28 @@ import javax.ws.rs.core.Response; @Path("/admin/certificates") @Scopes(scopes = { @Scope( - name = "Manage certificates", - description = "", - key = "cdmf:manage-certificate", - permissions = {"/device-mgt/certificates/manage"} + name = "Adding a new SSL certificate", + description = "Adding a new SSL certificate", + key = "cdmf:admin:certificates:add", + permissions = {"/device-mgt/admin/certificates/add"} ), @Scope( - name = "View certificate", - description = "", - key = "cdmf:view-certificate", - permissions = {"/device-mgt/certificates/view"} + name = "Getting Details of an SSL Certificate", + description = "Getting Details of an SSL Certificate", + key = "cdmf:admin:certificates:details", + permissions = {"/device-mgt/admin/certificates/details"} + ), + @Scope( + name = "Getting Details of Certificates", + description = "Getting Details of Certificates", + key = "cdmf:admin:certificates:view", + permissions = {"/device-mgt/admin/certificates/view"} + ), + @Scope( + name = "Deleting an SSL Certificate", + description = "Deleting an SSL Certificate", + key = "cdmf:admin:certificates:delete", + permissions = {"/device-mgt/admin/certificates/delete"} ) } ) @@ -67,7 +89,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:manage-certificate") + @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:add") }) } ) @@ -136,7 +158,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:view-certificate") + @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:details") }) } ) @@ -207,7 +229,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:view-certificate") + @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:view") }) } ) @@ -286,7 +308,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:manage-certificate") + @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:delete") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java index 9c3e2c4f5bc..3a040fa2161 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java @@ -18,7 +18,17 @@ */ package org.wso2.carbon.device.mgt.jaxrs.service.api; -import io.swagger.annotations.*; +import io.swagger.annotations.SwaggerDefinition; +import io.swagger.annotations.Info; +import io.swagger.annotations.ExtensionProperty; +import io.swagger.annotations.Extension; +import io.swagger.annotations.Tag; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; +import io.swagger.annotations.ResponseHeader; import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; @@ -55,9 +65,9 @@ import javax.ws.rs.core.Response; @Scopes( scopes = { @Scope( - name = "Get activities", - description = "Get activities", - key = "cdmf:get-activity", + name = "Getting Details of an Activity", + description = "Getting Details of an Activity", + key = "cdmf:activities:details", permissions = {"/device-mgt/devices/owning-device/view"} ) } @@ -77,7 +87,7 @@ public interface ActivityInfoProviderService { tags = "Activity Info Provider", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:activities:details") }) } ) @@ -150,7 +160,7 @@ public interface ActivityInfoProviderService { tags = "Activity Info Provider", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:activities:details") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java index 504bd75f1d7..87fa47c5d3e 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java @@ -24,8 +24,6 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; @@ -68,13 +66,13 @@ import javax.ws.rs.core.Response; @Scope( name = "View configurations", description = "", - key = "cdmf:view-configuration", + key = "cdmf:configuration:view", permissions = {"/device-mgt/platform-configurations/view"} ), @Scope( name = "Manage configurations", description = "", - key = "cdmf:manage-configuration", + key = "cdmf:configuration:manage", permissions = {"/device-mgt/platform-configurations/manage"} ) } @@ -92,7 +90,7 @@ public interface ConfigurationManagementService { tags = "Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:view-configuration") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:configuration:view") }) } ) @@ -151,7 +149,7 @@ public interface ConfigurationManagementService { tags = "Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-configuration") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:configuration:manage") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java index 650ae34f7b6..ed9290df4ca 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java @@ -24,13 +24,13 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.Feature; import org.wso2.carbon.device.mgt.common.app.mgt.Application; @@ -38,6 +38,7 @@ import org.wso2.carbon.device.mgt.common.operation.mgt.Operation; import org.wso2.carbon.device.mgt.common.search.SearchContext; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.policy.mgt.common.Policy; import org.wso2.carbon.policy.mgt.common.monitor.ComplianceData; @@ -64,6 +65,64 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting Details of Registered Devices", + description = "Getting Details of Registered Devices", + key = "cdmf:devices:view", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Getting Details of a Device", + description = "Getting Details of a Device", + key = "cdmf:devices:details", + permissions = {"/device-mgt/devices/owning-device/details"} + ), + @Scope( + name = "Delete the device specified by device id", + description = "Delete the device specified by device id", + key = "cdmf:devices:delete", + permissions = {"/device-mgt/devices/owning-device/delete"} + ), + @Scope( + name = "Getting Feature Details of a Device", + description = "Getting Feature Details of a Device", + key = "cdmf:devices:features", + permissions = {"/device-mgt/devices/owning-device/features"} + ), + @Scope( + name = "Advanced Search for Devices", + description = "Advanced Search for Devices", + key = "cdmf:devices:search", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Getting Installed Application Details of a Device", + description = "Getting Installed Application Details of a Device", + key = "cdmf:devices:applications", + permissions = {"/device-mgt/devices/owning-device/applications"} + ), + @Scope( + name = "Getting Device Operation Details", + description = "Getting Device Operation Details", + key = "cdmf:devices:operations", + permissions = {"/device-mgt/devices/owning-device/operations"} + ), + @Scope( + name = "Get the details of the policy that is enforced on a device.", + description = "Get the details of the policy that is enforced on a device.", + key = "cdmf:devices:effective-policy", + permissions = {"/device-mgt/devices/owning-device/effective-policy"} + ), + @Scope( + name = "Getting Policy Compliance Details of a Device", + description = "Getting Policy Compliance Details of a Device", + key = "cdmf:devices:compliance-data", + permissions = {"/device-mgt/devices/owning-device/compliance-data"} + ) + } +) @Path("/devices") @Api(value = "Device Management", description = "This API carries all device management related operations " + "such as get all the available devices, etc.") @@ -78,13 +137,11 @@ public interface DeviceManagementService { value = "Getting Details of Registered Devices", notes = "Provides details of all the devices enrolled with WSO2 EMM.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view" - , description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:view") + }) + } ) @ApiResponses(value = { @ApiResponse(code = 200, message = "OK. \n Successfully fetched the list of devices.", @@ -205,12 +262,10 @@ public interface DeviceManagementService { value = "Getting Details of a Device", notes = "Get the details of a device by specifying the device type and device identifier.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:details") + }) } ) @ApiResponses( @@ -282,15 +337,13 @@ public interface DeviceManagementService { @ApiOperation( produces = MediaType.APPLICATION_JSON, httpMethod = "DELETE", - value = "Delete the device speccified by device id", + value = "Delete the device specified by device id", notes = "Returns the status of the deleted device operation.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:delete") + }) } ) @ApiResponses( @@ -359,13 +412,11 @@ public interface DeviceManagementService { "Using this REST API you can get the features that can be carried out on a preferred device type," + " such as iOS, Android or Windows.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:features") + }) + } ) @ApiResponses( value = { @@ -450,12 +501,10 @@ public interface DeviceManagementService { value = "Advanced Search for Devices", notes = "Search for devices by filtering the search result through the specified search terms.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:search") + }) } ) @ApiResponses( @@ -529,13 +578,12 @@ public interface DeviceManagementService { value = "Getting Installed Application Details of a Device", notes = "Get the list of applications subscribed to by a device.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:applications") + }) + + } ) @ApiResponses( value = { @@ -633,13 +681,11 @@ public interface DeviceManagementService { value = "Getting Device Operation Details", notes = "Get the details of operations carried out on a selected device.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:operations") + }) + } ) @ApiResponses( value = { @@ -746,13 +792,11 @@ public interface DeviceManagementService { "WSO2 EMM filters the policies based on the device platform (device type)," + "the device ownership type, the user role or name and finally, the policy that matches these filters will be enforced on the device.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:effective-policy") + }) + } ) @ApiResponses( value = { @@ -837,12 +881,10 @@ public interface DeviceManagementService { notes = "A policy is enforced on the devices that register with WSO2 EMM. " + "The server checks if the settings in the device comply with the policy that is enforced on the device using this REST API.", tags = "Device Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:compliance-data") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java index 94b06ea7513..963edc84f75 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java @@ -24,15 +24,16 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceTypeList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -54,6 +55,22 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting the Supported Device Platforms", + description = "Getting the Supported Device Platforms", + key = "cdmf:device-types:types", + permissions = {"/device-mgt/device-types/types"} + ), + @Scope( + name = "Get Feature Details of a Device Type", + description = "Get Feature Details of a Device Type", + key = "cdmf:device-types:features", + permissions = {"/device-mgt/device-types/features"} + ) + } +) @Path("/device-types") @Api(value = "Device Type Management", description = "This API corresponds to all tasks related to device " + "type management") @@ -68,12 +85,10 @@ public interface DeviceTypeManagementService { value = "Getting the Supported Device Platforms", notes = "Get the list of device platforms supported by WSO2 EMM.", tags = "Device Type Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Device Types") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:device-types:types") + }) } ) @ApiResponses( @@ -123,6 +138,7 @@ public interface DeviceTypeManagementService { String ifModifiedSince); @GET + @Path("/{type}/features") @ApiOperation( produces = MediaType.APPLICATION_JSON, httpMethod = "GET", @@ -131,12 +147,10 @@ public interface DeviceTypeManagementService { "Using this REST API you can get the features that can be carried out on a preferred device type," + " such as iOS, Android or Windows.", tags = "Device Type Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/devices/owning-device/view", - description = "View Device Types") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:device-types:features") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java index 9d1b255e96b..ab274b5a94f 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java @@ -24,8 +24,6 @@ import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; -import io.swagger.annotations.Authorization; -import io.swagger.annotations.AuthorizationScope; import io.swagger.annotations.Extension; import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Info; @@ -33,6 +31,8 @@ import io.swagger.annotations.ResponseHeader; import io.swagger.annotations.SwaggerDefinition; import io.swagger.annotations.Tag; import org.apache.axis2.transport.http.HTTPConstants; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.DeviceIdentifier; import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceGroupList; @@ -40,6 +40,7 @@ import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList; import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceToGroupsAssignment; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.Valid; import javax.ws.rs.Consumes; @@ -75,6 +76,82 @@ import java.util.List; "details.") } ) +@Scopes( + scopes = { + @Scope( + name = "Get the list of groups belongs to current user.", + description = "Get the list of groups belongs to current user.", + key = "cdmf:groups:groups", + permissions = {"/device-mgt/groups/groups"} + ), + @Scope( + name = "Get the count of groups belongs to current user.", + description = "Get the count of groups belongs to current user.", + key = "cdmf:groups:count", + permissions = {"/device-mgt/groups/count"} + ), + @Scope( + name = "Add new device group to the system.", + description = "Add new device group to the system.", + key = "cdmf:groups:add", + permissions = {"/device-mgt/groups/add"} + ), + @Scope( + name = "View group specified", + description = "View group specified", + key = "cdmf:groups:groups-view", + permissions = {"/device-mgt/groups/groups-view"} + ), + @Scope( + name = "Update a group", + description = "Update a group", + key = "cdmf:groups:update", + permissions = {"/device-mgt/groups/update"} + ), + @Scope( + name = "Delete a group", + description = "Delete a group", + key = "cdmf:groups:remove", + permissions = {"/device-mgt/groups/remove"} + ), + @Scope( + name = "Manage group sharing with a user", + description = "Manage group sharing with a user", + key = "cdmf:groups:share", + permissions = {"/device-mgt/groups/share"} + ), + @Scope( + name = "View list of roles of a device group", + description = "View list of roles of a device group", + key = "cdmf:groups:roles", + permissions = {"/device-mgt/groups/roles"} + ), + @Scope( + name = "View list of devices in the device group", + description = "View list of devices in the device group", + key = "cdmf:groups:devices", + permissions = {"/device-mgt/groups/devices"} + ), + @Scope( + name = "View list of device count in the device group", + description = "View list of device count in the device group", + key = "cdmf:groups:devices-count", + permissions = {"/device-mgt/groups/devices/devices-count"} + ), + @Scope( + name = "Add devices to group", + description = "Add devices to group", + key = "cdmf:groups:devices-add", + permissions = {"/device-mgt/groups/devices/devices-add"} + ), + @Scope( + name = "Remove devices from group", + description = "Remove devices from group", + key = "cdmf:groups:devices-remove", + permissions = {"/device-mgt/groups/devices/devices-remove"} + ) + } +) @Path("/groups") @Api(value = "Device Group Management", description = "This API carries all device group management related " + "operations such as get all the available groups, etc.") @@ -89,12 +166,10 @@ public interface GroupManagementService { value = "Get the list of groups belongs to current user.", notes = "Returns all permitted groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", - description = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:groups") + }) } ) @ApiResponses(value = { @@ -154,13 +229,12 @@ public interface GroupManagementService { value = "Get the count of groups belongs to current user.", notes = "Returns count of all permitted groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", - description = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:count") + }) } + ) @ApiResponses(value = { @ApiResponse(code = 200, message = "OK. \n Successfully fetched the device group count.", @@ -203,12 +277,10 @@ public interface GroupManagementService { value = "Add new device group to the system.", notes = "Add device group with current user as the owner.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/add", - description = "Add Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:add") + }) } ) @ApiResponses( @@ -271,12 +343,10 @@ public interface GroupManagementService { value = "View group specified.", notes = "Returns details of group enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/view", - description = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:groups-view") + }) } ) @ApiResponses(value = { @@ -326,12 +396,10 @@ public interface GroupManagementService { notes = "If you wish to make changes to an existing group, that can be done by updating the group using " + "this resource.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/update", - description = "Update Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:update") + }) } ) @ApiResponses(value = { @@ -385,12 +453,10 @@ public interface GroupManagementService { notes = "If you wish to remove an existing group, that can be done by updating the group using " + "this resource.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/remove", - description = "Remove Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:remove") + }) } ) @ApiResponses(value = { @@ -439,12 +505,10 @@ public interface GroupManagementService { notes = "If you wish to share /un share an existing group with a user under defined sharing roles, " + "that can be done using this resource.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/share", - description = "Share Group") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:share") + }) } ) @ApiResponses(value = { @@ -497,12 +561,10 @@ public interface GroupManagementService { value = "View list of roles of a device group.", notes = "Returns details of roles which particular group has been shared with.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/roles/view", - description = "View roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:roles") + }) } ) @ApiResponses(value = { @@ -551,12 +613,10 @@ public interface GroupManagementService { value = "View list of devices in the device group.", notes = "Returns list of devices in the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/view", - description = "View devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices") + }) } ) @ApiResponses(value = { @@ -613,12 +673,10 @@ public interface GroupManagementService { value = "View list of device count in the device group.", notes = "Returns device count in the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/view", - description = "View devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-count") + }) } ) @ApiResponses(value = { @@ -667,12 +725,10 @@ public interface GroupManagementService { value = "Add devices to group.", notes = "Add existing devices to the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/add", - description = "Add devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-add") + }) } ) @ApiResponses(value = { @@ -725,12 +781,10 @@ public interface GroupManagementService { value = "Remove devices from group.", notes = "Remove existing devices from the device group.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/groups/devices/remove", - description = "Remove devices") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-remove") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java index 0a2998251c8..a3d0d556f3b 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java @@ -24,16 +24,17 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.notification.mgt.Notification; import org.wso2.carbon.device.mgt.jaxrs.NotificationList; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Max; import javax.validation.constraints.Size; @@ -60,6 +61,22 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting All Device Notification Details", + description = "Getting All Device Notification Details", + key = "cdmf:notifications:view", + permissions = {"/device-mgt/notifications/view"} + ), + @Scope( + name = "Updating the Device Notification Status", + description = "Updating the Device Notification Status", + key = "cdmf:notifications:mark-checked", + permissions = {"/device-mgt/notifications/mark-checked"} + ) + } +) @Api(value = "Device Notification Management", description = "Device notification related operations can be found here.") @Path("/notifications") @Produces(MediaType.APPLICATION_JSON) @@ -73,12 +90,10 @@ public interface NotificationManagementService { value = "Getting All Device Notification Details", notes = "Get the details of all the notifications that were pushed to the devices registered with WSO2 EMM using this REST API.", tags = "Device Notification Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/notifications/view", - description = "View notifications") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:notifications:view") + }) } ) @ApiResponses( @@ -164,12 +179,10 @@ public interface NotificationManagementService { notes = "When a user has read the the device notification the device notification status must " + "change from NEW to CHECKED. This API is used to update device notification status.", tags = "Device Notification Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/notifications/view", - description = "View notifications") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:notifications:mark-checked") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java index 7f282279647..968d0ea0ea0 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java @@ -24,16 +24,17 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.PriorityUpdatedPolicyWrapper; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.policy.mgt.common.Policy; import javax.validation.Valid; @@ -62,6 +63,64 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Adding a Policy", + description = "Adding a Policy", + key = "cdmf:policies:manage", + permissions = {"/device-mgt/policies/manage"} + ), + @Scope( + name = "Getting Details of Policies", + description = "Getting Details of Policies", + key = "cdmf:policies:get-details", + permissions = {"/device-mgt/policies/get-details"} + ), + @Scope( + name = "Getting Details of a Policy", + description = "Getting Details of a Policy", + key = "cdmf:policies:get-policy-details", + permissions = {"/device-mgt/policies/get-policy-details"} + ), + @Scope( + name = "Updating a Policy", + description = "Updating a Policy", + key = "cdmf:policies:update", + permissions = {"/device-mgt/policies/update"} + ), + @Scope( + name = "Removing Multiple Policies", + description = "Removing Multiple Policies", + key = "cdmf:policies:remove", + permissions = {"/device-mgt/policies/remove"} + ), + @Scope( + name = "Activating Policies", + description = "Activating Policies", + key = "cdmf:policies:activate", + permissions = {"/device-mgt/policies/activate"} + ), + @Scope( + name = "Deactivating Policies", + description = "Deactivating Policies", + key = "cdmf:policies:deactivate", + permissions = {"/device-mgt/policies/deactivate"} + ), + @Scope( + name = "Applying Changes on Policies", + description = "Applying Changes on Policies", + key = "cdmf:policies:changes", + permissions = {"/device-mgt/policies/changes"} + ), + @Scope( + name = "Updating the Policy Priorities", + description = "Updating the Policy Priorities", + key = "cdmf:policies:priorities", + permissions = {"/device-mgt/policies/priorities"} + ) + } +) @Api(value = "Device Policy Management", description = "This API includes the functionality around device policy management") @Path("/policies") @Produces(MediaType.APPLICATION_JSON) @@ -77,12 +136,10 @@ public interface PolicyManagementService { notes = "Add a policy using this REST API command. When adding a policy you will have the option of saving the policy or saving and publishing the policy." + "Using this REST API you are able to save a created Policy and this policy will be in the inactive state.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:manage") + }) } ) @ApiResponses( @@ -147,12 +204,10 @@ public interface PolicyManagementService { notes = "Retrieve the details of all the policies in WSO2 EMM.", response = Policy.class, tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/view", - description = "View policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:get-details") + }) } ) @ApiResponses( @@ -224,12 +279,10 @@ public interface PolicyManagementService { notes = "Retrieve the details of a policy that is in WSO2 EMM.", response = Policy.class, tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/view", - description = "View policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:get-policy-details") + }) } ) @ApiResponses( @@ -294,12 +347,10 @@ public interface PolicyManagementService { value = "Updating a Policy", notes = "Make changes to an existing policy by updating the policy using this resource.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:update") + }) } ) @ApiResponses( @@ -364,12 +415,10 @@ public interface PolicyManagementService { value = "Removing Multiple Policies", notes = "Delete one or more than one policy using this API.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:remove") + }) } ) @ApiResponses( @@ -412,12 +461,10 @@ public interface PolicyManagementService { value = "Activating Policies", notes = "Publish a policy using this API to bring a policy that is in the inactive state to the active state.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:activate") + }) } ) @ApiResponses( @@ -455,12 +502,10 @@ public interface PolicyManagementService { value = "Deactivating Policies", notes = "Unpublish a policy using this API to bring a policy that is in the active state to the inactive state.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:deactivate") + }) } ) @ApiResponses( @@ -503,12 +548,10 @@ public interface PolicyManagementService { " devices will not receive these changes immediately. Once all the required changes are made" + " you need to apply the changes to push the policy changes to the existing devices.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:changes") + }) } ) @ApiResponses( @@ -533,13 +576,11 @@ public interface PolicyManagementService { value = "Updating the Policy Priorities", notes = "Make changes to the existing policy priority order by updating the priority order using this API.", tags = "Device Policy Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/policies/manage", - description = "Manage policies") } - ) - } + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:priorities") + }) + } ) @ApiResponses( value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java index cc894b9c0b0..b308ddc9702 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java @@ -24,16 +24,17 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; import io.swagger.annotations.ResponseHeader; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import org.wso2.carbon.user.mgt.common.UIPermissionNode; import javax.ws.rs.*; @@ -56,6 +57,58 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "Getting the List of Roles", + description = "Getting the List of Roles", + key = "cdmf:roles:view", + permissions = {"/device-mgt/roles/view"} + ), + @Scope( + name = "Getting Permission Details of a Role", + description = "Getting Permission Details of a Role", + key = "cdmf:roles:permissions", + permissions = {"/device-mgt/roles/permissions"} + ), + @Scope( + name = "Getting the List of Roles", + description = "Getting the List of Roles", + key = "cdmf:roles:details", + permissions = {"/device-mgt/roles/details"} + ), + @Scope( + name = "Adding a Role", + description = "Adding a Role", + key = "cdmf:roles:add", + permissions = {"/device-mgt/roles/add"} + ), + @Scope( + name = "Adding a combined Role", + description = "Adding a combined Role", + key = "cdmf:roles:create-combined-role", + permissions = {"/device-mgt/roles/create-combined-role"} + ), + @Scope( + name = "Updating Role Details", + description = "Updating Role Details", + key = "cdmf:roles:update", + permissions = {"/device-mgt/roles/update"} + ), + @Scope( + name = "Deleting a Role", + description = "Deleting a Role", + key = "cdmf:roles:delete", + permissions = {"/device-mgt/roles/delete"} + ), + @Scope( + name = "Adding Users to a Role", + description = "Adding Users to a Role", + key = "cdmf:roles:add-users", + permissions = {"/device-mgt/roles/add-users"} + ) + } +) @Path("/roles") @Api(value = "Role Management", description = "Role management related operations can be found here.") @Produces(MediaType.APPLICATION_JSON) @@ -70,11 +123,10 @@ public interface RoleManagementService { notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Using this API you can the list of roles that are in WSO2 EMM.\n" + "Note: Internal roles, roles created for service-providers, and application related roles will not be given in the output.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", description = "View Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:view") + }) } ) @ApiResponses( @@ -151,11 +203,10 @@ public interface RoleManagementService { response = UIPermissionNode.class, responseContainer = "List", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", description = "View Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:permissions") + }) } ) @ApiResponses( @@ -227,12 +278,10 @@ public interface RoleManagementService { notes = "Get the permissions associated with a role and role specific details using this REST API.", response = RoleInfo.class, tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/view", - description = "View Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:details") + }) } ) @ApiResponses( @@ -303,12 +352,10 @@ public interface RoleManagementService { value = "Adding a Role", notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Add a new role to WSO2 EMM using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:add") + }) } ) @ApiResponses(value = { @@ -365,12 +412,10 @@ public interface RoleManagementService { value = "Adding a combined Role", notes = "WSO2 EMM supports role-based access control (RBAC) and role management. Add a new combined role to WSO2 EMM using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:create-combined-role") + }) } ) @ApiResponses(value = { @@ -430,12 +475,10 @@ public interface RoleManagementService { notes = "There will be situations where you need to update the role details, such as the permissions" + " or the role name. Update the role details using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:update") + }) } ) @ApiResponses(value = { @@ -498,12 +541,10 @@ public interface RoleManagementService { notes = "Roles become obsolete over time due to various reasons. In a situation where your Organization identifies that a specific role is no longer required, you " + "can delete a role using this REST API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:delete") + }) } ) @ApiResponses(value = { @@ -550,12 +591,10 @@ public interface RoleManagementService { "be cumbersome. Therefore, you can define all the new employees that belong to the engineering " + "role using this API.", tags = "Role Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/roles/manage", - description = "Manage Roles") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:add-users") + }) } ) @ApiResponses( diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java index 41353a0f4ca..f2ad567c6cc 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java @@ -18,7 +18,14 @@ */ package org.wso2.carbon.device.mgt.jaxrs.service.api; +import io.swagger.annotations.SwaggerDefinition; +import io.swagger.annotations.Info; +import io.swagger.annotations.ExtensionProperty; +import io.swagger.annotations.Extension; +import io.swagger.annotations.Tag; import io.swagger.annotations.Api; +import io.swagger.annotations.AuthorizationScope; +import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; @@ -70,6 +77,76 @@ import java.util.List; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Adding a User", + description = "Adding a User", + key = "cdmf:users:add", + permissions = {"/device-mgt/users/add"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Getting Details of a User", + description = "Getting Details of a User", + key = "cdmf:users:details", + permissions = {"/device-mgt/users/details"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Updating Details of a User", + description = "Updating Details of a User", + key = "cdmf:users:update", + permissions = {"/device-mgt/policies/update"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Deleting a User", + description = "Deleting a User", + key = "cdmf:users:delete", + permissions = {"/device-mgt/policies/delete"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Getting the Role Details of a User", + description = "Getting the Role Details of a User", + key = "cdmf:users:roles", + permissions = {"/device-mgt/policies/roles"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Getting Details of Users", + description = "Getting Details of Users", + key = "cdmf:users:user-details", + permissions = {"/device-mgt/policies/user-details"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Getting the User Count", + description = "Getting the User Count", + key = "cdmf:users:count", + permissions = {"/device-mgt/policies/count"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Getting the User existence status", + description = "Getting the User existence status", + key = "cdmf:users:is-exist", + permissions = {"/device-mgt/policies/is-exist"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Searching for a User Name", + description = "Searching for a User Name", + key = "cdmf:users:search", + permissions = {"/device-mgt/policies/search"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Changing the User Password", + description = "Adding a User", + key = "cdmf:users:credentials", + permissions = {"/device-mgt/policies/credentials"} + ), + @org.wso2.carbon.apimgt.annotations.api.Scope( + name = "Sending Enrollment Invitations to Users", + description = "Sending Enrollment Invitations to Users", + key = "cdmf:users:send-invitation", + permissions = {"/device-mgt/policies/send-invitation"} + ) + } +) @Path("/users") @Api(value = "User Management", description = "User management related operations can be found here.") @Produces(MediaType.APPLICATION_JSON) @@ -84,12 +161,10 @@ public interface UserManagementService { value = "Adding a User", notes = "WSO2 IoTS supports user management. Add a new user to the WSO2 IoTS user management system via this REST API", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", - description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:add") + }) } ) @ApiResponses( @@ -146,12 +221,10 @@ public interface UserManagementService { notes = "Get the details of a user registered with WSO2 IoTS using the REST API.", response = BasicUserInfo.class, tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:details") + }) } ) @ApiResponses(value = { @@ -219,12 +292,10 @@ public interface UserManagementService { notes = "There will be situations where you will want to update the user details. In such " + "situation you can update the user details using this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", - description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:update") + }) } ) @ApiResponses(value = { @@ -286,12 +357,10 @@ public interface UserManagementService { value = "Deleting a User", notes = "When an employee leaves the organization, you can remove the user details from WSO2 IoTS using this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", - description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:delete") + }) } ) @ApiResponses(value = { @@ -331,12 +400,10 @@ public interface UserManagementService { value = "Getting the Role Details of a User", notes = "A user can be assigned to one or more role in IoTS. Using this REST API you can get the role/roles a user is assigned to.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:roles") + }) } ) @ApiResponses(value = { @@ -395,12 +462,10 @@ public interface UserManagementService { notes = "You are able to manage users in WSO2 IoTS by adding, updating and removing users. If you wish to get the list of users registered with WSO2 IoTS, you can do so " + "using this REST API", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:user-details") + }) } ) @ApiResponses(value = { @@ -468,11 +533,10 @@ public interface UserManagementService { value = "Getting the User Count", notes = "Get the number of users in WSO2 IoTS via this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:count") + }) } ) @ApiResponses(value = { @@ -504,12 +568,10 @@ public interface UserManagementService { value = "Getting the User existence status", notes = "Check if the user exists in the user store.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", - description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:is-exist") + }) } ) @ApiResponses(value = { @@ -549,11 +611,10 @@ public interface UserManagementService { + "You will be given a list of users having the user name in the exact order of the " + "characters you provided.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/view", description = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:search") + }) } ) @ApiResponses(value = { @@ -627,11 +688,10 @@ public interface UserManagementService { value = "Changing the User Password", notes = "A user is able to change the password to secure their WSO2 IoTS profile via this REST API.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/login", description = "Reset user password") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:credentials") + }) } ) @ApiResponses(value = { @@ -673,11 +733,10 @@ public interface UserManagementService { notes = "Send the users a mail inviting them to enroll their devices using the REST API given below.\n" + "Before running the REST API command to send the enrollment invitations to users make sure to configure WSO2 IoTS as explained in step 4, under the WSO2 IoTS general server configurations documentation.", tags = "User Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", description = "Manage Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:send-invitation") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java index 8f492612023..450b3a3778d 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java @@ -18,9 +18,18 @@ */ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin; -import io.swagger.annotations.*; -import org.wso2.carbon.apimgt.annotations.api.*; +import io.swagger.annotations.SwaggerDefinition; +import io.swagger.annotations.Info; +import io.swagger.annotations.ExtensionProperty; +import io.swagger.annotations.Extension; +import io.swagger.annotations.Tag; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.common.operation.mgt.Activity; import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; @@ -55,10 +64,16 @@ import javax.ws.rs.core.Response; @Scopes( scopes = { @Scope( - name = "Manage application", - description = "", - key = "cdmf:manage-application", - permissions = {"/device-mgt/applications/manage"} + name = "Installing an Application (Internal API)", + description = "Installing an Application (Internal API)", + key = "cdmf:applications:install", + permissions = {"/device-mgt/applications/install"} + ), + @Scope( + name = "Uninstalling an Application (Internal API)", + description = "Uninstalling an Application (Internal API)", + key = "cdmf:applications:uninstall", + permissions = {"/device-mgt/applications/uninstall"} ) } ) @@ -78,7 +93,7 @@ public interface ApplicationManagementAdminService { tags = "Application Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-application") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:applications:install") }) } ) @@ -122,7 +137,7 @@ public interface ApplicationManagementAdminService { tags = "Application Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-application") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:applications:uninstall") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java index a2e80bcbf9d..72ba18d5065 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java @@ -24,8 +24,6 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; @@ -66,10 +64,10 @@ import javax.ws.rs.core.Response; @Scopes( scopes = { @Scope( - name = "Manage device", - description = "", - key = "cdmf:manage-own-device", - permissions = {"/device-mgt/devices/owning-device/view"} + name = "Getting Details of a Device", + description = "Getting Details of a Device", + key = "cdmf:admin:devices:view", + permissions = {"/device-mgt/devices/admin/devices/view"} ) } ) @@ -86,7 +84,7 @@ public interface DeviceManagementAdminService { tags = "Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-own-device") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin:devices:view") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java index b5716e9db39..06d0842985f 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java @@ -25,8 +25,6 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; @@ -69,8 +67,14 @@ import javax.ws.rs.core.Response; @Scope( name = "View groups", description = "", - key = "cdmf:view-groups", + key = "cdmf:admin-groups:view", permissions = {"/device-mgt/admin/groups/view"} + ), + @Scope( + name = "Count groups", + description = "", + key = "cdmf:admin-groups:count", + permissions = {"/device-mgt/admin/groups/count"} ) } ) @@ -85,7 +89,7 @@ public interface GroupManagementAdminService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:view-groups") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-groups:view") }) } ) @@ -146,12 +150,10 @@ public interface GroupManagementAdminService { value = "Get the count of groups belongs to current user.", notes = "Returns count of all permitted groups enrolled with the system.", tags = "Device Group Management", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/admin/groups/view", description - = "View Groups") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-groups:count") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java index 99914a94aba..fbb3603e569 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java @@ -24,14 +24,15 @@ import io.swagger.annotations.ExtensionProperty; import io.swagger.annotations.Extension; import io.swagger.annotations.Tag; import io.swagger.annotations.Api; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Authorization; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.constraints.Size; import javax.ws.rs.*; @@ -53,6 +54,16 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "") } ) +@Scopes( + scopes = { + @Scope( + name = "View Users", + description = "View Users", + key = "cdmf:admin-users:view", + permissions = {"/device-mgt/admin/users/view"} + ) + } +) @Path("/admin/users") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) @@ -71,12 +82,10 @@ public interface UserManagementAdminService { notes = "The EMM administrator is able to change the password of the users in " + "the system and block them from logging into their EMM profile using this REST API.", tags = "User Management Administrative Service", - authorizations = { - @Authorization( - value="permission", - scopes = { @AuthorizationScope(scope = "/device-mgt/users/manage", description - = "View Users") } - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-users:view") + }) } ) @ApiResponses(value = { From d13dadff08efce32a86841c277b4979fb91c4a25 Mon Sep 17 00:00:00 2001 From: Milan Perera Date: Thu, 5 Jan 2017 12:35:02 +0530 Subject: [PATCH 11/14] Renamed prefix of scopes --- .../jaxrs/service/api/ActivityInfoProviderService.java | 6 +++--- .../jaxrs/service/api/ConfigurationManagementService.java | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java index 9c3e2c4f5bc..bf994468041 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java @@ -57,7 +57,7 @@ import javax.ws.rs.core.Response; @Scope( name = "Get activities", description = "Get activities", - key = "cdmf:get-activity", + key = "perm:get-activity", permissions = {"/device-mgt/devices/owning-device/view"} ) } @@ -77,7 +77,7 @@ public interface ActivityInfoProviderService { tags = "Activity Info Provider", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:get-activity") }) } ) @@ -150,7 +150,7 @@ public interface ActivityInfoProviderService { tags = "Activity Info Provider", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:get-activity") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:get-activity") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java index 504bd75f1d7..840f4692a37 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java @@ -68,13 +68,13 @@ import javax.ws.rs.core.Response; @Scope( name = "View configurations", description = "", - key = "cdmf:view-configuration", + key = "perm:view-configuration", permissions = {"/device-mgt/platform-configurations/view"} ), @Scope( name = "Manage configurations", description = "", - key = "cdmf:manage-configuration", + key = "perm:manage-configuration", permissions = {"/device-mgt/platform-configurations/manage"} ) } @@ -92,7 +92,7 @@ public interface ConfigurationManagementService { tags = "Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:view-configuration") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:view-configuration") }) } ) @@ -151,7 +151,7 @@ public interface ConfigurationManagementService { tags = "Configuration Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:manage-configuration") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:manage-configuration") }) } ) From 5d1435c7bc2e33b70f83274d949a68f7be223f06 Mon Sep 17 00:00:00 2001 From: GPrathap Date: Thu, 5 Jan 2017 16:47:53 +0530 Subject: [PATCH 12/14] renamed permission string --- .../mgt/jaxrs/api/CertificateMgtService.java | 2 +- .../api/ActivityInfoProviderService.java | 20 +- .../mgt/jaxrs/service/api/Dashboard.java | 184 ++++++++++++------ .../service/api/DeviceManagementService.java | 14 +- .../api/DeviceTypeManagementService.java | 4 +- .../service/api/GroupManagementService.java | 48 +++-- .../api/NotificationManagementService.java | 2 +- .../service/api/PolicyManagementService.java | 16 +- .../service/api/RoleManagementService.java | 14 +- .../service/api/UserManagementService.java | 54 +++-- .../ApplicationManagementAdminService.java | 4 +- .../admin/DeviceManagementAdminService.java | 2 +- .../admin/GroupManagementAdminService.java | 2 +- .../api/admin/UserManagementAdminService.java | 2 +- 14 files changed, 218 insertions(+), 150 deletions(-) diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java index a5ad6f12040..9fb7d0ccfb2 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java @@ -41,7 +41,7 @@ import javax.ws.rs.core.Response; name = "Sign CSR", description = "Sign CSR", key = "cdmf:sign-csr", - permissions = {"/certificate-mgt/sign-csr"} + permissions = {"/device-mgt/certificates/manage"} ) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java index 3a040fa2161..cb0c6dbec65 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java @@ -64,12 +64,18 @@ import javax.ws.rs.core.Response; " operation details and responses from devices.") @Scopes( scopes = { - @Scope( - name = "Getting Details of an Activity", - description = "Getting Details of an Activity", - key = "cdmf:activities:details", - permissions = {"/device-mgt/devices/owning-device/view"} - ) + @Scope( + name = "Getting Details of an Activity", + description = "Getting Details of an Activity", + key = "cdmf:activities:id", + permissions = {"/device-mgt/devices/owning-device/view"} + ), + @Scope( + name = "Getting Activity Details", + description = "Getting Activity Details", + key = "cdmf:activities:details", + permissions = {"/device-mgt/devices/owning-device/view"} + ) } ) @Produces(MediaType.APPLICATION_JSON) @@ -87,7 +93,7 @@ public interface ActivityInfoProviderService { tags = "Activity Info Provider", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:activities:details") + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:activities:id") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java index b9d5058ce0e..76aab15079c 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java @@ -13,10 +13,13 @@ import io.swagger.annotations.Info; import io.swagger.annotations.ResponseHeader; import io.swagger.annotations.SwaggerDefinition; import io.swagger.annotations.Tag; +import org.wso2.carbon.apimgt.annotations.api.Scope; +import org.wso2.carbon.apimgt.annotations.api.Scopes; import org.wso2.carbon.device.mgt.analytics.dashboard.bean.DeviceCountByGroup; import org.wso2.carbon.device.mgt.jaxrs.beans.DashboardGadgetDataWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.DashboardPaginationGadgetDataWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.ws.rs.Consumes; import javax.ws.rs.GET; @@ -44,6 +47,70 @@ import javax.ws.rs.core.Response; @Tag(name = "device_management", description = "Device Analytics Dashboard related APIs.") } ) +@Scopes( + scopes = { + @Scope( + name = "Device Count Overview", + description = "Device Count Overview", + key = "cdmf:dashboard:count-overview", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Device Counts by Potential Vulnerabilities", + description = "Device Counts by Potential Vulnerabilities", + key = "cdmf:dashboard:vulnerabilities", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get the number of devices that have not complied to a policy", + description = "Get the number of devices that have not complied to a policy", + key = "cdmf:dashboard:non-compliant", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get the number of devices for a given device type, such as connectivity status, " + + "potential vulnerability, platform, and ownership", + description = "Get the number of devices for a given device type, such as connectivity status, " + + "potential vulnerability, platform, and ownership", + key = "cdmf:dashboard:by-groups", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get the number of devices that have not complied to a given policy based on a particular", + description = "Get the number of devices that have not complied to a given policy based on a particular", + key = "cdmf:dashboard:device-counts", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get the number of devices that have not complied to a given policy based on a particular" + + " device type.", + description = "Get the number of devices that have not complied to a given policy based on a " + + "particular device type.", + key = "cdmf:dashboard:filtered-count", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get the number of devices that have not complied to a given policy over the total" + + " number of devices registered with WSO2 EMM.\n", + description = "Get the number of devices that have not complied to a given policy over the total" + + " number of devices registered with WSO2 EMM.\n", + key = "cdmf:dashboard:non-compliant-count", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get device details of devices based on a particular device type.", + description = "Get device details of devices based on a particular device type.", + key = "cdmf:dashboard:details", + permissions = {"/device-mgt/dashboard/view"} + ), + @Scope( + name = "Get device details of non-compliant devices which do not comply to a given policy.", + description = "Get device details of non-compliant devices which do not comply to a given policy.", + key = "cdmf:dashboard:feature-non-compliant", + permissions = {"/device-mgt/dashboard/view"} + ) + } +) @Path("/dashboard") @Api(value = "Device Analytics Dashboard", description = "Device Analytics Dashboard related information APIs are described here.") @@ -70,13 +137,12 @@ public interface Dashboard { notes = "Get the details of active, inactive, removed and total number of registered devices in" + " WSO2 IoT.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:count-overview") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -127,13 +193,12 @@ public interface Dashboard { httpMethod = "GET", value = "Get the number of unmonitored and non-compliant devices in WSO2 IoT.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:vulnerabilities") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -185,13 +250,12 @@ public interface Dashboard { value = "Get the number of devices that have not complied to a policy that was enforced on a " + "device.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:non-compliant") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -256,13 +320,12 @@ public interface Dashboard { value = "Get the number of devices for a given device type, such as connectivity status, " + "potential vulnerability, platform, and ownership.\n", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:by-groups") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -346,13 +409,12 @@ public interface Dashboard { value = "Get the number of devices that have not complied to a given policy based on a particular" + " device type.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:device-counts") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -426,13 +488,12 @@ public interface Dashboard { + "The device ownership type, such as BYOD or COPE.\n" + "The device platform.\n" + "The potential vulnerabilities faced by the devices.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:filtered-count") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -519,13 +580,12 @@ public interface Dashboard { value = "Get the number of devices that have not complied to a given policy over the total" + " number of devices registered with WSO2 IoT.\n", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:non-compliant-count") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -595,13 +655,12 @@ public interface Dashboard { httpMethod = "GET", value = "Get device details of devices based on a particular device type.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:details") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, @@ -698,13 +757,12 @@ public interface Dashboard { httpMethod = "GET", value = "Get device details of non-compliant devices which do not comply to a given policy.", tags = "Dashboard", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/dashboard/view", - description = "View Dashboard")} - ) - }) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:feature-non-compliant") + }) + } + ) @ApiResponses(value = { @ApiResponse( code = 200, diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java index ed9290df4ca..3ea1cd7bf65 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java @@ -77,19 +77,19 @@ import javax.ws.rs.core.Response; name = "Getting Details of a Device", description = "Getting Details of a Device", key = "cdmf:devices:details", - permissions = {"/device-mgt/devices/owning-device/details"} + permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Delete the device specified by device id", description = "Delete the device specified by device id", key = "cdmf:devices:delete", - permissions = {"/device-mgt/devices/owning-device/delete"} + permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Feature Details of a Device", description = "Getting Feature Details of a Device", key = "cdmf:devices:features", - permissions = {"/device-mgt/devices/owning-device/features"} + permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Advanced Search for Devices", @@ -101,25 +101,25 @@ import javax.ws.rs.core.Response; name = "Getting Installed Application Details of a Device", description = "Getting Installed Application Details of a Device", key = "cdmf:devices:applications", - permissions = {"/device-mgt/devices/owning-device/applications"} + permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Device Operation Details", description = "Getting Device Operation Details", key = "cdmf:devices:operations", - permissions = {"/device-mgt/devices/owning-device/operations"} + permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Get the details of the policy that is enforced on a device.", description = "Get the details of the policy that is enforced on a device.", key = "cdmf:devices:effective-policy", - permissions = {"/device-mgt/devices/owning-device/effective-policy"} + permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Policy Compliance Details of a Device", description = "Getting Policy Compliance Details of a Device", key = "cdmf:devices:compliance-data", - permissions = {"/device-mgt/devices/owning-device/compliance-data"} + permissions = {"/device-mgt/devices/owning-device/view"} ) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java index 963edc84f75..eca9527f5f0 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java @@ -61,13 +61,13 @@ import javax.ws.rs.core.Response; name = "Getting the Supported Device Platforms", description = "Getting the Supported Device Platforms", key = "cdmf:device-types:types", - permissions = {"/device-mgt/device-types/types"} + permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Get Feature Details of a Device Type", description = "Get Feature Details of a Device Type", key = "cdmf:device-types:features", - permissions = {"/device-mgt/device-types/features"} + permissions = {"/device-mgt/devices/owning-device/view"} ) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java index ab274b5a94f..d22b2883e9a 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java @@ -82,13 +82,13 @@ import java.util.List; name = "Get the list of groups belongs to current user.", description = "Get the list of groups belongs to current user.", key = "cdmf:groups:groups", - permissions = {"/device-mgt/groups/groups"} + permissions = {"/device-mgt/groups/view"} ), @Scope( name = "Get the count of groups belongs to current user.", description = "Get the count of groups belongs to current user.", key = "cdmf:groups:count", - permissions = {"/device-mgt/groups/count"} + permissions = {"/device-mgt/groups/view"} ), @Scope( name = "Add new device group to the system.", @@ -100,7 +100,7 @@ import java.util.List; name = "View group specified", description = "View group specified", key = "cdmf:groups:groups-view", - permissions = {"/device-mgt/groups/groups-view"} + permissions = {"/device-mgt/groups/view"} ), @Scope( name = "Update a group", @@ -124,31 +124,43 @@ import java.util.List; name = "View list of roles of a device group", description = "View list of roles of a device group", key = "cdmf:groups:roles", - permissions = {"/device-mgt/groups/roles"} + permissions = {"/device-mgt/groups/roles/view"} ), @Scope( name = "View list of devices in the device group", description = "View list of devices in the device group", key = "cdmf:groups:devices", - permissions = {"/device-mgt/groups/devices"} + permissions = {"/device-mgt/groups/devices/view"} ), @Scope( name = "View list of device count in the device group", description = "View list of device count in the device group", key = "cdmf:groups:devices-count", - permissions = {"/device-mgt/groups/devices/devices-count"} + permissions = {"/device-mgt/groups/devices/view"} ), @Scope( name = "Add devices to group", description = "Add devices to group", key = "cdmf:groups:devices-add", - permissions = {"/device-mgt/groups/devices/devices-add"} + permissions = {"/device-mgt/groups/devices/add"} ), @Scope( name = "Remove devices from group", description = "Remove devices from group", key = "cdmf:groups:devices-remove", - permissions = {"/device-mgt/groups/devices/devices-remove"} + permissions = {"/device-mgt/groups/devices/remove"} + ), + @Scope( + name = "Assign devices to groups", + description = "Assign devices to groups", + key = "cdmf:groups:assign", + permissions = {"/device-mgt/groups/devices/add"} + ), + @Scope( + name = "List of groups that have the device", + description = "List of groups that have the device", + key = "cdmf:groups:device", + permissions = {"/device-mgt/groups/devices/view"} ) } ) @@ -837,12 +849,10 @@ public interface GroupManagementService { value = "Assign devices to groups", notes = "Add existing device to device groups.", tags = "Device Group Management", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/groups/devices/add", - description = "Add devices")} - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:assign") + }) } ) @ApiResponses(value = { @@ -891,12 +901,10 @@ public interface GroupManagementService { value = "List of groups that have the device", notes = "List of groups that have the device.", tags = "Device Group Management", - authorizations = { - @Authorization( - value = "permission", - scopes = {@AuthorizationScope(scope = "/device-mgt/groups/devices/view", - description = "Add devices")} - ) + extensions = { + @Extension(properties = { + @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:device") + }) } ) @ApiResponses(value = { diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java index a3d0d556f3b..04635942901 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java @@ -73,7 +73,7 @@ import javax.ws.rs.core.Response; name = "Updating the Device Notification Status", description = "Updating the Device Notification Status", key = "cdmf:notifications:mark-checked", - permissions = {"/device-mgt/notifications/mark-checked"} + permissions = {"/device-mgt/notifications/view"} ) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java index 968d0ea0ea0..0b5ad17b49e 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java @@ -75,49 +75,49 @@ import java.util.List; name = "Getting Details of Policies", description = "Getting Details of Policies", key = "cdmf:policies:get-details", - permissions = {"/device-mgt/policies/get-details"} + permissions = {"/device-mgt/policies/view"} ), @Scope( name = "Getting Details of a Policy", description = "Getting Details of a Policy", key = "cdmf:policies:get-policy-details", - permissions = {"/device-mgt/policies/get-policy-details"} + permissions = {"/device-mgt/policies/view"} ), @Scope( name = "Updating a Policy", description = "Updating a Policy", key = "cdmf:policies:update", - permissions = {"/device-mgt/policies/update"} + permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Removing Multiple Policies", description = "Removing Multiple Policies", key = "cdmf:policies:remove", - permissions = {"/device-mgt/policies/remove"} + permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Activating Policies", description = "Activating Policies", key = "cdmf:policies:activate", - permissions = {"/device-mgt/policies/activate"} + permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Deactivating Policies", description = "Deactivating Policies", key = "cdmf:policies:deactivate", - permissions = {"/device-mgt/policies/deactivate"} + permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Applying Changes on Policies", description = "Applying Changes on Policies", key = "cdmf:policies:changes", - permissions = {"/device-mgt/policies/changes"} + permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Updating the Policy Priorities", description = "Updating the Policy Priorities", key = "cdmf:policies:priorities", - permissions = {"/device-mgt/policies/priorities"} + permissions = {"/device-mgt/policies/manage"} ) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java index b308ddc9702..383c40e1211 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java @@ -69,43 +69,43 @@ import java.util.List; name = "Getting Permission Details of a Role", description = "Getting Permission Details of a Role", key = "cdmf:roles:permissions", - permissions = {"/device-mgt/roles/permissions"} + permissions = {"/device-mgt/roles/view"} ), @Scope( name = "Getting the List of Roles", description = "Getting the List of Roles", key = "cdmf:roles:details", - permissions = {"/device-mgt/roles/details"} + permissions = {"/device-mgt/roles/view"} ), @Scope( name = "Adding a Role", description = "Adding a Role", key = "cdmf:roles:add", - permissions = {"/device-mgt/roles/add"} + permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Adding a combined Role", description = "Adding a combined Role", key = "cdmf:roles:create-combined-role", - permissions = {"/device-mgt/roles/create-combined-role"} + permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Updating Role Details", description = "Updating Role Details", key = "cdmf:roles:update", - permissions = {"/device-mgt/roles/update"} + permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Deleting a Role", description = "Deleting a Role", key = "cdmf:roles:delete", - permissions = {"/device-mgt/roles/delete"} + permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Adding Users to a Role", description = "Adding Users to a Role", key = "cdmf:roles:add-users", - permissions = {"/device-mgt/roles/add-users"} + permissions = {"/device-mgt/roles/manage"} ) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java index f2ad567c6cc..b97270b19f3 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java @@ -30,15 +30,10 @@ import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; -import io.swagger.annotations.Authorization; -import io.swagger.annotations.AuthorizationScope; -import io.swagger.annotations.Extension; -import io.swagger.annotations.ExtensionProperty; -import io.swagger.annotations.Info; import io.swagger.annotations.ResponseHeader; -import io.swagger.annotations.SwaggerDefinition; -import io.swagger.annotations.Tag; import org.apache.axis2.transport.http.HTTPConstants; +import org.wso2.carbon.apimgt.annotations.api.Scopes; +import org.wso2.carbon.apimgt.annotations.api.Scope; import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfo; import org.wso2.carbon.device.mgt.jaxrs.beans.BasicUserInfoList; import org.wso2.carbon.device.mgt.jaxrs.beans.EnrollmentInvitation; @@ -46,6 +41,7 @@ import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse; import org.wso2.carbon.device.mgt.jaxrs.beans.OldPasswordResetWrapper; import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList; import org.wso2.carbon.device.mgt.jaxrs.beans.UserInfo; +import org.wso2.carbon.device.mgt.jaxrs.util.Constants; import javax.validation.Valid; import javax.ws.rs.Consumes; @@ -79,71 +75,71 @@ import java.util.List; ) @Scopes( scopes = { - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Adding a User", description = "Adding a User", key = "cdmf:users:add", - permissions = {"/device-mgt/users/add"} + permissions = {"/device-mgt/users/manage"} ), - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Getting Details of a User", description = "Getting Details of a User", key = "cdmf:users:details", - permissions = {"/device-mgt/users/details"} + permissions = {"/device-mgt/users/view"} ), - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Updating Details of a User", description = "Updating Details of a User", key = "cdmf:users:update", - permissions = {"/device-mgt/policies/update"} + permissions = {"/device-mgt/users/manage"} ), - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Deleting a User", description = "Deleting a User", key = "cdmf:users:delete", - permissions = {"/device-mgt/policies/delete"} + permissions = {"/device-mgt/users/manage"} ), - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Getting the Role Details of a User", description = "Getting the Role Details of a User", key = "cdmf:users:roles", - permissions = {"/device-mgt/policies/roles"} + permissions = {"/device-mgt/users/view"} ), - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Getting Details of Users", description = "Getting Details of Users", key = "cdmf:users:user-details", - permissions = {"/device-mgt/policies/user-details"} + permissions = {"/device-mgt/users/view"} ), - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Getting the User Count", description = "Getting the User Count", key = "cdmf:users:count", - permissions = {"/device-mgt/policies/count"} + permissions = {"/device-mgt/users/view"} ), - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Getting the User existence status", description = "Getting the User existence status", key = "cdmf:users:is-exist", - permissions = {"/device-mgt/policies/is-exist"} + permissions = {"/device-mgt/users/view"} ), - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Searching for a User Name", description = "Searching for a User Name", key = "cdmf:users:search", - permissions = {"/device-mgt/policies/search"} + permissions = {"/device-mgt/users/view"} ), - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Changing the User Password", description = "Adding a User", key = "cdmf:users:credentials", - permissions = {"/device-mgt/policies/credentials"} + permissions = {"/login"} ), - @org.wso2.carbon.apimgt.annotations.api.Scope( + @Scope( name = "Sending Enrollment Invitations to Users", description = "Sending Enrollment Invitations to Users", key = "cdmf:users:send-invitation", - permissions = {"/device-mgt/policies/send-invitation"} + permissions = {"/device-mgt/users/manage"} ) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java index 450b3a3778d..fdf51ec3584 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java @@ -67,13 +67,13 @@ import javax.ws.rs.core.Response; name = "Installing an Application (Internal API)", description = "Installing an Application (Internal API)", key = "cdmf:applications:install", - permissions = {"/device-mgt/applications/install"} + permissions = {"/device-mgt/applications/manage"} ), @Scope( name = "Uninstalling an Application (Internal API)", description = "Uninstalling an Application (Internal API)", key = "cdmf:applications:uninstall", - permissions = {"/device-mgt/applications/uninstall"} + permissions = {"/device-mgt/applications/manage"} ) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java index 72ba18d5065..eb570819b49 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java @@ -67,7 +67,7 @@ import javax.ws.rs.core.Response; name = "Getting Details of a Device", description = "Getting Details of a Device", key = "cdmf:admin:devices:view", - permissions = {"/device-mgt/devices/admin/devices/view"} + permissions = {"/device-mgt/devices/owning-device/view"} ) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java index 06d0842985f..0188425051f 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java @@ -74,7 +74,7 @@ import javax.ws.rs.core.Response; name = "Count groups", description = "", key = "cdmf:admin-groups:count", - permissions = {"/device-mgt/admin/groups/count"} + permissions = {"/device-mgt/admin/groups/view"} ) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java index fbb3603e569..bef81df1a12 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java @@ -60,7 +60,7 @@ import javax.ws.rs.core.Response; name = "View Users", description = "View Users", key = "cdmf:admin-users:view", - permissions = {"/device-mgt/admin/users/view"} + permissions = {"/device-mgt/users/manage"} ) } ) From 637c014866c738fb08394bd4121c314636551978 Mon Sep 17 00:00:00 2001 From: Milan Perera Date: Fri, 6 Jan 2017 10:15:21 +0530 Subject: [PATCH 13/14] Refactored scope strings --- .../mgt/jaxrs/api/CertificateMgtService.java | 4 +- .../CertificateManagementAdminService.java | 16 +++--- .../mgt/jaxrs/service/api/Dashboard.java | 36 ++++++------ .../service/api/DeviceManagementService.java | 36 ++++++------ .../api/DeviceTypeManagementService.java | 8 +-- .../service/api/GroupManagementService.java | 56 +++++++++---------- .../api/NotificationManagementService.java | 8 +-- .../service/api/PolicyManagementService.java | 36 ++++++------ .../service/api/RoleManagementService.java | 32 +++++------ .../service/api/UserManagementService.java | 44 +++++++-------- .../ApplicationManagementAdminService.java | 8 +-- .../admin/DeviceManagementAdminService.java | 4 +- .../admin/GroupManagementAdminService.java | 8 +-- .../api/admin/UserManagementAdminService.java | 4 +- 14 files changed, 150 insertions(+), 150 deletions(-) diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java index 9fb7d0ccfb2..2357d61044c 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java @@ -40,7 +40,7 @@ import javax.ws.rs.core.Response; @Scope( name = "Sign CSR", description = "Sign CSR", - key = "cdmf:sign-csr", + key = "perm:sign-csr", permissions = {"/device-mgt/certificates/manage"} ) } @@ -68,7 +68,7 @@ public interface CertificateMgtService { tags = "Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:sign-csr") + @ExtensionProperty(name = SCOPE, value = "perm:sign-csr") }) } ) diff --git a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java index df92a10eb33..69a10a16d8a 100644 --- a/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java +++ b/components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java @@ -43,25 +43,25 @@ import javax.ws.rs.core.Response; @Scope( name = "Adding a new SSL certificate", description = "Adding a new SSL certificate", - key = "cdmf:admin:certificates:add", + key = "perm:admin:certificates:add", permissions = {"/device-mgt/admin/certificates/add"} ), @Scope( name = "Getting Details of an SSL Certificate", description = "Getting Details of an SSL Certificate", - key = "cdmf:admin:certificates:details", + key = "perm:admin:certificates:details", permissions = {"/device-mgt/admin/certificates/details"} ), @Scope( name = "Getting Details of Certificates", description = "Getting Details of Certificates", - key = "cdmf:admin:certificates:view", + key = "perm:admin:certificates:view", permissions = {"/device-mgt/admin/certificates/view"} ), @Scope( name = "Deleting an SSL Certificate", description = "Deleting an SSL Certificate", - key = "cdmf:admin:certificates:delete", + key = "perm:admin:certificates:delete", permissions = {"/device-mgt/admin/certificates/delete"} ) } @@ -89,7 +89,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:add") + @ExtensionProperty(name = SCOPE, value = "perm:admin:certificates:add") }) } ) @@ -158,7 +158,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:details") + @ExtensionProperty(name = SCOPE, value = "perm:admin:certificates:details") }) } ) @@ -229,7 +229,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:view") + @ExtensionProperty(name = SCOPE, value = "perm:admin:certificates:view") }) } ) @@ -308,7 +308,7 @@ public interface CertificateManagementAdminService { tags = "Certificate Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = SCOPE, value = "cdmf:admin:certificates:delete") + @ExtensionProperty(name = SCOPE, value = "perm:admin:certificates:delete") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java index 76aab15079c..3a0564bb065 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/Dashboard.java @@ -52,19 +52,19 @@ import javax.ws.rs.core.Response; @Scope( name = "Device Count Overview", description = "Device Count Overview", - key = "cdmf:dashboard:count-overview", + key = "perm:dashboard:count-overview", permissions = {"/device-mgt/dashboard/view"} ), @Scope( name = "Device Counts by Potential Vulnerabilities", description = "Device Counts by Potential Vulnerabilities", - key = "cdmf:dashboard:vulnerabilities", + key = "perm:dashboard:vulnerabilities", permissions = {"/device-mgt/dashboard/view"} ), @Scope( name = "Get the number of devices that have not complied to a policy", description = "Get the number of devices that have not complied to a policy", - key = "cdmf:dashboard:non-compliant", + key = "perm:dashboard:non-compliant", permissions = {"/device-mgt/dashboard/view"} ), @Scope( @@ -72,13 +72,13 @@ import javax.ws.rs.core.Response; + "potential vulnerability, platform, and ownership", description = "Get the number of devices for a given device type, such as connectivity status, " + "potential vulnerability, platform, and ownership", - key = "cdmf:dashboard:by-groups", + key = "perm:dashboard:by-groups", permissions = {"/device-mgt/dashboard/view"} ), @Scope( name = "Get the number of devices that have not complied to a given policy based on a particular", description = "Get the number of devices that have not complied to a given policy based on a particular", - key = "cdmf:dashboard:device-counts", + key = "perm:dashboard:device-counts", permissions = {"/device-mgt/dashboard/view"} ), @Scope( @@ -86,7 +86,7 @@ import javax.ws.rs.core.Response; + " device type.", description = "Get the number of devices that have not complied to a given policy based on a " + "particular device type.", - key = "cdmf:dashboard:filtered-count", + key = "perm:dashboard:filtered-count", permissions = {"/device-mgt/dashboard/view"} ), @Scope( @@ -94,19 +94,19 @@ import javax.ws.rs.core.Response; + " number of devices registered with WSO2 EMM.\n", description = "Get the number of devices that have not complied to a given policy over the total" + " number of devices registered with WSO2 EMM.\n", - key = "cdmf:dashboard:non-compliant-count", + key = "perm:dashboard:non-compliant-count", permissions = {"/device-mgt/dashboard/view"} ), @Scope( name = "Get device details of devices based on a particular device type.", description = "Get device details of devices based on a particular device type.", - key = "cdmf:dashboard:details", + key = "perm:dashboard:details", permissions = {"/device-mgt/dashboard/view"} ), @Scope( name = "Get device details of non-compliant devices which do not comply to a given policy.", description = "Get device details of non-compliant devices which do not comply to a given policy.", - key = "cdmf:dashboard:feature-non-compliant", + key = "perm:dashboard:feature-non-compliant", permissions = {"/device-mgt/dashboard/view"} ) } @@ -139,7 +139,7 @@ public interface Dashboard { tags = "Dashboard", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:count-overview") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:count-overview") }) } ) @@ -195,7 +195,7 @@ public interface Dashboard { tags = "Dashboard", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:vulnerabilities") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:vulnerabilities") }) } ) @@ -252,7 +252,7 @@ public interface Dashboard { tags = "Dashboard", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:non-compliant") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:non-compliant") }) } ) @@ -322,7 +322,7 @@ public interface Dashboard { tags = "Dashboard", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:by-groups") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:by-groups") }) } ) @@ -411,7 +411,7 @@ public interface Dashboard { tags = "Dashboard", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:device-counts") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:device-counts") }) } ) @@ -490,7 +490,7 @@ public interface Dashboard { tags = "Dashboard", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:filtered-count") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:filtered-count") }) } ) @@ -582,7 +582,7 @@ public interface Dashboard { tags = "Dashboard", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:non-compliant-count") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:non-compliant-count") }) } ) @@ -657,7 +657,7 @@ public interface Dashboard { tags = "Dashboard", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:details") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:details") }) } ) @@ -759,7 +759,7 @@ public interface Dashboard { tags = "Dashboard", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:dashboard:feature-non-compliant") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:dashboard:feature-non-compliant") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java index 3ea1cd7bf65..3df745d8a76 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java @@ -70,55 +70,55 @@ import javax.ws.rs.core.Response; @Scope( name = "Getting Details of Registered Devices", description = "Getting Details of Registered Devices", - key = "cdmf:devices:view", + key = "perm:devices:view", permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Details of a Device", description = "Getting Details of a Device", - key = "cdmf:devices:details", + key = "perm:devices:details", permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Delete the device specified by device id", description = "Delete the device specified by device id", - key = "cdmf:devices:delete", + key = "perm:devices:delete", permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Feature Details of a Device", description = "Getting Feature Details of a Device", - key = "cdmf:devices:features", + key = "perm:devices:features", permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Advanced Search for Devices", description = "Advanced Search for Devices", - key = "cdmf:devices:search", + key = "perm:devices:search", permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Installed Application Details of a Device", description = "Getting Installed Application Details of a Device", - key = "cdmf:devices:applications", + key = "perm:devices:applications", permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Device Operation Details", description = "Getting Device Operation Details", - key = "cdmf:devices:operations", + key = "perm:devices:operations", permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Get the details of the policy that is enforced on a device.", description = "Get the details of the policy that is enforced on a device.", - key = "cdmf:devices:effective-policy", + key = "perm:devices:effective-policy", permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Getting Policy Compliance Details of a Device", description = "Getting Policy Compliance Details of a Device", - key = "cdmf:devices:compliance-data", + key = "perm:devices:compliance-data", permissions = {"/device-mgt/devices/owning-device/view"} ) } @@ -139,7 +139,7 @@ public interface DeviceManagementService { tags = "Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:view") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:view") }) } ) @@ -264,7 +264,7 @@ public interface DeviceManagementService { tags = "Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:details") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:details") }) } ) @@ -342,7 +342,7 @@ public interface DeviceManagementService { tags = "Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:delete") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:delete") }) } ) @@ -414,7 +414,7 @@ public interface DeviceManagementService { tags = "Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:features") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:features") }) } ) @@ -503,7 +503,7 @@ public interface DeviceManagementService { tags = "Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:search") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:search") }) } ) @@ -580,7 +580,7 @@ public interface DeviceManagementService { tags = "Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:applications") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:applications") }) } @@ -683,7 +683,7 @@ public interface DeviceManagementService { tags = "Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:operations") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:operations") }) } ) @@ -794,7 +794,7 @@ public interface DeviceManagementService { tags = "Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:effective-policy") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:effective-policy") }) } ) @@ -883,7 +883,7 @@ public interface DeviceManagementService { tags = "Device Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:devices:compliance-data") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:devices:compliance-data") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java index eca9527f5f0..83566b6f12c 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java @@ -60,13 +60,13 @@ import javax.ws.rs.core.Response; @Scope( name = "Getting the Supported Device Platforms", description = "Getting the Supported Device Platforms", - key = "cdmf:device-types:types", + key = "perm:device-types:types", permissions = {"/device-mgt/devices/owning-device/view"} ), @Scope( name = "Get Feature Details of a Device Type", description = "Get Feature Details of a Device Type", - key = "cdmf:device-types:features", + key = "perm:device-types:features", permissions = {"/device-mgt/devices/owning-device/view"} ) } @@ -87,7 +87,7 @@ public interface DeviceTypeManagementService { tags = "Device Type Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:device-types:types") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:device-types:types") }) } ) @@ -149,7 +149,7 @@ public interface DeviceTypeManagementService { tags = "Device Type Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:device-types:features") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:device-types:features") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java index d22b2883e9a..51a6dae87c5 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java @@ -81,85 +81,85 @@ import java.util.List; @Scope( name = "Get the list of groups belongs to current user.", description = "Get the list of groups belongs to current user.", - key = "cdmf:groups:groups", + key = "perm:groups:groups", permissions = {"/device-mgt/groups/view"} ), @Scope( name = "Get the count of groups belongs to current user.", description = "Get the count of groups belongs to current user.", - key = "cdmf:groups:count", + key = "perm:groups:count", permissions = {"/device-mgt/groups/view"} ), @Scope( name = "Add new device group to the system.", description = "Add new device group to the system.", - key = "cdmf:groups:add", + key = "perm:groups:add", permissions = {"/device-mgt/groups/add"} ), @Scope( name = "View group specified", description = "View group specified", - key = "cdmf:groups:groups-view", + key = "perm:groups:groups-view", permissions = {"/device-mgt/groups/view"} ), @Scope( name = "Update a group", description = "Update a group", - key = "cdmf:groups:update", + key = "perm:groups:update", permissions = {"/device-mgt/groups/update"} ), @Scope( name = "Delete a group", description = "Delete a group", - key = "cdmf:groups:remove", + key = "perm:groups:remove", permissions = {"/device-mgt/groups/remove"} ), @Scope( name = "Manage group sharing with a user", description = "Manage group sharing with a user", - key = "cdmf:groups:share", + key = "perm:groups:share", permissions = {"/device-mgt/groups/share"} ), @Scope( name = "View list of roles of a device group", description = "View list of roles of a device group", - key = "cdmf:groups:roles", + key = "perm:groups:roles", permissions = {"/device-mgt/groups/roles/view"} ), @Scope( name = "View list of devices in the device group", description = "View list of devices in the device group", - key = "cdmf:groups:devices", + key = "perm:groups:devices", permissions = {"/device-mgt/groups/devices/view"} ), @Scope( name = "View list of device count in the device group", description = "View list of device count in the device group", - key = "cdmf:groups:devices-count", + key = "perm:groups:devices-count", permissions = {"/device-mgt/groups/devices/view"} ), @Scope( name = "Add devices to group", description = "Add devices to group", - key = "cdmf:groups:devices-add", + key = "perm:groups:devices-add", permissions = {"/device-mgt/groups/devices/add"} ), @Scope( name = "Remove devices from group", description = "Remove devices from group", - key = "cdmf:groups:devices-remove", + key = "perm:groups:devices-remove", permissions = {"/device-mgt/groups/devices/remove"} ), @Scope( name = "Assign devices to groups", description = "Assign devices to groups", - key = "cdmf:groups:assign", + key = "perm:groups:assign", permissions = {"/device-mgt/groups/devices/add"} ), @Scope( name = "List of groups that have the device", description = "List of groups that have the device", - key = "cdmf:groups:device", + key = "perm:groups:device", permissions = {"/device-mgt/groups/devices/view"} ) } @@ -180,7 +180,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:groups") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:groups") }) } ) @@ -243,7 +243,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:count") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:count") }) } @@ -291,7 +291,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:add") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:add") }) } ) @@ -357,7 +357,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:groups-view") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:groups-view") }) } ) @@ -410,7 +410,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:update") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:update") }) } ) @@ -467,7 +467,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:remove") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:remove") }) } ) @@ -519,7 +519,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:share") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:share") }) } ) @@ -575,7 +575,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:roles") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:roles") }) } ) @@ -627,7 +627,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:devices") }) } ) @@ -687,7 +687,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-count") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:devices-count") }) } ) @@ -739,7 +739,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-add") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:devices-add") }) } ) @@ -795,7 +795,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:devices-remove") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:devices-remove") }) } ) @@ -851,7 +851,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:assign") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:assign") }) } ) @@ -903,7 +903,7 @@ public interface GroupManagementService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:groups:device") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:groups:device") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java index 04635942901..62db9aacd83 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java @@ -66,13 +66,13 @@ import javax.ws.rs.core.Response; @Scope( name = "Getting All Device Notification Details", description = "Getting All Device Notification Details", - key = "cdmf:notifications:view", + key = "perm:notifications:view", permissions = {"/device-mgt/notifications/view"} ), @Scope( name = "Updating the Device Notification Status", description = "Updating the Device Notification Status", - key = "cdmf:notifications:mark-checked", + key = "perm:notifications:mark-checked", permissions = {"/device-mgt/notifications/view"} ) } @@ -92,7 +92,7 @@ public interface NotificationManagementService { tags = "Device Notification Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:notifications:view") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:notifications:view") }) } ) @@ -181,7 +181,7 @@ public interface NotificationManagementService { tags = "Device Notification Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:notifications:mark-checked") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:notifications:mark-checked") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java index 0b5ad17b49e..91f2e07a592 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java @@ -68,55 +68,55 @@ import java.util.List; @Scope( name = "Adding a Policy", description = "Adding a Policy", - key = "cdmf:policies:manage", + key = "perm:policies:manage", permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Getting Details of Policies", description = "Getting Details of Policies", - key = "cdmf:policies:get-details", + key = "perm:policies:get-details", permissions = {"/device-mgt/policies/view"} ), @Scope( name = "Getting Details of a Policy", description = "Getting Details of a Policy", - key = "cdmf:policies:get-policy-details", + key = "perm:policies:get-policy-details", permissions = {"/device-mgt/policies/view"} ), @Scope( name = "Updating a Policy", description = "Updating a Policy", - key = "cdmf:policies:update", + key = "perm:policies:update", permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Removing Multiple Policies", description = "Removing Multiple Policies", - key = "cdmf:policies:remove", + key = "perm:policies:remove", permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Activating Policies", description = "Activating Policies", - key = "cdmf:policies:activate", + key = "perm:policies:activate", permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Deactivating Policies", description = "Deactivating Policies", - key = "cdmf:policies:deactivate", + key = "perm:policies:deactivate", permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Applying Changes on Policies", description = "Applying Changes on Policies", - key = "cdmf:policies:changes", + key = "perm:policies:changes", permissions = {"/device-mgt/policies/manage"} ), @Scope( name = "Updating the Policy Priorities", description = "Updating the Policy Priorities", - key = "cdmf:policies:priorities", + key = "perm:policies:priorities", permissions = {"/device-mgt/policies/manage"} ) } @@ -138,7 +138,7 @@ public interface PolicyManagementService { tags = "Device Policy Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:manage") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:manage") }) } ) @@ -206,7 +206,7 @@ public interface PolicyManagementService { tags = "Device Policy Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:get-details") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:get-details") }) } ) @@ -281,7 +281,7 @@ public interface PolicyManagementService { tags = "Device Policy Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:get-policy-details") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:get-policy-details") }) } ) @@ -349,7 +349,7 @@ public interface PolicyManagementService { tags = "Device Policy Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:update") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:update") }) } ) @@ -417,7 +417,7 @@ public interface PolicyManagementService { tags = "Device Policy Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:remove") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:remove") }) } ) @@ -463,7 +463,7 @@ public interface PolicyManagementService { tags = "Device Policy Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:activate") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:activate") }) } ) @@ -504,7 +504,7 @@ public interface PolicyManagementService { tags = "Device Policy Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:deactivate") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:deactivate") }) } ) @@ -550,7 +550,7 @@ public interface PolicyManagementService { tags = "Device Policy Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:changes") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:changes") }) } ) @@ -578,7 +578,7 @@ public interface PolicyManagementService { tags = "Device Policy Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:policies:priorities") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:policies:priorities") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java index 383c40e1211..e330d7d3d37 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java @@ -62,49 +62,49 @@ import java.util.List; @Scope( name = "Getting the List of Roles", description = "Getting the List of Roles", - key = "cdmf:roles:view", + key = "perm:roles:view", permissions = {"/device-mgt/roles/view"} ), @Scope( name = "Getting Permission Details of a Role", description = "Getting Permission Details of a Role", - key = "cdmf:roles:permissions", + key = "perm:roles:permissions", permissions = {"/device-mgt/roles/view"} ), @Scope( name = "Getting the List of Roles", description = "Getting the List of Roles", - key = "cdmf:roles:details", + key = "perm:roles:details", permissions = {"/device-mgt/roles/view"} ), @Scope( name = "Adding a Role", description = "Adding a Role", - key = "cdmf:roles:add", + key = "perm:roles:add", permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Adding a combined Role", description = "Adding a combined Role", - key = "cdmf:roles:create-combined-role", + key = "perm:roles:create-combined-role", permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Updating Role Details", description = "Updating Role Details", - key = "cdmf:roles:update", + key = "perm:roles:update", permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Deleting a Role", description = "Deleting a Role", - key = "cdmf:roles:delete", + key = "perm:roles:delete", permissions = {"/device-mgt/roles/manage"} ), @Scope( name = "Adding Users to a Role", description = "Adding Users to a Role", - key = "cdmf:roles:add-users", + key = "perm:roles:add-users", permissions = {"/device-mgt/roles/manage"} ) } @@ -125,7 +125,7 @@ public interface RoleManagementService { tags = "Role Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:view") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:view") }) } ) @@ -205,7 +205,7 @@ public interface RoleManagementService { tags = "Role Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:permissions") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:permissions") }) } ) @@ -280,7 +280,7 @@ public interface RoleManagementService { tags = "Role Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:details") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:details") }) } ) @@ -354,7 +354,7 @@ public interface RoleManagementService { tags = "Role Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:add") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:add") }) } ) @@ -414,7 +414,7 @@ public interface RoleManagementService { tags = "Role Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:create-combined-role") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:create-combined-role") }) } ) @@ -477,7 +477,7 @@ public interface RoleManagementService { tags = "Role Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:update") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:update") }) } ) @@ -543,7 +543,7 @@ public interface RoleManagementService { tags = "Role Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:delete") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:delete") }) } ) @@ -593,7 +593,7 @@ public interface RoleManagementService { tags = "Role Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:roles:add-users") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:roles:add-users") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java index b97270b19f3..1b9acd0c65b 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java @@ -78,67 +78,67 @@ import java.util.List; @Scope( name = "Adding a User", description = "Adding a User", - key = "cdmf:users:add", + key = "perm:users:add", permissions = {"/device-mgt/users/manage"} ), @Scope( name = "Getting Details of a User", description = "Getting Details of a User", - key = "cdmf:users:details", + key = "perm:users:details", permissions = {"/device-mgt/users/view"} ), @Scope( name = "Updating Details of a User", description = "Updating Details of a User", - key = "cdmf:users:update", + key = "perm:users:update", permissions = {"/device-mgt/users/manage"} ), @Scope( name = "Deleting a User", description = "Deleting a User", - key = "cdmf:users:delete", + key = "perm:users:delete", permissions = {"/device-mgt/users/manage"} ), @Scope( name = "Getting the Role Details of a User", description = "Getting the Role Details of a User", - key = "cdmf:users:roles", + key = "perm:users:roles", permissions = {"/device-mgt/users/view"} ), @Scope( name = "Getting Details of Users", description = "Getting Details of Users", - key = "cdmf:users:user-details", + key = "perm:users:user-details", permissions = {"/device-mgt/users/view"} ), @Scope( name = "Getting the User Count", description = "Getting the User Count", - key = "cdmf:users:count", + key = "perm:users:count", permissions = {"/device-mgt/users/view"} ), @Scope( name = "Getting the User existence status", description = "Getting the User existence status", - key = "cdmf:users:is-exist", + key = "perm:users:is-exist", permissions = {"/device-mgt/users/view"} ), @Scope( name = "Searching for a User Name", description = "Searching for a User Name", - key = "cdmf:users:search", + key = "perm:users:search", permissions = {"/device-mgt/users/view"} ), @Scope( name = "Changing the User Password", description = "Adding a User", - key = "cdmf:users:credentials", + key = "perm:users:credentials", permissions = {"/login"} ), @Scope( name = "Sending Enrollment Invitations to Users", description = "Sending Enrollment Invitations to Users", - key = "cdmf:users:send-invitation", + key = "perm:users:send-invitation", permissions = {"/device-mgt/users/manage"} ) } @@ -159,7 +159,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:add") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:add") }) } ) @@ -219,7 +219,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:details") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:details") }) } ) @@ -290,7 +290,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:update") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:update") }) } ) @@ -355,7 +355,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:delete") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:delete") }) } ) @@ -398,7 +398,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:roles") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:roles") }) } ) @@ -460,7 +460,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:user-details") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:user-details") }) } ) @@ -531,7 +531,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:count") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:count") }) } ) @@ -566,7 +566,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:is-exist") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:is-exist") }) } ) @@ -609,7 +609,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:search") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:search") }) } ) @@ -686,7 +686,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:credentials") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:credentials") }) } ) @@ -731,7 +731,7 @@ public interface UserManagementService { tags = "User Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:users:send-invitation") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:users:send-invitation") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java index fdf51ec3584..92c42bfb3bf 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java @@ -66,13 +66,13 @@ import javax.ws.rs.core.Response; @Scope( name = "Installing an Application (Internal API)", description = "Installing an Application (Internal API)", - key = "cdmf:applications:install", + key = "perm:applications:install", permissions = {"/device-mgt/applications/manage"} ), @Scope( name = "Uninstalling an Application (Internal API)", description = "Uninstalling an Application (Internal API)", - key = "cdmf:applications:uninstall", + key = "perm:applications:uninstall", permissions = {"/device-mgt/applications/manage"} ) } @@ -93,7 +93,7 @@ public interface ApplicationManagementAdminService { tags = "Application Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:applications:install") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:applications:install") }) } ) @@ -137,7 +137,7 @@ public interface ApplicationManagementAdminService { tags = "Application Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:applications:uninstall") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:applications:uninstall") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java index eb570819b49..14a34d35206 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java @@ -66,7 +66,7 @@ import javax.ws.rs.core.Response; @Scope( name = "Getting Details of a Device", description = "Getting Details of a Device", - key = "cdmf:admin:devices:view", + key = "perm:admin:devices:view", permissions = {"/device-mgt/devices/owning-device/view"} ) } @@ -84,7 +84,7 @@ public interface DeviceManagementAdminService { tags = "Device Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin:devices:view") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:admin:devices:view") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java index 0188425051f..64020ce56e4 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java @@ -67,13 +67,13 @@ import javax.ws.rs.core.Response; @Scope( name = "View groups", description = "", - key = "cdmf:admin-groups:view", + key = "perm:admin-groups:view", permissions = {"/device-mgt/admin/groups/view"} ), @Scope( name = "Count groups", description = "", - key = "cdmf:admin-groups:count", + key = "perm:admin-groups:count", permissions = {"/device-mgt/admin/groups/view"} ) } @@ -89,7 +89,7 @@ public interface GroupManagementAdminService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-groups:view") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:admin-groups:view") }) } ) @@ -152,7 +152,7 @@ public interface GroupManagementAdminService { tags = "Device Group Management", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-groups:count") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:admin-groups:count") }) } ) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java index bef81df1a12..c6c71309265 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java @@ -59,7 +59,7 @@ import javax.ws.rs.core.Response; @Scope( name = "View Users", description = "View Users", - key = "cdmf:admin-users:view", + key = "perm:admin-users:view", permissions = {"/device-mgt/users/manage"} ) } @@ -84,7 +84,7 @@ public interface UserManagementAdminService { tags = "User Management Administrative Service", extensions = { @Extension(properties = { - @ExtensionProperty(name = Constants.SCOPE, value = "cdmf:admin-users:view") + @ExtensionProperty(name = Constants.SCOPE, value = "perm:admin-users:view") }) } ) From 42a587904f9163f4d8c6bebfe21541970921a0bc Mon Sep 17 00:00:00 2001 From: Milan Perera Date: Fri, 6 Jan 2017 16:10:52 +0530 Subject: [PATCH 14/14] Fixed issues in permission-scope mapping --- .../lifecycle/util/AnnotationProcessor.java | 6 +- .../permission/AnnotationProcessor.java | 7 +- .../devicemgt/app/conf/config.json | 125 +++++++++++------- pom.xml | 2 +- 4 files changed, 89 insertions(+), 51 deletions(-) diff --git a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java index e27c3edbe87..b820a4426fc 100644 --- a/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java +++ b/components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java @@ -66,6 +66,8 @@ public class AnnotationProcessor { private static final String SWAGGER_ANNOTATIONS_PROPERTIES_VALUE = "value"; private static final String ANNOTATIONS_SCOPES = "scopes"; + private static final String PERMISSION_PREFIX = "/permission/admin"; + private StandardContext context; private Method[] pathClazzMethods; @@ -201,8 +203,9 @@ public class AnnotationProcessor { Scope scope; String permissions[]; - StringBuilder aggregatedPermissions = new StringBuilder(); + StringBuilder aggregatedPermissions; for(int i=0; i pathClazz; @@ -391,8 +393,9 @@ public class AnnotationProcessor { Scope scope; String permissions[]; - StringBuilder aggregatedPermissions = new StringBuilder(); + StringBuilder aggregatedPermissions; for(int i=0; i[2.6.0,3.0.0) - 6.1.30-SNAPSHOT + 6.1.35 (6.0.0,7.0.0]