mapping permissions with scopes

scope-fixes
Viranga Gunarathna 1 year ago
parent db80546a5a
commit d63f2a3f24

@ -78,7 +78,7 @@ import java.util.List;
description = "Get activities", description = "Get activities",
key = "dm:activity:get", key = "dm:activity:get",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/activities/view"}
) )
} }
) )

@ -91,21 +91,21 @@ import java.util.Map;
description = "Disenroll a device", description = "Disenroll a device",
key = "dm:device:disenroll", key = "dm:device:disenroll",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/remove"} permissions = {"/device-mgt/devices/owning-device/disenroll"}
), ),
@Scope( @Scope(
name = "Publish Event", name = "Publish Event",
description = "publish device event", description = "publish device event",
key = "dm:device:event:publish", key = "dm:device:event:publish",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/event"} permissions = {"/device-mgt/devices/owning-device/event/publish"}
), ),
@Scope( @Scope(
name = "Getting Device Operation Details", name = "Getting Device Operation Details",
description = "Getting Device Operation Details", description = "Getting Device Operation Details",
key = "dm:ops:view", key = "dm:devices:ops:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/operations/view"}
) )
} }
) )
@ -394,7 +394,7 @@ public interface DeviceAgentService {
tags = "Device Agent Management", tags = "Device Agent Management",
extensions = { extensions = {
@Extension(properties = { @Extension(properties = {
@ExtensionProperty(name = Constants.SCOPE, value = "dm:ops:view") @ExtensionProperty(name = Constants.SCOPE, value = "dm:devices:ops:view")
}) })
} }
) )
@ -453,7 +453,7 @@ public interface DeviceAgentService {
tags = "Device Agent Management", tags = "Device Agent Management",
extensions = { extensions = {
@Extension(properties = { @Extension(properties = {
@ExtensionProperty(name = Constants.SCOPE, value = "dm:ops:view") @ExtensionProperty(name = Constants.SCOPE, value = "dm:devices:ops:view")
}) })
} }
) )
@ -511,7 +511,7 @@ public interface DeviceAgentService {
tags = "Device Agent Management", tags = "Device Agent Management",
extensions = { extensions = {
@Extension(properties = { @Extension(properties = {
@ExtensionProperty(name = Constants.SCOPE, value = "dm:ops:view") @ExtensionProperty(name = Constants.SCOPE, value = "dm:devices:ops:view")
}) })
} }
) )
@ -630,7 +630,7 @@ public interface DeviceAgentService {
tags = "Device Agent Management", tags = "Device Agent Management",
extensions = { extensions = {
@Extension(properties = { @Extension(properties = {
@ExtensionProperty(name = Constants.SCOPE, value = "dm:ops:view") @ExtensionProperty(name = Constants.SCOPE, value = "dm:devices:ops:view")
}) })
} }
) )

@ -71,14 +71,14 @@ import java.util.List;
description = "Add or Delete Event Definition for device type", description = "Add or Delete Event Definition for device type",
key = "dm:device-type:event:modify", key = "dm:device-type:event:modify",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/device-type/add"} permissions = {"/device-mgt/devices/owning-device/event/modify"}
), ),
@Scope( @Scope(
name = "Get Events Details of a Device Type", name = "Get Events Details of a Device Type",
description = "Get Events Details of a Device Type", description = "Get Events Details of a Device Type",
key = "dm:device-type:event:view", key = "dm:device-type:event:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/event/view"}
) )
} }
) )

@ -99,63 +99,63 @@ import java.util.Map;
description = "Getting Details of a Device", description = "Getting Details of a Device",
key = "dm:devices:details", key = "dm:devices:details",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/details/view"}
), ),
@Scope( @Scope(
name = "Update the device specified by device id", name = "Update the device specified by device id",
description = "Update the device specified by device id", description = "Update the device specified by device id",
key = "dm:devices:update", key = "dm:devices:update",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/update"}
), ),
@Scope( @Scope(
name = "Delete the device specified by device id", name = "Delete the device specified by device id",
description = "Delete the device specified by device id", description = "Delete the device specified by device id",
key = "dm:devices:delete", key = "dm:devices:delete",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/delete"}
), ),
@Scope( @Scope(
name = "Getting Feature Details of a Device", name = "Getting Feature Details of a Device",
description = "Getting Feature Details of a Device", description = "Getting Feature Details of a Device",
key = "dm:devices:features:view", key = "dm:devices:features:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/features/view"}
), ),
@Scope( @Scope(
name = "Advanced Search for Devices", name = "Advanced Search for Devices",
description = "Advanced Search for Devices", description = "Advanced Search for Devices",
key = "dm:devices:search", key = "dm:devices:search",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/search"}
), ),
@Scope( @Scope(
name = "Getting Installed Application Details of a Device", name = "Getting Installed Application Details of a Device",
description = "Getting Installed Application Details of a Device", description = "Getting Installed Application Details of a Device",
key = "dm:devices:app:view", key = "dm:devices:app:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/apps/view"}
), ),
@Scope( @Scope(
name = "Getting Device Operation Details", name = "Getting Device Operation Details",
description = "Getting Device Operation Details", description = "Getting Device Operation Details",
key = "dm:devices:ops:view", key = "dm:devices:ops:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/operations/view"}
), ),
@Scope( @Scope(
name = "Get the details of the policy that is enforced on a device.", name = "Get the details of the policy that is enforced on a device.",
description = "Get the details of the policy that is enforced on a device.", description = "Get the details of the policy that is enforced on a device.",
key = "dm:devices:policy:view", key = "dm:devices:policy:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/policies/view"}
), ),
@Scope( @Scope(
name = "Getting Policy Compliance Details of a Device", name = "Getting Policy Compliance Details of a Device",
description = "Getting Policy Compliance Details of a Device", description = "Getting Policy Compliance Details of a Device",
key = "dm:devices:compliance:view", key = "dm:devices:compliance:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/compliance/view"}
), ),
@Scope( @Scope(
name = "Change device status.", name = "Change device status.",

@ -91,7 +91,7 @@ import java.util.List;
description = "Get the count of groups belongs to current user.", description = "Get the count of groups belongs to current user.",
key = "gm:groups:count", key = "gm:groups:count",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/view"} permissions = {"/device-mgt/groups/count"}
), ),
@Scope( @Scope(
name = "Add new device group to the system.", name = "Add new device group to the system.",
@ -105,7 +105,7 @@ import java.util.List;
description = "View group specified", description = "View group specified",
key = "gm:groups:groups-view", key = "gm:groups:groups-view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/view"} permissions = {"/device-mgt/groups/specified-groups/view"}
), ),
@Scope( @Scope(
name = "Update a group", name = "Update a group",
@ -147,7 +147,7 @@ import java.util.List;
description = "View list of device count in the device group", description = "View list of device count in the device group",
key = "gm:devices:count", key = "gm:devices:count",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/devices/view"} permissions = {"/device-mgt/groups/devices/count"}
), ),
@Scope( @Scope(
name = "Add devices to group", name = "Add devices to group",
@ -168,21 +168,21 @@ import java.util.List;
description = "Assign devices to groups", description = "Assign devices to groups",
key = "gm:devices:assign", key = "gm:devices:assign",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/devices/add"} permissions = {"/device-mgt/groups/devices/assign"}
), ),
@Scope( @Scope(
name = "List of groups that have the device", name = "List of groups that have the device",
description = "List of groups that have the device", description = "List of groups that have the device",
key = "gm:groups:device:view", key = "gm:groups:device:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/devices/view"} permissions = {"/device-mgt/groups/device-groups/view"}
), ),
@Scope( @Scope(
name = "View whether the groups has relevant device types", name = "View whether the groups has relevant device types",
description = "View whether the groups has relevant device types", description = "View whether the groups has relevant device types",
key = "gm:devices-types:view", key = "gm:devices-types:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/groups/device-types"} permissions = {"/device-mgt/groups/device-types/view"}
) )
} }
) )

@ -80,7 +80,7 @@ import javax.ws.rs.core.Response;
description = "Updating the Device Notification Status", description = "Updating the Device Notification Status",
key = "dm:notif:mark-checked", key = "dm:notif:mark-checked",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/notifications/view"} permissions = {"/device-mgt/notifications/update"}
) )
} }
) )

@ -79,7 +79,7 @@ import java.util.List;
description = "Adding a Policy", description = "Adding a Policy",
key = "pm:policies:add", key = "pm:policies:add",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"} permissions = {"/device-mgt/policies/add"}
), ),
@Scope( @Scope(
name = "Getting Details of Policies", name = "Getting Details of Policies",
@ -93,56 +93,56 @@ import java.util.List;
description = "Getting Details of a Policy", description = "Getting Details of a Policy",
key = "pm:policies:details:view", key = "pm:policies:details:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/view"} permissions = {"/device-mgt/policies/view-details"}
), ),
@Scope( @Scope(
name = "Updating a Policy", name = "Updating a Policy",
description = "Updating a Policy", description = "Updating a Policy",
key = "pm:policies:update", key = "pm:policies:update",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"} permissions = {"/device-mgt/policies/update"}
), ),
@Scope( @Scope(
name = "Removing Multiple Policies", name = "Removing Multiple Policies",
description = "Removing Multiple Policies", description = "Removing Multiple Policies",
key = "pm:policies:remove", key = "pm:policies:remove",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"} permissions = {"/device-mgt/policies/remove"}
), ),
@Scope( @Scope(
name = "Activating Policies", name = "Activating Policies",
description = "Activating Policies", description = "Activating Policies",
key = "pm:policies:activate", key = "pm:policies:activate",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"} permissions = {"/device-mgt/policies/activate"}
), ),
@Scope( @Scope(
name = "Deactivating Policies", name = "Deactivating Policies",
description = "Deactivating Policies", description = "Deactivating Policies",
key = "pm:policies:deactivate", key = "pm:policies:deactivate",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"} permissions = {"/device-mgt/policies/deactivate"}
), ),
@Scope( @Scope(
name = "Applying Changes on Policies", name = "Applying Changes on Policies",
description = "Applying Changes on Policies", description = "Applying Changes on Policies",
key = "pm:policies:change", key = "pm:policies:change",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"} permissions = {"/device-mgt/policies/apply-changes"}
), ),
@Scope( @Scope(
name = "Updating the Policy Priorities", name = "Updating the Policy Priorities",
description = "Updating the Policy Priorities", description = "Updating the Policy Priorities",
key = "pm:policies:priorities:update", key = "pm:policies:priorities:update",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/manage"} permissions = {"/device-mgt/policies/update-priority"}
), ),
@Scope( @Scope(
name = "Fetching the Effective Policy", name = "Fetching the Effective Policy",
description = "Fetching the Effective Policy", description = "Fetching the Effective Policy",
key = "pm:policies:effective-policy", key = "pm:policies:effective-policy",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/policies/view"} permissions = {"/device-mgt/policies/view-effective-policy"}
) )
} }
) )

@ -60,49 +60,49 @@ import java.util.List;
description = "Getting Permission Details of a Role", description = "Getting Permission Details of a Role",
key = "rm:roles:permissions:view", key = "rm:roles:permissions:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/view"} permissions = {"/device-mgt/roles/view-permissions"}
), ),
@Scope( @Scope(
name = "Getting the List of Roles", name = "Getting the List of Roles",
description = "Getting the List of Roles", description = "Getting the List of Roles",
key = "rm:roles:details:view", key = "rm:roles:details:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/view"} permissions = {"/device-mgt/roles/view-details"}
), ),
@Scope( @Scope(
name = "Adding a Role", name = "Adding a Role",
description = "Adding a Role", description = "Adding a Role",
key = "rm:roles:add", key = "rm:roles:add",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/manage"} permissions = {"/device-mgt/roles/add"}
), ),
@Scope( @Scope(
name = "Adding a combined Role", name = "Adding a combined Role",
description = "Adding a combined Role", description = "Adding a combined Role",
key = "rm:roles:combined:add", key = "rm:roles:combined:add",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/manage"} permissions = {"/device-mgt/roles/combined-role/add"}
), ),
@Scope( @Scope(
name = "Updating Role Details", name = "Updating Role Details",
description = "Updating Role Details", description = "Updating Role Details",
key = "rm:roles:update", key = "rm:roles:update",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/manage"} permissions = {"/device-mgt/roles/update"}
), ),
@Scope( @Scope(
name = "Deleting a Role", name = "Deleting a Role",
description = "Deleting a Role", description = "Deleting a Role",
key = "rm:roles:delete", key = "rm:roles:delete",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/manage"} permissions = {"/device-mgt/roles/delete"}
), ),
@Scope( @Scope(
name = "Adding Users to a Role", name = "Adding Users to a Role",
description = "Adding Users to a Role", description = "Adding Users to a Role",
key = "rm:users:add", key = "rm:users:add",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/roles/manage"} permissions = {"/device-mgt/roles/assign-user"}
) )
} }
) )

@ -82,35 +82,35 @@ import javax.ws.rs.core.Response;
description = "Adding a User", description = "Adding a User",
key = "um:users:add", key = "um:users:add",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/manage"} permissions = {"/device-mgt/users/add"}
), ),
@Scope( @Scope(
name = "Getting Details of a User", name = "Getting Details of a User",
description = "Getting Details of a User", description = "Getting Details of a User",
key = "um:users:details:view", key = "um:users:details:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"} permissions = {"/device-mgt/users/details/view"}
), ),
@Scope( @Scope(
name = "Updating Details of a User", name = "Updating Details of a User",
description = "Updating Details of a User", description = "Updating Details of a User",
key = "um:users:update", key = "um:users:update",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/manage"} permissions = {"/device-mgt/users/update"}
), ),
@Scope( @Scope(
name = "Deleting a User", name = "Deleting a User",
description = "Deleting a User", description = "Deleting a User",
key = "um:users:delete", key = "um:users:delete",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/manage"} permissions = {"/device-mgt/users/delete"}
), ),
@Scope( @Scope(
name = "Getting the Role Details of a User", name = "Getting the Role Details of a User",
description = "Getting the Role Details of a User", description = "Getting the Role Details of a User",
key = "um:roles:view", key = "um:roles:view",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"} permissions = {"/device-mgt/users/roles/view"}
), ),
@Scope( @Scope(
name = "Getting Details of Users", name = "Getting Details of Users",
@ -124,42 +124,42 @@ import javax.ws.rs.core.Response;
description = "Getting the User Count", description = "Getting the User Count",
key = "um:users:count", key = "um:users:count",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"} permissions = {"/device-mgt/users/count"}
), ),
@Scope( @Scope(
name = "Getting the User existence status", name = "Getting the User existence status",
description = "Getting the User existence status", description = "Getting the User existence status",
key = "um:users:is-exist", key = "um:users:is-exist",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"} permissions = {"/device-mgt/users/existence/view"}
), ),
@Scope( @Scope(
name = "Searching for a User Name", name = "Searching for a User Name",
description = "Searching for a User Name", description = "Searching for a User Name",
key = "um:users:search", key = "um:users:search",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/view"} permissions = {"/device-mgt/users/search"}
), ),
@Scope( @Scope(
name = "Changing the User Password", name = "Changing the User Password",
description = "Adding a User", description = "Adding a User",
key = "um:users:cred:change", key = "um:users:cred:change",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/login"} permissions = {"/login/password/update"}
), ),
@Scope( @Scope(
name = "Sending Enrollment Invitations to Users", name = "Sending Enrollment Invitations to Users",
description = "Sending Enrollment Invitations to Users", description = "Sending Enrollment Invitations to Users",
key = "um:users:invite", key = "um:users:invite",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/users/manage"} permissions = {"/device-mgt/users/invite"}
), ),
@Scope( @Scope(
name = "Get activities", name = "Get activities",
description = "Get activities", description = "Get activities",
key = "dm:activity:get", key = "dm:activity:get",
roles = {"Internal/devicemgt-user"}, roles = {"Internal/devicemgt-user"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/devices/owning-device/activities/view"}
), ),
@Scope( @Scope(
name = "Getting the Permissions of the User", name = "Getting the Permissions of the User",

@ -67,14 +67,14 @@ import javax.ws.rs.core.Response;
description = "Installing an Application (Internal API)", description = "Installing an Application (Internal API)",
key = "am:admin:app:install", key = "am:admin:app:install",
roles = {"Internal/devicemgt-admin"}, roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/applications/manage"} permissions = {"/device-mgt/admin/applications/install"}
), ),
@Scope( @Scope(
name = "Uninstalling an Application (Internal API)", name = "Uninstalling an Application (Internal API)",
description = "Uninstalling an Application (Internal API)", description = "Uninstalling an Application (Internal API)",
key = "am:admin:app:uninstall", key = "am:admin:app:uninstall",
roles = {"Internal/devicemgt-admin"}, roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/applications/manage"} permissions = {"/device-mgt/admin/applications/uninstall"}
) )
} }
) )

@ -79,7 +79,7 @@ import java.util.List;
description = "Getting Details of a Device", description = "Getting Details of a Device",
key = "dm:admin:devices:view", key = "dm:admin:devices:view",
roles = {"Internal/devicemgt-admin"}, roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/devices/owning-device/view"} permissions = {"/device-mgt/admin/devices/view"}
), ),
@Scope( @Scope(
name = "Update the Device Owner", name = "Update the Device Owner",

@ -84,7 +84,7 @@ import javax.ws.rs.core.Response;
description = "", description = "",
key = "gm:admin:groups:count", key = "gm:admin:groups:count",
roles = {"Internal/devicemgt-admin"}, roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/admin/groups/view"} permissions = {"/device-mgt/admin/groups/count"}
), ),
@Scope( @Scope(
name = "Add groups", name = "Add groups",

@ -53,14 +53,14 @@ import javax.ws.rs.core.Response;
description = "View Users", description = "View Users",
key = "um:admin:users:view", key = "um:admin:users:view",
roles = {"Internal/devicemgt-admin"}, roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/users/manage"} permissions = {"/device-mgt/admin/users/view"}
), ),
@Scope( @Scope(
name = "Delete Users Device Information", name = "Delete Users Device Information",
description = "Delete users device details", description = "Delete users device details",
key = "um:admin:users:remove", key = "um:admin:users:remove",
roles = {"Internal/devicemgt-admin"}, roles = {"Internal/devicemgt-admin"},
permissions = {"/device-mgt/users/manage"} permissions = {"/device-mgt/admin/users/delete"}
) )
} }
) )

@ -38,7 +38,7 @@ public final class DeviceManagementConstants {
private ConfigurationManagement(){ private ConfigurationManagement(){
throw new AssertionError(); throw new AssertionError();
} }
public static final String SCOPES_FOR_TOKEN = "dm:ops:view dm:device:event:publish win:devices:enroll"; public static final String SCOPES_FOR_TOKEN = "dm:devices:ops:view dm:device:event:publish win:devices:enroll";
public static final String IOT_GATEWAY_HOST = "iot.gateway.host"; public static final String IOT_GATEWAY_HOST = "iot.gateway.host";
public static final String IOT_GATEWAY_HTTPS_PORT = "iot.gateway.https.port"; public static final String IOT_GATEWAY_HTTPS_PORT = "iot.gateway.https.port";
public static final String IOT_CORE_HOST = "iot.core.host"; public static final String IOT_CORE_HOST = "iot.core.host";
@ -156,6 +156,7 @@ public final class DeviceManagementConstants {
new Permission("/permission/admin/device-mgt/devices/enroll", "ui.execute"), new Permission("/permission/admin/device-mgt/devices/enroll", "ui.execute"),
new Permission("/permission/admin/device-mgt/devices/disenroll", "ui.execute"), new Permission("/permission/admin/device-mgt/devices/disenroll", "ui.execute"),
new Permission("/permission/admin/device-mgt/devices/owning-device/view", "ui.execute"), new Permission("/permission/admin/device-mgt/devices/owning-device/view", "ui.execute"),
new Permission("/permission/admin/device-mgt/devices/owning-device/operations/view", "ui.execute"),
new Permission("/permission/admin/device-mgt/metadata", "ui.execute"), new Permission("/permission/admin/device-mgt/metadata", "ui.execute"),
new Permission("/permission/admin/manage/portal", "ui.execute") new Permission("/permission/admin/manage/portal", "ui.execute")
}; };

@ -409,7 +409,7 @@ deviceModule = function () {
var jwtClient = JWTClientManagerService.getJWTClient(); var jwtClient = JWTClientManagerService.getJWTClient();
// returning access token by JWT grant type // returning access token by JWT grant type
var deviceScope = "device_" + type.replace(" ", "") + "_" + deviceId + " dm:device:enroll " + var deviceScope = "device_" + type.replace(" ", "") + "_" + deviceId + " dm:device:enroll " +
"dm:device:disenroll dm:device:modify dm:ops:view dm:device:event:publish"; "dm:device:disenroll dm:device:modify dm:devices:ops:view dm:device:event:publish";
var tokenInfo = jwtClient.getAccessToken(config.clientId, config.clientSecret, var tokenInfo = jwtClient.getAccessToken(config.clientId, config.clientSecret,
userName, deviceScope); userName, deviceScope);
config.accessToken = tokenInfo.getAccessToken(); config.accessToken = tokenInfo.getAccessToken();

@ -120,7 +120,7 @@
-d '{ "applicationName":"testme", "isAllowedToAllDomains":false, "tags":["device_agent"]}'</code> -d '{ "applicationName":"testme", "isAllowedToAllDomains":false, "tags":["device_agent"]}'</code>
</li> </li>
<li class="padding-top-double"><span><h4 class="uppercase">Generate Token</h4></span> <li class="padding-top-double"><span><h4 class="uppercase">Generate Token</h4></span>
<code>curl -k -d "grant_type=password&username=%username%&password=%password%&scope=dm:device:enroll dm:device:disenroll dm:device:modify dm:ops:view dm:device:event:publish" <code>curl -k -d "grant_type=password&username=%username%&password=%password%&scope=dm:device:enroll dm:device:disenroll dm:device:modify dm:devices:ops:view dm:device:event:publish"
-H "Authorization: Basic Base64(client_id:client_secret)" -H "Authorization: Basic Base64(client_id:client_secret)"
-H "Content-Type: application/x-www-form-urlencoded" {{httpsGateway}}/token</code> -H "Content-Type: application/x-www-form-urlencoded" {{httpsGateway}}/token</code>
</li> </li>

Loading…
Cancel
Save