Add modification for app manager publisher

components/application-mgt/org.wso2.carbon.device.application.mgt.common/src/main/java/org/wso2/carbon/device/application/mgt/common/ApplicationRelease.java

@@ -75,6 +75,7 @@ public class ApplicationRelease {
             value = "Hash value of the application release")
     private String appHashValue;
 
+//    todo change this to boolean
     @ApiModelProperty(name = "isSharedWithAllTenants",
             value = "If application release is shared with all tenants it is eqal to 1 otherwise 0",
             required = true)

components/application-mgt/org.wso2.carbon.device.application.mgt.common/src/main/java/org/wso2/carbon/device/application/mgt/common/services/ApplicationManager.java

@@ -25,8 +25,6 @@ import org.wso2.carbon.device.application.mgt.common.Filter;
 import org.wso2.carbon.device.application.mgt.common.LifecycleState;
 import org.wso2.carbon.device.application.mgt.common.exception.ApplicationManagementException;
 import org.wso2.carbon.device.application.mgt.common.exception.RequestValidatingException;
-import org.wso2.carbon.device.application.mgt.common.exception.ResourceManagementException;
-import org.wso2.carbon.device.mgt.common.DeviceManagementException;
 
 import java.io.InputStream;
 import java.util.List;
@@ -50,10 +48,11 @@ public interface ApplicationManager {
      * Updates an already existing application.
      *
      * @param application Application that need to be updated.
+     * @param applicationId ID of the application
      * @return Updated Application
      * @throws ApplicationManagementException Application Management Exception
      */
-    Application updateApplication(Application application) throws ApplicationManagementException;
+    Application updateApplication(int applicationId, Application application) throws ApplicationManagementException;
 
     /**
      * Delete an application identified by the unique ID.
@@ -83,15 +82,6 @@ public interface ApplicationManager {
      */
     ApplicationList getApplications(Filter filter) throws ApplicationManagementException;
 
-    /**
-     * To get the applications based on the search filter.
-     *
-     * @param appId id of the application
-     * @return Application release which is published and release of the Application(appId).
-     * @throws ApplicationManagementException Application Management Exception
-     */
-    String getUuidOfLatestRelease(int appId) throws ApplicationManagementException;
-
     /**
      * To get the Application for given Id.
      *
@@ -121,24 +111,6 @@ public interface ApplicationManager {
      */
     Application getApplicationByRelease(String appReleaseUUID) throws ApplicationManagementException;
 
-    /**
-     * To get Application with the given UUID.
-     *
-     * @param appId ID of the Application
-     * @return the boolean value, whether application exist or not
-     * @throws ApplicationManagementException Application Management Exception.
-     */
-    boolean verifyApplicationExistenceById(int appId) throws ApplicationManagementException;
-
-    /**
-     * To get Application with the given UUID.
-     *
-     * @return the boolean value, whether user has assigned unrestricted roles to access the application
-     * * @throws ApplicationManagementException Application Management Exception.
-     */
-    Boolean isUserAllowable(List<String> unrestrictedRoles, String userName) throws ApplicationManagementException;
-
-
     /**
      * To get all the releases of a particular Application.
      *
@@ -186,24 +158,12 @@ public interface ApplicationManager {
      * To update release images.
      *
      * @param appId    ID of the Application
-     * @param appType   Application type
+     * @param deviceType   Applicable device type of the application
      * @param uuid    uuid of the Application
      * @param binaryFile    binaryFile of the release.
      * @throws ApplicationManagementException Application Management Exception.
      */
-    void updateApplicationArtifact(int appId, String appType, String uuid, InputStream binaryFile)
+    void updateApplicationArtifact(int appId, String deviceType, String uuid, InputStream binaryFile)
-            throws ApplicationManagementException;
-
-
-    /**
-     * To verify whether application release is acceptable to update or not.
-     *
-     * @param appId    ID of the Application
-     * @param appReleaseUuid UUID of the ApplicationRelease
-     * @return Updated Application Release.
-     * @throws ApplicationManagementException Application Management Exception.
-     */
-    boolean isAcceptableAppReleaseUpdate(int appId, String appReleaseUuid)
             throws ApplicationManagementException;
 
     /**
@@ -216,4 +176,20 @@ public interface ApplicationManager {
     ApplicationRelease createRelease(int applicationId, ApplicationRelease applicationRelease)
             throws ApplicationManagementException;
 
+    /***
+     *
+     * @param applicationId ID of the application
+     * @param releaseUuid UUID of the application release
+     * @param deviceType Supported device type of the application
+     * @param applicationRelease {@link ApplicationRelease}
+     * @param binaryFileStram {@link InputStream} of the binary file
+     * @param iconFileStream {@link InputStream} of the icon
+     * @param bannerFileStream {@link InputStream} of the banner
+     * @param attachments {@link List} of {@link InputStream} of attachments
+     * @return If the application release is updated correctly True returns, otherwise retuen False
+     */
+    boolean updateRelease(int applicationId, String releaseUuid, String deviceType, ApplicationRelease applicationRelease,
+            InputStream binaryFileStram, InputStream iconFileStream, InputStream bannerFileStream,
+            List<InputStream> attachments) throws ApplicationManagementException;
+
 }

components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/dao/ApplicationDAO.java

@@ -144,8 +144,7 @@ public interface ApplicationDAO {
      * @return Updated Application.
      * @throws ApplicationManagementDAOException Application Management DAO Exception.
      */
-    Application editApplication(Application application, int tenantId) throws ApplicationManagementDAOException,
+    Application editApplication(Application application, int tenantId) throws ApplicationManagementDAOException;
-            ApplicationManagementException;
 
     /**
      * To delete the application

components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/dao/LifecycleStateDAO.java

@@ -75,4 +75,14 @@ public interface LifecycleStateDAO {
      * @throws LifeCycleManagementDAOException Lifecycle Management DAO Exception.
      */
     void deleteLifecycleState(int identifier) throws LifeCycleManagementDAOException;
-}
+
+    /***
+     *
+     * @param appId ID of the application
+     * @param uuid UUID of the application release
+     * @return Username of the application release creator
+     * @throws LifeCycleManagementDAOException {@link LifeCycleManagementDAOException}
+     */
+    String getAppReleaseCreatedUsername(int appId, String uuid, int tenantId) throws LifeCycleManagementDAOException;
+
+    }

components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/dao/impl/application/GenericApplicationDAOImpl.java

@@ -514,14 +514,14 @@ public class GenericApplicationDAOImpl extends AbstractDAOImpl implements Applic
     }
 
     @Override
-    public Application editApplication(Application application, int tenantId) throws ApplicationManagementException {
+    public Application editApplication(Application application, int tenantId) throws ApplicationManagementDAOException {
         int paramIndex = 1;
         Connection conn;
         PreparedStatement stmt = null;
         Application existingApplication = this.getApplicationById(application.getId(), tenantId);
 
         if (existingApplication == null) {
-            throw new ApplicationManagementException("There doesn't have an application for updating");
+            throw new ApplicationManagementDAOException("There doesn't have an application for updating");
         }
         try {
             conn = this.getDBConnection();

components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/dao/impl/lifecyclestate/GenericLifecycleStateDAOImpl.java

@@ -18,6 +18,7 @@
  */
 package org.wso2.carbon.device.application.mgt.core.dao.impl.lifecyclestate;
 
+import org.wso2.carbon.device.application.mgt.common.AppLifecycleState;
 import org.wso2.carbon.device.application.mgt.common.LifecycleState;
 import org.wso2.carbon.device.application.mgt.common.exception.DBConnectionException;
 import org.wso2.carbon.device.application.mgt.core.dao.LifecycleStateDAO;
@@ -87,10 +88,39 @@ public class GenericLifecycleStateDAOImpl extends AbstractDAOImpl implements Lif
         } finally {
             Util.cleanupResources(stmt, rs);
         }
-
     }
 
 
+    public String getAppReleaseCreatedUsername(int appId, String uuid, int tenantId) throws LifeCycleManagementDAOException{
+        Connection conn = null;
+        PreparedStatement stmt = null;
+        ResultSet rs = null;
+        try {
+            conn = this.getDBConnection();
+            String sql = "SELECT UPDATED_BY FROM AP_APP_LIFECYCLE_STATE WHERE AP_APP_ID=? AND "
+                    + "AP_APP_RELEASE_ID=(SELECT ID FROM AP_APP_RELEASE WHERE UUID=?) AND CURRENT_STATE = ? AND TENANT_ID = ?;";
+
+            stmt = conn.prepareStatement(sql);
+            stmt.setInt(1, appId);
+            stmt.setString(2, uuid);
+            stmt.setString(3, AppLifecycleState.CREATED.toString());
+            stmt.setInt(4, tenantId);
+            rs = stmt.executeQuery();
+            if (rs.next()) {
+                return rs.getString("UPDATED_BY");
+
+            }
+            return null;
+        } catch (SQLException e) {
+            throw new LifeCycleManagementDAOException("Error occurred while getting application List", e);
+        }  catch (DBConnectionException e) {
+            throw new LifeCycleManagementDAOException("Error occurred while obtaining the DB connection to get latest"
+                    + " lifecycle state for a specific application", e);
+        } finally {
+            Util.cleanupResources(stmt, rs);
+        }
+    }
+
     @Override
     public List<LifecycleState> getLifecycleStates(int appReleaseId) throws LifeCycleManagementDAOException {
         List<LifecycleState> lifecycleStates = new ArrayList<>();

components/application-mgt/org.wso2.carbon.device.application.mgt.core/src/main/java/org/wso2/carbon/device/application/mgt/core/impl/ApplicationManagerImpl.java

@@ -35,7 +35,6 @@ import org.wso2.carbon.device.application.mgt.common.User;
 import org.wso2.carbon.device.application.mgt.common.exception.ApplicationManagementException;
 import org.wso2.carbon.device.application.mgt.common.exception.ApplicationStorageManagementException;
 import org.wso2.carbon.device.application.mgt.common.exception.DBConnectionException;
-import org.wso2.carbon.device.application.mgt.common.exception.LifecycleManagementException;
 import org.wso2.carbon.device.application.mgt.common.exception.RequestValidatingException;
 import org.wso2.carbon.device.application.mgt.common.exception.ResourceManagementException;
 import org.wso2.carbon.device.application.mgt.common.exception.TransactionManagementException;
@@ -64,7 +63,6 @@ import org.wso2.carbon.user.api.UserRealm;
 import org.wso2.carbon.user.api.UserStoreException;
 import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
 
-
 import java.io.InputStream;
 import java.util.ArrayList;
 import java.util.Collection;
@@ -181,7 +179,6 @@ public class ApplicationManagerImpl implements ApplicationManager {
             }
             return application;
         } catch (DeviceManagementException e) {
-            ConnectionManagerUtil.rollbackDBTransaction();
             throw new ApplicationManagementException(
                     "Error occurred while getting device type id of " + application.getType(), e);
         } catch (LifeCycleManagementDAOException e) {
@@ -202,8 +199,9 @@ public class ApplicationManagerImpl implements ApplicationManager {
                     "Error occured while adding unrestricted roles. application name: " + application.getName()
                             + " application type: " + application.getType(), e);
         } catch (TransactionManagementException e) {
-            ConnectionManagerUtil.rollbackDBTransaction();
             throw new ApplicationManagementException("Error occured while disabling AutoCommit. ", e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
         }
     }
 
@@ -292,12 +290,10 @@ public class ApplicationManagerImpl implements ApplicationManager {
             ConnectionManagerUtil.commitDBTransaction();
             return applicationRelease;
         } catch (TransactionManagementException e) {
-            ConnectionManagerUtil.rollbackDBTransaction();
             throw new ApplicationManagementException(
                     "Error occurred while staring application release creating transaction for application Id: "
                             + applicationId, e);
         } catch (DBConnectionException e) {
-            ConnectionManagerUtil.rollbackDBTransaction();
             throw new ApplicationManagementException(
                     "Error occurred while adding application release into IoTS app management Application id of the "
                             + "application release: " + applicationId, e);
@@ -307,23 +303,18 @@ public class ApplicationManagerImpl implements ApplicationManager {
             throw new ApplicationManagementException(
                     "Error occurred while adding new application release lifecycle state to the application release: "
                             + applicationId, e);
-        } catch (UserStoreException e) {
+        } catch (ApplicationManagementDAOException e){
+            ConnectionManagerUtil.rollbackDBTransaction();
+            throw new ApplicationManagementException(
+                    "Error occurred while adding new application release for application " + applicationId, e);
+        }catch (UserStoreException e) {
             ConnectionManagerUtil.rollbackDBTransaction();
             throw new ApplicationManagementException(
                     "Error occurred whecn checking whether user is admin user or not. Application release: "
                             + applicationId, e);
-        }
+        } finally{
-    }
-
-    @Override
-    public String getUuidOfLatestRelease(int appId) throws ApplicationManagementException {
-        try {
-            ConnectionManagerUtil.openDBConnection();
-            return applicationDAO.getUuidOfLatestRelease(appId);
-        } finally {
             ConnectionManagerUtil.closeDBConnection();
         }
-
     }
 
     @Override
@@ -493,28 +484,6 @@ public class ApplicationManagerImpl implements ApplicationManager {
         }
     }
 
-    public boolean verifyApplicationExistenceById(int appId) throws ApplicationManagementException {
-        try {
-            int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
-            boolean isAppExist;
-            ConnectionManagerUtil.openDBConnection();
-            isAppExist = this.applicationDAO.verifyApplicationExistenceById(appId, tenantId);
-            return isAppExist;
-        } finally {
-            ConnectionManagerUtil.closeDBConnection();
-        }
-    }
-
-    public Boolean isUserAllowable(List<String> unrestrictedRoles, String userName)
-            throws ApplicationManagementException {
-        try {
-            return isRoleExists(unrestrictedRoles, userName);
-        } catch (UserStoreException e) {
-            throw new ApplicationManagementException(
-                    "User-store exception while verifying whether user have assigned" + "unrestricted roles or not", e);
-        }
-    }
-
     private List<ApplicationRelease> getReleases(Application application, String releaseState)
             throws ApplicationManagementException {
         int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
@@ -629,6 +598,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
             String msg = "Error occured while changing the application lifecycle state into REMOVED state.";
             log.error(msg);
             throw new ApplicationManagementException(msg, e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
         }
         return storedLocations;
     }
@@ -820,7 +791,6 @@ public class ApplicationManagerImpl implements ApplicationManager {
         return false;
     }
 
-
     /**
      * Get the application if application is an accessible one.
      *
@@ -928,7 +898,6 @@ public class ApplicationManagerImpl implements ApplicationManager {
             }
             ConnectionManagerUtil.commitDBTransaction();
         } catch (DBConnectionException e) {
-            ConnectionManagerUtil.rollbackDBTransaction();
             throw new ApplicationManagementException(
                     "Error occured when getting DB connection to update image artifacts of the application, appid: "
                             + appId + " and uuid " + uuid + ".", e);
@@ -947,32 +916,36 @@ public class ApplicationManagerImpl implements ApplicationManager {
             throw new ApplicationManagementException(
                     "Error occured while updating image artifacts of the application, appid: " + appId + " and uuid "
                             + uuid + " to the system.", e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
         }
     }
 
-    @Override public void updateApplicationArtifact(int appId, String appType, String uuid, InputStream binaryFile)
+    //todo check whether package names are same
+    @Override
+    public void updateApplicationArtifact(int appId, String deviceType, String uuid, InputStream binaryFile)
             throws ApplicationManagementException {
         int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
         ApplicationStorageManager applicationStorageManager = Util.getApplicationStorageManager();
         ApplicationRelease applicationRelease;
         try {
-            boolean isValidAppType = false;
+            boolean isValidDeviceType = false;
             List<DeviceType> deviceTypes = Util.getDeviceManagementService().getDeviceTypes();
-            for (DeviceType deviceType : deviceTypes) {
+            for (DeviceType dt : deviceTypes) {
-                if (deviceType.getName().equals(appType)) {
+                if (dt.getName().equals(deviceType)) {
-                    isValidAppType = true;
+                    isValidDeviceType = true;
                     break;
                 }
             }
-            if (!isValidAppType) {
+            if (!isValidDeviceType) {
                 throw new ValidationException(
-                        "Invalid request to update application release artifact, invalid application type: " + appType
+                        "Invalid request to update application release artifact, invalid application type: " + deviceType
                                 + " for Application id: " + appId + " application release uuid: " + uuid);
             }
             if (appId <= 0) {
                 throw new ValidationException(
                         "Application id could,t be a negative integer. Hence please add valid application id. application type: "
-                                + appType + " Application id: " + appId + " UUID: " + uuid);
+                                + deviceType + " Application id: " + appId + " UUID: " + uuid);
             }
 
             ConnectionManagerUtil.beginDBTransaction();
@@ -1004,7 +977,6 @@ public class ApplicationManagerImpl implements ApplicationManager {
             ConnectionManagerUtil.rollbackDBTransaction();
             throw new ApplicationManagementException("Error occured while getting/updating APPM DB.", e);
         } catch (TransactionManagementException e) {
-            ConnectionManagerUtil.rollbackDBTransaction();
             throw new ApplicationManagementException(
                     "Error occured while starting the transaction to update application release artifact of the application, appid: "
                             + appId + " and uuid " + uuid + ".", e);
@@ -1013,12 +985,7 @@ public class ApplicationManagerImpl implements ApplicationManager {
             throw new ApplicationManagementException("Error occured while updating application artifact.", e);
         } catch (DeviceManagementException e) {
             throw new ApplicationManagementException("Error occured while getting supported device types in IoTS", e);
-        } catch (NotFoundException e) {
+        }  catch (DBConnectionException e) {
-            ConnectionManagerUtil.rollbackDBTransaction();
-            throw new ApplicationManagementException(
-                    "Couldn't find application/application elease for appid: " + appId + " and uuid " + uuid + ".", e);
-        } catch (DBConnectionException e) {
-            ConnectionManagerUtil.rollbackDBTransaction();
             throw new ApplicationManagementException(
                     "Error occured when getting DB connection to update application release artifact of the application, appid: "
                             + appId + " and uuid " + uuid + ".", e);
@@ -1026,18 +993,11 @@ public class ApplicationManagerImpl implements ApplicationManager {
             ConnectionManagerUtil.rollbackDBTransaction();
             throw new ApplicationManagementException("In order to update the artifact, couldn't find it in the system",
                     e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
         }
     }
 
-    @Override
-    public boolean isAcceptableAppReleaseUpdate(int appId, String appReleaseUuid)
-            throws ApplicationManagementException {
-        LifecycleState lifecycleState = getLifecycleState(appId, appReleaseUuid);
-        return AppLifecycleState.CREATED.toString().equals(lifecycleState.getCurrentState()) || AppLifecycleState
-                .IN_REVIEW.toString().equals(lifecycleState.getCurrentState()) ||
-                AppLifecycleState.REJECTED.toString().equals(lifecycleState.getCurrentState());
-    }
-
     /**
      * To get role restricted application list.
      *
@@ -1144,80 +1104,114 @@ public class ApplicationManagerImpl implements ApplicationManager {
             throw new ApplicationManagementException(
                     "Failed to add lifecycle state. Application Id: " + applicationId + " Application release UUID: "
                             + releaseUuid, e);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
         }
     }
 
     @Override
-    public Application updateApplication(Application application) throws ApplicationManagementException {
+    public Application updateApplication(int applicationId, Application application) throws ApplicationManagementException{
 
         int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
-        Application existingApplication = getApplicationIfAccessible(application.getId());
+        String userName = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
+        Application existingApplication;
+        boolean isExistingAppRestricted = false;
         List<String> addingRoleList;
         List<String> removingRoleList;
         List<String> addingTags;
         List<String> removingTags;
 
+        try {
+            ConnectionManagerUtil.beginDBTransaction();
+            existingApplication = this.applicationDAO.getApplicationById(applicationId, tenantId);
+            if (existingApplication == null) {
+                ConnectionManagerUtil.rollbackDBTransaction();
+                throw new NotFoundException("Tried to update Application which is not in the publisher, " +
+                        "Please verify application details");
+            }
+            if (!existingApplication.getUnrestrictedRoles().isEmpty()){
+                isExistingAppRestricted = true;
+            }
 
-        if (existingApplication == null) {
+            //todo check whether user is application owner
-            throw new NotFoundException("Tried to update Application which is not in the publisher, " +
+            if (!isAdminUser(userName, tenantId, CarbonConstants.UI_ADMIN_PERMISSION_COLLECTION) && !(
-                                                "Please verify application details");
+                    isExistingAppRestricted && isRoleExists(existingApplication.getUnrestrictedRoles(), userName))) {
-        }
+                ConnectionManagerUtil.rollbackDBTransaction();
-        if (!existingApplication.getType().equals(application.getType())) {
+                throw new ForbiddenException("You are not authorized user to update application");
-            throw new ApplicationManagementException("You are trying to change the application type and it is not " +
-                                                             "possible after you create an application. Therefore " +
-                                                             "please remove this application and publish " +
-                                                             "new application with type: " + application.getType());
-        }
-        if (!existingApplication.getSubType().equals(application.getSubType())) {
-            if (ApplicationSubscriptionType.PAID.toString().equals(existingApplication.getSubType()) && (
-                    !"".equals(application.getPaymentCurrency()) || application.getPaymentCurrency() != null)) {
-                throw new ApplicationManagementException("If you are going to change Non-Free app as Free app, "
-                        + "currency attribute in the application updating " + "payload should be null or \"\"");
-            } else if (ApplicationSubscriptionType.FREE.toString().equals(existingApplication.getSubType()) && (
-                    application.getPaymentCurrency() == null || "".equals(application.getPaymentCurrency()))) {
-                throw new ApplicationManagementException("If you are going to change Free app as Non-Free app, "
-                        + "currency attribute in the application payload " + "should not be null or \"\"");
             }
-        }
+
-        if (existingApplication.getIsRestricted() != application.getIsRestricted()) {
+            if (!existingApplication.getType().equals(application.getType())) {
-            if (!existingApplication.getIsRestricted() && existingApplication.getUnrestrictedRoles() == null) {
+                ConnectionManagerUtil.rollbackDBTransaction();
-                if (application.getUnrestrictedRoles() == null || application.getUnrestrictedRoles().isEmpty()) {
+                throw new ApplicationManagementException("You are trying to change the application type and it is not "
-                    throw new ApplicationManagementException("If you are going to add role restriction for non role "
+                        + "possible after you create an application. Therefore please remove this application and "
-                            + "restricted Application, Unrestricted role list " + "won't be empty or null");
+                        + "publish new application with type: " + application.getType());
-                }
+            }
-                visibilityDAO.addUnrestrictedRoles(application.getUnrestrictedRoles(), application.getId(), tenantId);
+            if (!existingApplication.getSubType().equals(application.getSubType())) {
-            } else if (existingApplication.getIsRestricted() && existingApplication.getUnrestrictedRoles() != null) {
+                if (ApplicationSubscriptionType.PAID.toString().equals(existingApplication.getSubType()) && (
-                if (application.getUnrestrictedRoles() != null && !application.getUnrestrictedRoles().isEmpty()) {
+                        !"".equals(application.getPaymentCurrency()) || application.getPaymentCurrency() != null)) {
-                    throw new ApplicationManagementException("If you are going to remove role restriction from role "
+                    ConnectionManagerUtil.rollbackDBTransaction();
-                            + "restricted Application, Unrestricted role list should be empty or null");
+                    throw new ApplicationManagementException("If you are going to change Non-Free app as Free app, "
+                            + "currency attribute in the application updating payload should be null or \"\"");
+                } else if (ApplicationSubscriptionType.FREE.toString().equals(existingApplication.getSubType()) && (
+                        application.getPaymentCurrency() == null || "".equals(application.getPaymentCurrency()))) {
+                    ConnectionManagerUtil.rollbackDBTransaction();
+                    throw new ApplicationManagementException("If you are going to change Free app as Non-Free app, "
+                            + "currency attribute in the application payload should not be null or \"\"");
                 }
+            }
+            if (isExistingAppRestricted && application.getUnrestrictedRoles().isEmpty()) {
                 visibilityDAO.deleteUnrestrictedRoles(existingApplication.getUnrestrictedRoles(), application.getId(),
                         tenantId);
+            } else if(!isExistingAppRestricted && !application.getUnrestrictedRoles().isEmpty()){
+                visibilityDAO.addUnrestrictedRoles(application.getUnrestrictedRoles(), application.getId(), tenantId);
+            } else if ( isExistingAppRestricted && !application.getUnrestrictedRoles().isEmpty()) {
+                addingRoleList = getDifference(application.getUnrestrictedRoles(),
+                        existingApplication.getUnrestrictedRoles());
+                removingRoleList = getDifference(existingApplication.getUnrestrictedRoles(),
+                        application.getUnrestrictedRoles());
+                if (!addingRoleList.isEmpty()) {
+                    visibilityDAO.addUnrestrictedRoles(addingRoleList, application.getId(), tenantId);
+                }
+                if (!removingRoleList.isEmpty()) {
+                    visibilityDAO.deleteUnrestrictedRoles(removingRoleList, application.getId(), tenantId);
+                }
             }
-        } else if (existingApplication.getIsRestricted() == application.getIsRestricted()
-                && existingApplication.getIsRestricted()) {
-            addingRoleList = getDifference(application.getUnrestrictedRoles(),
-                    existingApplication.getUnrestrictedRoles());
-            removingRoleList = getDifference(existingApplication.getUnrestrictedRoles(),
-                    application.getUnrestrictedRoles());
-            if (!addingRoleList.isEmpty()) {
-                visibilityDAO.addUnrestrictedRoles(addingRoleList, application.getId(), tenantId);
 
+            addingTags = getDifference(existingApplication.getTags(), application.getTags());
+            removingTags = getDifference(application.getTags(), existingApplication.getTags());
+            if (!addingTags.isEmpty()) {
+                applicationDAO.addTags(addingTags, application.getId(), tenantId);
             }
-            if (!removingRoleList.isEmpty()) {
+            if (!removingTags.isEmpty()) {
-                visibilityDAO.deleteUnrestrictedRoles(removingRoleList, application.getId(), tenantId);
+                applicationDAO.deleteTags(removingTags, application.getId(), tenantId);
             }
+            return applicationDAO.editApplication(application, tenantId);
+        } catch (UserStoreException  e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            throw new ApplicationManagementException(
+                    "Error occurred while checking whether logged in user is ADMIN or not when updating application of application id: "
+                            + applicationId);
+        } catch (ApplicationManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            throw new ApplicationManagementException(
+                    "Error occurred while updating the application, application id: " + applicationId);
         }
-        addingTags = getDifference(existingApplication.getTags(), application.getTags());
+        catch (VisibilityManagementDAOException e){
-        removingTags = getDifference(application.getTags(), existingApplication.getTags());
+            ConnectionManagerUtil.rollbackDBTransaction();
-        if (!addingTags.isEmpty()) {
+            throw new ApplicationManagementException(
-            applicationDAO.addTags(addingTags, application.getId(), tenantId);
+                    "Error occurred while updating the visibility restriction of the application. Application id  is "
-        }
+                            + applicationId);
-        if (!removingTags.isEmpty()) {
+        } catch (TransactionManagementException e) {
-            applicationDAO.deleteTags(removingTags, application.getId(), tenantId);
+            throw new ApplicationManagementException(
+                    "Error occurred while starting database transaction for application updating. Application id  is "
+                            + applicationId);
+        } catch (DBConnectionException e) {
+            throw new ApplicationManagementException(
+                    "Error occurred while getting database connection for application updating. Application id  is "
+                            + applicationId);
+        } finally {
+            ConnectionManagerUtil.closeDBConnection();
         }
-
-        return applicationDAO.editApplication(application, tenantId);
     }
 
     private Filter validateFilter(Filter filter) {
@@ -1260,4 +1254,135 @@ public class ApplicationManagerImpl implements ApplicationManager {
         lifecycleState.setUpdatedBy(userName);
         return lifecycleState;
     }
+
+    //todo check whether package names are same
+    @Override
+    public boolean updateRelease(int applicationId, String releaseUuid, String deviceType,  ApplicationRelease updateRelease,
+            InputStream binaryFileStram, InputStream iconFileStream, InputStream bannerFileStream,
+            List<InputStream> attachments) throws ApplicationManagementException{
+
+        int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
+        String userName = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
+        ApplicationRelease release;
+        Application app = null;
+        ApplicationStorageManager applicationStorageManager = Util.getApplicationStorageManager();
+        DeviceType deviceTypeObj;
+        boolean isAdminUser;
+
+        try {
+            // Getting the device type details to get device type ID for internal mappings
+            deviceTypeObj = Util.getDeviceManagementService().getDeviceType(deviceType);
+            isAdminUser = isAdminUser(userName, tenantId, CarbonConstants.UI_ADMIN_PERMISSION_COLLECTION);
+
+            ConnectionManagerUtil.beginDBTransaction();
+            app = this.applicationDAO.getApplicationById(applicationId, tenantId);
+            release = this.applicationReleaseDAO.getReleaseByIds(applicationId, releaseUuid, tenantId);
+
+            if (app == null) {
+                ConnectionManagerUtil.rollbackDBTransaction();
+                throw new NotFoundException(
+                        "Couldn't found an application for updating. Application id: " + applicationId);
+            }
+
+            if (deviceTypeObj == null || deviceTypeObj.getId() != app.getDeviceTypeId()) {
+                ConnectionManagerUtil.rollbackDBTransaction();
+                throw new BadRequestException(
+                        "Request to update application release for Invalid device type. Device type: " + deviceType
+                                + " application ID " + applicationId + " Application Release UUID " + releaseUuid);
+            }
+            if (release == null) {
+                ConnectionManagerUtil.rollbackDBTransaction();
+                throw new NotFoundException(
+                        "Couldn't found an application realise for updating. Application id: " + applicationId
+                                + " and application release UUID: " + releaseUuid);
+            }
+
+            String releaseType = updateRelease.getReleaseType();
+            Double price = updateRelease.getPrice();
+            int isSharedWithTenants = updateRelease.getIsSharedWithAllTenants();
+            String metaData = updateRelease.getMetaData();
+
+            if (price < 0.0 || (price == 0.0 && ApplicationSubscriptionType.PAID.toString().equals(app.getSubType()))
+                    || (price > 0.0 && ApplicationSubscriptionType.FREE.toString().equals(app.getSubType()))) {
+                ConnectionManagerUtil.rollbackDBTransaction();
+                throw new BadRequestException(
+                        "Invalid app release payload for updating application release. Application price is " + price
+                                + " for " + app.getSubType() + " application. Application ID: " + applicationId
+                                + ", Application Release UUID " + releaseUuid + " and supported device type is "
+                                + deviceType);
+            }
+            release.setPrice(price);
+            if (releaseType != null) {
+                release.setReleaseType(releaseType);
+            }
+            //todo change this when isShared with field change to boolean
+            if (isSharedWithTenants == 0 || isSharedWithTenants == 1) {
+                release.setIsSharedWithAllTenants(isSharedWithTenants);
+            }
+            if (metaData != null) {
+                release.setMetaData(metaData);
+            }
+
+            List<String> unrestrictedRoles = app.getUnrestrictedRoles();
+
+            String applicationReleaseCreatedUser = lifecycleStateDAO
+                    .getAppReleaseCreatedUsername(applicationId, releaseUuid, tenantId);
+
+            if (!isAdminUser && !(!unrestrictedRoles.isEmpty() && isRoleExists(unrestrictedRoles, userName))
+                    && !userName.equals(applicationReleaseCreatedUser)) {
+                ConnectionManagerUtil.rollbackDBTransaction();
+                throw new ForbiddenException("You are not authorized user to update application");
+            }
+
+            //todo try to remove this DB call and get it when getting application release
+            LifecycleState lifecycleState = this.lifecycleStateDAO.getLatestLifeCycleState(applicationId, releaseUuid);
+            if (!AppLifecycleState.CREATED.toString().equals(lifecycleState.getCurrentState())
+                    && !AppLifecycleState.IN_REVIEW.toString().equals(lifecycleState.getCurrentState())
+                    && !AppLifecycleState.REJECTED.toString().equals(lifecycleState.getCurrentState())) {
+                ConnectionManagerUtil.rollbackDBTransaction();
+                throw new ForbiddenException(
+                        "You can't update application release which is in " + lifecycleState.getCurrentState()
+                                + " State");
+            }
+
+            release = applicationStorageManager
+                    .updateImageArtifacts(release, iconFileStream, bannerFileStream, attachments);
+            release = applicationStorageManager
+                    .updateReleaseArtifacts(release, app.getType(), deviceType, binaryFileStram);
+            return applicationReleaseDAO.updateRelease(applicationId, release, tenantId) != null;
+        } catch (DeviceManagementException e) {
+            throw new ApplicationManagementException("Error occured when validating the device type " + deviceType, e);
+        } catch (UserStoreException e) {
+            throw new ApplicationManagementException(
+                    "Error occured while verifying whether user is admin user or not. Username " + userName
+                            + " tenant id " + tenantId, e);
+        } catch (LifeCycleManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            throw new ApplicationManagementException(
+                    "Error Occured when getting lifecycle state of the application release of application UUID: "
+                            + releaseUuid, e);
+        } catch (ApplicationManagementDAOException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            throw new ApplicationManagementException(
+                    "Error occured when updating Application release. Application ID " + applicationId
+                            + " Application Release UUID: " + releaseUuid, e);
+        } catch (ApplicationStorageManagementException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            throw new ApplicationManagementException(
+                    "Error occured when updating application release artifact. Application ID " + applicationId
+                            + " Application release UUID: " + releaseUuid, e);
+        } catch (ResourceManagementException e) {
+            //            updating images
+            ConnectionManagerUtil.rollbackDBTransaction();
+            throw new ApplicationManagementException(
+                    "Error occured when updating image artifact of the application release. Application ID: "
+                            + applicationId + " Application release UUID: " + releaseUuid, e);
+        } catch (RequestValidatingException e) {
+            ConnectionManagerUtil.rollbackDBTransaction();
+            throw new ApplicationManagementException(
+                    "Error occured when validating application release artifact for device type " + deviceType
+                            + " And application type " + app.getType() + ". Applicationn ID: " + applicationId
+                            + " Application release UUID: " + releaseUuid);
+        }
+    }
 }

components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/ApplicationManagementAPI.java

@@ -206,6 +206,7 @@ public interface ApplicationManagementAPI {
     );
 
     @PUT
+    @Path("/{appId}")
     @Produces(MediaType.APPLICATION_JSON)
     @Consumes(MediaType.APPLICATION_JSON)
     @ApiOperation(
@@ -237,6 +238,11 @@ public interface ApplicationManagementAPI {
                             response = ErrorResponse.class)
             })
     Response updateApplication(
+            @ApiParam(
+                    name = "appId",
+                    value = "application Id",
+                    required = true)
+            @PathParam("appId") int appId,
             @ApiParam(
                     name = "application",
                     value = "The application that need to be edited.",
@@ -544,7 +550,7 @@ public interface ApplicationManagementAPI {
     );
 
     @PUT
-    @Path("/{appId}/{uuid}")
+    @Path("/{deviceType}/{appId}/{uuid}")
     @Produces(MediaType.APPLICATION_JSON)
     @Consumes(MediaType.MULTIPART_FORM_DATA)
     @ApiOperation(
@@ -576,13 +582,22 @@ public interface ApplicationManagementAPI {
                             response = ErrorResponse.class)
             })
     Response updateApplicationRelease(
-            @ApiParam(name = "appId", value = "Identifier of the Application", required = true) @PathParam("appId") int applicationId,
+            @ApiParam(name = "deviceType", value = "Supported device type of the application", required = true)
-            @ApiParam(name = "UUID", value = "Unique identifier of the Application Release", required = true) @PathParam("uuid") String applicationUUID,
+            @PathParam("deviceType") String deviceType,
+            @ApiParam(name = "appId", value = "Identifier of the Application", required = true)
+            @PathParam("appId") int applicationId,
+            @ApiParam(name = "UUID", value = "Unique identifier of the Application Release", required = true)
+            @PathParam("uuid") String applicationUUID,
             @Multipart(value = "applicationRelease", required = false, type = "application/json") ApplicationRelease applicationRelease,
             @Multipart(value = "binaryFile", required = false) Attachment binaryFile,
             @Multipart(value = "icon", required = false) Attachment iconFile,
             @Multipart(value = "banner", required = false) Attachment bannerFile,
-            @Multipart(value = "screenshot", required = false) List<Attachment> attachmentList);
+            @ApiParam(name = "screenshot1", value = "Screen Shots of the uploading application", required = true)
+            @Multipart(value = "screenshot1") Attachment screenshot1,
+            @ApiParam(name = "screenshot2", value = "Screen Shots of the uploading application")
+            @Multipart(value = "screenshot2") Attachment screenshot2,
+            @ApiParam(name = "screenshot3", value = "Screen Shots of the uploading application")
+            @Multipart(value = "screenshot3") Attachment screenshot3);
 
     @GET
     @Path("/lifecycle/{appId}/{uuid}")

components/application-mgt/org.wso2.carbon.device.application.mgt.publisher.api/src/main/java/org/wso2/carbon/device/application/mgt/publisher/api/services/impl/ApplicationManagementAPIImpl.java

@@ -25,6 +25,7 @@ import org.apache.cxf.jaxrs.ext.multipart.Multipart;
 import org.wso2.carbon.device.application.mgt.common.*;
 import org.wso2.carbon.device.application.mgt.common.exception.ApplicationStorageManagementException;
 import org.wso2.carbon.device.application.mgt.common.exception.RequestValidatingException;
+import org.wso2.carbon.device.application.mgt.core.exception.BadRequestException;
 import org.wso2.carbon.device.application.mgt.core.exception.ForbiddenException;
 import org.wso2.carbon.device.application.mgt.core.exception.ValidationException;
 import org.wso2.carbon.device.application.mgt.core.util.APIUtil;
@@ -34,7 +35,6 @@ import org.wso2.carbon.device.application.mgt.common.exception.ResourceManagemen
 import org.wso2.carbon.device.application.mgt.common.services.ApplicationManager;
 import org.wso2.carbon.device.application.mgt.common.services.ApplicationStorageManager;
 import org.wso2.carbon.device.application.mgt.core.exception.NotFoundException;
-import org.wso2.carbon.device.mgt.common.DeviceManagementException;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -396,7 +396,7 @@ public class ApplicationManagementAPIImpl implements ApplicationManagementAPI {
                         + ", therefore you don't have application release artifact to update for application release UUID: "
                         + applicationReleaseUuid).build();
             }
-            APIUtil.getApplicationManager().updateApplicationArtifact(applicationId, appType, applicationReleaseUuid,
+            APIUtil.getApplicationManager().updateApplicationArtifact(applicationId, deviceType, applicationReleaseUuid,
                     binaryFile.getDataHandler().getInputStream());
             return Response.status(Response.Status.OK)
                     .entity("Successfully uploaded artifacts for the application release. UUID is "
@@ -405,7 +405,7 @@ public class ApplicationManagementAPIImpl implements ApplicationManagementAPI {
             String msg = "Error occurred while trying to read icon, banner files for the application release"
                     + applicationReleaseUuid;
             log.error(msg);
-            return APIUtil.getResponse(new ApplicationManagementException(msg, e), Response.Status.BAD_REQUEST);
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
         } catch (NotFoundException e) {
             log.error(e.getMessage(), e);
             return Response.status(Response.Status.NOT_FOUND).entity(e.getMessage()).build();
@@ -415,92 +415,104 @@ public class ApplicationManagementAPIImpl implements ApplicationManagementAPI {
         } catch (ApplicationManagementException e) {
             log.error("Error occurred while updating the image artifacts of the application with the uuid "
                     + applicationReleaseUuid, e);
-            return APIUtil.getResponse(e, Response.Status.INTERNAL_SERVER_ERROR);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
         }
     }
 
 
     @PUT
     @Consumes("application/json")
-    public Response updateApplication(@Valid Application application) {
+    @Path("/{appId}")
+    public Response updateApplication(
+            @PathParam("appId") int applicationId,
+            @Valid Application application) {
         ApplicationManager applicationManager = APIUtil.getApplicationManager();
         try {
-            application = applicationManager.updateApplication(application);
+            application = applicationManager.updateApplication(applicationId, application);
         } catch (NotFoundException e) {
-            return APIUtil.getResponse(e, Response.Status.NOT_FOUND);
+            log.error(e.getMessage());
+            return Response.status(Response.Status.NOT_FOUND).entity(e.getMessage()).build();
+        } catch (ForbiddenException e) {
+            log.error(e.getMessage());
+            return Response.status(Response.Status.FORBIDDEN).entity(e.getMessage()).build();
         } catch (ApplicationManagementException e) {
             String msg = "Error occurred while modifying the application";
             log.error(msg, e);
-            return APIUtil.getResponse(e, Response.Status.BAD_REQUEST);
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
         }
         return Response.status(Response.Status.OK).entity(application).build();
     }
 
     @Override
     @PUT
-    @Path("/{appId}/{uuid}")
+    @Path("/{deviceType}/{appId}/{uuid}")
     public Response updateApplicationRelease(
+            @PathParam("deviceType") String deviceType,
             @PathParam("appId") int applicationId,
             @PathParam("uuid") String applicationUUID,
             @Multipart("applicationRelease") ApplicationRelease applicationRelease,
             @Multipart("binaryFile") Attachment binaryFile,
             @Multipart("icon") Attachment iconFile,
             @Multipart("banner") Attachment bannerFile,
-            @Multipart("screenshot") List<Attachment> attachmentList) {
+            @Multipart("screenshot1") Attachment screenshot1,
+            @Multipart("screenshot2") Attachment screenshot2,
+            @Multipart("screenshot3") Attachment screenshot3) {
         ApplicationManager applicationManager = APIUtil.getApplicationManager();
-        ApplicationStorageManager applicationStorageManager = APIUtil.getApplicationStorageManager();
+        InputStream iconFileStream;
-        InputStream iconFileStream = null;
+        InputStream bannerFileStream;
-        InputStream bannerFileStream = null;
+        InputStream binaryFileStram;
         List<InputStream> attachments = new ArrayList<>();
+        List<Attachment> attachmentList = new ArrayList<>();
+        if (screenshot1 != null){
+            attachmentList.add(screenshot1);
+        }
+        if (screenshot2 != null) {
+            attachmentList.add(screenshot2);
+        }
+        if (screenshot3 != null) {
+            attachmentList.add(screenshot3);
+        }
+        if (iconFile == null || bannerFile == null || binaryFile == null || attachmentList.isEmpty()){
+            String msg = "Invalid data is received for application release updating. application id: " + applicationId
+                    + " and application release UUID: " + applicationUUID;
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
+        }
 
         try {
-            Application application = applicationManager.getApplicationIfAccessible(applicationId);
+            binaryFileStram = binaryFile.getDataHandler().getInputStream();
-
+            iconFileStream = iconFile.getDataHandler().getInputStream();
-            if (!applicationManager.isAcceptableAppReleaseUpdate(application.getId(), applicationRelease.getUuid())) {
+            bannerFileStream = bannerFile.getDataHandler().getInputStream();
-                String msg = "Application release is in the " + applicationRelease.getLifecycleState().getCurrentState()
+            for (Attachment screenshot : attachmentList) {
-                        + " state. Hence updating is not acceptable when application in this state";
+                attachments.add(screenshot.getDataHandler().getInputStream());
-                log.error(msg);
-                return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
-            }
-            if (binaryFile != null) {
-                applicationRelease = applicationStorageManager
-                        .updateReleaseArtifacts(applicationRelease, application.getType(), application.getDeviceType(),
-                                binaryFile.getDataHandler().getInputStream());
-            }
-            if (iconFile != null) {
-                iconFileStream = iconFile.getDataHandler().getInputStream();
-            }
-            if (bannerFile != null) {
-                bannerFileStream = bannerFile.getDataHandler().getInputStream();
             }
-            if (!attachmentList.isEmpty()) {
+            boolean status = applicationManager
-                for (Attachment screenshot : attachmentList) {
+                    .updateRelease(applicationId, applicationUUID, deviceType, applicationRelease, binaryFileStram,
-                    attachments.add(screenshot.getDataHandler().getInputStream());
+                            iconFileStream, bannerFileStream, attachments);
-                }
+            if (!status){
+                log.error("Application release updating is failed. Please contact the administrator. Application id: "
+                        + applicationId + ", Application release UUID: " + applicationUUID + ", Supported device type: "
+                        + deviceType);
+                return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(applicationRelease).build();
             }
-
+            return Response.status(Response.Status.OK).entity("Application release is successfully updated.").build();
-            //            applicationRelease = applicationStorageManager
+        } catch(BadRequestException e){
-            //                    .updateImageArtifacts(applicationRelease, iconFileStream, bannerFileStream, attachments);
+            String msg = "Invalid request to update application release for application release UUID " + applicationUUID;
-            //            applicationRelease = applicationManager.updateRelease(applicationId, applicationRelease);
+            log.error(msg, e);
-
+            return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
-            return Response.status(Response.Status.OK).entity(applicationRelease).build();
+        } catch(NotFoundException e){
-        } catch (ApplicationManagementException e) {
+            String msg = "Couldn't found application or application release for application id: " + applicationId
-            log.error("Error while updating the application release of the application with UUID " + applicationUUID);
+                    + " and application release UUID " + applicationUUID;
-            return APIUtil.getResponse(e, Response.Status.INTERNAL_SERVER_ERROR);
+            log.error(msg,e);
+            return Response.status(Response.Status.NOT_FOUND).entity(msg).build();
+        }
+        catch (ApplicationManagementException e) {
+            String msg = "Error while updating the application release of the application with UUID " + applicationUUID;
+            log.error(msg, e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
         } catch (IOException e) {
-            log.error("Error while updating the release artifacts of the application with UUID " + applicationUUID);
+            String msg = "Error while updating the release artifacts of the application with UUID " + applicationUUID;
-            return APIUtil.getResponse(new ApplicationManagementException(
+            log.error(msg, e);
-                            "Error while updating the release artifacts of the application with UUID " + applicationUUID),
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
-                    Response.Status.INTERNAL_SERVER_ERROR);
-        } catch (ResourceManagementException e) {
-            log.error("Error occurred while updating the releases artifacts of the application with the uuid "
-                    + applicationUUID + " for the release " + applicationRelease.getVersion(), e);
-            return APIUtil.getResponse(e, Response.Status.INTERNAL_SERVER_ERROR);
-        } catch (RequestValidatingException e) {
-            log.error(
-                    "Error occured while handling the application release updating request. application release UUID:  "
-                            + applicationUUID);
-            return APIUtil.getResponse(e, Response.Status.BAD_REQUEST);
         }
     }