diff --git a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.api/src/main/java/org/wso2/carbon/device/mgt/iot/api/GroupManagerService.java b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.api/src/main/java/org/wso2/carbon/device/mgt/iot/api/GroupManagerService.java index 2776534d9..73300575d 100644 --- a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.api/src/main/java/org/wso2/carbon/device/mgt/iot/api/GroupManagerService.java +++ b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot.api/src/main/java/org/wso2/carbon/device/mgt/iot/api/GroupManagerService.java @@ -25,12 +25,14 @@ import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.DeviceIdentifier; import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup; +import org.wso2.carbon.device.mgt.common.group.mgt.GroupAlreadyEixistException; import org.wso2.carbon.device.mgt.common.group.mgt.GroupManagementException; import org.wso2.carbon.device.mgt.common.group.mgt.GroupUser; import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService; import org.wso2.carbon.device.mgt.iot.util.APIUtil; import org.wso2.carbon.device.mgt.iot.util.ResponsePayload; +import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; import javax.ws.rs.FormParam; import javax.ws.rs.GET; @@ -44,6 +46,7 @@ import javax.ws.rs.core.Response; import java.util.Date; import java.util.List; +@SuppressWarnings("NonJaxWsWebServices") public class GroupManagerService { private static final String DEFAULT_ADMIN_ROLE = "admin"; @@ -66,97 +69,75 @@ public class GroupManagerService { @POST @Produces("application/json") public Response createGroup(@FormParam("groupName") String groupName, - @FormParam("userName") String username, @FormParam("description") String description) { + String owner = getCurrentUserName(); DeviceGroup group = new DeviceGroup(); - group.setName(username); + group.setName(groupName); group.setDescription(description); - group.setOwner(username); + group.setOwner(owner); group.setDateOfCreation(new Date().getTime()); group.setDateOfLastUpdate(new Date().getTime()); - boolean isAdded = false; try { GroupManagementProviderService groupManagementService = APIUtil.getGroupManagementProviderService(); - int groupId = groupManagementService.createGroup(group, DEFAULT_ADMIN_ROLE, DEFAULT_ADMIN_PERMISSIONS); - if (groupId == -2) { - ResponsePayload responsePayload = new ResponsePayload(); - responsePayload.setStatusCode(HttpStatus.SC_CONFLICT); - responsePayload.setMessageFromServer("Group name is already exists."); - responsePayload.setResponseContent("CONFLICT"); - return Response.status(HttpStatus.SC_CONFLICT).entity(responsePayload).build(); - } else { - isAdded = (groupId > 0) && groupManagementService.addGroupSharingRole(username, groupId, - DEFAULT_OPERATOR_ROLE, - DEFAULT_OPERATOR_PERMISSIONS); - groupManagementService.addGroupSharingRole(username, groupId, DEFAULT_STATS_MONITOR_ROLE, - DEFAULT_STATS_MONITOR_PERMISSIONS); - groupManagementService.addGroupSharingRole(username, groupId, DEFAULT_VIEW_POLICIES, - DEFAULT_VIEW_POLICIES_PERMISSIONS); - groupManagementService.addGroupSharingRole(username, groupId, DEFAULT_MANAGE_POLICIES, - DEFAULT_MANAGE_POLICIES_PERMISSIONS); - groupManagementService.addGroupSharingRole(username, groupId, DEFAULT_VIEW_EVENTS, - DEFAULT_VIEW_EVENTS_PERMISSIONS); - ResponsePayload responsePayload = new ResponsePayload(); - responsePayload.setStatusCode(HttpStatus.SC_OK); - return Response.status(HttpStatus.SC_OK).entity(responsePayload).build(); - } + groupManagementService.createGroup(group, DEFAULT_ADMIN_ROLE, DEFAULT_ADMIN_PERMISSIONS); + groupManagementService.addGroupSharingRole(owner, groupName, owner, + DEFAULT_OPERATOR_ROLE, + DEFAULT_OPERATOR_PERMISSIONS); + groupManagementService.addGroupSharingRole(owner, groupName, owner, DEFAULT_STATS_MONITOR_ROLE, + DEFAULT_STATS_MONITOR_PERMISSIONS); + groupManagementService.addGroupSharingRole(owner, groupName, owner, DEFAULT_VIEW_POLICIES, + DEFAULT_VIEW_POLICIES_PERMISSIONS); + groupManagementService.addGroupSharingRole(owner, groupName, owner, DEFAULT_MANAGE_POLICIES, + DEFAULT_MANAGE_POLICIES_PERMISSIONS); + groupManagementService.addGroupSharingRole(owner, groupName, owner, DEFAULT_VIEW_EVENTS, + DEFAULT_VIEW_EVENTS_PERMISSIONS); + return Response.status(Response.Status.CREATED).build(); } catch (GroupManagementException e) { + log.error(e.getErrorMessage(), e); return Response.status(HttpStatus.SC_INTERNAL_SERVER_ERROR).entity(e.getMessage()).build(); + } catch (GroupAlreadyEixistException e) { + ResponsePayload responsePayload = new ResponsePayload(); + responsePayload.setStatusCode(HttpStatus.SC_CONFLICT); + responsePayload.setMessageFromServer("Group name is already exists."); + responsePayload.setResponseContent("CONFLICT"); + return Response.status(HttpStatus.SC_CONFLICT).entity(responsePayload).build(); } } - @Path("/groups/{groupId}") + @Path("/groups/{owner}/{groupName}") @PUT + @Consumes("application/json") @Produces("application/json") - public Response updateGroup(@PathParam("groupId") int groupId, @FormParam("groupName") String groupName, - @FormParam("userName") String userName, - @FormParam("description") String description) { + public Response updateGroup(@PathParam("groupName") String groupName, @PathParam("owner") String owner, + DeviceGroup deviceGroup) { try { - GroupManagementProviderService groupManagementService = APIUtil.getGroupManagementProviderService(); - DeviceGroup group = groupManagementService.getGroup(groupId); - group.setName(groupName); - group.setDescription(description); - group.setOwner(userName); - group.setDateOfLastUpdate(new Date().getTime()); - Response.status(Response.Status.OK.getStatusCode()); - groupManagementService.updateGroup(group); - return Response.status(Response.Status.NO_CONTENT).build(); + APIUtil.getGroupManagementProviderService().updateGroup(deviceGroup, groupName, owner); + return Response.status(Response.Status.OK).build(); } catch (GroupManagementException e) { log.error(e.getErrorMessage(), e); return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); } } - @Path("/groups/{groupId}") + @Path("/groups/{owner}/{groupName}") @DELETE @Produces("application/json") - public Response deleteGroup(@PathParam("groupId") int groupId, @QueryParam("userName") String userName) { - - if (!checkAuthorize(getCurrentUserName(), groupId, "/permission/device-mgt/admin/groups/delete")) { - return Response.status(Response.Status.FORBIDDEN).build(); - } - + public Response deleteGroup(@PathParam("groupName") String groupName, @PathParam("owner") String owner) { try { - boolean isDeleted = APIUtil.getGroupManagementProviderService().deleteGroup( - groupId); - if (isDeleted) { - return Response.status(Response.Status.NO_CONTENT).build(); - } else { - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); - } + APIUtil.getGroupManagementProviderService().deleteGroup(groupName, owner); + return Response.status(Response.Status.OK).build(); } catch (GroupManagementException e) { log.error(e.getMessage()); return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); } } - @Path("/groups/{groupId}") + @Path("/groups/{owner}/{groupName}") @GET @Produces("application/json") - public Response getGroup(@PathParam("groupId") int groupId) { + public Response getGroup(@PathParam("groupName") String groupName, @PathParam("owner") String owner) { try { - DeviceGroup deviceGroup = APIUtil.getGroupManagementProviderService().getGroup( - groupId); + DeviceGroup deviceGroup = APIUtil.getGroupManagementProviderService().getGroup(groupName, owner); if (deviceGroup != null) { return Response.status(Response.Status.OK).entity(deviceGroup).build(); } else { @@ -220,23 +201,20 @@ public class GroupManagerService { } } - @Path("/groups/{groupId}/share") + @Path("/groups/{owner}/{groupName}/share") @PUT @Produces("application/json") - public Response shareGroup(@FormParam("userName") String userName, - @FormParam("shareUser") String shareUser, @PathParam("groupId") int groupId, + public Response shareGroup(@PathParam("groupName") String groupName, @PathParam("owner") String owner, + @FormParam("shareUser") String shareUser, @FormParam("roleName") String sharingRole) { - if (!checkAuthorize(getCurrentUserName(), groupId, "/permission/device-mgt/admin/groups/share")) { - return Response.status(Response.Status.FORBIDDEN).build(); - } try { boolean isShared = APIUtil.getGroupManagementProviderService().shareGroup( - shareUser, groupId, sharingRole); + shareUser, groupName, owner, sharingRole); if (isShared) { - return Response.status(Response.Status.NO_CONTENT).build(); + return Response.status(Response.Status.OK).build(); } else { - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); + return Response.status(Response.Status.NOT_FOUND).build(); } } catch (GroupManagementException e) { log.error(e.getMessage(), e); @@ -244,24 +222,19 @@ public class GroupManagerService { } } - @Path("/groups/{groupId}/unshare") + @Path("/groups/{owner}/{groupName}/unshare") @PUT @Produces("application/json") - public Response unShareGroup(@FormParam("userName") String userName, + public Response unShareGroup(@PathParam("groupName") String groupName, @PathParam("owner") String owner, @FormParam("unShareUser") String unShareUser, - @PathParam("groupId") int groupId, @FormParam("roleName") String sharingRole) { - if (!checkAuthorize(getCurrentUserName(), groupId, "/permission/device-mgt/admin/groups/share")) { - return Response.status(Response.Status.FORBIDDEN).build(); - } - try { boolean isUnShared = APIUtil.getGroupManagementProviderService().unshareGroup( - unShareUser, groupId, sharingRole); + unShareUser, groupName, owner, sharingRole); if (isUnShared) { - return Response.status(Response.Status.NO_CONTENT).build(); + return Response.status(Response.Status.OK).build(); } else { - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); + return Response.status(Response.Status.NOT_FOUND).build(); } } catch (GroupManagementException e) { log.error(e.getMessage(), e); @@ -269,23 +242,21 @@ public class GroupManagerService { } } - @Path("/groups/{groupId}/share/roles/{roleName}/permissions") + @Path("/groups/{owner}/{groupName}/share/roles/{roleName}/permissions") @PUT @Produces("application/json") - public Response addSharing(@QueryParam("userName") String userName, @PathParam("groupId") int groupId, + public Response addSharing(@QueryParam("shareUser") String shareUser, @PathParam("groupName") String groupName, + @PathParam("owner") String owner, @PathParam("roleName") String roleName, @FormParam("permissions") String[] permissions) { - if (!checkAuthorize(getCurrentUserName(), groupId, "/permission/device-mgt/admin/groups/share")) { - return Response.status(Response.Status.FORBIDDEN).build(); - } try { boolean isAdded = APIUtil.getGroupManagementProviderService().addGroupSharingRole( - userName, groupId, roleName, permissions); + shareUser, groupName, owner, roleName, permissions); if (isAdded) { - return Response.status(Response.Status.NO_CONTENT).build(); + return Response.status(Response.Status.OK).build(); } else { - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); + return Response.status(Response.Status.NOT_FOUND).build(); } } catch (GroupManagementException e) { log.error(e.getMessage(), e); @@ -294,21 +265,18 @@ public class GroupManagerService { } @DELETE - @Path("/groups/{groupId}/share/roles/{roleName}/permissions") + @Path("/groups/{owner}/{groupName}/share/roles/{roleName}/permissions") @Produces("application/json") - public Response removeSharing(@QueryParam("userName") String userName, @PathParam("groupId") int groupId, + public Response removeSharing(@QueryParam("userName") String userName, @PathParam("groupName") String groupName, + @PathParam("owner") String owner, @PathParam("roleName") String roleName) { - if (!checkAuthorize(getCurrentUserName(), groupId, "/permission/device-mgt/admin/groups/share")) { - return Response.status(Response.Status.FORBIDDEN).build(); - } - try { boolean isRemoved = APIUtil.getGroupManagementProviderService().removeGroupSharingRole( - groupId, roleName); + groupName, owner, roleName); if (isRemoved) { - return Response.status(Response.Status.NO_CONTENT).build(); + return Response.status(Response.Status.OK).build(); } else { - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); + return Response.status(Response.Status.NOT_FOUND).build(); } } catch (GroupManagementException e) { log.error(e.getMessage(), e); @@ -317,16 +285,16 @@ public class GroupManagerService { } @GET - @Path("/groups/{groupId}/share/roles") + @Path("/groups/{owner}/{groupName}/share/roles") @Produces("application/json") - public Response getRoles(@PathParam("groupId") int groupId, @QueryParam("userName") String userName) { + public Response getRoles(@PathParam("groupName") String groupName, + @PathParam("owner") String owner, @QueryParam("userName") String userName) { try { List roles; if (userName != null && !userName.isEmpty()) { - roles = APIUtil.getGroupManagementProviderService().getRoles(userName, - groupId); + roles = APIUtil.getGroupManagementProviderService().getRoles(userName, groupName, owner); } else { - roles = APIUtil.getGroupManagementProviderService().getRoles(groupId); + roles = APIUtil.getGroupManagementProviderService().getRoles(groupName, owner); } String[] rolesArray = new String[roles.size()]; roles.toArray(rolesArray); @@ -338,12 +306,13 @@ public class GroupManagerService { } @GET - @Path("/groups/{groupId}/users") + @Path("/groups/{owner}/{groupName}/users") @Produces("application/json") - public Response getUsers(@PathParam("groupId") int groupId) { + public Response getUsers(@PathParam("groupName") String groupName, + @PathParam("owner") String owner) { try { List users = APIUtil.getGroupManagementProviderService().getUsers( - groupId); + groupName, owner); GroupUser[] usersArray = new GroupUser[users.size()]; users.toArray(usersArray); return Response.status(Response.Status.OK).entity(usersArray).build(); @@ -354,12 +323,13 @@ public class GroupManagerService { } @GET - @Path("/groups/{groupId}/devices/all") + @Path("/groups/{owner}/{groupName}/devices/all") @Produces("application/json") - public Response getDevices(@PathParam("groupId") int groupId) { + public Response getDevices(@PathParam("groupName") String groupName, + @PathParam("owner") String owner) { try { List devices = APIUtil.getGroupManagementProviderService().getDevices( - groupId); + groupName, owner); Device[] deviceArray = new Device[devices.size()]; devices.toArray(deviceArray); return Response.status(Response.Status.OK).entity(deviceArray).build(); @@ -370,11 +340,12 @@ public class GroupManagerService { } @GET - @Path("/groups/{groupId}/devices/count") + @Path("/groups/{owner}/{groupName}/devices/count") @Produces("application/json") - public Response getDeviceCount(@PathParam("groupId") int groupId) { + public Response getDeviceCount(@PathParam("groupName") String groupName, + @PathParam("owner") String owner) { try { - int count = APIUtil.getGroupManagementProviderService().getDeviceCount(groupId); + int count = APIUtil.getGroupManagementProviderService().getDeviceCount(groupName, owner); return Response.status(Response.Status.OK).entity(count).build(); } catch (GroupManagementException e) { log.error(e.getMessage(), e); @@ -383,23 +354,20 @@ public class GroupManagerService { } @PUT - @Path("/groups/{groupId}/devices/{deviceType}/{deviceId}") + @Path("/groups/{owner}/{groupName}/devices/{deviceType}/{deviceId}") @Produces("application/json") - public Response addDevice(@PathParam("groupId") int groupId, @PathParam("deviceId") String deviceId, + public Response addDevice(@PathParam("groupName") String groupName, + @PathParam("owner") String owner, @PathParam("deviceId") String deviceId, @PathParam("deviceType") String deviceType, @FormParam("userName") String userName) { - if (!checkAuthorize(getCurrentUserName(), groupId, - "/permission/device-mgt/admin/groups/add_devices")) { - return Response.status(Response.Status.FORBIDDEN).build(); - } try { DeviceIdentifier deviceIdentifier = new DeviceIdentifier(deviceId, deviceType); boolean isAdded = APIUtil.getGroupManagementProviderService().addDevice( - deviceIdentifier, groupId); + deviceIdentifier, groupName, owner); if (isAdded) { - return Response.status(Response.Status.NO_CONTENT).build(); + return Response.status(Response.Status.OK).build(); } else { - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); + return Response.status(Response.Status.NOT_FOUND).build(); } } catch (GroupManagementException e) { log.error(e.getMessage(), e); @@ -408,22 +376,19 @@ public class GroupManagerService { } @DELETE - @Path("/groups/{groupId}/devices/{deviceType}/{deviceId}") + @Path("/groups/{owner}/{groupName}/devices/{deviceType}/{deviceId}") @Produces("application/json") - public Response removeDevice(@PathParam("groupId") int groupId, @PathParam("deviceId") String deviceId, + public Response removeDevice(@PathParam("groupName") String groupName, + @PathParam("owner") String owner, @PathParam("deviceId") String deviceId, @PathParam("deviceType") String deviceType) { - if (!checkAuthorize(getCurrentUserName(), groupId, - "/permission/device-mgt/admin/groups/remove_devices")) { - return Response.status(Response.Status.FORBIDDEN).build(); - } try { DeviceIdentifier deviceIdentifier = new DeviceIdentifier(deviceId, deviceType); boolean isRemoved = APIUtil.getGroupManagementProviderService().removeDevice( - deviceIdentifier, groupId); + deviceIdentifier, groupName, owner); if (isRemoved) { - return Response.status(Response.Status.NO_CONTENT).build(); + return Response.status(Response.Status.OK).build(); } else { - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); + return Response.status(Response.Status.NOT_FOUND).build(); } } catch (GroupManagementException e) { log.error(e.getMessage(), e); @@ -432,13 +397,14 @@ public class GroupManagerService { } @GET - @Path("/groups/{groupId}/users/{userName}/permissions") + @Path("/groups/{owner}/{groupName}/users/{userName}/permissions") @Produces("application/json") public Response getPermissions(@PathParam("userName") String userName, - @PathParam("groupId") int groupId) { + @PathParam("groupName") String groupName, + @PathParam("owner") String owner) { try { String[] permissions = APIUtil.getGroupManagementProviderService() - .getPermissions(userName, groupId); + .getPermissions(userName, groupName, owner); return Response.status(Response.Status.OK).entity(permissions).build(); } catch (GroupManagementException e) { log.error(e.getMessage(), e); @@ -446,28 +412,6 @@ public class GroupManagerService { } } - @GET - @Path("/groups/{groupId}/users/{userName}/authorized") - @Produces("application/json") - public Response isAuthorized(@PathParam("userName") String userName, @PathParam("groupId") int groupId, - @QueryParam("permission") String permission) { - boolean isAuthorized = checkAuthorize(userName, groupId, permission); - if (isAuthorized) { - return Response.status(Response.Status.OK).build(); - } else { - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); - } - } - - private boolean checkAuthorize(String userName, int groupId, String permission) { - try { - return APIUtil.getGroupManagementProviderService().isAuthorized(userName, groupId, permission); - } catch (GroupManagementException e) { - log.error(e.getMessage(), e); - return false; - } - } - private String getCurrentUserName() { return PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername(); }