community/device-mgt-core
1
0
Fork 0
mirror of https://repository.entgra.net/community/device-mgt-core.git synced 2025-10-06 02:01:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

merged with origin

Browse Source
This commit is contained in:
ayyoob 2016-08-12 10:52:56 +05:30
commit 058f9e4cfa
271 changed files with 8615 additions and 4968 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Permission.java → components/apimgt-extensions/org.wso2.carbon.apimgt.annotations/src/main/java/org/wso2/carbon/apimgt/annotations/api/Scope.java
View File

@ -28,18 +28,24 @@ import java.lang.annotation.Target;
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface Permission {
public @interface Scope {
/**
* Represents the scope key which should be unique.
* @return Returns scope key.
*/
String key();
/**
* Represents the scope name.
* @return Returns scope name.
*/
String scope();
String name();
/**
* Represents the associated permissions.
* @return Returns list of permissions.
* Represents the scope description.
* @return Returns scope description.
*/
String[] permissions();
String description();
}

4
components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/pom.xml
View File

@ -161,6 +161,10 @@
<artifactId>org.wso2.carbon.user.api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.apimgt.annotations</artifactId>
</dependency>
</dependencies>
<build>

14
components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/ApiApplicationRegistrationService.java
View File

@ -18,20 +18,19 @@
package org.wso2.carbon.apimgt.application.extension.api;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.application.extension.api.util.RegistrationProfile;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.POST;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
/**
* This is the application registration service that exposed for apimApplicationRegistration
*/
@API(name = "API Registration Service", version = "1.0.0",
context = "api-application-registration",
tags = {"devicemgt_admin"})
public interface ApiApplicationRegistrationService {
/**
@ -40,6 +39,7 @@ public interface ApiApplicationRegistrationService {
@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@Path("register/tenants")
Response register(@PathParam("tenantDomain") String tenantDomain,
@QueryParam("applicationName") String applicationName);
@ -51,6 +51,7 @@ public interface ApiApplicationRegistrationService {
@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@Path("register")
Response register(RegistrationProfile registrationProfile);
/**
@ -59,5 +60,6 @@ public interface ApiApplicationRegistrationService {
* @return the response status of request.
*/
@DELETE
@Path("unregister")
Response unregister(@QueryParam("applicationName") String applicationName);
}

4
components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/java/org/wso2/carbon/apimgt/application/extension/api/ApiApplicationRegistrationServiceImpl.java
View File

@ -22,13 +22,13 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.simple.JSONObject;
import org.wso2.carbon.apimgt.application.extension.APIManagementProviderService;
import org.wso2.carbon.apimgt.application.extension.api.util.APIUtil;
import org.wso2.carbon.apimgt.application.extension.api.util.RegistrationProfile;
import org.wso2.carbon.apimgt.application.extension.constants.ApiApplicationConstants;
import org.wso2.carbon.apimgt.application.extension.dto.ApiApplicationKey;
import org.wso2.carbon.apimgt.application.extension.exception.APIManagerException;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.apimgt.application.extension.api.util.APIUtil;
import org.wso2.carbon.user.api.UserStoreException;
import javax.ws.rs.DELETE;
@ -46,7 +46,7 @@ public class ApiApplicationRegistrationServiceImpl implements ApiApplicationRegi
public Response register(@QueryParam("tenantDomain") String tenantDomain,
@QueryParam("applicationName") String applicationName) {
String authenticatedTenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
if (!authenticatedTenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(authenticatedTenantDomain)) {
return Response.status(Response.Status.NOT_ACCEPTABLE).build();
}
try {

6
components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension.api/src/main/webapp/WEB-INF/web.xml
View File

@ -47,7 +47,11 @@
<!--publish to apim-->
<context-param>
<param-name>managed-api-enabled</param-name>
<param-value>false</param-value>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>managed-api-owner</param-name>
<param-value>admin</param-value>
</context-param>
<filter>

11
components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/APIManagementProviderServiceImpl.java
View File

@ -23,12 +23,7 @@ import org.apache.commons.logging.LogFactory;
import org.json.simple.JSONObject;
import org.wso2.carbon.apimgt.api.APIConsumer;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.API;
import org.wso2.carbon.apimgt.api.model.APIIdentifier;
import org.wso2.carbon.apimgt.api.model.APIKey;
import org.wso2.carbon.apimgt.api.model.Application;
import org.wso2.carbon.apimgt.api.model.SubscribedAPI;
import org.wso2.carbon.apimgt.api.model.Subscriber;
import org.wso2.carbon.apimgt.api.model.*;
import org.wso2.carbon.apimgt.application.extension.constants.ApiApplicationConstants;
import org.wso2.carbon.apimgt.application.extension.dto.ApiApplicationKey;
import org.wso2.carbon.apimgt.application.extension.exception.APIManagerException;
@ -415,7 +410,7 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
int applicationId = createApplication(apiConsumer, apiApplicationName, username, groupId);
String tenantDomain = MultitenantUtils.getTenantDomain(username);
Set<API> userVisibleAPIs = apiConsumer.getAllPublishedAPIs(tenantDomain);
if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
userVisibleAPIs.addAll(apiConsumer.getAllPublishedAPIs(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME));
}
Subscriber subscriber = apiConsumer.getSubscriber(username);
@ -443,7 +438,7 @@ public class APIManagementProviderServiceImpl implements APIManagementProviderSe
try {
APIConsumer apiConsumer = APIManagerFactory.getInstance().getAPIConsumer(username);
loginInfoJsonObj.put("user", username);
if (tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
loginInfoJsonObj.put("isSuperTenant", true);
} else {
loginInfoJsonObj.put("isSuperTenant", false);

2
components/apimgt-extensions/org.wso2.carbon.apimgt.application.extension/src/main/java/org/wso2/carbon/apimgt/application/extension/util/APIManagerUtil.java
View File

@ -37,7 +37,7 @@ public final class APIManagerUtil {
*/
public static int getTenantId(String tenantDomain) throws APIManagerException {
try {
if (tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
return MultitenantConstants.SUPER_TENANT_ID;
}
TenantManager tenantManager = APIApplicationManagerExtensionDataHolder.getInstance().getTenantManager();

4
components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/pom.xml
View File

@ -107,6 +107,10 @@
<groupId>javax.ws.rs</groupId>
<artifactId>javax.ws.rs-api</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.common</artifactId>
</dependency>
</dependencies>

56
components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/APIPublisherUtil.java
View File

@ -18,7 +18,6 @@
package org.wso2.carbon.apimgt.webapp.publisher;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.APIManagementException;
@ -30,16 +29,20 @@ import org.wso2.carbon.apimgt.webapp.publisher.config.APIResourceConfiguration;
import org.wso2.carbon.apimgt.webapp.publisher.config.WebappPublisherConfig;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.core.util.Utils;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import javax.servlet.ServletContext;
import java.util.*;
public class APIPublisherUtil {
private static final Log log = LogFactory.getLog(APIPublisherUtil.class);
private static final String DEFAULT_API_VERSION = "1.0.0";
public static final String API_VERSION_PARAM = "{version}";
public static final String API_PUBLISH_ENVIRONMENT = "Production and Sandbox";
private static final Log log = LogFactory.getLog(APIPublisherUtil.class);
private static final String DEFAULT_API_VERSION = "1.0.0";
private static final String API_CONFIG_DEFAULT_VERSION = "1.0.0";
private static final String PARAM_MANAGED_API_ENDPOINT = "managed-api-endpoint";
private static final String PARAM_MANAGED_API_OWNER = "managed-api-owner";
@ -121,16 +124,18 @@ public class APIPublisherUtil {
if (scope != null) {
if (apiScopes.get(scope.getKey()) == null) {
apiScopes.put(scope.getKey(), scope);
} else {
existingScope = apiScopes.get(scope.getKey());
existingPermissions = existingScope.getRoles();
existingPermissions = getDistinctPermissions(existingPermissions + "," + scope.getRoles());
existingScope.setRoles(existingPermissions);
apiScopes.put(scope.getKey(), existingScope);
}
}
}
Set<Scope> scopes = new HashSet<>(apiScopes.values());
// adding existing persisted roles to the scopes
try {
setExistingRoles(scopes);
} catch (ScopeManagementException | UserStoreException e) {
throw new APIManagementException("Error occurred while retrieving roles for the existing scopes");
}
// set current scopes to API
api.setScopes(scopes);
// this has to be done because of the use of pass by reference
@ -242,7 +247,7 @@ public class APIPublisherUtil {
MultitenantConstants.SUPER_TENANT_DOMAIN_NAME;
apiConfig.setTenantDomain(tenantDomain);
String contextTemplate = context + "/" + APIConstants.VERSION_PLACEHOLDER;
if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
contextTemplate = context + "/t/" + tenantDomain + "/" + APIConstants.VERSION_PLACEHOLDER;
}
apiConfig.setContextTemplate(contextTemplate);
@ -307,9 +312,34 @@ public class APIPublisherUtil {
return apiConfig;
}
private static String getDistinctPermissions(String permissions) {
String[] unique = new HashSet<String>(Arrays.asList(permissions.split(","))).toArray(new String[0]);
return StringUtils.join(unique, ",");
/**
* This method is used to set the existing roles of the given scope.
*
* @param scopes List of scopes.
* @throws ScopeManagementException
*/
private static void setExistingRoles(Set<Scope> scopes) throws ScopeManagementException, UserStoreException {
String scopeKey;
String roles;
ScopeManagementService scopeManagementService = WebappPublisherUtil.getScopeManagementService();
UserRealm userRealm = WebappPublisherUtil.getUserRealm();
if (scopeManagementService == null) {
throw new ScopeManagementException("Error occurred while initializing scope management service");
} else if (userRealm == null) {
throw new UserStoreException("Error occurred while initializing realm service");
} else {
String adminRole = userRealm.getRealmConfiguration().getAdminRoleName();
for (Scope scope : scopes) {
scopeKey = scope.getKey();
roles = scopeManagementService.getRolesOfScope(scopeKey);
if (roles == null) {
roles = adminRole;
}
scope.setRoles(roles);
}
}
}
}

41
components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/WebappPublisherUtil.java
View File

@ -18,7 +18,16 @@
package org.wso2.carbon.apimgt.webapp.publisher;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Document;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.user.core.service.RealmService;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
@ -31,6 +40,10 @@ import java.io.File;
*/
public class WebappPublisherUtil {
private static Log log = LogFactory.getLog(WebappPublisherUtil.class);
private static final int CARBON_SUPER = -1234;
public static Document convertToDocument(File file) throws WebappPublisherConfigurationFailedException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
@ -44,4 +57,32 @@ public class WebappPublisherUtil {
}
}
public static ScopeManagementService getScopeManagementService() {
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
ScopeManagementService scopeManagementService =
(ScopeManagementService) ctx.getOSGiService(ScopeManagementService.class, null);
if (scopeManagementService == null) {
String msg = "Scope Management Service has not been initialized.";
log.error(msg);
throw new IllegalStateException(msg);
}
return scopeManagementService;
}
/**
* Getting the current tenant's user realm
*/
public static UserRealm getUserRealm() throws UserStoreException {
RealmService realmService;
UserRealm realm;
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
realmService = (RealmService) ctx.getOSGiService(RealmService.class, null);
if (realmService == null) {
throw new IllegalStateException("Realm service not initialized");
}
realm = realmService.getTenantUserRealm(CARBON_SUPER);
return realm;
}
}

60
components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/config/PermissionManagementException.java
View File

@ -1,60 +0,0 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.config;
/**
* Custom exception class of Permission related operations.
*/
public class PermissionManagementException extends Exception {
private static final long serialVersionUID = -3151279311929070298L;
private String errorMessage;
public String getErrorMessage() {
return errorMessage;
}
public void setErrorMessage(String errorMessage) {
this.errorMessage = errorMessage;
}
public PermissionManagementException(String msg, Exception nestedEx) {
super(msg, nestedEx);
setErrorMessage(msg);
}
public PermissionManagementException(String message, Throwable cause) {
super(message, cause);
setErrorMessage(message);
}
public PermissionManagementException(String msg) {
super(msg);
setErrorMessage(msg);
}
public PermissionManagementException() {
super();
}
public PermissionManagementException(Throwable cause) {
super(cause);
}
}

68
components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/AnnotationProcessor.java
View File

@ -19,20 +19,13 @@
package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util;
import org.apache.catalina.core.StandardContext;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.scannotation.AnnotationDB;
import org.scannotation.WarUrlFinder;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.api.model.Scope;
import org.wso2.carbon.apimgt.webapp.publisher.APIPublisherUtil;
import org.wso2.carbon.apimgt.webapp.publisher.config.APIResource;
import org.wso2.carbon.apimgt.webapp.publisher.config.APIResourceConfiguration;
import org.wso2.carbon.apimgt.webapp.publisher.config.PermissionConfiguration;
import org.wso2.carbon.apimgt.webapp.publisher.config.PermissionManagementException;
import javax.servlet.ServletContext;
import javax.ws.rs.*;
@ -61,22 +54,18 @@ public class AnnotationProcessor {
private static final String WILD_CARD = "/*";
private static final String AUTH_TYPE = "Any";
private static final String PROTOCOL_HTTP = "http";
private static final String SERVER_HOST = "carbon.local.ip";
private static final String HTTP_PORT = "httpPort";
private static final String STRING_ARR = "string_arr";
private static final String STRING = "string";
Class<API> apiClazz;
private StandardContext context;
private Method[] pathClazzMethods;
private Class<Path> pathClazz;
Class<API> apiClazz;
private ClassLoader classLoader;
private ServletContext servletContext;
public AnnotationProcessor(final StandardContext context) {
this.context = context;
servletContext = context.getServletContext();
classLoader = servletContext.getClassLoader();
}
@ -142,7 +131,7 @@ public class AnnotationProcessor {
pathClazzMethods = pathClazz.getMethods();
Annotation rootContectAnno = clazz.getAnnotation(pathClazz);
String subContext = "";
String subContext;
if (rootContectAnno != null) {
subContext = invokeMethod(pathClazzMethods[0], rootContectAnno, STRING);
if (subContext != null && !subContext.isEmpty()) {
@ -151,8 +140,6 @@ public class AnnotationProcessor {
} else {
rootContext = rootContext + "/" + subContext;
}
} else {
subContext = "";
}
if (log.isDebugEnabled()) {
log.debug("API Root Context = " + rootContext);
@ -167,7 +154,7 @@ public class AnnotationProcessor {
}
}
} catch (ClassNotFoundException e) {
log.error("Error when passing the api annotation for device type apis.");
log.error("Error when passing the api annotation for device type apis.", e);
}
return apiResourceConfig;
}
@ -252,15 +239,9 @@ public class AnnotationProcessor {
Annotation producesAnno = method.getAnnotation(producesClass);
resource.setProduces(invokeMethod(producesClassMethods[0], producesAnno, STRING_ARR));
}
if (annotations[i].annotationType().getName().equals(Permission.class.getName())) {
PermissionConfiguration permissionConf = this.getPermission(method);
if (permissionConf != null) {
Scope scope = new Scope();
scope.setKey(permissionConf.getScopeName());
scope.setDescription(permissionConf.getScopeName());
scope.setName(permissionConf.getScopeName());
String roles = StringUtils.join(permissionConf.getPermissions(), ",");
scope.setRoles(roles);
if (annotations[i].annotationType().getName().equals(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName())) {
org.wso2.carbon.apimgt.api.model.Scope scope = this.getScope(method);
if (scope != null) {
resource.setScope(scope);
}
}
@ -319,7 +300,7 @@ public class AnnotationProcessor {
* @return
*/
private String makeContextURLReady(String context) {
if (context != null && !context.equalsIgnoreCase("")) {
if (context != null && context.length() > 0) {
if (context.startsWith("/")) {
return context;
} else {
@ -358,35 +339,32 @@ public class AnnotationProcessor {
return ((String[]) methodHandler.invoke(annotation, method, null));
}
private PermissionConfiguration getPermission(Method currentMethod) throws Throwable {
Class<Permission> permissionClass = (Class<Permission>) classLoader.loadClass(Permission.class.getName());
Annotation permissionAnnotation = currentMethod.getAnnotation(permissionClass);
if (permissionClass != null) {
Method[] permissionClassMethods = permissionClass.getMethods();
PermissionConfiguration permissionConf = new PermissionConfiguration();
private org.wso2.carbon.apimgt.api.model.Scope getScope(Method currentMethod) throws Throwable {
Class<org.wso2.carbon.apimgt.annotations.api.Scope> scopeClass =
(Class<org.wso2.carbon.apimgt.annotations.api.Scope>) classLoader.
loadClass(org.wso2.carbon.apimgt.annotations.api.Scope.class.getName());
Annotation permissionAnnotation = currentMethod.getAnnotation(scopeClass);
if (scopeClass != null) {
Method[] permissionClassMethods = scopeClass.getMethods();
org.wso2.carbon.apimgt.api.model.Scope scope = new org.wso2.carbon.apimgt.api.model.Scope();
for (Method method : permissionClassMethods) {
switch (method.getName()) {
case "scope":
permissionConf.setScopeName(invokeMethod(method, permissionAnnotation, STRING));
case "key":
scope.setKey(invokeMethod(method, permissionAnnotation, STRING));
break;
case "permissions":
String permissions[] = invokeMethod(method, permissionAnnotation);
this.addPermission(permissions);
permissionConf.setPermissions(permissions);
case "name":
scope.setName(invokeMethod(method, permissionAnnotation, STRING));
break;
case "description":
scope.setDescription(invokeMethod(method, permissionAnnotation, STRING));
break;
}
}
return permissionConf;
return scope;
}
return null;
}
private void addPermission(String[] permissions) throws PermissionManagementException {
for (String permission : permissions) {
PermissionUtils.addPermission(permission);
}
}
/**
* Find the URL pointing to "/WEB-INF/classes" This method may not work in conjunction with IteratorFactory
* if your servlet container does not extract the /WEB-INF/classes into a real file-based directory

1
components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/ExtendedIteratorFactory.java
View File

@ -15,6 +15,7 @@
*/
package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util;
import org.scannotation.archiveiterator.DirectoryIteratorFactory;
import org.scannotation.archiveiterator.Filter;
import org.scannotation.archiveiterator.JarIterator;

91
components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/lifecycle/util/PermissionUtils.java
View File

@ -1,91 +0,0 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.lifecycle.util;
import org.wso2.carbon.apimgt.webapp.publisher.config.PermissionManagementException;
import org.wso2.carbon.apimgt.webapp.publisher.internal.APIPublisherDataHolder;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.registry.api.RegistryException;
import org.wso2.carbon.registry.api.Resource;
import org.wso2.carbon.registry.core.Registry;
import java.util.StringTokenizer;
/**
* Utility class which holds necessary utility methods required for persisting permissions in
* registry.
*/
public class PermissionUtils {
public static final String ADMIN_PERMISSION_REGISTRY_PATH = "/permission/admin";
public static final String PERMISSION_PROPERTY_NAME = "name";
public static Registry getGovernanceRegistry() throws PermissionManagementException {
try {
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
return APIPublisherDataHolder.getInstance().getRegistryService()
.getGovernanceSystemRegistry(
tenantId);
} catch (RegistryException e) {
throw new PermissionManagementException(
"Error in retrieving governance registry instance: " +
e.getMessage(), e);
}
}
public static void addPermission(String permission) throws PermissionManagementException {
String resourcePermission = getAbsolutePermissionPath(permission);
try {
StringTokenizer tokenizer = new StringTokenizer(resourcePermission, "/");
String lastToken = "", currentToken, tempPath;
while (tokenizer.hasMoreTokens()) {
currentToken = tokenizer.nextToken();
tempPath = lastToken + "/" + currentToken;
if (!checkResourceExists(tempPath)) {
createRegistryCollection(tempPath, currentToken);
}
lastToken = tempPath;
}
} catch (RegistryException e) {
throw new PermissionManagementException("Error occurred while persisting permission : " +
resourcePermission, e);
}
}
public static void createRegistryCollection(String path, String resourceName)
throws PermissionManagementException,
RegistryException {
Resource resource = PermissionUtils.getGovernanceRegistry().newCollection();
resource.addProperty(PERMISSION_PROPERTY_NAME, resourceName);
PermissionUtils.getGovernanceRegistry().beginTransaction();
PermissionUtils.getGovernanceRegistry().put(path, resource);
PermissionUtils.getGovernanceRegistry().commitTransaction();
}
public static boolean checkResourceExists(String path)
throws PermissionManagementException,
org.wso2.carbon.registry.core.exceptions.RegistryException {
return PermissionUtils.getGovernanceRegistry().resourceExists(path);
}
private static String getAbsolutePermissionPath(String permissionPath) {
return PermissionUtils.ADMIN_PERMISSION_REGISTRY_PATH + permissionPath;
}
}

22
components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/pom.xml
View File

@ -76,7 +76,7 @@
<tasks>
<copy todir="${basedir}/../../../repository/deployment/server/webapps" overwrite="true">
<fileset dir="${basedir}/target">
<include name="api#scep-mgt#v1.0.war" />
<include name="api-scep-mgt-v1.0.war"/>
</fileset>
</copy>
</tasks>
@ -148,26 +148,6 @@
<artifactId>org.wso2.carbon.logging</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.common</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.core</artifactId>
<scope>provided</scope>
<exclusions>
<exclusion>
<groupId>org.apache.axis2.wso2</groupId>
<artifactId>axis2-client</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.neethi.wso2</groupId>
<artifactId>neethi</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.certificate.mgt.core</artifactId>

4
components/certificate-mgt/org.wso2.carbon.certificate.mgt.api/src/main/java/org/wso2/carbon/certificate/mgt/jaxrs/api/CertificateMgtService.java
View File

@ -4,7 +4,7 @@ import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.certificate.mgt.jaxrs.beans.ErrorResponse;
import javax.ws.rs.*;
@ -46,7 +46,7 @@ public interface CertificateMgtService {
message = "Internal Server Error. \n Error occurred while retrieving signed certificate.",
response = ErrorResponse.class)
})
@Permission(scope = "sign-csr", permissions = {"/permission/admin/device-mgt/scep/sign-csr"})
@Scope(key = "certificate:sign-csr", name = "Sign CSR", description = "")
Response getSignedCertFromCSR(
@ApiParam(
name = "If-Modified-Since",

22
components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/pom.xml
View File

@ -72,7 +72,7 @@
<tasks>
<copy todir="${basedir}/../../../repository/deployment/server/webapps" overwrite="true">
<fileset dir="${basedir}/target">
<include name="api#certificate-mgt#v1.0.war" />
<include name="api#certificate-mgt#v1.0.war"/>
</fileset>
</copy>
</tasks>
@ -144,26 +144,6 @@
<artifactId>org.wso2.carbon.logging</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.common</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.device.mgt.core</artifactId>
<scope>provided</scope>
<exclusions>
<exclusion>
<groupId>org.apache.axis2.wso2</groupId>
<artifactId>axis2-client</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.neethi.wso2</groupId>
<artifactId>neethi</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.certificate.mgt.core</artifactId>

15
components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/CertificateManagementAdminService.java
View File

@ -1,7 +1,8 @@
package org.wso2.carbon.certificate.mgt.cert.jaxrs.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse;
@ -11,6 +12,10 @@ import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@API(name = "Certificate Management", version = "1.0.0",
context = "api/certificate-mgt/v1.0/admin/certificates",
tags = {"devicemgt_admin"})
@Api(value = "Certificate Management", description = "This API carries all certificate management related operations " +
"such as get all the available devices, etc.")
@Path("/admin/certificates")
@ -72,7 +77,7 @@ public interface CertificateManagementAdminService {
message = "Internal Server Error. \n Server error occurred while adding certificates.",
response = ErrorResponse.class)
})
@Permission(scope = "certificate-modify", permissions = {"/permission/admin/device-mgt/certificate/save"})
@Scope(key = "certificate:manage", name = "Add certificates", description = "")
Response addCertificate(
@ApiParam(
name = "enrollmentCertificates",
@ -130,7 +135,7 @@ public interface CertificateManagementAdminService {
"Server error occurred while retrieving information requested certificate.",
response = ErrorResponse.class)
})
@Permission(scope = "certificate-view", permissions = {"/permission/admin/device-mgt/certificate/view"})
@Scope(key = "certificate:view", name = "View certificates", description = "")
Response getCertificate(
@ApiParam(name = "serialNumber",
value = "Provide the serial number of the certificate that you wish to get the details of",
@ -202,7 +207,7 @@ public interface CertificateManagementAdminService {
"Server error occurred while retrieving all certificates enrolled in the system.",
response = ErrorResponse.class)
})
@Permission(scope = "certificate-view", permissions = {"/permission/admin/device-mgt/certificate/view"})
@Scope(key = "certificate:view", name = "View certificates", description = "")
Response getAllCertificates(
@ApiParam(
name = "offset",
@ -245,7 +250,7 @@ public interface CertificateManagementAdminService {
message = "Internal Server Error. \n " +
"Server error occurred while removing the certificate.",
response = ErrorResponse.class)})
@Permission(scope = "certificate-modify", permissions = {"/permission/admin/device-mgt/certificate/remove"})
@Scope(key = "certificate:manage", name = "Add certificates", description = "")
Response removeCertificate(
@ApiParam(
name = "serialNumber",

28
components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/impl/CertificateManagementAdminServiceImpl.java
View File

@ -6,15 +6,14 @@ import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.CertificateManagementAdmin
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.CertificateList;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.EnrollmentCertificate;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.beans.ErrorResponse;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.DeviceMgtAPIUtils;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.CertificateMgtAPIUtils;
import org.wso2.carbon.certificate.mgt.cert.jaxrs.api.util.RequestValidationUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import javax.ws.rs.*;
import javax.ws.rs.core.Response;
@ -38,7 +37,7 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
CertificateManagementService certificateService;
List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificates = new ArrayList<>();
org.wso2.carbon.certificate.mgt.core.bean.Certificate certificate;
certificateService = DeviceMgtAPIUtils.getCertificateManagementService();
certificateService = CertificateMgtAPIUtils.getCertificateManagementService();
try {
for (EnrollmentCertificate enrollmentCertificate : enrollmentCertificates) {
certificate = new org.wso2.carbon.certificate.mgt.core.bean.Certificate();
@ -70,7 +69,7 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
RequestValidationUtil.validateSerialNumber(serialNumber);
CertificateManagementService certificateService = DeviceMgtAPIUtils.getCertificateManagementService();
CertificateManagementService certificateService = CertificateMgtAPIUtils.getCertificateManagementService();
List<CertificateResponse> certificateResponse;
try {
certificateResponse = certificateService.searchCertificates(serialNumber);
@ -96,11 +95,9 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
@QueryParam("limit") int limit,
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
RequestValidationUtil.validatePaginationInfo(offset, limit);
CertificateManagementService certificateService = DeviceMgtAPIUtils.getCertificateManagementService();
PaginationRequest paginationRequest = new PaginationRequest(offset, limit);
CertificateManagementService certificateService = CertificateMgtAPIUtils.getCertificateManagementService();
try {
PaginationResult result = certificateService.getAllCertificates(paginationRequest);
PaginationResult result = certificateService.getAllCertificates(offset, limit);
CertificateList certificates = new CertificateList();
certificates.setCount(result.getRecordsTotal());
certificates.setList((List<CertificateResponse>) result.getData());
@ -118,15 +115,18 @@ public class CertificateManagementAdminServiceImpl implements CertificateManagem
public Response removeCertificate(@PathParam("serialNumber") String serialNumber) {
RequestValidationUtil.validateSerialNumber(serialNumber);
CertificateManagementService certificateService = DeviceMgtAPIUtils.getCertificateManagementService();
CertificateManagementService certificateService = CertificateMgtAPIUtils.getCertificateManagementService();
try {
boolean status = certificateService.removeCertificate(serialNumber);
if (!status) {
Response.status(Response.Status.NOT_FOUND).entity("No certificate is found with the given " +
"serial number '" + serialNumber + "'");
return Response.status(Response.Status.NOT_FOUND).entity(
"No certificate is found with the given " +
"serial number '" + serialNumber + "'").build();
} else {
return Response.status(Response.Status.OK).entity(
"Certificate that carries the serial number '" +
serialNumber + "' has been removed").build();
}
return Response.status(Response.Status.OK).entity("Certificate that carries the serial number '" +
serialNumber + "' has been removed").build();
} catch (CertificateManagementException e) {
String msg = "Error occurred while converting PEM file to X509Certificate";
log.error(msg, e);

6
components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/util/DeviceMgtAPIUtils.java → components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/java/org/wso2/carbon/certificate/mgt/cert/jaxrs/api/util/CertificateMgtAPIUtils.java
View File

@ -27,12 +27,12 @@ import org.wso2.carbon.device.mgt.core.search.mgt.SearchManagerService;
import javax.ws.rs.core.MediaType;
/**
* DMAPIUtils class provides utility function used by CDM REST-API classes.
* CertificateMgtAPIUtils class provides utility functions used by Certificate Mgt REST-API classes.
*/
public class DeviceMgtAPIUtils {
public class CertificateMgtAPIUtils {
public static final MediaType DEFAULT_CONTENT_TYPE = MediaType.APPLICATION_JSON_TYPE;
private static Log log = LogFactory.getLog(DeviceMgtAPIUtils.class);
private static Log log = LogFactory.getLog(CertificateMgtAPIUtils.class);
public static CertificateManagementService getCertificateManagementService() {

2
components/certificate-mgt/org.wso2.carbon.certificate.mgt.cert.admin.api/src/main/webapp/WEB-INF/cxf-servlet.xml
View File

@ -44,7 +44,7 @@
<property name="version" value="1.0.0"/>
<property name="host" value="localhost:9443"/>
<property name="schemes" value="https" />
<property name="basePath" value="/api/certificate-mgt/v1.0"/>
<property name="basePath" value="/api-certificate-mgt-v1.0"/>
<property name="title" value="Certificate Management Admin Service API Definitions"/>
<property name="contact" value="dev@wso2.org"/>
<property name="license" value="Apache 2.0"/>

36
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/config/CertificateConfigurationManager.java
View File

@ -34,11 +34,11 @@ import java.io.File;
*/
public class CertificateConfigurationManager {
private CertificateManagementConfig currentPolicyConfig;
private CertificateManagementConfig certificateManagementConfig;
private static CertificateConfigurationManager certificateConfigurationManager;
private final String deviceMgtConfigXMLPath = CarbonUtils.getCarbonConfigDirPath() + File.separator +
CertificateManagementConstants.DEVICE_CONFIG_XML_NAME;
private final String certMgtConfigXMLPath = CarbonUtils.getCarbonConfigDirPath() + File.separator +
CertificateManagementConstants.CERTIFICATE_CONFIG_XML_FILE;
public static CertificateConfigurationManager getInstance() {
if (certificateConfigurationManager == null) {
@ -53,24 +53,36 @@ public class CertificateConfigurationManager {
public synchronized void initConfig() throws CertificateManagementException {
try {
File deviceMgtConfig = new File(deviceMgtConfigXMLPath);
Document doc = CertificateManagerUtil.convertToDocument(deviceMgtConfig);
File certMgtConfig = new File(certMgtConfigXMLPath);
Document doc = CertificateManagerUtil.convertToDocument(certMgtConfig);
/* Un-marshaling Device Management configuration */
/* Un-marshaling Certificate Management configuration */
JAXBContext rssContext = JAXBContext.newInstance(CertificateManagementConfig.class);
Unmarshaller unmarshaller = rssContext.createUnmarshaller();
this.currentPolicyConfig = (CertificateManagementConfig) unmarshaller.unmarshal(doc);
this.certificateManagementConfig = (CertificateManagementConfig) unmarshaller.unmarshal(doc);
} catch (Exception e) {
throw new CertificateManagementException("Error occurred while initializing device config", e);
throw new CertificateManagementException("Error occurred while initializing certificate config", e);
}
}
public CertificateManagementConfig getPolicyManagementConfig() {
return currentPolicyConfig;
public CertificateManagementConfig getCertificateManagementConfig() throws CertificateManagementException {
if (certificateManagementConfig == null) {
initConfig();
}
return certificateManagementConfig;
}
public DataSourceConfig getDataSourceConfig() {
return currentPolicyConfig.getCertificateManagementRepository().getDataSourceConfig();
public DataSourceConfig getDataSourceConfig() throws CertificateManagementException {
if (certificateManagementConfig == null) {
initConfig();
}
return certificateManagementConfig.getCertificateManagementRepository().getDataSourceConfig();
}
public CertificateKeystoreConfig getCertificateKeyStoreConfig() throws CertificateManagementException {
if (certificateManagementConfig == null) {
initConfig();
}
return certificateManagementConfig.getCertificateKeystoreConfig();
}
}

107
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/config/CertificateKeystoreConfig.java Normal file
View File

@ -0,0 +1,107 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.config;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Class for holding CertificateKeystore data.
*/
@XmlRootElement(name = "CertificateKeystore")
public class CertificateKeystoreConfig {
private String certificateKeystoreLocation;
private String certificateKeystoreType;
private String certificateKeystorePassword;
private String caCertAlias;
private String caPrivateKeyPassword;
private String raCertAlias;
private String raPrivateKeyPassword;
@XmlElement(name = "CertificateKeystoreLocation", required = true)
public String getCertificateKeystoreLocation() {
return certificateKeystoreLocation;
}
public void setCertificateKeystoreLocation(String certificateKeystoreLocation) {
if (certificateKeystoreLocation != null && certificateKeystoreLocation.toLowerCase().
contains(CertificateManagementConstants.CARBON_HOME_ENTRY)) {
certificateKeystoreLocation = certificateKeystoreLocation.replace(CertificateManagementConstants.CARBON_HOME_ENTRY,
System.getProperty(CertificateManagementConstants.CARBON_HOME));
}
this.certificateKeystoreLocation = certificateKeystoreLocation;
}
@XmlElement(name = "CertificateKeystoreType", required = true)
public String getCertificateKeystoreType() {
return certificateKeystoreType;
}
public void setCertificateKeystoreType(String certificateKeystoreType) {
this.certificateKeystoreType = certificateKeystoreType;
}
@XmlElement(name = "CertificateKeystorePassword", required = true)
public String getCertificateKeystorePassword() {
return certificateKeystorePassword;
}
public void setCertificateKeystorePassword(String certificateKeystorePassword) {
this.certificateKeystorePassword = certificateKeystorePassword;
}
@XmlElement(name = "CACertAlias", required = true)
public String getCACertAlias() {
return caCertAlias;
}
public void setCACertAlias(String caCertAlias) {
this.caCertAlias = caCertAlias;
}
@XmlElement(name = "CAPrivateKeyPassword", required = true)
public String getCAPrivateKeyPassword() {
return caPrivateKeyPassword;
}
public void setCAPrivateKeyPassword(String caPrivateKeyPassword) {
this.caPrivateKeyPassword = caPrivateKeyPassword;
}
@XmlElement(name = "RACertAlias", required = true)
public String getRACertAlias() {
return raCertAlias;
}
public void setRACertAlias(String raCertAlias) {
this.raCertAlias = raCertAlias;
}
@XmlElement(name = "RAPrivateKeyPassword", required = true)
public String getRAPrivateKeyPassword() {
return raPrivateKeyPassword;
}
public void setRAPrivateKeyPassword(String raPrivateKeyPassword) {
this.raPrivateKeyPassword = raPrivateKeyPassword;
}
}

29
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/config/CertificateManagementConfig.java
View File

@ -22,20 +22,39 @@ import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Represents Device Mgt configuration.
* Represents Certificate Mgt configuration.
*/
@XmlRootElement(name = "DeviceMgtConfiguration")
@XmlRootElement(name = "CertificateConfigurations")
public final class CertificateManagementConfig {
private CertificateManagementRepository certificateManagementRepository;
private CertificateKeystoreConfig certificateKeystoreConfig;
private int defaultPageSize;
public void setCertificateManagementRepository(CertificateManagementRepository certificateManagementRepository) {
this.certificateManagementRepository = certificateManagementRepository;
}
private CertificateManagementRepository certificateManagementRepository;
@XmlElement(name = "ManagementRepository", nillable = false)
@XmlElement(name = "ManagementRepository", required = true)
public CertificateManagementRepository getCertificateManagementRepository() {
return certificateManagementRepository;
}
@XmlElement(name = "CertificateKeystore", required = true)
public CertificateKeystoreConfig getCertificateKeystoreConfig() {
return certificateKeystoreConfig;
}
public void setCertificateKeystoreConfig(CertificateKeystoreConfig certificateKeystoreConfig) {
this.certificateKeystoreConfig = certificateKeystoreConfig;
}
@XmlElement(name = "DefaultPageSize", required = true)
public int getDefaultPageSize() {
return defaultPageSize;
}
public void setDefaultPageSize(int defaultPageSize) {
this.defaultPageSize = defaultPageSize;
}
}

4
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/config/CertificateManagementRepository.java
View File

@ -24,14 +24,14 @@ import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Class for holding management repository data
* Class for holding management repository data.
*/
@XmlRootElement(name = "ManagementRepository")
public class CertificateManagementRepository {
private DataSourceConfig dataSourceConfig;
@XmlElement(name = "DataSourceConfiguration", nillable = false)
@XmlElement(name = "DataSourceConfiguration", required = true)
public DataSourceConfig getDataSourceConfig() {
return dataSourceConfig;
}

12
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/dao/CertificateDAO.java
View File

@ -20,8 +20,7 @@ package org.wso2.carbon.certificate.mgt.core.dao;
import org.wso2.carbon.certificate.mgt.core.bean.Certificate;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import java.util.List;
@ -55,12 +54,13 @@ public interface CertificateDAO {
/**
* Get all the certificates in a paginated manner.
*
* @param request Request mentioning pagination details such as length and stating index.
* @param rowNum Stating index of the paginated result.
* @param limit Number of records to return.
* @return Pagination result with data and the count of results.
* @throws CertificateManagementDAOException
*
*/
PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementDAOException;
PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementDAOException;
/**
* Get all the certificates.
@ -69,7 +69,7 @@ public interface CertificateDAO {
* @throws CertificateManagementDAOException
*
*/
public List<CertificateResponse> getAllCertificates() throws CertificateManagementDAOException;
List<CertificateResponse> getAllCertificates() throws CertificateManagementDAOException;
/**
* Delete a certificate identified by a serial number()
@ -79,6 +79,6 @@ public interface CertificateDAO {
*/
boolean removeCertificate(String serialNumber) throws CertificateManagementDAOException;
public List<CertificateResponse> searchCertificate(String serialNumber) throws CertificateManagementDAOException;
List<CertificateResponse> searchCertificate(String serialNumber) throws CertificateManagementDAOException;
}

32
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/dao/CertificateManagementDAOFactory.java
View File

@ -23,9 +23,13 @@ import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.JNDILookupDefinition;
import org.wso2.carbon.certificate.mgt.core.dao.impl.GenericCertificateDAOImpl;
import org.wso2.carbon.device.mgt.common.DeviceManagementConstants;
import org.wso2.carbon.device.mgt.common.IllegalTransactionStateException;
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.dao.impl.OracleCertificateDAOImpl;
import org.wso2.carbon.certificate.mgt.core.dao.impl.PostgreSQLCertificateDAOImpl;
import org.wso2.carbon.certificate.mgt.core.dao.impl.SQLServerCertificateDAOImpl;
import org.wso2.carbon.certificate.mgt.core.exception.IllegalTransactionStateException;
import org.wso2.carbon.certificate.mgt.core.exception.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.UnsupportedDatabaseEngineException;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import javax.sql.DataSource;
import java.sql.Connection;
@ -45,9 +49,23 @@ public class CertificateManagementDAOFactory {
CONNECTION_NOT_BORROWED, CONNECTION_BORROWED, CONNECTION_CLOSED
}
public static CertificateDAO getCertificateDAO() {
return new GenericCertificateDAOImpl();
if (databaseEngine != null) {
switch (databaseEngine) {
case CertificateManagementConstants.DataBaseTypes.DB_TYPE_ORACLE:
return new OracleCertificateDAOImpl();
case CertificateManagementConstants.DataBaseTypes.DB_TYPE_MSSQL:
return new SQLServerCertificateDAOImpl();
case CertificateManagementConstants.DataBaseTypes.DB_TYPE_POSTGRESQL:
return new PostgreSQLCertificateDAOImpl();
case CertificateManagementConstants.DataBaseTypes.DB_TYPE_H2:
case CertificateManagementConstants.DataBaseTypes.DB_TYPE_MYSQL:
return new GenericCertificateDAOImpl();
default:
throw new UnsupportedDatabaseEngineException("Unsupported database engine : " + databaseEngine);
}
}
throw new IllegalStateException("Database engine has not initialized properly.");
}
public static void init(DataSourceConfig config) {
@ -72,8 +90,8 @@ public class CertificateManagementDAOFactory {
Connection conn = currentConnection.get();
if (conn != null) {
throw new IllegalTransactionStateException("A transaction is already active within the context of " +
"this particular thread. Therefore, calling 'beginTransaction/openConnection' while another " +
"transaction is already active is a sign of improper transaction handling");
"this particular thread. Therefore, calling 'beginTransaction/openConnection' while another " +
"transaction is already active is a sign of improper transaction handling");
}
try {
conn = dataSource.getConnection();

223
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/dao/impl/AbstractCertificateDAOImpl.java Normal file
View File

@ -0,0 +1,223 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.bean.Certificate;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
/**
* This class holds the generic implementation of CertificateDAO which can be used to support ANSI db syntax.
*/
public abstract class AbstractCertificateDAOImpl implements CertificateDAO{
private static final Log log = LogFactory.getLog(GenericCertificateDAOImpl.class);
@Override
public void addCertificate(List<Certificate> certificates)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
try {
conn = this.getConnection();
stmt = conn.prepareStatement(
"INSERT INTO DM_DEVICE_CERTIFICATE (SERIAL_NUMBER, CERTIFICATE, TENANT_ID, USERNAME)"
+ " VALUES (?,?,?,?)");
PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.
getThreadLocalCarbonContext();
String username = threadLocalCarbonContext.getUsername();
for (Certificate certificate : certificates) {
// the serial number of the certificate used for its creation is set as its alias.
String serialNumber = certificate.getSerial();
if (serialNumber == null || serialNumber.isEmpty()) {
serialNumber = String.valueOf(certificate.getCertificate().getSerialNumber());
}
byte[] bytes = Serializer.serialize(certificate.getCertificate());
stmt.setString(1, serialNumber);
stmt.setBytes(2, bytes);
stmt.setInt(3, certificate.getTenantId());
stmt.setString(4, username);
stmt.addBatch();
}
stmt.executeBatch();
} catch (SQLException | IOException e) {
throw new CertificateManagementDAOException("Error occurred while saving certificates. "
, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, null);
}
}
@Override
public CertificateResponse retrieveCertificate(String serialNumber)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM"
+ " DM_DEVICE_CERTIFICATE WHERE SERIAL_NUMBER = ? AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, serialNumber);
stmt.setInt(2, tenantId);
resultSet = stmt.executeQuery();
if (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setCertificate(certificateBytes);
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
}
} catch (SQLException e) {
String errorMsg =
"Unable to get the read the certificate with serial" + serialNumber;
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificateResponse;
}
@Override
public List<CertificateResponse> searchCertificate(String serialNumber)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse = null;
List<CertificateResponse> certificates = new ArrayList<>();
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM DM_DEVICE_CERTIFICATE "
+ "WHERE SERIAL_NUMBER LIKE ? AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, "%" + serialNumber + "%");
stmt.setInt(2, tenantId);
resultSet = stmt.executeQuery();
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
}
} catch (SQLException e) {
String errorMsg =
"Unable to get the read the certificate with serial" + serialNumber;
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificates;
}
@Override
public List<CertificateResponse> getAllCertificates() throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
List<CertificateResponse> certificates = new ArrayList<>();
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME"
+ " FROM DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
resultSet = stmt.executeQuery();
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
}
} catch (SQLException e) {
String errorMsg = "SQL error occurred while retrieving the certificates.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificates;
}
@Override
public boolean removeCertificate(String serialNumber) throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"DELETE FROM DM_DEVICE_CERTIFICATE WHERE SERIAL_NUMBER = ?" +
" AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, serialNumber);
stmt.setInt(2, tenantId);
return stmt.executeUpdate() > 0;
} catch (SQLException e) {
String msg = "Unable to get the read the certificate with serial" + serialNumber;
log.error(msg, e);
throw new CertificateManagementDAOException(msg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

208
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/dao/impl/GenericCertificateDAOImpl.java
View File

@ -20,149 +20,36 @@ package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.bean.Certificate;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagerUtil;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
import org.wso2.carbon.device.mgt.core.operation.mgt.dao.OperationManagementDAOUtil;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.sql.*;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
public class GenericCertificateDAOImpl implements CertificateDAO {
/**
* This class holds the generic implementation of CertificateDAO which can be used to support ANSI db syntax for pagination
* queries.
*/
public class GenericCertificateDAOImpl extends AbstractCertificateDAOImpl {
private static final Log log = LogFactory.getLog(GenericCertificateDAOImpl.class);
@Override
public void addCertificate(List<Certificate> certificates)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
try {
conn = this.getConnection();
stmt = conn.prepareStatement(
"INSERT INTO DM_DEVICE_CERTIFICATE (SERIAL_NUMBER, CERTIFICATE, TENANT_ID, USERNAME)"
+ " VALUES (?,?,?,?)");
PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.
getThreadLocalCarbonContext();
String username = threadLocalCarbonContext.getUsername();
for (Certificate certificate : certificates) {
// the serial number of the certificate used for its creation is set as its alias.
String serialNumber = certificate.getSerial();
if (serialNumber == null || serialNumber.isEmpty()) {
serialNumber = String.valueOf(certificate.getCertificate().getSerialNumber());
}
byte[] bytes = Serializer.serialize(certificate.getCertificate());
stmt.setString(1, serialNumber);
stmt.setBytes(2, bytes);
stmt.setInt(3, certificate.getTenantId());
stmt.setString(4, username);
stmt.addBatch();
}
stmt.executeBatch();
} catch (SQLException | IOException e) {
throw new CertificateManagementDAOException("Error occurred while saving certificates. "
, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, null);
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
@Override
public CertificateResponse retrieveCertificate(String serialNumber)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM"
+ " DM_DEVICE_CERTIFICATE WHERE SERIAL_NUMBER = ? AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, serialNumber);
stmt.setInt(2, tenantId);
resultSet = stmt.executeQuery();
if (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setCertificate(certificateBytes);
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
}
} catch (SQLException e) {
String errorMsg =
"Unable to get the read the certificate with serial" + serialNumber;
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificateResponse;
}
@Override
public List<CertificateResponse> searchCertificate(String serialNumber)
throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse = null;
List<CertificateResponse> certificates = new ArrayList<>();
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM DM_DEVICE_CERTIFICATE "
+ "WHERE SERIAL_NUMBER LIKE ? AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, "%" + serialNumber + "%");
stmt.setInt(2, tenantId);
resultSet = stmt.executeQuery();
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
}
} catch (SQLException e) {
String errorMsg =
"Unable to get the read the certificate with serial" + serialNumber;
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificates;
}
@Override
public PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementDAOException {
public PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
@ -172,11 +59,11 @@ public class GenericCertificateDAOImpl implements CertificateDAO {
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM "
+ "DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC LIMIT ?,?";
+ "DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC LIMIT ?,?";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
stmt.setInt(2, request.getStartIndex());
stmt.setInt(3, request.getRowCount());
stmt.setInt(2, rowNum);
stmt.setInt(3, limit);
resultSet = stmt.executeQuery();
int resultCount = 0;
@ -202,67 +89,4 @@ public class GenericCertificateDAOImpl implements CertificateDAO {
}
return paginationResult;
}
@Override
public List<CertificateResponse> getAllCertificates() throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
List<CertificateResponse> certificates = new ArrayList<>();
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME"
+ " FROM DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
resultSet = stmt.executeQuery();
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
}
} catch (SQLException e) {
String errorMsg = "SQL error occurred while retrieving the certificates.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return certificates;
}
@Override
public boolean removeCertificate(String serialNumber) throws CertificateManagementDAOException {
Connection conn;
PreparedStatement stmt = null;
ResultSet resultSet = null;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
conn = this.getConnection();
String query =
"DELETE FROM DM_DEVICE_CERTIFICATE WHERE SERIAL_NUMBER = ?" +
" AND TENANT_ID = ? ";
stmt = conn.prepareStatement(query);
stmt.setString(1, serialNumber);
stmt.setInt(2, tenantId);
return stmt.executeUpdate() > 0;
} catch (SQLException e) {
String msg = "Unable to get the read the certificate with serial" + serialNumber;
log.error(msg, e);
throw new CertificateManagementDAOException(msg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

91
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/dao/impl/OracleCertificateDAOImpl.java Normal file
View File

@ -0,0 +1,91 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
/**
* This class holds the oracle sql implementation of CertificateDAO which can be used to support Oracle specific
* db syntax.
*/
public class OracleCertificateDAOImpl extends AbstractCertificateDAOImpl {
private static final Log log = LogFactory.getLog(OracleCertificateDAOImpl.class);
@Override
public PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
List<CertificateResponse> certificates = new ArrayList<>();
PaginationResult paginationResult;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM "
+ "DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC WHERE OFFSET >= ? AND ROWNUM <= ?";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
stmt.setInt(2, rowNum);
stmt.setInt(3, limit);
resultSet = stmt.executeQuery();
int resultCount = 0;
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
resultCount++;
}
paginationResult = new PaginationResult();
paginationResult.setData(certificates);
paginationResult.setRecordsTotal(resultCount);
} catch (SQLException e) {
String errorMsg = "SQL error occurred while retrieving the certificates.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return paginationResult;
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

91
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/dao/impl/PostgreSQLCertificateDAOImpl.java Normal file
View File

@ -0,0 +1,91 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
/**
* This class holds the PostgreSQL implementation of CertificateDAO which can be used to support PostgreSQL specific
* db syntax.
*/
public class PostgreSQLCertificateDAOImpl extends AbstractCertificateDAOImpl {
private static final Log log = LogFactory.getLog(PostgreSQLCertificateDAOImpl.class);
@Override
public PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
List<CertificateResponse> certificates = new ArrayList<>();
PaginationResult paginationResult;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM "
+ "DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC LIMIT ? OFFSET ?";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
stmt.setInt(2, limit);
stmt.setInt(3, rowNum);
resultSet = stmt.executeQuery();
int resultCount = 0;
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
resultCount++;
}
paginationResult = new PaginationResult();
paginationResult.setData(certificates);
paginationResult.setRecordsTotal(resultCount);
} catch (SQLException e) {
String errorMsg = "SQL error occurred while retrieving the certificates.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return paginationResult;
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

91
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/dao/impl/SQLServerCertificateDAOImpl.java Normal file
View File

@ -0,0 +1,91 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.dao.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
/**
* This class holds the SQLServer implementation of CertificateDAO which can be used to support SQLServer specific
* db syntax.
*/
public class SQLServerCertificateDAOImpl extends AbstractCertificateDAOImpl {
private static final Log log = LogFactory.getLog(SQLServerCertificateDAOImpl.class);
@Override
public PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementDAOException {
PreparedStatement stmt = null;
ResultSet resultSet = null;
CertificateResponse certificateResponse;
List<CertificateResponse> certificates = new ArrayList<>();
PaginationResult paginationResult;
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try {
Connection conn = this.getConnection();
String sql = "SELECT CERTIFICATE, SERIAL_NUMBER, TENANT_ID, USERNAME FROM "
+ "DM_DEVICE_CERTIFICATE WHERE TENANT_ID = ? ORDER BY ID DESC OFFSET ? ROWS FETCH NEXT ? ROWS ONLY";
stmt = conn.prepareStatement(sql);
stmt.setInt(1, tenantId);
stmt.setInt(2, rowNum);
stmt.setInt(3, limit);
resultSet = stmt.executeQuery();
int resultCount = 0;
while (resultSet.next()) {
certificateResponse = new CertificateResponse();
byte[] certificateBytes = resultSet.getBytes("CERTIFICATE");
certificateResponse.setSerialNumber(resultSet.getString("SERIAL_NUMBER"));
certificateResponse.setTenantId(resultSet.getInt("TENANT_ID"));
certificateResponse.setUsername(resultSet.getString("USERNAME"));
CertificateGenerator.extractCertificateDetails(certificateBytes, certificateResponse);
certificates.add(certificateResponse);
resultCount++;
}
paginationResult = new PaginationResult();
paginationResult.setData(certificates);
paginationResult.setRecordsTotal(resultCount);
} catch (SQLException e) {
String errorMsg = "SQL error occurred while retrieving the certificates.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
} finally {
CertificateManagementDAOUtil.cleanupResources(stmt, resultSet);
}
return paginationResult;
}
private Connection getConnection() throws SQLException {
return CertificateManagementDAOFactory.getConnection();
}
}

44
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/exception/IllegalTransactionStateException.java Normal file
View File

@ -0,0 +1,44 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.exception;
public class IllegalTransactionStateException extends RuntimeException {
private static final long serialVersionUID = -3151279331929070297L;
public IllegalTransactionStateException(String msg, Exception nestedEx) {
super(msg, nestedEx);
}
public IllegalTransactionStateException(String message, Throwable cause) {
super(message, cause);
}
public IllegalTransactionStateException(String msg) {
super(msg);
}
public IllegalTransactionStateException() {
super();
}
public IllegalTransactionStateException(Throwable cause) {
super(cause);
}
}

44
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/exception/TransactionManagementException.java Normal file
View File

@ -0,0 +1,44 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.exception;
public class TransactionManagementException extends Exception {
private static final long serialVersionUID = -3151279321929070297L;
public TransactionManagementException(String msg, Exception nestedEx) {
super(msg, nestedEx);
}
public TransactionManagementException(String message, Throwable cause) {
super(message, cause);
}
public TransactionManagementException(String msg) {
super(msg);
}
public TransactionManagementException() {
super();
}
public TransactionManagementException(Throwable cause) {
super(cause);
}
}

48
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/exception/UnsupportedDatabaseEngineException.java Normal file
View File

@ -0,0 +1,48 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.exception;
/**
* This runtime exception will be thrown if the server has configured with unsupported DB engine.
*/
public class UnsupportedDatabaseEngineException extends RuntimeException {
private static final long serialVersionUID = -3151279311929070297L;
public UnsupportedDatabaseEngineException(String msg, Exception nestedEx) {
super(msg, nestedEx);
}
public UnsupportedDatabaseEngineException(String message, Throwable cause) {
super(message, cause);
}
public UnsupportedDatabaseEngineException(String msg) {
super(msg);
}
public UnsupportedDatabaseEngineException() {
super();
}
public UnsupportedDatabaseEngineException(Throwable cause) {
super(cause);
}
}

190
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/impl/CertificateGenerator.java
View File

@ -46,14 +46,7 @@ import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.util.Store;
import org.jscep.message.CertRep;
import org.jscep.message.MessageDecodingException;
import org.jscep.message.MessageEncodingException;
import org.jscep.message.PkcsPkiEnvelopeDecoder;
import org.jscep.message.PkcsPkiEnvelopeEncoder;
import org.jscep.message.PkiMessage;
import org.jscep.message.PkiMessageDecoder;
import org.jscep.message.PkiMessageEncoder;
import org.jscep.message.*;
import org.jscep.transaction.FailInfo;
import org.jscep.transaction.Nonce;
import org.jscep.transaction.TransactionId;
@ -64,39 +57,19 @@ import org.wso2.carbon.certificate.mgt.core.dto.CAStatus;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.exception.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import org.wso2.carbon.certificate.mgt.core.util.CommonUtil;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
import javax.security.auth.x500.X500Principal;
import javax.xml.bind.DatatypeConverter;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.*;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.security.cert.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
@ -108,6 +81,45 @@ public class CertificateGenerator {
private static final Log log = LogFactory.getLog(CertificateGenerator.class);
public static String getCommonName(X509Certificate requestCertificate) {
String distinguishedName = requestCertificate.getSubjectDN().getName();
if (distinguishedName != null && !distinguishedName.isEmpty()) {
String[] dnSplits = distinguishedName.split(",");
for (String dnSplit : dnSplits) {
if (dnSplit.contains("CN=")) {
String[] cnSplits = dnSplit.split("=");
if (cnSplits[1] != null) {
return cnSplits[1];
}
}
}
}
return null;
}
public static void extractCertificateDetails(byte[] certificateBytes, CertificateResponse certificateResponse)
throws CertificateManagementDAOException {
try {
if (certificateBytes != null) {
java.security.cert.Certificate x509Certificate =
(java.security.cert.Certificate) Serializer.deserialize(certificateBytes);
if (x509Certificate instanceof X509Certificate) {
X509Certificate certificate = (X509Certificate) x509Certificate;
certificateResponse.setNotAfter(certificate.getNotAfter().getTime());
certificateResponse.setNotBefore(certificate.getNotBefore().getTime());
certificateResponse.setCertificateserial(certificate.getSerialNumber());
certificateResponse.setIssuer(certificate.getIssuerDN().getName());
certificateResponse.setSubject(certificate.getSubjectDN().getName());
certificateResponse.setCertificateVersion(certificate.getVersion());
}
}
} catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error while deserializing the certificate.";
throw new CertificateManagementDAOException(errorMsg, e);
}
}
public List<X509Certificate> getRootCertificates(byte[] ca, byte[] ra) throws KeystoreException {
if (ca == null) {
@ -123,7 +135,7 @@ public class CertificateGenerator {
InputStream raInputStream = null;
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateManagementConstants.X_509);
caInputStream = new ByteArrayInputStream(ca);
raInputStream = new ByteArrayInputStream(ra);
@ -134,7 +146,6 @@ public class CertificateGenerator {
certificateList.add(raCert);
} catch (CertificateException e) {
String errorMsg = "Error occurred while fetching root certificates";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
if (caInputStream != null) {
@ -167,19 +178,19 @@ public class CertificateGenerator {
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(
ConfigurationUtil.RSA, ConfigurationUtil.PROVIDER);
keyPairGenerator.initialize(ConfigurationUtil.RSA_KEY_LENGTH, new SecureRandom());
CertificateManagementConstants.RSA, CertificateManagementConstants.PROVIDER);
keyPairGenerator.initialize(CertificateManagementConstants.RSA_KEY_LENGTH, new SecureRandom());
KeyPair pair = keyPairGenerator.generateKeyPair();
X500Principal principal = new X500Principal(ConfigurationUtil.DEFAULT_PRINCIPAL);
X500Principal principal = new X500Principal(CertificateManagementConstants.DEFAULT_PRINCIPAL);
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(
principal, CommonUtil.generateSerialNumber(), validityBeginDate, validityEndDate,
principal, pair.getPublic());
ContentSigner contentSigner = new JcaContentSignerBuilder(ConfigurationUtil.SHA256_RSA)
.setProvider(ConfigurationUtil.PROVIDER).build(
ContentSigner contentSigner = new JcaContentSignerBuilder(CertificateManagementConstants.SHA256_RSA)
.setProvider(CertificateManagementConstants.PROVIDER).build(
pair.getPrivate());
X509Certificate certificate = new JcaX509CertificateConverter()
.setProvider(ConfigurationUtil.PROVIDER).getCertificate(
.setProvider(CertificateManagementConstants.PROVIDER).getCertificate(
certificateBuilder.build(contentSigner));
// cert.checkValidity();
@ -197,35 +208,27 @@ public class CertificateGenerator {
return certificate;
} catch (NoSuchAlgorithmException e) {
String errorMsg = "No such algorithm found when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchProviderException e) {
String errorMsg = "No such provider found when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (OperatorCreationException e) {
String errorMsg = "Issue in operator creation when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateExpiredException e) {
String errorMsg = "Certificate expired after generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateNotYetValidException e) {
String errorMsg = "Certificate not yet valid when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) {
String errorMsg = "Certificate issue occurred when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (InvalidKeyException e) {
String errorMsg = "Invalid key used when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (SignatureException e) {
String errorMsg = "Signature related issue occurred when generating certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -244,7 +247,7 @@ public class CertificateGenerator {
X509Certificate certRA = (X509Certificate) keyStoreReader.getRACertificate();
X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate();
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateManagementConstants.X_509);
X509CertificateHolder holder = reqCerts.iterator().next();
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(holder.getEncoded());
X509Certificate reqCert = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
@ -273,7 +276,7 @@ public class CertificateGenerator {
certRep = new CertRep(transId, senderNonce, recipientNonce, messageData);
}
PkcsPkiEnvelopeEncoder envEncoder = new PkcsPkiEnvelopeEncoder(reqCert, ConfigurationUtil.DES_EDE);
PkcsPkiEnvelopeEncoder envEncoder = new PkcsPkiEnvelopeEncoder(reqCert, CertificateManagementConstants.DES_EDE);
PkiMessageEncoder encoder = new PkiMessageEncoder(privateKeyRA, certRA, envEncoder);
CMSSignedData cmsSignedData = encoder.encode(certRep);
@ -281,23 +284,18 @@ public class CertificateGenerator {
} catch (CertificateException e) {
String errorMsg = "Certificate issue occurred when generating getPKIMessage";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (MessageEncodingException e) {
String errorMsg = "Message encoding issue occurred when generating getPKIMessage";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Input output issue occurred when generating getPKIMessage";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (MessageDecodingException e) {
String errorMsg = "Message decoding issue occurred when generating getPKIMessage";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CMSException e) {
String errorMsg = "CMS issue occurred when generating getPKIMessage";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -333,22 +331,6 @@ public class CertificateGenerator {
return lookUpCertificate;
}
public static String getCommonName(X509Certificate requestCertificate) {
String distinguishedName = requestCertificate.getSubjectDN().getName();
if (distinguishedName != null && !distinguishedName.isEmpty()) {
String[] dnSplits = distinguishedName.split(",");
for (String dnSplit : dnSplits) {
if (dnSplit.contains("CN=")) {
String[] cnSplits = dnSplit.split("=");
if (cnSplits[1] != null) {
return cnSplits[1];
}
}
}
}
return null;
}
public X509Certificate pemToX509Certificate(String pem)
throws KeystoreException {
InputStream inputStream = null;
@ -389,7 +371,7 @@ public class CertificateGenerator {
Collection<X509CertificateHolder> reqCerts = reqStore.getMatches(null);
if (reqCerts != null && reqCerts.size() > 0) {
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateManagementConstants.X_509);
X509CertificateHolder holder = reqCerts.iterator().next();
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(holder.getEncoded());
X509Certificate reqCert = (X509Certificate) certificateFactory.
@ -399,7 +381,7 @@ public class CertificateGenerator {
Certificate lookUpCertificate = keyStoreReader.getCertificateByAlias(
reqCert.getSerialNumber().toString());
if (lookUpCertificate != null && (lookUpCertificate instanceof X509Certificate)) {
if (lookUpCertificate instanceof X509Certificate) {
return (X509Certificate) lookUpCertificate;
}
}
@ -407,15 +389,12 @@ public class CertificateGenerator {
}
} catch (CMSException e) {
String errorMsg = "CMSException when decoding certificate signature";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "IOException when decoding certificate signature";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) {
String errorMsg = "CertificateException when decoding certificate signature";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
@ -431,7 +410,7 @@ public class CertificateGenerator {
Date validityBeginDate = commonUtil.getValidityStartDate();
Date validityEndDate = commonUtil.getValidityEndDate();
X500Name certSubject = new X500Name(ConfigurationUtil.DEFAULT_PRINCIPAL);
X500Name certSubject = new X500Name(CertificateManagementConstants.DEFAULT_PRINCIPAL);
//X500Name certSubject = request.getSubject();
Attribute attributes[] = request.getAttributes();
@ -490,10 +469,10 @@ public class CertificateGenerator {
}
}
sigGen = new JcaContentSignerBuilder(ConfigurationUtil.SHA256_RSA)
.setProvider(ConfigurationUtil.PROVIDER).build(privateKey);
sigGen = new JcaContentSignerBuilder(CertificateManagementConstants.SHA256_RSA)
.setProvider(CertificateManagementConstants.PROVIDER).build(privateKey);
issuedCert = new JcaX509CertificateConverter().setProvider(
ConfigurationUtil.PROVIDER).getCertificate(
CertificateManagementConstants.PROVIDER).getCertificate(
certificateBuilder.build(sigGen));
org.wso2.carbon.certificate.mgt.core.bean.Certificate certificate =
new org.wso2.carbon.certificate.mgt.core.bean.Certificate();
@ -504,15 +483,12 @@ public class CertificateGenerator {
saveCertInKeyStore(certificates);
} catch (CertIOException e) {
String errorMsg = "Certificate Input output issue occurred when generating generateCertificateFromCSR";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (OperatorCreationException e) {
String errorMsg = "Operator creation issue occurred when generating generateCertificateFromCSR";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) {
String errorMsg = "Certificate issue occurred when generating generateCertificateFromCSR";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
@ -543,11 +519,9 @@ public class CertificateGenerator {
return generator.generate(new CMSAbsentContent());
} catch (CertificateEncodingException e) {
String errorMsg = "Certificate encoding issue occurred when generating getMessageData";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CMSException e) {
String errorMsg = "Message decoding issue occurred when generating getMessageData";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -566,30 +540,26 @@ public class CertificateGenerator {
String temp = new String(keyBytes);
String privateKeyPEM = temp.replace(
ConfigurationUtil.RSA_PRIVATE_KEY_BEGIN_TEXT, ConfigurationUtil.EMPTY_TEXT);
CertificateManagementConstants.RSA_PRIVATE_KEY_BEGIN_TEXT, CertificateManagementConstants.EMPTY_TEXT);
privateKeyPEM = privateKeyPEM
.replace(ConfigurationUtil.RSA_PRIVATE_KEY_END_TEXT, ConfigurationUtil.EMPTY_TEXT);
.replace(CertificateManagementConstants.RSA_PRIVATE_KEY_END_TEXT, CertificateManagementConstants.EMPTY_TEXT);
byte[] decoded = Base64.decodeBase64(privateKeyPEM);
PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(decoded);
KeyFactory keyFactory = KeyFactory.getInstance(ConfigurationUtil.RSA);
KeyFactory keyFactory = KeyFactory.getInstance(CertificateManagementConstants.RSA);
return keyFactory.generatePrivate(encodedKeySpec);
} catch (FileNotFoundException e) {
String errorMsg = "Private key file not found in getSignerKey";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Input output issue in getSignerKey";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) {
String errorMsg = "Algorithm not not found in getSignerKey";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (InvalidKeySpecException e) {
String errorMsg = "Invalid key found in getSignerKey";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -598,18 +568,16 @@ public class CertificateGenerator {
X509Certificate certificate;
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
CertificateFactory certificateFactory = CertificateFactory.getInstance(CertificateManagementConstants.X_509);
certificate = (X509Certificate) certificateFactory.generateCertificate(
new FileInputStream(signerCertificatePath));
return certificate;
} catch (CertificateException e) {
String errorMsg = "Certificate related issue occurred in getSigner";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (FileNotFoundException e) {
String errorMsg = "Signer certificate path not found in getSigner";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -645,15 +613,12 @@ public class CertificateGenerator {
return scepResponse;
} catch (CertificateEncodingException e) {
String errorMsg = "Certificate encoding issue occurred in getCACert";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CMSException e) {
String errorMsg = "CMS issue occurred in getCACert";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Input output issue occurred in getCACert";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
@ -672,17 +637,14 @@ public class CertificateGenerator {
CertificateManagementDAOFactory.commitTransaction();
} catch (CertificateManagementDAOException e) {
String errorMsg = "Error occurred when saving the generated certificate";
log.error(errorMsg, e);
CertificateManagementDAOFactory.rollbackTransaction();
throw new KeystoreException(errorMsg, e);
} catch (TransactionManagementException e) {
String errorMsg = "Error occurred when saving the generated certificate";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
}
}
public String extractChallengeToken(X509Certificate certificate) {
byte[] challengePassword = certificate.getExtensionValue(
@ -742,28 +704,4 @@ public class CertificateGenerator {
return generateCertificateFromCSR(privateKeyCA, certificationRequest,
certCA.getIssuerX500Principal().getName());
}
public static void extractCertificateDetails(byte[] certificateBytes, CertificateResponse certificateResponse)
throws CertificateManagementDAOException {
try {
if (certificateBytes != null) {
java.security.cert.Certificate x509Certificate =
(java.security.cert.Certificate) Serializer.deserialize(certificateBytes);
if (x509Certificate instanceof X509Certificate) {
X509Certificate certificate = (X509Certificate) x509Certificate;
certificateResponse.setNotAfter(certificate.getNotAfter().getTime());
certificateResponse.setNotBefore(certificate.getNotBefore().getTime());
certificateResponse.setCertificateserial(certificate.getSerialNumber());
certificateResponse.setIssuer(certificate.getIssuerDN().getName());
certificateResponse.setSubject(certificate.getSubjectDN().getName());
certificateResponse.setCertificateVersion(certificate.getVersion());
}
}
} catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error while deserializing the certificate.";
log.error(errorMsg, e);
throw new CertificateManagementDAOException(errorMsg, e);
}
}
}

100
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/impl/KeyStoreReader.java
View File

@ -19,11 +19,13 @@ package org.wso2.carbon.certificate.mgt.core.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.config.CertificateConfigurationManager;
import org.wso2.carbon.certificate.mgt.core.config.CertificateKeystoreConfig;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateDAO;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOException;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.util.Serializer;
@ -54,28 +56,23 @@ public class KeyStoreReader {
InputStream is = null;
KeyStore keystore;
try {
keystore = KeyStore.getInstance(ConfigurationUtil.getConfigEntry(configEntryKeyStoreType));
is = new FileInputStream(ConfigurationUtil.getConfigEntry(configEntryKeyStorePath));
keystore.load(is, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray());
keystore = KeyStore.getInstance(configEntryKeyStoreType);
is = new FileInputStream(configEntryKeyStorePath);
keystore.load(is, configEntryKeyStorePassword.toCharArray());
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (FileNotFoundException e) {
String errorMsg = "KeyStore file not found when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) {
String errorMsg = "Algorithm not found when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) {
String errorMsg = "CertificateException when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Input output issue occurred when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
try {
@ -94,28 +91,22 @@ public class KeyStoreReader {
String configEntryKeyStorePassword) throws KeystoreException {
FileOutputStream os = null;
try {
os = new FileOutputStream(
ConfigurationUtil.getConfigEntry(configEntryKeyStorePath));
keyStore.store(os, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray());
os = new FileOutputStream(configEntryKeyStorePath);
keyStore.store(os, configEntryKeyStorePassword.toCharArray());
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (FileNotFoundException e) {
String errorMsg = "KeyStore file not found when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) {
String errorMsg = "Algorithm not found when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateException e) {
String errorMsg = "CertificateException when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (IOException e) {
String errorMsg = "Input output issue occurred when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
try {
@ -130,23 +121,44 @@ public class KeyStoreReader {
KeyStore loadCertificateKeyStore() throws KeystoreException {
return loadKeyStore(ConfigurationUtil.CERTIFICATE_KEYSTORE, ConfigurationUtil.PATH_CERTIFICATE_KEYSTORE,
ConfigurationUtil.CERTIFICATE_KEYSTORE_PASSWORD);
KeyStore keyStore = null;
try {
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
keyStore = loadKeyStore(certificateKeystoreConfig.getCertificateKeystoreType(),
certificateKeystoreConfig.getCertificateKeystoreLocation(),
certificateKeystoreConfig.getCertificateKeystorePassword());
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
return keyStore;
}
void saveCertificateKeyStore(KeyStore keyStore) throws KeystoreException {
saveKeyStore(keyStore, ConfigurationUtil.PATH_CERTIFICATE_KEYSTORE,
ConfigurationUtil.CERTIFICATE_KEYSTORE_PASSWORD);
try {
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
saveKeyStore(keyStore, certificateKeystoreConfig.getCertificateKeystoreLocation(),
certificateKeystoreConfig.getCertificateKeystorePassword());
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
}
public Certificate getCACertificate() throws KeystoreException {
KeyStore keystore = loadCertificateKeyStore();
Certificate caCertificate;
try {
caCertificate = keystore.getCertificate(ConfigurationUtil.getConfigEntry(ConfigurationUtil.CA_CERT_ALIAS));
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
caCertificate = keystore.getCertificate(certificateKeystoreConfig.getCACertAlias());
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when loading KeyStore";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
@ -158,24 +170,25 @@ public class KeyStoreReader {
}
PrivateKey getCAPrivateKey() throws KeystoreException {
KeyStore keyStore = loadCertificateKeyStore();
PrivateKey caPrivateKey;
try {
caPrivateKey = (PrivateKey) (keyStore.getKey(
ConfigurationUtil.getConfigEntry(ConfigurationUtil.CA_CERT_ALIAS),
ConfigurationUtil.getConfigEntry(ConfigurationUtil.KEYSTORE_CA_CERT_PRIV_PASSWORD).toCharArray()));
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
caPrivateKey = (PrivateKey) keyStore.getKey(certificateKeystoreConfig.getCACertAlias(), certificateKeystoreConfig
.
getCAPrivateKeyPassword().toCharArray());
} catch (UnrecoverableKeyException e) {
String errorMsg = "Key is unrecoverable when retrieving CA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when retrieving CA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) {
String errorMsg = "Algorithm not found when retrieving CA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
@ -190,10 +203,14 @@ public class KeyStoreReader {
KeyStore keystore = loadCertificateKeyStore();
Certificate raCertificate;
try {
raCertificate = keystore.getCertificate(ConfigurationUtil.getConfigEntry(ConfigurationUtil.RA_CERT_ALIAS));
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
raCertificate = keystore.getCertificate(certificateKeystoreConfig.getRACertAlias());
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when retrieving RA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
@ -214,15 +231,12 @@ public class KeyStoreReader {
}
} catch (CertificateManagementDAOException e) {
String errorMsg = "Error when retrieving certificate the the database for the alias " + alias;
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error when de-serializing saved certificate.";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (SQLException e) {
String errorMsg = "Error when making a connection to the database.";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
CertificateManagementDAOFactory.closeConnection();
@ -234,20 +248,21 @@ public class KeyStoreReader {
KeyStore keystore = loadCertificateKeyStore();
PrivateKey raPrivateKey;
try {
raPrivateKey = (PrivateKey) (keystore.getKey(
ConfigurationUtil.getConfigEntry(ConfigurationUtil.RA_CERT_ALIAS),
ConfigurationUtil.getConfigEntry(ConfigurationUtil.KEYSTORE_RA_CERT_PRIV_PASSWORD).toCharArray()));
CertificateKeystoreConfig certificateKeystoreConfig = CertificateConfigurationManager.getInstance().
getCertificateKeyStoreConfig();
raPrivateKey = (PrivateKey) keystore.getKey(certificateKeystoreConfig.getRACertAlias(),
certificateKeystoreConfig.getRAPrivateKeyPassword().toCharArray());
} catch (UnrecoverableKeyException e) {
String errorMsg = "Key is unrecoverable when retrieving RA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (KeyStoreException e) {
String errorMsg = "KeyStore issue occurred when retrieving RA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (NoSuchAlgorithmException e) {
String errorMsg = "Algorithm not found when retrieving RA private key";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (CertificateManagementException e) {
String errorMsg = "Unable to find KeyStore configuration in certificate-mgt.config file.";
throw new KeystoreException(errorMsg, e);
}
@ -274,15 +289,12 @@ public class KeyStoreReader {
} catch (CertificateManagementDAOException e) {
String errorMsg = "Error when retrieving certificate from the the database for the serial number: " +
serialNumber;
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (SQLException e) {
String errorMsg = "Error when making a connection to the database.";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} catch (ClassNotFoundException | IOException e) {
String errorMsg = "Error when de-serializing saved certificate.";
log.error(errorMsg, e);
throw new KeystoreException(errorMsg, e);
} finally {
CertificateManagementDAOFactory.closeConnection();

32
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/internal/CertificateManagementServiceComponent.java
View File

@ -26,8 +26,11 @@ import org.wso2.carbon.certificate.mgt.core.config.CertificateConfigurationManag
import org.wso2.carbon.certificate.mgt.core.config.CertificateManagementConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService;
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementServiceImpl;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import org.wso2.carbon.certificate.mgt.core.util.CertificateMgtSchemaInitializer;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
/**
@ -50,15 +53,25 @@ public class CertificateManagementServiceComponent {
log.debug("Initializing certificate management core bundle");
}
CertificateConfigurationManager.getInstance().initConfig();
CertificateManagementConfig config = CertificateConfigurationManager.getInstance().getPolicyManagementConfig();
CertificateManagementConfig config = CertificateConfigurationManager.getInstance().getCertificateManagementConfig();
DataSourceConfig dsConfig = config.getCertificateManagementRepository().getDataSourceConfig();
CertificateManagementDAOFactory.init(dsConfig);
BundleContext bundleContext = componentContext.getBundleContext();
/* If -Dsetup option enabled then create Certificate management database schema */
String setupOption =
System.getProperty(CertificateManagementConstants.SETUP_PROPERTY);
if (setupOption != null) {
if (log.isDebugEnabled()) {
log.debug("-Dsetup is enabled. Certificate management repository schema initialization is about to " +
"begin");
}
this.setupDeviceManagementSchema(dsConfig);
}
bundleContext.registerService(CertificateManagementService.class.getName(),
CertificateManagementServiceImpl.getInstance(), null);
if (log.isDebugEnabled()) {
log.debug("Certificate management core bundle has been successfully initialized");
}
@ -86,4 +99,19 @@ public class CertificateManagementServiceComponent {
CertificateManagementDataHolder.getInstance().setDeviceManagementService(null);
}
private void setupDeviceManagementSchema(DataSourceConfig config) throws CertificateManagementException {
CertificateMgtSchemaInitializer initializer = new CertificateMgtSchemaInitializer(config);
log.info("Initializing Certificate management repository database schema");
try {
initializer.createRegistryDatabase();
} catch (Exception e) {
throw new CertificateManagementException(
"Error occurred while initializing Certificate Management database schema", e);
}
if (log.isDebugEnabled()) {
log.debug("Certificate management metadata repository schema has been successfully initialized");
}
}
}

22
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/service/CertificateManagementService.java
View File

@ -22,8 +22,6 @@ import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementExcep
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import java.io.InputStream;
import java.security.PrivateKey;
@ -54,31 +52,31 @@ public interface CertificateManagementService {
boolean verifySignature(String headerSignature) throws KeystoreException;
public CertificateResponse verifyPEMSignature(X509Certificate requestCertificate) throws KeystoreException;
CertificateResponse verifyPEMSignature(X509Certificate requestCertificate) throws KeystoreException;
public CertificateResponse verifySubjectDN(String requestDN) throws KeystoreException;
CertificateResponse verifySubjectDN(String requestDN) throws KeystoreException;
public X509Certificate extractCertificateFromSignature(String headerSignature) throws KeystoreException;
X509Certificate extractCertificateFromSignature(String headerSignature) throws KeystoreException;
String extractChallengeToken(X509Certificate certificate);
X509Certificate getSignedCertificateFromCSR(String binarySecurityToken) throws KeystoreException;
public CertificateResponse getCertificateBySerial(String serial) throws KeystoreException;
CertificateResponse getCertificateBySerial(String serial) throws KeystoreException;
public void saveCertificate(List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificate)
void saveCertificate(List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificate)
throws KeystoreException;
public X509Certificate pemToX509Certificate(String pem) throws KeystoreException;
X509Certificate pemToX509Certificate(String pem) throws KeystoreException;
public CertificateResponse retrieveCertificate(String serialNumber) throws CertificateManagementException;
CertificateResponse retrieveCertificate(String serialNumber) throws CertificateManagementException;
public PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementException;
PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementException;
boolean removeCertificate(String serialNumber) throws CertificateManagementException;
public List<CertificateResponse> getCertificates() throws CertificateManagementException;
List<CertificateResponse> getCertificates() throws CertificateManagementException;
public List<CertificateResponse> searchCertificates(String serialNumber) throws CertificateManagementException;
List<CertificateResponse> searchCertificates(String serialNumber) throws CertificateManagementException;
}

18
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/service/CertificateManagementServiceImpl.java
View File

@ -27,12 +27,11 @@ import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.exception.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
import org.wso2.carbon.certificate.mgt.core.impl.KeyStoreReader;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult;
import org.wso2.carbon.device.mgt.common.TransactionManagementException;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagerUtil;
import java.io.InputStream;
import java.security.PrivateKey;
@ -81,7 +80,7 @@ public class CertificateManagementServiceImpl implements CertificateManagementSe
}
public byte[] getCACapsSCEP() {
return ConfigurationUtil.POST_BODY_CA_CAPS.getBytes();
return CertificateManagementConstants.POST_BODY_CA_CAPS.getBytes();
}
public byte[] getPKIMessageSCEP(InputStream inputStream) throws KeystoreException {
@ -144,30 +143,29 @@ public class CertificateManagementServiceImpl implements CertificateManagementSe
return certificateDAO.retrieveCertificate(serialNumber);
} catch (SQLException e) {
String msg = "Error occurred while opening a connection to the underlying data source";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} catch (CertificateManagementDAOException e) {
String msg = "Error occurred while looking up for the certificate carrying the serial number '" +
serialNumber + "' in the underlying certificate repository";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} finally {
CertificateManagementDAOFactory.closeConnection();
}
}
public PaginationResult getAllCertificates(PaginationRequest request) throws CertificateManagementException {
@Override
public PaginationResult getAllCertificates(int rowNum, int limit) throws CertificateManagementException {
try {
CertificateManagementDAOFactory.openConnection();
CertificateDAO certificateDAO = CertificateManagementDAOFactory.getCertificateDAO();
return certificateDAO.getAllCertificates(request);
return certificateDAO.getAllCertificates(rowNum, CertificateManagerUtil.validateCertificateListPageSize(limit));
} catch (SQLException e) {
String msg = "Error occurred while opening a connection to the underlying data source";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} catch (CertificateManagementDAOException e) {
String msg = "Error occurred while looking up for the list of certificates managed in the underlying " +
"certificate repository";
"certificate repository";
log.error(msg, e);
throw new CertificateManagementException(msg, e);
} finally {

79
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/service/PaginationResult.java Normal file
View File

@ -0,0 +1,79 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.service;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import java.io.Serializable;
import java.util.List;
/**
* This class holds necessary data to represent a paginated result.
*/
@ApiModel(value = "PaginationResult", description = "This class carries all information related Pagination Result")
public class PaginationResult implements Serializable {
private static final long serialVersionUID = 1998101711L;
@ApiModelProperty(name = "recordsTotal", value = "The total number of records that are given before filtering", required = true)
private int recordsTotal;
@ApiModelProperty(name = "recordsFiltered", value = "The total number of records that are given after filtering", required = true)
private int recordsFiltered;
@ApiModelProperty(name = "draw", value = "The draw counter that this object is a response to, from the draw parameter sent as part of the data request", required = true)
private int draw;
@ApiModelProperty(name = "data", value = "This holds the db records that matches given criteria", required = true)
private List<?> data;
public int getRecordsTotal() {
return recordsTotal;
}
public int getRecordsFiltered() {
return recordsFiltered;
}
public void setRecordsFiltered(int recordsFiltered) {
this.recordsFiltered = recordsFiltered;
}
public void setRecordsTotal(int recordsTotal) {
this.recordsTotal = recordsTotal;
}
public List<?> getData() {
return data;
}
public void setData(List<?> data) {
this.data = data;
}
public int getDraw() {
return draw;
}
public void setDraw(int draw) {
this.draw = draw;
}
}

30
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/util/CertificateManagementConstants.java
View File

@ -21,6 +21,34 @@ package org.wso2.carbon.certificate.mgt.core.util;
public final class CertificateManagementConstants {
public static final String DEVICE_CONFIG_XML_NAME = "cdm-config.xml";
public static final String CERTIFICATE_CONFIG_XML_FILE = "certificate-config.xml";
public static final String SETUP_PROPERTY = "setup";
public static final String CARBON_HOME = "carbon.home";
public static final String CARBON_HOME_ENTRY = "${carbon.home}";
public static final String PROVIDER = "BC";
public static final String CERTIFICATE_KEYSTORE = "CertificateKeystoreType";
public static final String RSA = "RSA";
public static final String SHA256_RSA = "SHA256WithRSAEncryption";
public static final String X_509 = "X.509";
public static final String POST_BODY_CA_CAPS = "POSTPKIOperation\nSHA-1\nDES3\n";
public static final String DES_EDE = "DESede";
public static final String CONF_LOCATION = "conf.location";
public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK";
public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n";
public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----";
public static final String EMPTY_TEXT = "";
public static final int RSA_KEY_LENGTH = 1024;
public static final class DataBaseTypes {
private DataBaseTypes() {
throw new AssertionError();
}
public static final String DB_TYPE_MYSQL = "MySQL";
public static final String DB_TYPE_ORACLE = "Oracle";
public static final String DB_TYPE_MSSQL = "Microsoft SQL Server";
public static final String DB_TYPE_DB2 = "DB2";
public static final String DB_TYPE_H2 = "H2";
public static final String DB_TYPE_POSTGRESQL = "PostgreSQL";
}
}

16
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/util/CertificateManagerUtil.java
View File

@ -22,6 +22,8 @@ package org.wso2.carbon.certificate.mgt.core.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Document;
import org.wso2.carbon.certificate.mgt.core.config.CertificateConfigurationManager;
import org.wso2.carbon.certificate.mgt.core.config.CertificateManagementConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.certificate.mgt.core.config.datasource.JNDILookupDefinition;
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOUtil;
@ -88,4 +90,18 @@ public class CertificateManagerUtil {
return dataSource;
}
public static int validateCertificateListPageSize(int limit) throws CertificateManagementException {
if (limit == 0) {
CertificateManagementConfig certificateManagementConfig = CertificateConfigurationManager.getInstance().
getCertificateManagementConfig();
if (certificateManagementConfig != null) {
return certificateManagementConfig.getDefaultPageSize();
} else {
throw new CertificateManagementException("Certificate-Mgt configuration has not initialized. Please check the " +
"certificate-config.xml file.");
}
}
return limit;
}
}

47
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/util/CertificateMgtSchemaInitializer.java Normal file
View File

@ -0,0 +1,47 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.config.datasource.DataSourceConfig;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.carbon.utils.dbcreator.DatabaseCreator;
import java.io.File;
public final class CertificateMgtSchemaInitializer extends DatabaseCreator {
private static final Log log = LogFactory.getLog(CertificateMgtSchemaInitializer.class);
private static final String setupSQLScriptBaseLocation =
CarbonUtils.getCarbonHome() + File.separator + "dbscripts" + File.separator + "certMgt" + File.separator;
public CertificateMgtSchemaInitializer(DataSourceConfig config) {
super(CertificateManagerUtil.resolveDataSource(config));
}
protected String getDbScriptLocation(String databaseType) {
String scriptName = databaseType + ".sql";
if (log.isDebugEnabled()) {
log.debug("Loading database script from :" + scriptName);
}
return setupSQLScriptBaseLocation.replaceFirst("DBTYPE", databaseType) + scriptName;
}
}

2
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/util/CommonUtil.java
View File

@ -28,7 +28,6 @@ public class CommonUtil {
Calendar calendar = Calendar.getInstance();
calendar.setTime(targetDate);
calendar.add(Calendar.DATE, -2);
return calendar.getTime();
}
@ -37,7 +36,6 @@ public class CommonUtil {
Calendar calendar = Calendar.getInstance();
calendar.setTime(targetDate);
calendar.add(Calendar.YEAR, 100);
return calendar.getTime();
}

138
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/util/ConfigurationUtil.java
View File

@ -1,138 +0,0 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.certificate.mgt.core.util;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.xml.sax.SAXException;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
public class ConfigurationUtil {
public static final String PATH_CERTIFICATE_KEYSTORE = "CertificateKeystoreLocation";
public static final String CERTIFICATE_KEYSTORE_PASSWORD = "CertificateKeystorePassword";
public static final String KEYSTORE_CA_CERT_PRIV_PASSWORD = "CAPrivateKeyPassword";
public static final String KEYSTORE_RA_CERT_PRIV_PASSWORD = "RAPrivateKeyPassword";
public static final String CA_CERT_ALIAS = "CACertAlias";
public static final String RA_CERT_ALIAS = "RACertAlias";
public static final String SIGNATURE_ALGORITHM = "SHA1withRSA";
public static final String PROVIDER = "BC";
public static final String KEYSTORE = "Type";
public static final String CERTIFICATE_KEYSTORE = "CertificateKeystoreType";
public static final String RSA = "RSA";
public static final String UTF_8 = "UTF-8";
public static final String SHA256_RSA = "SHA256WithRSAEncryption";
public static final String X_509 = "X.509";
public static final String POST_BODY_CA_CAPS = "POSTPKIOperation\nSHA-1\nDES3\n";
public static final String DES_EDE = "DESede";
public static final String CONF_LOCATION = "conf.location";
public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK";
public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n";
public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----";
public static final String EMPTY_TEXT = "";
public static final int RSA_KEY_LENGTH = 1024;
public static final long MILLI_SECONDS = 1000L * 60 * 60 * 24;
private static final String CARBON_HOME = "carbon.home";
private static final String CERTIFICATE_CONFIG_XML = "certificate-config.xml";
private static final String CARBON_HOME_ENTRY = "${carbon.home}";
private static final String[] certificateConfigEntryNames = { CA_CERT_ALIAS, RA_CERT_ALIAS,
CERTIFICATE_KEYSTORE, PATH_CERTIFICATE_KEYSTORE, CERTIFICATE_KEYSTORE_PASSWORD,
KEYSTORE_CA_CERT_PRIV_PASSWORD, KEYSTORE_RA_CERT_PRIV_PASSWORD };
private static ConfigurationUtil configurationUtil;
private static Map<String, String> configMap;
private static Map<String, String> readCertificateConfigurations() throws KeystoreException {
String certConfLocation = System.getProperty(CONF_LOCATION) + File.separator + CERTIFICATE_CONFIG_XML;
if (configurationUtil == null || configMap == null) {
configurationUtil = new ConfigurationUtil();
configMap = new HashMap<String, String>();
Document document;
try {
File fXmlFile = new File(certConfLocation);
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
document = documentBuilder.parse(fXmlFile);
} catch (ParserConfigurationException e) {
throw new KeystoreException("Error parsing configuration in certificate-config.xml file");
} catch (SAXException e) {
throw new KeystoreException("SAX exception in certificate-config.xml file");
} catch (IOException e) {
throw new KeystoreException("Error reading certificate-config.xml file");
}
for (String configEntry : certificateConfigEntryNames) {
NodeList elements = document.getElementsByTagName(configEntry);
if (elements != null && elements.getLength() > 0) {
configMap.put(configEntry, elements.item(0).getTextContent());
}
}
String certKeyStoreLocation = replaceCarbonHomeEnvEntry(configMap.get(PATH_CERTIFICATE_KEYSTORE));
if (certKeyStoreLocation != null) {
configMap.put(PATH_CERTIFICATE_KEYSTORE, certKeyStoreLocation);
}
}
return configMap;
}
public static String getConfigEntry(final String entry) throws KeystoreException {
Map<String, String> configurationMap = readCertificateConfigurations();
String configValue = configurationMap.get(entry);
if (configValue == null) {
throw new KeystoreException(String.format("Configuration entry %s not available", entry));
}
return configValue.trim();
}
private static String replaceCarbonHomeEnvEntry(String entry) {
if (entry != null && entry.toLowerCase().contains(CARBON_HOME_ENTRY)) {
return entry.replace(CARBON_HOME_ENTRY, System.getProperty(CARBON_HOME));
}
return null;
}
public static ConfigurationUtil getInstance() {
if (configurationUtil == null) {
synchronized (ConfigurationUtil.class) {
if (configurationUtil == null) {
configurationUtil = new ConfigurationUtil();
}
}
}
return configurationUtil;
}
}

15
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/main/java/org/wso2/carbon/certificate/mgt/core/util/TenantUtil.java
View File

@ -1,15 +0,0 @@
package org.wso2.carbon.certificate.mgt.core.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
import org.wso2.carbon.context.PrivilegedCarbonContext;
public class TenantUtil {
private static final Log log = LogFactory.getLog(TenantUtil.class);
public static int getTenanntId(String tenantDomain) throws CertificateManagementException {
return PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
}
}

6
components/certificate-mgt/org.wso2.carbon.certificate.mgt.core/src/test/java/org/wso2/carbon/certificate/mgt/core/impl/CertificateGeneratorTestSuite.java
View File

@ -6,7 +6,7 @@ import org.apache.commons.logging.LogFactory;
import org.testng.Assert;
import org.testng.annotations.Test;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
import java.io.File;
import java.io.IOException;
@ -34,8 +34,8 @@ public class CertificateGeneratorTestSuite {
List<X509Certificate> rootCertificates = certificateGenerator.getRootCertificates(ca, ra);
Assert.assertNotNull(rootCertificates, "Root certificates retrieved");
Assert.assertEquals(rootCertificates.get(0).getType(), ConfigurationUtil.X_509);
Assert.assertEquals(rootCertificates.get(1).getType(), ConfigurationUtil.X_509);
Assert.assertEquals(rootCertificates.get(0).getType(), CertificateManagementConstants.X_509);
Assert.assertEquals(rootCertificates.get(1).getType(), CertificateManagementConstants.X_509);
} catch (IOException e) {
Assert.fail("Error reading byte streams for CA and RA ", e);
} catch (KeystoreException e) {

10
components/device-mgt/org.wso2.carbon.device.mgt.analytics.data.publisher/src/main/java/org/wso2/carbon/device/mgt/analytics/data/publisher/DeviceDataPublisher.java
View File

@ -60,6 +60,10 @@ public class DeviceDataPublisher {
private static Map<String, DataPublisher> dataPublisherMap;
private static DeviceDataPublisher deviceDataPublisher;
public DeviceDataPublisher() {
dataPublisherMap = new ConcurrentHashMap<>();
}
public static DeviceDataPublisher getInstance() {
if (deviceDataPublisher == null) {
synchronized (DeviceDataPublisher.class) {
@ -71,10 +75,6 @@ public class DeviceDataPublisher {
return deviceDataPublisher;
}
public DeviceDataPublisher() {
dataPublisherMap = new ConcurrentHashMap<>();
}
/**
* this return the data publisher for the tenant.
*
@ -95,7 +95,7 @@ public class DeviceDataPublisher {
String analyticsServerUrlGroups = analyticsConfig.getReceiverServerUrl();
String analyticsServerUsername = analyticsConfig.getAdminUsername();
String analyticsServerPassword = analyticsConfig.getAdminPassword();
if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)) {
int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
String userInfo[] = getAnalyticsServerUserInfo(tenantId);
if (userInfo != null) {

12
components/device-mgt/org.wso2.carbon.device.mgt.api/pom.xml
View File

@ -110,14 +110,17 @@
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxrs</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
@ -237,6 +240,7 @@
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
<artifactId>org.wso2.carbon.apimgt.annotations</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon.devicemgt</groupId>
@ -248,6 +252,14 @@
<artifactId>jackson-annotations</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-validator</artifactId>
</dependency>
<dependency>
<groupId>javax.ws.rs</groupId>
<artifactId>javax.ws.rs-api</artifactId>
</dependency>
</dependencies>
</project>

2
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/ErrorResponse.java
View File

@ -34,7 +34,7 @@ public class ErrorResponse {
private String moreInfo = null;
private List<ErrorListItem> errorItems = new ArrayList<>();
private ErrorResponse() {
public ErrorResponse() {
}
@JsonProperty(value = "code")

5
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/PolicyWrapper.java
View File

@ -22,6 +22,7 @@ import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import javax.validation.constraints.Size;
import java.util.List;
@ApiModel(value = "PolicyWrapper", description = "This class carries all information related to Policy "
@ -29,9 +30,11 @@ import java.util.List;
public class PolicyWrapper {
@ApiModelProperty(name = "policyName", value = "The name of the policy", required = true)
@Size(max = 45)
private String policyName;
@ApiModelProperty(name = "description", value = "Gives a description on the policy", required = true)
@Size(max = 1000)
private String description;
@ApiModelProperty(name = "compliance", value = "Provides the non-compliance rules. WSO2 EMM provides the"
@ -41,6 +44,7 @@ public class PolicyWrapper {
+ "Monitor - If the device does not adhere to the given policies the server is notified of the "
+ "violation unknown to the user and the administrator can take the necessary actions with regard"
+ " to the reported", required = true)
@Size(max = 100)
private String compliance;
@ApiModelProperty(name = "ownershipType", value = "The policy ownership type. It can be any of the "
@ -49,6 +53,7 @@ public class PolicyWrapper {
+ "BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type\n"
+ "COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE "
+ "device type", required = true)
@Size(max = 45)
private String ownershipType;
@ApiModelProperty(name = "active", value = "If the value is true it indicates that the policy is active. "

1
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/Profile.java
View File

@ -20,7 +20,6 @@ package org.wso2.carbon.device.mgt.jaxrs.beans;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import org.wso2.carbon.device.mgt.core.dto.DeviceType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;

31
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/RoleInfo.java
View File

@ -20,7 +20,8 @@ package org.wso2.carbon.device.mgt.jaxrs.beans;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import org.wso2.carbon.user.mgt.common.UIPermissionNode;
import java.util.List;
@ApiModel(value = "RoleInfo", description = "Role details including permission and the users in the roles are " +
"wrapped here.")
@ -28,19 +29,12 @@ public class RoleInfo {
@ApiModelProperty(name = "roleName", value = "The name of the role.", required = true)
private String roleName;
@ApiModelProperty(name = "permissions", value = "Lists out all the permissions associated with roles.",
required = true, dataType = "List[java.lang.String]")
private String[] permissions;
@ApiModelProperty(name = "scopes", value = "Lists out all the scopes associated with roles.",
required = true, dataType = "List[org.wso2.carbon.device.mgt.jaxrs.beans.Scope]")
private List<Scope> scopes;
@ApiModelProperty(name = "users", value = "The list of users assigned to the selected role.",
required = true, dataType = "List[java.lang.String]")
private String[] users;
@ApiModelProperty(name = "permissionList", value = "This contain the following, " +
"\n resourcePath\tThe path related to the API.\n " +
"displayName\tThe name of the permission that is shown " +
"in the UI.\n" +
"nodeList\tLists out the nested permissions.",
required = true)
private UIPermissionNode permissionList;
public String getRoleName() {
return roleName;
@ -50,12 +44,12 @@ public class RoleInfo {
this.roleName = roleName;
}
public String[] getPermissions() {
return permissions;
public List<Scope> getScopes() {
return scopes;
}
public void setPermissions(String[] permissions) {
this.permissions = permissions;
public void setScopes(List<Scope> scopes) {
this.scopes = scopes;
}
public String[] getUsers() {
@ -66,11 +60,4 @@ public class RoleInfo {
this.users = users;
}
public UIPermissionNode getPermissionList() {
return permissionList;
}
public void setPermissionList(UIPermissionNode permissionList) {
this.permissionList = permissionList;
}
}

71
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/beans/Scope.java Normal file
View File

@ -0,0 +1,71 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.device.mgt.jaxrs.beans;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
@ApiModel(value = "Scope", description = "Template of the authorization scope")
public class Scope {
@ApiModelProperty(name = "scope key", value = "An unique string as a key.", required = true)
private String key;
@ApiModelProperty(name = "scope name", value = "Scope name.", required = true)
private String name;
@ApiModelProperty(name = "roles", value = "List of roles to be associated with the scope", required = true)
private String roles;
@ApiModelProperty(name = "scope description", value = "A description of the scope", required = true)
private String description;
public Scope() {
}
public String getKey() {
return this.key;
}
public void setKey(String key) {
this.key = key;
}
public String getName() {
return this.name;
}
public void setName(String name) {
this.name = name;
}
public String getRoles() {
return this.roles;
}
public void setRoles(String roles) {
this.roles = roles;
}
public String getDescription() {
return this.description;
}
public void setDescription(String description) {
this.description = description;
}
}

31
components/apimgt-extensions/org.wso2.carbon.apimgt.webapp.publisher/src/main/java/org/wso2/carbon/apimgt/webapp/publisher/config/PermissionConfiguration.java → components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/exception/BadRequestException.java
View File

@ -16,30 +16,19 @@
* under the License.
*/
package org.wso2.carbon.apimgt.webapp.publisher.config;
package org.wso2.carbon.device.mgt.jaxrs.exception;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
/**
* This class represents the information related to permissions.
* Custom exception class for wrapping BadRequest related exceptions.
*/
public class PermissionConfiguration {
public class BadRequestException extends WebApplicationException {
private String scopeName;
private String[] permissions;
public String getScopeName() {
return scopeName;
public BadRequestException(ErrorResponse error) {
super(Response.status(Response.Status.BAD_REQUEST).entity(error).build());
}
public void setScopeName(String scope) {
this.scopeName = scope;
}
public String[] getPermissions() {
return permissions;
}
public void setPermissions(String[] permissions) {
this.permissions = permissions;
}
}

55
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/exception/ConstraintViolationException.java Normal file
View File

@ -0,0 +1,55 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.jaxrs.exception;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtUtil;
import javax.validation.ConstraintViolation;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import java.util.Set;
public class ConstraintViolationException extends WebApplicationException {
private String message;
public <T> ConstraintViolationException(Set<ConstraintViolation<T>> violations) {
super(Response.status(Response.Status.BAD_REQUEST)
.entity(DeviceMgtUtil.getConstraintViolationErrorDTO(violations))
.header(Constants.DeviceConstants.HEADER_CONTENT_TYPE, Constants.DeviceConstants.APPLICATION_JSON)
.build());
//Set the error message
StringBuilder stringBuilder = new StringBuilder();
for (ConstraintViolation violation : violations) {
stringBuilder.append(violation.getRootBeanClass().getSimpleName());
stringBuilder.append(".");
stringBuilder.append(violation.getPropertyPath());
stringBuilder.append(": ");
stringBuilder.append(violation.getMessage());
stringBuilder.append(", ");
}
message = stringBuilder.toString();
}
@Override
public String getMessage() {
return message;
}
}

86
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/exception/ErrorDTO.java Normal file
View File

@ -0,0 +1,86 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.jaxrs.exception;
import java.util.ArrayList;
import java.util.List;
public class ErrorDTO {
private Long code = null;
private String message = null;
private String description = null;
public void setMoreInfo(String moreInfo) {
this.moreInfo = moreInfo;
}
public void setCode(Long code) {
this.code = code;
}
public void setMessage(String message) {
this.message = message;
}
public void setDescription(String description) {
this.description = description;
}
public void setError(List<ErrorDTO> error) {
this.error = error;
}
private String moreInfo = null;
public String getMessage() {
return message;
}
public Long getCode() {
return code;
}
public String getDescription() {
return description;
}
public String getMoreInfo() {
return moreInfo;
}
public List<ErrorDTO> getError() {
return error;
}
public String toString() {
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.append("class ErrorDTO {\n");
stringBuilder.append(" code: ").append(code).append("\n");
stringBuilder.append(" message: ").append(message).append("\n");
stringBuilder.append(" description: ").append(description).append("\n");
stringBuilder.append(" moreInfo: ").append(moreInfo).append("\n");
stringBuilder.append(" error: ").append(error).append("\n");
stringBuilder.append("}\n");
return stringBuilder.toString();
}
private List<ErrorDTO> error = new ArrayList<>();
}

51
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/exception/ForbiddenException.java Normal file
View File

@ -0,0 +1,51 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.jaxrs.exception;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
/**
* Exception class that is corresponding to 401 Forbidden response
*/
public class ForbiddenException extends WebApplicationException {
private String message;
public ForbiddenException() {
super(Response.status(Response.Status.FORBIDDEN)
.build());
}
public ForbiddenException(ErrorDTO errorDTO) {
super(Response.status(Response.Status.FORBIDDEN)
.entity(errorDTO)
.header(Constants.DeviceConstants.HEADER_CONTENT_TYPE, Constants.DeviceConstants.APPLICATION_JSON)
.build());
message = errorDTO.getDescription();
}
@Override
public String getMessage() {
return message;
}
}

113
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/exception/GlobalThrowableMapper.java Normal file
View File

@ -0,0 +1,113 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.jaxrs.exception;
import com.google.gson.JsonParseException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtUtil;
import javax.naming.AuthenticationException;
import javax.ws.rs.ClientErrorException;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.ExceptionMapper;
/**
* Handle the cxf level exceptions.
*/
public class GlobalThrowableMapper implements ExceptionMapper {
private static final Log log = LogFactory.getLog(GlobalThrowableMapper.class);
private ErrorDTO e500 = new ErrorDTO();
GlobalThrowableMapper() {
e500.setCode((long) 500);
e500.setMessage("Internal server error.");
e500.setMoreInfo("");
e500.setDescription("The server encountered an internal error. Please contact administrator.");
}
@Override
public Response toResponse(Throwable e) {
if (e instanceof JsonParseException) {
String errorMessage = "Malformed request body.";
if (log.isDebugEnabled()) {
log.error(errorMessage, e);
}
return DeviceMgtUtil.buildBadRequestException(errorMessage).getResponse();
}
if (e instanceof NotFoundException) {
return ((NotFoundException) e).getResponse();
}
if (e instanceof UnexpectedServerErrorException) {
if (log.isDebugEnabled()) {
log.error("Unexpected server error.", e);
}
return ((UnexpectedServerErrorException) e).getResponse();
}
if (e instanceof ConstraintViolationException) {
if (log.isDebugEnabled()) {
log.error("Constraint violation.", e);
}
return ((ConstraintViolationException) e).getResponse();
}
if (e instanceof IllegalArgumentException) {
ErrorDTO errorDetail = new ErrorDTO();
errorDetail.setCode((long) 400);
errorDetail.setMoreInfo("");
errorDetail.setMessage("");
errorDetail.setDescription(e.getMessage());
return Response
.status(Response.Status.BAD_REQUEST)
.entity(errorDetail)
.build();
}
if (e instanceof ClientErrorException) {
if (log.isDebugEnabled()) {
log.error("Client error.", e);
}
return ((ClientErrorException) e).getResponse();
}
if (e instanceof AuthenticationException) {
ErrorDTO errorDetail = new ErrorDTO();
errorDetail.setCode((long) 401);
errorDetail.setMoreInfo("");
errorDetail.setMessage("");
errorDetail.setDescription(e.getMessage());
return Response
.status(Response.Status.UNAUTHORIZED)
.entity(errorDetail)
.build();
}
if (e instanceof ForbiddenException) {
if (log.isDebugEnabled()) {
log.error("Resource forbidden.", e);
}
return ((ForbiddenException) e).getResponse();
}
//unknown exception log and return
if (log.isDebugEnabled()) {
log.error("An Unknown exception has been captured by global exception mapper.", e);
}
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).header("Content-Type", "application/json")
.entity(e500).build();
}
}

47
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/exception/NotFoundException.java Normal file
View File

@ -0,0 +1,47 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.device.mgt.jaxrs.exception;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
public class NotFoundException extends WebApplicationException {
private String message;
private static final long serialVersionUID = 147943572342342340L;
public NotFoundException(ErrorResponse error) {
super(Response.status(Response.Status.NOT_FOUND).entity(error).build());
}
public NotFoundException(ErrorDTO errorDTO) {
super(Response.status(Response.Status.NOT_FOUND)
.entity(errorDTO)
.header(Constants.DeviceConstants.HEADER_CONTENT_TYPE, Constants.DeviceConstants.APPLICATION_JSON)
.build());
message = errorDTO.getDescription();
}
@Override
public String getMessage() {
return message;
}
}

49
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/exception/UnexpectedServerErrorException.java Normal file
View File

@ -0,0 +1,49 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.device.mgt.jaxrs.exception;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
public class UnexpectedServerErrorException extends WebApplicationException {
private String message;
private static final long serialVersionUID = 147943579458906890L;
public UnexpectedServerErrorException(ErrorResponse error) {
super(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(error).build());
}
public UnexpectedServerErrorException(ErrorDTO errorDTO) {
super(Response.status(Response.Status.INTERNAL_SERVER_ERROR)
.entity(errorDTO)
.header(Constants.DeviceConstants.HEADER_CONTENT_TYPE, Constants.DeviceConstants.APPLICATION_JSON)
.build());
message = errorDTO.getDescription();
}
@Override
public String getMessage() {
return message;
}
}

122
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/exception/ValidationInterceptor.java Normal file
View File

@ -0,0 +1,122 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.jaxrs.exception;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.jaxrs.lifecycle.ResourceProvider;
import org.apache.cxf.jaxrs.model.ClassResourceInfo;
import org.apache.cxf.jaxrs.model.OperationResourceInfo;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageContentsList;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import javax.validation.ConstraintViolation;
import javax.validation.Validation;
import javax.validation.Validator;
import javax.validation.ValidatorFactory;
import javax.validation.executable.ExecutableValidator;
import java.lang.reflect.Method;
import java.util.List;
import java.util.Set;
public class ValidationInterceptor extends AbstractPhaseInterceptor<Message> {
private Log log = LogFactory.getLog(getClass());
private Validator validator = null; //validator interface is thread-safe
public ValidationInterceptor() {
super(Phase.PRE_INVOKE);
ValidatorFactory defaultFactory = Validation.buildDefaultValidatorFactory();
validator = defaultFactory.getValidator();
if (validator == null) {
log.warn("Bean Validation provider could not be found, no validation will be performed");
} else {
log.debug("Validation In-Interceptor initialized successfully");
}
}
@Override
public void handleMessage(Message message) throws Fault {
final OperationResourceInfo operationResource = message.getExchange().get(OperationResourceInfo.class);
if (operationResource == null) {
log.info("OperationResourceInfo is not available, skipping validation");
return;
}
final ClassResourceInfo classResource = operationResource.getClassResourceInfo();
if (classResource == null) {
log.info("ClassResourceInfo is not available, skipping validation");
return;
}
final ResourceProvider resourceProvider = classResource.getResourceProvider();
if (resourceProvider == null) {
log.info("ResourceProvider is not available, skipping validation");
return;
}
final List<Object> arguments = MessageContentsList.getContentsList(message);
final Method method = operationResource.getAnnotatedMethod();
final Object instance = resourceProvider.getInstance(message);
if (method != null && arguments != null) {
//validate the parameters(arguments) over the invoked method
validate(method, arguments.toArray(), instance);
//validate the fields of each argument
for (Object arg : arguments) {
if (arg != null)
validate(arg);
}
}
}
public <T> void validate(final Method method, final Object[] arguments, final T instance) {
if (validator == null) {
log.warn("Bean Validation provider could not be found, no validation will be performed");
return;
}
ExecutableValidator methodValidator = validator.forExecutables();
Set<ConstraintViolation<T>> violations = methodValidator.validateParameters(instance,
method, arguments);
if (!violations.isEmpty()) {
throw new ConstraintViolationException(violations);
}
}
public <T> void validate(final T object) {
if (validator == null) {
log.warn("Bean Validation provider could be found, no validation will be performed");
return;
}
Set<ConstraintViolation<T>> violations = validator.validate(object);
if (!violations.isEmpty()) {
throw new ConstraintViolationException(violations);
}
}
public void handleFault(org.apache.cxf.message.Message messageParam) {
}
}

19
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ActivityInfoProviderService.java
View File

@ -20,11 +20,12 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.jaxrs.beans.ActivityList;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -32,7 +33,7 @@ import javax.ws.rs.core.Response;
/**
* Activity related REST-API implementation.
*/
@API(name = "Activities", version = "1.0.0", context = "/devicemgt_admin/activities", tags = {"devicemgt_admin"})
@API(name = "Activity Info Provider", version = "1.0.0", context = "/api/device-mgt/v1.0/activities", tags = {"devicemgt_admin"})
@Path("/activities")
@Api(value = "Activity Info Provider", description = "Activity related information manipulation. For example operation details " +
@ -91,16 +92,15 @@ public interface ActivityInfoProviderService {
message = "Internal Server Error. \n Server error occurred while fetching activity data.",
response = ErrorResponse.class)
})
@Permission(
scope = "activity-view",
permissions = {"/permission/admin/device-mgt/admin/activities/view"}
)
@Scope(key = "activity:view", name = "View Activities", description = "")
Response getActivity(
@ApiParam(
name = "id",
value = "Activity id of the operation/activity to be retrieved.",
required = true)
@PathParam("id") String id,
@PathParam("id")
@Size(max = 45)
String id,
@ApiParam(
name = "If-Modified-Since",
value = "Validates if the requested variant has not been modified since the time specified",
@ -153,10 +153,7 @@ public interface ActivityInfoProviderService {
message = "Internal Server Error. \n Server error occurred while fetching activity data.",
response = ErrorResponse.class)
})
@Permission(
scope = "activity-view",
permissions = {"/permission/admin/device-mgt/admin/activities/view"}
)
@Scope(key = "activity:view", name = "View Activities", description = "")
Response getActivities(
@ApiParam(
name = "since",

20
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/ConfigurationManagementService.java
View File

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -31,7 +31,7 @@ import javax.ws.rs.core.Response;
/**
* General Tenant Configuration REST-API.
*/
@API(name = "Configuration", version = "1.0.0", context = "/devicemgt_admin/configuration", tags = {"devicemgt_admin"})
@API(name = "Configuration Management", version = "1.0.0", context = "/api/device-mgt/v1.0/configuration", tags = {"devicemgt_admin"})
@Path("/configuration")
@Api(value = "Configuration Management", description = "General Tenant Configuration management capabilities are exposed " +
@ -80,12 +80,8 @@ public interface ConfigurationManagementService {
message = "Internal Server Error. \n Server error occurred while fetching the general " +
"platform configuration.",
response = ErrorResponse.class)
}
)
@Permission(
scope = "configuration-view",
permissions = {"/permission/admin/device-mgt/admin/platform-configs/view"}
)
})
@Scope(key = "configuration:view", name = "View Configurations", description = "")
Response getConfiguration(
@ApiParam(
name = "If-Modified-Since",
@ -130,12 +126,8 @@ public interface ConfigurationManagementService {
message = "Internal Server Error. \n " +
"Server error occurred while modifying general platform configuration.",
response = ErrorResponse.class)
}
)
@Permission(
scope = "configuration-modify",
permissions = {"/permission/admin/device-mgt/admin/platform-configs/modify"}
)
})
@Scope(key = "configuration:modify", name = "Modify Configurations", description = "")
Response updateConfiguration(
@ApiParam(
name = "configuration",

137
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceManagementService.java
View File

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.Feature;
import org.wso2.carbon.device.mgt.common.app.mgt.Application;
@ -31,6 +31,7 @@ import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.policy.mgt.common.Policy;
import org.wso2.carbon.policy.mgt.common.monitor.ComplianceData;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -38,7 +39,7 @@ import javax.ws.rs.core.Response;
/**
* Device related REST-API. This can be used to manipulated device related details.
*/
@API(name = "Device", version = "1.0.0", context = "/api/device-mgt/admin/devices", tags = {"devicemgt_admin"})
@API(name = "Device Management", version = "1.0.0", context = "/api/device-mgt/v1.0/devices", tags = {"devicemgt_admin"})
@Path("/devices")
@Api(value = "Device Management", description = "This API carries all device management related operations " +
@ -91,71 +92,74 @@ public interface DeviceManagementService {
message = "Internal Server Error. \n Server error occurred while fetching the device list.",
response = ErrorResponse.class)
})
@Permission(
scope = "device-list",
permissions = {"/permission/admin/device-mgt/admin/devices/list"}
)
@Scope(key = "device:view", name = "View Devices", description = "")
Response getDevices(
@ApiParam(
name = "name",
value = "The device name, such as shamu, bullhead or angler.",
required = false)
String name,
@Size(max = 45)
String name,
@ApiParam(
name = "type",
value = "The device type, such as ios, android or windows.",
required = false)
@QueryParam("type")
String type,
@Size(max = 45)
String type,
@ApiParam(
name = "user",
value = "Username of owner of the devices.",
required = false)
@QueryParam("user")
String user,
@Size(max = 45)
String user,
@ApiParam(
name = "roleName",
value = "Role name of the devices to be fetched.",
required = false)
@QueryParam("roleName")
String roleName,
@Size(max = 45)
String roleName,
@ApiParam(
name = "ownership",
allowableValues = "BYOD, COPE",
value = "Ownership of the devices to be fetched registered under.",
required = false)
@QueryParam("ownership")
String ownership,
@Size(max = 45)
String ownership,
@ApiParam(
name = "status",
value = "Enrollment status of devices to be fetched.",
required = false)
@QueryParam("status")
String status,
@Size(max = 45)
String status,
@ApiParam(
name = "since",
value = "Last modified timestamp",
required = false)
@QueryParam("since")
String since,
String since,
@ApiParam(
name = "If-Modified-Since",
value = "Timestamp of the last modified date",
required = false)
@HeaderParam("If-Modified-Since")
String timestamp,
String timestamp,
@ApiParam(
name = "offset",
value = "Starting point within the complete list of items qualified.",
required = false)
@QueryParam("offset")
int offset,
int offset,
@ApiParam(
name = "limit",
value = "Maximum size of resource array to return.",
required = false)
@QueryParam("limit")
int limit);
int limit);
@GET
@ -203,32 +207,28 @@ public interface DeviceManagementService {
"Server error occurred while retrieving information requested device.",
response = ErrorResponse.class)
})
@Permission(
scope = "device-view",
permissions = {
"/permission/admin/device-mgt/admin/devices/view",
"/permission/admin/device-mgt/user/devices/view"
}
)
@Scope(key = "device:view", name = "View Devices", description = "")
Response getDevice(
@ApiParam(
name = "type",
value = "The device type, such as ios, android or windows.",
required = true)
@PathParam("type")
String type,
@Size(max = 45)
String type,
@ApiParam(
name = "id",
value = "The device identifier of the device.",
required = true)
@PathParam("id")
String id,
@Size(max = 45)
String id,
@ApiParam(
name = "If-Modified-Since",
value = "Validates if the requested variant has not been modified since the time specified",
required = false)
@HeaderParam("If-Modified-Since")
String ifModifiedSince);
String ifModifiedSince);
@GET
@Path("/{type}/{id}/features")
@ -289,31 +289,28 @@ public interface DeviceManagementService {
"Server error occurred while retrieving feature list of the device.",
response = ErrorResponse.class)
})
@Permission(
scope = "device-search",
permissions = {"/permission/admin/device-mgt/admin/devices/view",
"/permission/admin/device-mgt/user/devices/view"
}
)
@Scope(key = "device:view", name = "View Devices", description = "")
Response getFeaturesOfDevice(
@ApiParam(
name = "type",
value = "The device type, such as ios, android or windows.",
required = true)
@PathParam("type")
String type,
@Size(max = 45)
String type,
@ApiParam(
name = "id",
value = "The device identifier of the device.",
required = true)
@PathParam("id")
String id,
@Size(max = 45)
String id,
@ApiParam(
name = "If-Modified-Since",
value = "Validates if the requested variant has not been modified since the time specified",
required = false)
@HeaderParam("If-Modified-Since")
String ifModifiedSince);
String ifModifiedSince);
@POST
@Path("/search-devices")
@ -368,28 +365,25 @@ public interface DeviceManagementService {
"Server error occurred while enrolling the device.",
response = ErrorResponse.class)
})
@Permission(
scope = "device-search",
permissions = {"/permission/admin/device-mgt/admin/devices/list" }
)
@Scope(key = "device:view", name = "View Devices", description = "")
Response searchDevices(
@ApiParam(
name = "offset",
value = "Starting point within the complete list of items qualified.",
required = false)
@QueryParam("offset")
int offset,
int offset,
@ApiParam(
name = "limit",
value = "Maximum size of resource array to return.",
required = false)
@QueryParam("limit")
int limit,
int limit,
@ApiParam(
name = "searchContext",
value = "List of search conditions.",
required = true)
SearchContext searchContext);
SearchContext searchContext);
@GET
@Path("/{type}/{id}/applications")
@ -450,43 +444,40 @@ public interface DeviceManagementService {
"Server error occurred while retrieving installed application list of the device.",
response = ErrorResponse.class)
})
@Permission(
scope = "operation-view",
permissions = {
"/permission/admin/device-mgt/admin/devices/view",
"/permission/admin/device-mgt/user/devices/view"
}
)
@Scope(key = "device:view", name = "View Devices", description = "")
Response getInstalledApplications(
@ApiParam(
name = "type",
value = "The device type, such as ios, android or windows.", required = true)
@PathParam("type")
String type,
@Size(max = 45)
String type,
@ApiParam(
name = "id",
value = "The device identifier of the device.",
required = true)
@PathParam("id")
String id,
@Size(max = 45)
String id,
@ApiParam(
name = "If-Modified-Since",
value = "Validates if the requested variant has not been modified since the time specified",
required = false)
@HeaderParam("If-Modified-Since")
String ifModifiedSince,
String ifModifiedSince,
@ApiParam(
name = "offset",
value = "Starting point within the complete list of items qualified.",
required = false)
@QueryParam("offset")
int offset,
int offset,
@ApiParam(
name = "limit",
value = "Maximum size of resource array to return.",
required = false)
@QueryParam("limit")
int limit);
int limit);
@GET
@ -550,45 +541,41 @@ public interface DeviceManagementService {
"Server error occurred while retrieving operation list scheduled for the device.",
response = ErrorResponse.class)
})
@Permission(
scope = "operation-view",
permissions = {
"/permission/admin/device-mgt/admin/devices/view",
"/permission/admin/device-mgt/user/devices/view"
}
)
@Scope(key = "device:view", name = "View Devices", description = "")
Response getDeviceOperations(
@ApiParam(
name = "type",
value = "The device type, such as ios, android or windows.",
required = true)
@PathParam("type")
String type,
@Size(max = 45)
String type,
@ApiParam(
name = "id",
value = "The device identifier of the device.",
required = true)
@PathParam("id")
String id,
@Size(max = 45)
String id,
@ApiParam(
name = "If-Modified-Since",
value = "Validates if the requested variant has not been modified since the time "
+ "specified",
required = false)
@HeaderParam("If-Modified-Since")
String ifModifiedSince,
String ifModifiedSince,
@ApiParam(
name = "offset",
value = "Starting point within the complete list of items qualified.",
required = false)
@QueryParam("offset")
int offset,
int offset,
@ApiParam(
name = "limit",
value = "Maximum size of resource array to return.",
required = false)
@QueryParam("limit")
int limit);
int limit);
@GET
@Path("/{type}/{id}/effective-policy")
@ -652,27 +639,29 @@ public interface DeviceManagementService {
response = ErrorResponse.class)
}
)
@Scope(key = "device:view", name = "View Devices", description = "")
Response getEffectivePolicyOfDevice(
@ApiParam(
name = "type",
value = "The device type, such as ios, android or windows.",
required = true)
@PathParam("type")
String type,
@Size(max = 45)
String type,
@ApiParam(
name = "id",
value = "Device Identifier",
required = true)
@PathParam("id")
String id,
@Size(max = 45)
String id,
@ApiParam(
name = "If-Modified-Since",
value = "Validates if the requested variant has not been modified since the time "
+ "specified",
required = false)
@HeaderParam("If-Modified-Since")
String ifModifiedSince);
String ifModifiedSince);
@GET
@ -702,16 +691,20 @@ public interface DeviceManagementService {
response = ErrorResponse.class)
}
)
@Scope(key = "device:view", name = "View Devices", description = "")
Response getComplianceDataOfDevice(
@ApiParam(
name = "type",
value = "The device type, such as ios, android or windows.",
required = true)
@PathParam("type")
String type,
@Size(max = 45)
String type,
@ApiParam(
name = "id",
value = "Device Identifier",
required = true)
@PathParam("id") String id);
@PathParam("id")
@Size(max = 45)
String id);
}

9
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/DeviceTypeManagementService.java
View File

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceTypeList;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -28,7 +28,7 @@ import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@API(name = "Device Type Management", version = "1.0.0", context = "/admin/device-types", tags = {"devicemgt_admin"})
@API(name = "Device Type Management", version = "1.0.0", context = "/api/device-mgt/v1.0/admin/device-types", tags = {"devicemgt_admin"})
@Path("/device-types")
@Api(value = "Device Type Management", description = "This API corresponds to all tasks related to device " +
@ -78,10 +78,7 @@ public interface DeviceTypeManagementService {
response = ErrorResponse.class)
}
)
@Permission(
scope = "read:device-types",
permissions = {"/permission/admin/device-mgt/admin/device-types/view"}
)
@Scope(key = "device-type:admin:view", name = "View device types", description = "")
Response getDeviceTypes(
@ApiParam(
name = "If-Modified-Since",

2
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/GroupManagementService.java
View File

@ -18,7 +18,7 @@
*/
package org.wso2.carbon.device.mgt.jaxrs.service.api;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup;

27
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/NotificationManagementService.java
View File

@ -20,13 +20,13 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.notification.mgt.Notification;
import org.wso2.carbon.device.mgt.jaxrs.NotificationContext;
import org.wso2.carbon.device.mgt.jaxrs.NotificationList;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import javax.validation.constraints.Max;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -34,7 +34,7 @@ import javax.ws.rs.core.Response;
/**
* Notifications related REST-API.
*/
@API(name = "Device Notification Management API", version = "1.0.0", context = "/devicemgt_admin/notifications",
@API(name = "Device Notification Management", version = "1.0.0", context = "/api/device-mgt/v1.0/notifications",
tags = {"devicemgt_admin"})
@Api(value = "Device Notification Management", description = "Device notification related operations can be found here.")
@Path("/notifications")
@ -89,21 +89,15 @@ public interface NotificationManagementService {
message = "Internal Server Error. " +
"\n Server error occurred while fetching the notification list.",
response = ErrorResponse.class)
}
)
@Permission(
scope = "device-notification-view",
permissions = {
"/permission/admin/device-mgt/admin/notifications/view",
"/permission/admin/device-mgt/user/notifications/view" }
)
})
@Scope(key = "notification:view", name = "View and manage notifications", description = "")
Response getNotifications(
@ApiParam(
name = "status",
value = "Status of the notification.",
allowableValues = "NEW, CHECKED",
required = false)
@QueryParam("status")
@QueryParam("status") @Size(max = 45)
String status,
@ApiParam(
name = "If-Modified-Since",
@ -148,15 +142,12 @@ public interface NotificationManagementService {
message = "Error occurred while updating notification status.")
}
)
@Permission(
scope = "",
permissions = { "" }
)
@Scope(key = "notification:view", name = "View and manage notifications", description = "")
Response updateNotificationStatus(
@ApiParam(
name = "id",
value = "Notification ID.",
required = true)
@PathParam("id")
@PathParam("id") @Max(45)
int id);
}

86
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java
View File

@ -19,12 +19,14 @@
package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.PolicyWrapper;
import org.wso2.carbon.policy.mgt.common.Policy;
import org.wso2.carbon.device.mgt.jaxrs.beans.PriorityUpdatedPolicyWrapper;
import org.wso2.carbon.policy.mgt.common.Policy;
import javax.validation.Valid;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -34,6 +36,9 @@ import java.util.List;
* Policy related REST-API. This can be used to manipulated policies and associate them with devices, users, roles,
* groups.
*/
@API(name = "Device Policy Management", version = "1.0.0", context = "/api/device-mgt/v1.0/policies",
tags = {"devicemgt_admin"})
@Api(value = "Device Policy Management", description = "This API carries all the necessary functionalities " +
"around device policy management")
@Path("/policies")
@ -94,18 +99,14 @@ public interface PolicyManagementService {
message = "Internal Server Error. \n " +
"Server error occurred while adding a new policy.",
response = ErrorResponse.class)
}
)
@Permission(
scope = "policy-modify",
permissions = {"/permission/admin/device-mgt/admin/policies/add"}
)
})
@Scope(key = "policy:manage", name = "Add policies", description = "")
Response addPolicy(
@ApiParam(
name = "policy",
value = "Policy details related to the operation.",
required = true)
PolicyWrapper policy);
@Valid PolicyWrapper policy);
@GET
@ApiOperation(
@ -152,12 +153,8 @@ public interface PolicyManagementService {
message = ("Internal Server Error. \n Server error occurred while fetching " +
"policies."),
response = ErrorResponse.class)
}
)
@Permission(
scope = "policy-view",
permissions = {"/permission/admin/device-mgt/admin/policies/list"}
)
})
@Scope(key = "policy:view", name = "Views policies", description = "")
Response getPolicies(
@ApiParam(
name = "If-Modified-Since",
@ -223,10 +220,7 @@ public interface PolicyManagementService {
"policy.",
response = ErrorResponse.class)
})
@Permission(
scope = "policy-view",
permissions = {"/permission/admin/device-mgt/admin/policies/list"}
)
@Scope(key = "policy:view", name = "View policies", description = "")
Response getPolicy(
@ApiParam(
name = "id",
@ -289,12 +283,8 @@ public interface PolicyManagementService {
message = "Internal Server Error. \n " +
"Server error occurred while updating the policy.",
response = ErrorResponse.class)
}
)
@Permission(
scope = "policy-modify",
permissions = {"/permission/admin/device-mgt/admin/policies/update"}
)
})
@Scope(key = "policy:manage", name = "Add policies", description = "")
Response updatePolicy(
@ApiParam(
name = "id",
@ -306,7 +296,7 @@ public interface PolicyManagementService {
name = "policy",
value = "Policy details related to the operation.",
required = true)
PolicyWrapper policy);
@Valid PolicyWrapper policy);
@POST
@Path("/remove-policy")
@ -339,12 +329,8 @@ public interface PolicyManagementService {
message = "Internal Server Error. \n " +
"Server error occurred while bulk removing policies.",
response = ErrorResponse.class)
}
)
@Permission(
scope = "policy-modify",
permissions = {"/permission/admin/device-mgt/admin/policies/remove"}
)
})
@Scope(key = "policy:manage", name = "Add policies", description = "")
Response removePolicies(
@ApiParam(
name = "policyIds",
@ -379,13 +365,8 @@ public interface PolicyManagementService {
code = 500,
message = "ErrorResponse in activating policies.",
response = ErrorResponse.class)
}
)
@Permission(
scope = "policy-modify", permissions = {
"/permission/admin/device-mgt/admin/policies/update",
"/permission/admin/device-mgt/admin/policies/add"}
)
})
@Scope(key = "policy:manage", name = "Add policies", description = "")
Response activatePolicies(
@ApiParam(
name = "policyIds",
@ -393,7 +374,7 @@ public interface PolicyManagementService {
required = true)
List<Integer> policyIds);
@POST
@PUT
@Path("/deactivate-policy")
@ApiOperation(
consumes = MediaType.APPLICATION_JSON,
@ -420,14 +401,8 @@ public interface PolicyManagementService {
code = 500,
message = "ErrorResponse in deactivating policies.",
response = ErrorResponse.class)
}
)
@Permission(
scope = "policy-modify",
permissions = {
"/permission/admin/device-mgt/admin/policies/update",
"/permission/admin/device-mgt/admin/policies/add"}
)
})
@Scope(key = "policy:manage", name = "Add policies", description = "")
Response deactivatePolicies(
@ApiParam(
name = "policyIds",
@ -459,12 +434,8 @@ public interface PolicyManagementService {
code = 500,
message = "ErrorResponse in deactivating policies.",
response = ErrorResponse.class)
}
)
@Permission(
scope = "policy-modify",
permissions = {"/permission/admin/device-mgt/admin/policies/update"}
)
})
@Scope(key = "policy:manage", name = "Add policies", description = "")
Response applyChanges();
@ -492,11 +463,8 @@ public interface PolicyManagementService {
code = 500,
message = "Exception in updating policy priorities.",
response = ErrorResponse.class)
}
)
@Permission(
scope = "",
permissions = {})
})
@Scope(key = "policy:manage", name = "Add policies", description = "")
Response updatePolicyPriorities(
@ApiParam(
name = "priorityUpdatedPolicies",

99
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/RoleManagementService.java
View File

@ -20,18 +20,17 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
import org.wso2.carbon.user.mgt.common.UIPermissionNode;
import org.wso2.carbon.device.mgt.jaxrs.beans.Scope;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.util.List;
@API(name = "Role", version = "1.0.0", context = "/devicemgt_admin/roles", tags = {"devicemgt_admin"})
@API(name = "Role Management", version = "1.0.0", context = "/api/device-mgt/v1.0/roles", tags = {"devicemgt_admin"})
@Path("/roles")
@Api(value = "Role Management", description = "Role management related operations can be found here.")
@ -77,11 +76,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while fetching requested list of roles.",
response = ErrorResponse.class)
})
@Permission(scope = "roles-view", permissions = {
"/permission/admin/device-mgt/admin/roles/list",
"/permission/admin/device-mgt/admin/users/view",
"/permission/admin/device-mgt/admin/policies/add",
"/permission/admin/device-mgt/admin/policies/update"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:view", name = "View roles", description = "")
Response getRoles(
@ApiParam(
name = "filter",
@ -110,16 +105,16 @@ public interface RoleManagementService {
@QueryParam("limit") int limit);
@GET
@Path("/{roleName}/permissions")
@Path("/scopes")
@ApiOperation(
produces = MediaType.APPLICATION_JSON,
httpMethod = "GET",
value = "Getting permission details of a role.",
value = "Getting authorization scopes.",
notes = "In an organization an individual is associated a with set of responsibilities based on their " +
"role. In EMM you are able to configure permissions based on the responsibilities carried " +
"out by a role. Therefore if you wish to retrieve the permission details of a role, you can do " +
"role. In EMM you are able to configure scopes based on the responsibilities carried " +
"out by a role. Therefore if you wish to retrieve the scopes details of roles, you can do " +
"so using this REST API.",
response = UIPermissionNode.class,
response = List.class,
responseContainer = "List",
tags = "Role Management"
)
@ -127,8 +122,8 @@ public interface RoleManagementService {
value = {
@ApiResponse(
code = 200,
message = "OK. \n Successfully fetched the permission list of the given role.",
response = UIPermissionNode.class,
message = "OK. \n Successfully fetched the scopes list.",
response = List.class,
responseContainer = "List",
responseHeaders = {
@ResponseHeader(
@ -163,19 +158,63 @@ public interface RoleManagementService {
message = "Internal Server ErrorResponse. \n Server error occurred while fetching the permission list of the requested role.",
response = ErrorResponse.class)
})
@Permission(scope = "roles-view", permissions = {"/permission/admin/device-mgt/admin/roles/list"})
Response getPermissionsOfRole(
@ApiParam(
name = "roleName",
value = "Name of the role.",
required = true)
@PathParam("roleName") String roleName,
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:view", name = "View roles", description = "")
Response getScopes(
@ApiParam(
name = "If-Modified-Since",
value = "Validates if the requested variant has not been modified since the time specified",
required = false)
@HeaderParam("If-Modified-Since") String ifModifiedSince);
@PUT
@Path("/scopes")
@ApiOperation(
produces = MediaType.APPLICATION_JSON,
httpMethod = "PUT",
value = "Updating authorization scopes.",
notes = "This REST API can be used to update the associated roles of the scopes",
tags = "Role Management"
)
@ApiResponses(value = {
@ApiResponse(
code = 200,
message = "OK. \n Scopes has been updated successfully",
responseHeaders = {
@ResponseHeader(
name = "Content-Type",
description = "Content type of the body"),
@ResponseHeader(
name = "ETag",
description = "Entity Tag of the response resource.\n" +
"Used by caches, or in conditional requests."),
@ResponseHeader(
name = "Last-Modified",
description = "Date and time the resource has been modified the last time.\n" +
"Used by caches, or in conditional requests.")}),
@ApiResponse(
code = 400,
message = "Bad Request. \n Invalid request or validation error.",
response = ErrorResponse.class),
@ApiResponse(
code = 404,
message = "Not Found. \n Scopes to be updated does not exist.",
response = ErrorResponse.class),
@ApiResponse(
code = 415,
message = "Unsupported media type. \n The entity of the request was in a not supported format.",
response = ErrorResponse.class),
@ApiResponse(
code = 500,
message = "Internal Server Error. \n Server error occurred while updating the scopes.",
response = ErrorResponse.class)
})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "")
Response updateScopes(
@ApiParam(
name = "Scopes",
value = "List of scopes to be updated",
required = true) List<Scope> scopes);
@GET
@Path("/{roleName}")
@ApiOperation(
@ -226,7 +265,7 @@ public interface RoleManagementService {
"requested role.",
response = ErrorResponse.class)
})
@Permission(scope = "roles-view", permissions = {"/permission/admin/device-mgt/admin/roles/list"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:view", name = "View roles", description = "")
Response getRole(
@ApiParam(
name = "roleName",
@ -286,7 +325,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while adding a new role.",
response = ErrorResponse.class)
})
@Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/add"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "")
Response addRole(
@ApiParam(
name = "role",
@ -336,7 +375,7 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while updating the role.",
response = ErrorResponse.class)
})
@Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/update"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "")
Response updateRole(
@ApiParam(
name = "roleName",
@ -373,13 +412,17 @@ public interface RoleManagementService {
message = "Internal Server Error. \n Server error occurred while removing the role.",
response = ErrorResponse.class)
})
@Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/remove"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "")
Response deleteRole(
@ApiParam(
name = "roleName",
value = "Name of the role to de deleted.",
required = true)
@PathParam("roleName") String roleName);
@PathParam("roleName") String roleName,
@ApiParam(
name = "role",
value = "Details about the role to be added.",
required = true) RoleInfo role);
@PUT
@Path("/{roleName}/users")
@ -431,7 +474,7 @@ public interface RoleManagementService {
"Server error occurred while updating the user list of the role.",
response = ErrorResponse.class)
})
@Permission(scope = "roles-modify", permissions = {"/permission/admin/device-mgt/admin/roles/update"})
@org.wso2.carbon.apimgt.annotations.api.Scope(key = "role:manage", name = "Add roles", description = "")
Response updateUsersOfRole(
@ApiParam(
name = "roleName",

22
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/UserManagementService.java
View File

@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.*;
import javax.ws.rs.*;
@ -29,7 +29,7 @@ import javax.ws.rs.core.Response;
import java.util.List;
@API(name = "User Management API", version = "1.0.0", context = "/devicemgt_admin/users", tags = {"devicemgt_admin"})
@API(name = "User Management", version = "1.0.0", context = "/api/device-mgt/v1.0/users", tags = {"devicemgt_admin"})
@Path("/users")
@Api(value = "User Management", description = "User management related operations can be found here.")
@ -83,7 +83,7 @@ public interface UserManagementService {
message = "Internal Server Error. \n Server error occurred while adding a new user.",
response = ErrorResponse.class)
})
@Permission(scope = "user-modify", permissions = {"/permission/admin/device-mgt/admin/user/add"})
@Scope(key = "user:manage", name = "Add users", description = "")
Response addUser(
@ApiParam(
name = "user",
@ -135,7 +135,7 @@ public interface UserManagementService {
" fetching the requested user.",
response = ErrorResponse.class)
})
@Permission(scope = "user-view", permissions = {"/permission/admin/device-mgt/admin/user/view"})
@Scope(key = "user:view", name = "View users", description = "")
Response getUser(
@ApiParam(
name = "username",
@ -192,7 +192,7 @@ public interface UserManagementService {
"Server error occurred while updating the user.",
response = ErrorResponse.class)
})
@Permission(scope = "user-modify", permissions = {"/permission/admin/device-mgt/admin/user/update"})
@Scope(key = "user:manage", name = "Add users", description = "")
Response updateUser(
@ApiParam(
name = "username",
@ -227,7 +227,7 @@ public interface UserManagementService {
response = ErrorResponse.class
)
})
@Permission(scope = "user-modify", permissions = {"/permission/admin/device-mgt/admin/user/remove"})
@Scope(key = "user:manage", name = "Add users", description = "")
Response removeUser(
@ApiParam(name = "username", value = "Username of the user to be deleted.", required = true)
@PathParam("username") String username);
@ -276,7 +276,7 @@ public interface UserManagementService {
" assigned to the user.",
response = ErrorResponse.class)
})
@Permission(scope = "user-view", permissions = {"/permission/admin/device-mgt/admin/user/view"})
@Scope(key = "user:view", name = "View users", description = "")
Response getRolesOfUser(
@ApiParam(name = "username", value = "Username of the user.", required = true)
@PathParam("username") String username);
@ -319,7 +319,7 @@ public interface UserManagementService {
message = "Internal Server Error. \n Server error occurred while fetching the user list.",
response = ErrorResponse.class)
})
@Permission(scope = "user-view", permissions = {"/permission/admin/device-mgt/admin/user/list"})
@Scope(key = "user:view", name = "View users", description = "")
Response getUsers(
@ApiParam(
name = "filter",
@ -386,7 +386,7 @@ public interface UserManagementService {
"list that matches the given filter.",
response = ErrorResponse.class)
})
@Permission(scope = "user-view", permissions = {"/permission/admin/device-mgt/admin/user/list"})
@Scope(key = "user:view", name = "View users", description = "")
Response getUserNames(
@ApiParam(
name = "filter",
@ -440,7 +440,7 @@ public interface UserManagementService {
"Server error occurred while updating credentials of the user.",
response = ErrorResponse.class)
})
@Permission(scope = "user-modify", permissions = {"/permission/admin/login"})
@Scope(key = "user:view", name = "View users", description = "")
Response resetPassword(
@ApiParam(
name = "username",
@ -483,7 +483,7 @@ public interface UserManagementService {
"Server error occurred while updating credentials of the user.",
response = ErrorResponse.class)
})
@Permission(scope = "user-invite", permissions = {"/permission/admin/device-mgt/admin/user/invite"})
@Scope(key = "user:manage", name = "Add users", description = "")
Response inviteExistingUsersToEnrollDevice(
@ApiParam(
name = "users",

5
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/ApplicationManagementAdminService.java
View File

@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
import org.wso2.carbon.device.mgt.jaxrs.beans.ApplicationWrapper;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
@ -31,7 +32,7 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@API(name = "Application", version = "1.0.0", context = "/devicemgt_admin/applications", tags = {"devicemgt_admin"})
@API(name = "Application Management Admin", version = "1.0.0", context = "/api/device-mgt/v1.0/admin/applications", tags = {"devicemgt_admin"})
@Path("/admin/applications")
@Api(value = "Application Management Administrative Service", description = "This an API intended to be used by " +
@ -73,6 +74,7 @@ public interface ApplicationManagementAdminService {
"a given set of devices.",
response = ErrorResponse.class)
})
@Scope(key = "application:manage", name = "Install/Uninstall applications", description = "")
Response installApplication(
@ApiParam(
name = "applicationWrapper",
@ -111,6 +113,7 @@ public interface ApplicationManagementAdminService {
"a given set of devices.",
response = ErrorResponse.class)
})
@Scope(key = "application:manage", name = "Install/Uninstall applications", description = "")
Response uninstallApplication(
@ApiParam(
name = "applicationWrapper",

13
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/DeviceManagementAdminService.java
View File

@ -20,14 +20,16 @@ package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@API(name = "DeviceManagementAdmin", version = "1.0.0", context = "/devicemgt_admin/applications",
@API(name = "Device Management Admin", version = "1.0.0", context = "/api/device-mgt/v1.0/admin/devices",
tags = {"devicemgt_admin"})
@Path("/admin/devices")
@Api(value = "Device Management Administrative Service", description = "This an API intended to be used by " +
@ -83,17 +85,22 @@ public interface DeviceManagementAdminService {
message = "Internal Server Error. \n Server error occurred while fetching the device list.",
response = ErrorResponse.class)
})
@Scope(key = "device:admin:view", name = "View Devices", description = "")
Response getDevicesByName(
@ApiParam(
name = "name",
value = "Name of the device.",
required = true)
@QueryParam("name") String name,
@QueryParam("name")
@Size(max = 45)
String name,
@ApiParam(
name = "type",
value = "Type of the device.",
required = true)
@QueryParam("type") String type,
@QueryParam("type")
@Size(min = 2, max = 45)
String type,
@ApiParam(
name = "tenant-domain",
value = "Name of the tenant.",

2
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/GroupManagementAdminService.java
View File

@ -19,7 +19,7 @@
package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.policy.mgt.common.DeviceGroupWrapper;
import javax.ws.rs.*;

12
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/admin/UserManagementAdminService.java
View File

@ -19,14 +19,18 @@
package org.wso2.carbon.device.mgt.jaxrs.service.api.admin;
import io.swagger.annotations.*;
import org.wso2.carbon.apimgt.annotations.api.Permission;
import org.wso2.carbon.apimgt.annotations.api.API;
import org.wso2.carbon.apimgt.annotations.api.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@API(name = "User Management Admin", version = "1.0.0", context = "/api/device-mgt/v1.0/admin/users", tags = {"devicemgt_admin"})
@Path("/admin/users")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@ -64,13 +68,15 @@ public interface UserManagementAdminService {
"Server error occurred while updating credentials of the user.",
response = ErrorResponse.class)
})
@Permission(scope = "user-modify", permissions = {"/permission/admin/login"})
@Scope(key = "user:admin:reset-password", name = "View users", description = "")
Response resetUserPassword(
@ApiParam(
name = "username",
value = "Username of the user.",
required = true)
@PathParam("username") String username,
@PathParam("username")
@Size(max = 45)
String username,
@ApiParam(
name = "credentials",
value = "Credential.",

6
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/ActivityProviderServiceImpl.java
View File

@ -29,6 +29,7 @@ import org.wso2.carbon.device.mgt.jaxrs.service.api.ActivityInfoProviderService;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -47,7 +48,8 @@ public class ActivityProviderServiceImpl implements ActivityInfoProviderService
@GET
@Override
@Path("/{id}")
public Response getActivity(@PathParam("id") String id,
public Response getActivity(@PathParam("id")
@Size(max = 45) String id,
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
Activity activity;
DeviceManagementProviderService dmService;
@ -81,7 +83,7 @@ public class ActivityProviderServiceImpl implements ActivityInfoProviderService
long timestamp = 0;
boolean isIfModifiedSinceSet = false;
boolean isSinceSet = false;
RequestValidationUtil.validatePaginationParameters(offset, limit);
if (ifModifiedSince != null && !ifModifiedSince.isEmpty()) {
Date ifSinceDate;
SimpleDateFormat format = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss Z");

1
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/ConfigurationServiceImpl.java
View File

@ -26,7 +26,6 @@ import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.service.api.ConfigurationManagementService;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.UnexpectedServerErrorException;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.device.mgt.jaxrs.util.MDMAppConstants;
import org.wso2.carbon.policy.mgt.common.PolicyManagementException;

43
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
View File

@ -44,6 +44,7 @@ import org.wso2.carbon.policy.mgt.common.monitor.ComplianceData;
import org.wso2.carbon.policy.mgt.common.monitor.PolicyComplianceException;
import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -62,25 +63,25 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
@GET
@Override
public Response getDevices(
@QueryParam("name") String name,
@QueryParam("type") String type,
@QueryParam("user") String user,
@QueryParam("roleName") String roleName,
@QueryParam("ownership") String ownership,
@QueryParam("status") String status,
@QueryParam("name") @Size(max = 45) String name,
@QueryParam("type") @Size(max = 45) String type,
@QueryParam("user") @Size(max = 45) String user,
@QueryParam("roleName") @Size(max = 45) String roleName,
@QueryParam("ownership") @Size(max = 45) String ownership,
@QueryParam("status") @Size(max = 45) String status,
@QueryParam("since") String since,
@HeaderParam("If-Modified-Since") String ifModifiedSince,
@QueryParam("offset") int offset,
@QueryParam("limit") int limit) {
try {
// RequestValidationUtil.validateSelectionCriteria(type, user, roleName, ownership, status);
RequestValidationUtil.validatePaginationParameters(offset, limit);
DeviceManagementProviderService dms = DeviceMgtAPIUtils.getDeviceManagementService();
PaginationRequest request = new PaginationRequest(offset, limit);
PaginationResult result;
DeviceList devices = new DeviceList();
if(name != null && !name.isEmpty()){
if (name != null && !name.isEmpty()) {
request.setDeviceName(name);
}
if (type != null && !type.isEmpty()) {
@ -154,6 +155,7 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
public Response getDeviceByUser(@QueryParam("offset") int offset,
@QueryParam("limit") int limit) {
RequestValidationUtil.validatePaginationParameters(offset, limit);
PaginationRequest request = new PaginationRequest(offset, limit);
PaginationResult result;
DeviceList devices = new DeviceList();
@ -179,8 +181,8 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
@Path("/{type}/{id}")
@Override
public Response getDevice(
@PathParam("type") String type,
@PathParam("id") String id,
@PathParam("type") @Size(max = 45) String type,
@PathParam("id") @Size(max = 45) String id,
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
Device device;
try {
@ -206,8 +208,8 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
@Path("/{type}/{id}/features")
@Override
public Response getFeaturesOfDevice(
@PathParam("type") String type,
@PathParam("id") String id,
@PathParam("type") @Size(max = 45) String type,
@PathParam("id") @Size(max = 45) String id,
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
List<Feature> features;
DeviceManagementProviderService dms;
@ -257,8 +259,8 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
@Path("/{type}/{id}/applications")
@Override
public Response getInstalledApplications(
@PathParam("type") String type,
@PathParam("id") String id,
@PathParam("type") @Size(max = 45) String type,
@PathParam("id") @Size(max = 45) String id,
@HeaderParam("If-Modified-Since") String ifModifiedSince,
@QueryParam("offset") int offset,
@QueryParam("limit") int limit) {
@ -286,12 +288,13 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
@Path("/{type}/{id}/operations")
@Override
public Response getDeviceOperations(
@PathParam("type") String type,
@PathParam("id") String id,
@PathParam("type") @Size(max = 45) String type,
@PathParam("id") @Size(max = 45) String id,
@HeaderParam("If-Modified-Since") String ifModifiedSince,
@QueryParam("offset") int offset,
@QueryParam("limit") int limit) {
OperationList operationsList = new OperationList();
RequestValidationUtil.validatePaginationParameters(offset, limit);
PaginationRequest request = new PaginationRequest(offset, limit);
PaginationResult result;
DeviceManagementProviderService dms;
@ -316,8 +319,8 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
@GET
@Path("/{type}/{id}/effective-policy")
@Override
public Response getEffectivePolicyOfDevice(@PathParam("type") String type,
@PathParam("id") String id,
public Response getEffectivePolicyOfDevice(@PathParam("type") @Size(max = 45) String type,
@PathParam("id") @Size(max = 45) String id,
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
try {
RequestValidationUtil.validateDeviceIdentifier(type, id);
@ -337,8 +340,8 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
@GET
@Path("{type}/{id}/compliance-data")
public Response getComplianceDataOfDevice(@PathParam("type") String type,
@PathParam("id") String id) {
public Response getComplianceDataOfDevice(@PathParam("type") @Size(max = 45) String type,
@PathParam("id") @Size(max = 45) String id) {
RequestValidationUtil.validateDeviceIdentifier(type, id);
PolicyManagerService policyManagementService = DeviceMgtAPIUtils.getPolicyManagementService();

7
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/NotificationManagementServiceImpl.java
View File

@ -31,6 +31,8 @@ import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.UnexpectedServerErrorException;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import javax.validation.constraints.Max;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -46,10 +48,11 @@ public class NotificationManagementServiceImpl implements NotificationManagement
@GET
@Override
public Response getNotifications(
@QueryParam("status") String status,
@QueryParam("status") @Size(max = 45) String status,
@HeaderParam("If-Modified-Since") String ifModifiedSince,
@QueryParam("offset") int offset, @QueryParam("limit") int limit) {
RequestValidationUtil.validatePaginationParameters(offset, limit);
PaginationRequest request = new PaginationRequest(offset, limit);
PaginationResult result;
@ -78,7 +81,7 @@ public class NotificationManagementServiceImpl implements NotificationManagement
@PUT
@Path("/{id}/mark-checked")
public Response updateNotificationStatus(
@PathParam("id") int id) {
@PathParam("id") @Max(45)int id) {
String msg;
Notification.Status status = Notification.Status.CHECKED;
Notification notification;

8
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/PolicyManagementServiceImpl.java
View File

@ -41,6 +41,7 @@ import org.wso2.carbon.policy.mgt.common.PolicyAdministratorPoint;
import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
import javax.validation.Valid;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -59,7 +60,7 @@ public class PolicyManagementServiceImpl implements PolicyManagementService {
@POST
@Override
public Response addPolicy(PolicyWrapper policyWrapper) {
public Response addPolicy(@Valid PolicyWrapper policyWrapper) {
RequestValidationUtil.validatePolicyDetails(policyWrapper);
PolicyManagerService policyManagementService = DeviceMgtAPIUtils.getPolicyManagementService();
@ -111,7 +112,7 @@ public class PolicyManagementServiceImpl implements PolicyManagementService {
}
}
private Policy getPolicyFromWrapper(PolicyWrapper policyWrapper) throws DeviceManagementException {
private Policy getPolicyFromWrapper(@Valid PolicyWrapper policyWrapper) throws DeviceManagementException {
Policy policy = new Policy();
policy.setPolicyName(policyWrapper.getPolicyName());
policy.setDescription(policyWrapper.getDescription());
@ -140,6 +141,7 @@ public class PolicyManagementServiceImpl implements PolicyManagementService {
@HeaderParam("If-Modified-Since") String ifModifiedSince,
@QueryParam("offset") int offset,
@QueryParam("limit") int limit) {
RequestValidationUtil.validatePaginationParameters(offset, limit);
PolicyManagerService policyManagementService = DeviceMgtAPIUtils.getPolicyManagementService();
List<Policy> policies;
List<Policy> filteredPolicies;
@ -186,7 +188,7 @@ public class PolicyManagementServiceImpl implements PolicyManagementService {
@PUT
@Path("/{id}")
@Override
public Response updatePolicy(@PathParam("id") int id, PolicyWrapper policyWrapper) {
public Response updatePolicy(@PathParam("id") int id, @Valid PolicyWrapper policyWrapper) {
RequestValidationUtil.validatePolicyDetails(policyWrapper);
PolicyManagerService policyManagementService = DeviceMgtAPIUtils.getPolicyManagementService();
try {

157
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/RoleManagementServiceImpl.java
View File

@ -20,21 +20,23 @@ package org.wso2.carbon.device.mgt.jaxrs.service.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementException;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleInfo;
import org.wso2.carbon.device.mgt.jaxrs.beans.RoleList;
import org.wso2.carbon.device.mgt.jaxrs.beans.Scope;
import org.wso2.carbon.device.mgt.jaxrs.service.api.RoleManagementService;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.FilteringUtil;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.SetReferenceTransformer;
import org.wso2.carbon.user.api.*;
import org.wso2.carbon.user.api.AuthorizationManager;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.mgt.UserRealmProxy;
import org.wso2.carbon.user.mgt.common.UIPermissionNode;
import org.wso2.carbon.user.mgt.common.UserAdminException;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
@ -61,6 +63,7 @@ public class RoleManagementServiceImpl implements RoleManagementService {
@QueryParam("user-store") String userStore,
@HeaderParam("If-Modified-Since") String ifModifiedSince,
@QueryParam("offset") int offset, @QueryParam("limit") int limit) {
RequestValidationUtil.validatePaginationParameters(offset, limit);
List<String> filteredRoles;
RoleList targetRoles = new RoleList();
@ -87,64 +90,47 @@ public class RoleManagementServiceImpl implements RoleManagementService {
}
@GET
@Path("/{roleName}/permissions")
@Path("/scopes")
@Override
public Response getPermissionsOfRole(
@PathParam("roleName") String roleName,
public Response getScopes(
@HeaderParam("If-Modified-Since") String ifModifiedSince) {
RequestValidationUtil.validateRoleName(roleName);
try {
final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
if (!userRealm.getUserStoreManager().isExistingRole(roleName)) {
return Response.status(Response.Status.NOT_FOUND).entity(new ErrorResponse.ErrorResponseBuilder().setMessage(
"No role exists with the name '" + roleName + "'").build()).build();
}
final UIPermissionNode rolePermissions = this.getUIPermissionNode(roleName, userRealm);
if (rolePermissions == null) {
if (log.isDebugEnabled()) {
log.debug("No permissions found for the role '" + roleName + "'");
}
List<Scope> scopes = new ArrayList<>();
try {
ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
if (scopeManagementService == null) {
log.error("Scope management service initialization is failed, hence scopes will not be retrieved");
} else {
scopes = DeviceMgtUtil.convertAPIScopestoScopes(scopeManagementService.getAllScopes());
}
return Response.status(Response.Status.OK).entity(rolePermissions).build();
} catch (UserAdminException e) {
String msg = "Error occurred while retrieving the permissions of role '" + roleName + "'";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} catch (UserStoreException e) {
String msg = "Error occurred while retrieving the underlying user realm attached to the " +
"current logged in user";
return Response.status(Response.Status.OK).entity(scopes).build();
} catch (ScopeManagementException e) {
String msg = "Error occurred while retrieving the scopes";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
}
}
private UIPermissionNode getUIPermissionNode(String roleName, UserRealm userRealm)
throws UserAdminException {
org.wso2.carbon.user.core.UserRealm userRealmCore = null;
if (userRealm instanceof org.wso2.carbon.user.core.UserRealm) {
userRealmCore = (org.wso2.carbon.user.core.UserRealm) userRealm;
}
final UserRealmProxy userRealmProxy = new UserRealmProxy(userRealmCore);
final UIPermissionNode rolePermissions =
userRealmProxy.getRolePermissions(roleName, MultitenantConstants.SUPER_TENANT_ID);
UIPermissionNode[] deviceMgtPermissions = new UIPermissionNode[2];
for (UIPermissionNode permissionNode : rolePermissions.getNodeList()) {
if (permissionNode.getResourcePath().equals("/permission/admin")) {
for (UIPermissionNode node : permissionNode.getNodeList()) {
if (node.getResourcePath().equals("/permission/admin/device-mgt")) {
deviceMgtPermissions[0] = node;
} else if (node.getResourcePath().equals("/permission/admin/login")) {
deviceMgtPermissions[1] = node;
}
}
@PUT
@Path("/scopes")
@Override
public Response updateScopes(List<Scope> scopes) {
RequestValidationUtil.validateScopes(scopes);
try {
ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
if (scopeManagementService == null) {
log.error("Scope management service initialization is failed, hence scopes will not be retrieved");
} else {
scopeManagementService.updateScopes(DeviceMgtUtil.convertScopestoAPIScopes(scopes));
}
return Response.status(Response.Status.OK).entity("Scopes has been successfully updated").build();
} catch (ScopeManagementException e) {
String msg = "Error occurred while updating the scopes";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
}
rolePermissions.setNodeList(deviceMgtPermissions);
return rolePermissions;
}
@GET
@ -159,7 +145,6 @@ public class RoleManagementServiceImpl implements RoleManagementService {
RoleInfo roleInfo = new RoleInfo();
try {
final UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
if (!userStoreManager.isExistingRole(roleName)) {
return Response.status(Response.Status.NOT_FOUND).entity(
new ErrorResponse.ErrorResponseBuilder().setMessage("No role exists with the name '" +
@ -167,16 +152,9 @@ public class RoleManagementServiceImpl implements RoleManagementService {
}
roleInfo.setRoleName(roleName);
roleInfo.setUsers(userStoreManager.getUserListOfRole(roleName));
// Get the permission nodes and hand picking only device management and login perms
final UIPermissionNode rolePermissions = this.getUIPermissionNode(roleName, userRealm);
List<String> permList = new ArrayList<>();
this.iteratePermissions(rolePermissions, permList);
roleInfo.setPermissionList(rolePermissions);
String[] permListAr = new String[permList.size()];
roleInfo.setPermissions(permList.toArray(permListAr));
return Response.status(Response.Status.OK).entity(roleInfo).build();
} catch (UserStoreException | UserAdminException e) {
} catch (UserStoreException e) {
String msg = "Error occurred while retrieving the user role '" + roleName + "'";
log.error(msg, e);
return Response.serverError().entity(
@ -184,35 +162,18 @@ public class RoleManagementServiceImpl implements RoleManagementService {
}
}
private List<String> iteratePermissions(UIPermissionNode uiPermissionNode, List<String> list) {
for (UIPermissionNode permissionNode : uiPermissionNode.getNodeList()) {
list.add(permissionNode.getResourcePath());
if (permissionNode.getNodeList() != null && permissionNode.getNodeList().length > 0) {
iteratePermissions(permissionNode, list);
}
}
return list;
}
@POST
@Override
public Response addRole(RoleInfo roleInfo) {
RequestValidationUtil.validateRoleDetails(roleInfo);
RequestValidationUtil.validateRoleName(roleInfo.getRoleName());
try {
UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
if (log.isDebugEnabled()) {
log.debug("Persisting the role in the underlying user store");
}
Permission[] permissions = null;
if (roleInfo.getPermissions() != null && roleInfo.getPermissions().length > 0) {
permissions = new Permission[roleInfo.getPermissions().length];
for (int i = 0; i < permissions.length; i++) {
String permission = roleInfo.getPermissions()[i];
permissions[i] = new Permission(permission, CarbonConstants.UI_PERMISSION_ACTION);
}
}
userStoreManager.addRole(roleInfo.getRoleName(), roleInfo.getUsers(), permissions);
userStoreManager.addRole(roleInfo.getRoleName(), roleInfo.getUsers(), null);
//TODO fix what's returned in the entity
return Response.created(new URI(API_BASE_PATH + "/" + roleInfo.getRoleName())).entity(
@ -268,14 +229,12 @@ public class RoleManagementServiceImpl implements RoleManagementService {
userStoreManager.updateUserListOfRole(newRoleName, usersToDelete, usersToAdd);
}
if (roleInfo.getPermissions() != null) {
// Delete all authorizations for the current role before authorizing the permission tree
authorizationManager.clearRoleAuthorization(roleName);
if (roleInfo.getPermissions().length > 0) {
for (int i = 0; i < roleInfo.getPermissions().length; i++) {
String permission = roleInfo.getPermissions()[i];
authorizationManager.authorizeRole(roleName, permission, CarbonConstants.UI_PERMISSION_ACTION);
}
if (roleInfo.getScopes() != null) {
ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
if (scopeManagementService == null) {
log.error("Scope management service initialization is failed, hence scopes will not be updated");
} else {
scopeManagementService.updateScopes(DeviceMgtUtil.convertScopestoAPIScopes(roleInfo.getScopes()));
}
}
//TODO: Need to send the updated role information in the entity back to the client
@ -286,14 +245,21 @@ public class RoleManagementServiceImpl implements RoleManagementService {
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} catch (ScopeManagementException e) {
String msg = "Error occurred while updating scopes of role '" + roleName + "'";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
}
}
@DELETE
@Path("/{roleName}")
@Override
public Response deleteRole(@PathParam("roleName") String roleName) {
public Response deleteRole(@PathParam("roleName") String roleName, RoleInfo roleInfo) {
RequestValidationUtil.validateRoleName(roleName);
RequestValidationUtil.validateScopes(roleInfo.getScopes());
try {
final UserRealm userRealm = DeviceMgtAPIUtils.getUserRealm();
final UserStoreManager userStoreManager = userRealm.getUserStoreManager();
@ -311,12 +277,25 @@ public class RoleManagementServiceImpl implements RoleManagementService {
// Delete all authorizations for the current role before deleting
authorizationManager.clearRoleAuthorization(roleName);
//updating scopes
ScopeManagementService scopeManagementService = DeviceMgtAPIUtils.getScopeManagementService();
if (scopeManagementService == null) {
log.error("Scope management service initialization is failed, hence scopes will not be updated");
} else {
scopeManagementService.updateScopes(DeviceMgtUtil.convertScopestoAPIScopes(roleInfo.getScopes()));
}
return Response.status(Response.Status.OK).build();
} catch (UserStoreException e) {
String msg = "Error occurred while deleting the role '" + roleName + "'";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
} catch (ScopeManagementException e) {
String msg = "Error occurred while updating scopes of role '" + roleName + "'";
log.error(msg, e);
return Response.serverError().entity(
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
}
}

2
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
View File

@ -26,6 +26,7 @@ import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
import org.wso2.carbon.device.mgt.jaxrs.beans.*;
import org.wso2.carbon.device.mgt.jaxrs.service.api.UserManagementService;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.Constants;
import org.wso2.carbon.device.mgt.jaxrs.util.CredentialManagementResponseBuilder;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
@ -264,6 +265,7 @@ public class UserManagementServiceImpl implements UserManagementService {
log.debug("Getting the list of users with all user-related information");
}
List<BasicUserInfo> userList, offsetList;
RequestValidationUtil.validatePaginationParameters(offset, limit);
String appliedFilter = ((filter == null) || filter.isEmpty() ? "*" : filter);
int appliedLimit = (limit <= 0) ? -1 : (limit + offset);

7
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/DeviceManagementAdminServiceImpl.java
View File

@ -28,8 +28,10 @@ import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.service.api.admin.DeviceManagementAdminService;
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -44,12 +46,13 @@ public class DeviceManagementAdminServiceImpl implements DeviceManagementAdminSe
@Override
@GET
public Response getDevicesByName(@QueryParam("name") String name,
@QueryParam("type") String type,
public Response getDevicesByName(@QueryParam("name") @Size(max = 45) String name,
@QueryParam("type") @Size(min = 2, max = 45) String type,
@QueryParam("tenant-domain") String tenantDomain,
@HeaderParam("If-Modified-Since") String ifModifiedSince,
@QueryParam("offset") int offset,
@QueryParam("limit") int limit) {
RequestValidationUtil.validatePaginationParameters(offset, limit);
try {
int currentTenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
if (MultitenantConstants.SUPER_TENANT_ID != currentTenantId) {

5
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/admin/UserManagementAdminServiceImpl.java
View File

@ -22,6 +22,7 @@ import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper;
import org.wso2.carbon.device.mgt.jaxrs.service.api.admin.UserManagementAdminService;
import org.wso2.carbon.device.mgt.jaxrs.util.CredentialManagementResponseBuilder;
import javax.validation.constraints.Size;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -34,7 +35,9 @@ public class UserManagementAdminServiceImpl implements UserManagementAdminServic
@POST
@Path("/{username}/credentials")
@Override
public Response resetUserPassword(@PathParam("username") String user, PasswordResetWrapper credentials) {
public Response resetUserPassword(@PathParam("username")
@Size(max = 45)
String user, PasswordResetWrapper credentials) {
return CredentialManagementResponseBuilder.buildResetPasswordResponse(user, credentials);
}

29
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/util/RequestValidationUtil.java
View File

@ -18,10 +18,12 @@
*/
package org.wso2.carbon.device.mgt.jaxrs.service.impl.util;
import org.wso2.carbon.device.mgt.jaxrs.beans.Scope;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
import org.wso2.carbon.device.mgt.common.notification.mgt.Notification;
import org.wso2.carbon.device.mgt.jaxrs.beans.*;
import java.util.ArrayList;
import java.util.List;
@ -312,4 +314,31 @@ public class RequestValidationUtil {
}
}
public static void validateScopes(List<Scope> scopes) {
if (scopes == null || scopes.isEmpty()) {
throw new InputValidationException(
new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage("Scope details of the request body" +
" is incorrect or empty").build());
}
}
public static void validatePaginationParameters(int offset, int limit) {
if (offset < 0) {
throw new InputValidationException(
new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage("Request parameter offset is s " +
"negative value.").build());
}
if (limit < 0) {
throw new InputValidationException(
new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage("Request parameter limit is a " +
"negative value.").build());
}
if (limit - offset > 100) {
throw new InputValidationException(
new ErrorResponse.ErrorResponseBuilder().setCode(400l).setMessage("Request results list should" +
" be less than or equal 100 values.").build());
}
}
}

2
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/swagger/extension/SecurityDefinitionConfigurator.java
View File

@ -29,7 +29,7 @@ import java.util.HashMap;
import java.util.Map;
@SwaggerDefinition(
basePath = "/api/device-mgt/v1.0",
basePath = "/api-device-mgt-v1.0",
host = "localhost:9443"
)
public class SecurityDefinitionConfigurator implements ReaderListener {

14
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/Constants.java
View File

@ -27,4 +27,18 @@ public class Constants {
public static final String USER_CLAIM_FIRST_NAME = "http://wso2.org/claims/givenname";
public static final String USER_CLAIM_LAST_NAME = "http://wso2.org/claims/lastname";
public final class ErrorMessages {
private ErrorMessages () { throw new AssertionError(); }
public static final String STATUS_BAD_REQUEST_MESSAGE_DEFAULT = "Bad Request";
}
public final class DeviceConstants {
private DeviceConstants () { throw new AssertionError(); }
public static final String APPLICATION_JSON = "application/json";
public static final String HEADER_CONTENT_TYPE = "Content-Type";
}
}

11
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtAPIUtils.java
View File

@ -28,6 +28,7 @@ import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationEntry;
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfigurationManagementService;
import org.wso2.carbon.device.mgt.common.notification.mgt.NotificationManagementService;
import org.wso2.carbon.device.mgt.common.scope.mgt.ScopeManagementService;
import org.wso2.carbon.device.mgt.core.app.mgt.ApplicationManagementProviderService;
import org.wso2.carbon.device.mgt.core.device.details.mgt.DeviceInformationManager;
import org.wso2.carbon.device.mgt.core.search.mgt.SearchManagerService;
@ -248,6 +249,16 @@ public class DeviceMgtAPIUtils {
return gadgetDataService;
}
public static ScopeManagementService getScopeManagementService() {
PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
ScopeManagementService scopeManagementService =
(ScopeManagementService) ctx.getOSGiService(ScopeManagementService.class, null);
if (scopeManagementService == null) {
throw new IllegalStateException("Scope Management Service has not been initialized.");
}
return scopeManagementService;
}
public static int getTenantId(String tenantDomain) throws DeviceManagementException {
RealmService realmService =
(RealmService) PrivilegedCarbonContext.getThreadLocalCarbonContext().getOSGiService(RealmService.class, null);

79
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/util/DeviceMgtUtil.java
View File

@ -18,11 +18,17 @@
package org.wso2.carbon.device.mgt.jaxrs.util;
import org.wso2.carbon.apimgt.api.model.Scope;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorListItem;
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
import org.wso2.carbon.device.mgt.jaxrs.beans.ProfileFeature;
import org.wso2.carbon.device.mgt.jaxrs.exception.BadRequestException;
import org.wso2.carbon.policy.mgt.common.Profile;
import javax.validation.ConstraintViolation;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
public class DeviceMgtUtil {
@ -58,4 +64,77 @@ public class DeviceMgtUtil {
return profileFeature;
}
public static List<Scope> convertScopestoAPIScopes(List<org.wso2.carbon.device.mgt.jaxrs.beans.Scope> scopes) {
List<Scope> convertedScopes = new ArrayList<>();
Scope convertedScope;
for (org.wso2.carbon.device.mgt.jaxrs.beans.Scope scope : scopes) {
convertedScope = new Scope();
convertedScope.setKey(scope.getKey());
convertedScope.setName(scope.getName());
convertedScope.setDescription(scope.getDescription());
convertedScope.setRoles(scope.getRoles());
convertedScopes.add(convertedScope);
}
return convertedScopes;
}
public static List<org.wso2.carbon.device.mgt.jaxrs.beans.Scope> convertAPIScopestoScopes(List<Scope> scopes) {
List<org.wso2.carbon.device.mgt.jaxrs.beans.Scope> convertedScopes = new ArrayList<>();
org.wso2.carbon.device.mgt.jaxrs.beans.Scope convertedScope;
for (Scope scope : scopes) {
convertedScope = new org.wso2.carbon.device.mgt.jaxrs.beans.Scope();
convertedScope.setKey(scope.getKey());
convertedScope.setName(scope.getName());
convertedScope.setDescription(scope.getDescription());
convertedScope.setRoles(scope.getRoles());
convertedScopes.add(convertedScope);
}
return convertedScopes;
}
/**
* Returns a new BadRequestException
*
* @param description description of the exception
* @return a new BadRequestException with the specified details as a response DTO
*/
public static BadRequestException buildBadRequestException(String description) {
ErrorResponse errorResponse = getErrorResponse(Constants.
ErrorMessages.STATUS_BAD_REQUEST_MESSAGE_DEFAULT,400l, description);
return new BadRequestException(errorResponse);
}
/**
* Returns generic ErrorResponse.
* @param message specific error message
* @param code
* @param description
* @return generic Response with error specific details.
*/
public static ErrorResponse getErrorResponse(String message, Long code, String description) {
ErrorResponse errorResponse = new ErrorResponse();
errorResponse.setCode(code);
errorResponse.setMoreInfo("");
errorResponse.setMessage(message);
errorResponse.setDescription(description);
return errorResponse;
}
public static <T> ErrorResponse getConstraintViolationErrorDTO(Set<ConstraintViolation<T>> violations) {
ErrorResponse errorResponse = new ErrorResponse();
errorResponse.setDescription("Validation Error");
errorResponse.setMessage("Bad Request");
errorResponse.setCode(400l);
errorResponse.setMoreInfo("");
List<ErrorListItem> errorListItems = new ArrayList<>();
for (ConstraintViolation violation : violations) {
ErrorListItem errorListItemDTO = new ErrorListItem();
errorListItemDTO.setCode(400 + "_" + violation.getPropertyPath());
errorListItemDTO.setMessage(violation.getPropertyPath() + ": " + violation.getMessage());
errorListItems.add(errorListItemDTO);
}
errorResponse.setErrorItems(errorListItems);
return errorResponse;
}
}

754
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml
View File

@ -30,379 +30,385 @@
<PermissionConfiguration>
<APIVersion></APIVersion>
<!--Permission Tree Name-->
<Permission>
<name>Device Management</name>
<path>/device-mgt</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Admin Permissions -->
<Permission>
<name>Device Management Admin</name>
<path>/device-mgt/admin</path>
<url>/</url>
<method>GET</method>
</Permission>
<Permission>
<name>Devices</name>
<path>/device-mgt/admin/devices</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Device related APIs -->
<Permission>
<name>List devices</name>
<path>/device-mgt/admin/devices/List</path>
<url>/devices</url>
<method>GET</method>
</Permission>
<Permission>
<name>Search devices</name>
<path>/device-mgt/admin/devices/Search</path>
<url>/devices/search-devices</url>
<method>POST</method>
</Permission>
<Permission>
<name>View device</name>
<path>/device-mgt/admin/devices/View</path>
<url>/devices/*/*</url>
<method>GET</method>
</Permission>
<Permission>
<name>View device applications</name>
<path>/device-mgt/admin/devices/View-Applications</path>
<url>/devices/*/*/applications</url>
<method>GET</method>
</Permission>
<Permission>
<name>View device effective-policy</name>
<path>/device-mgt/admin/devices/View-Active-Policy</path>
<url>/devices/*/*/effective-policy</url>
<method>GET</method>
</Permission>
<Permission>
<name>View devices feature</name>
<path>/device-mgt/admin/devices/View-Features</path>
<url>/devices/*/*/features</url>
<method>GET</method>
</Permission>
<Permission>
<name>View device operations</name>
<path>/device-mgt/admin/devices/View-Operations</path>
<url>/devices/*/*/operations</url>
<method>GET</method>
</Permission>
<Permission>
<name>View Compliance Data</name>
<path>/device-mgt/admin/devices/View-Compliance-Data</path>
<url>/devices/*/*/compliance-data</url>
<method>GET</method>
</Permission>
<Permission>
<name>List all devices</name>
<path>/device-mgt/admin/devices/Admin-View</path>
<url>/admin/devices</url>
<method>GET</method>
</Permission>
<Permission>
<name>View device types</name>
<path>/device-mgt/admin/devices/Admin-DeviceType-View</path>
<url>/device-types</url>
<method>GET</method>
</Permission>
<!-- End of Device related APIs -->
<Permission>
<name>Policies</name>
<path>/device-mgt/admin/policies</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Policy related APIs -->
<Permission>
<name>List policies</name>
<path>/device-mgt/admin/policies/List</path>
<url>/policies</url>
<method>GET</method>
</Permission>
<Permission>
<name>Add Policy</name>
<path>/device-mgt/admin/policies/Add</path>
<url>/policies</url>
<method>POST</method>
</Permission>
<Permission>
<name>Activate policy</name>
<path>/device-mgt/admin/policies/Activate-Policy</path>
<url>/policies/activate-policy</url>
<method>PUT</method>
</Permission>
<Permission>
<name>Deactivate Policy</name>
<path>/device-mgt/admin/policies/Deactivate-Policy</path>
<url>/policies/deactivate-policy</url>
<method>PUT</method>
</Permission>
<Permission>
<name>Remove Policy</name>
<path>/device-mgt/admin/policies/Remove</path>
<url>/policies/remove-policy</url>
<method>POST</method>
</Permission>
<Permission>
<name>View Policy</name>
<path>/device-mgt/admin/policies/View</path>
<url>/policies/*</url>
<method>GET</method>
</Permission>
<Permission>
<name>Update Policy</name>
<path>/device-mgt/admin/policies/Update</path>
<url>/policies/*</url>
<method>PUT</method>
</Permission>
<Permission>
<name>Update Policy</name>
<path>/device-mgt/admin/policies/Update</path>
<url>/policies/apply-changes</url>
<method>PUT</method>
</Permission>
<Permission>
<name>Update Policy</name>
<path>/device-mgt/admin/policies/Change-Priority</path>
<url>/policies/priorities</url>
<method>PUT</method>
</Permission>
<!-- End of Policy related APIs -->
<Permission>
<name>Notifications</name>
<path>/device-mgt/admin/notifications</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Notification related APIs -->
<Permission>
<name>View notifications</name>
<path>/device-mgt/admin/notifications/View</path>
<url>/notifications</url>
<method>GET</method>
</Permission>
<Permission>
<name>Mark checked notifications</name>
<path>/device-mgt/admin/notifications/View</path>
<url>/notifications/*/mark-checked</url>
<method>PUT</method>
</Permission>
<!-- End of Notification related APIs -->
<Permission>
<name>Users</name>
<path>/device-mgt/admin/users</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- User related APIs -->
<Permission>
<name>List users</name>
<path>/device-mgt/admin/users/List</path>
<url>/users</url>
<method>GET</method>
</Permission>
<Permission>
<name>Add user</name>
<path>/device-mgt/admin/users/Add</path>
<url>/users</url>
<method>POST</method>
</Permission>
<Permission>
<name>List users</name>
<path>/device-mgt/admin/users/Search</path>
<url>/users/search/usernames</url>
<method>GET</method>
</Permission>
<Permission>
<name>Remove user</name>
<path>/device-mgt/admin/users/Remove</path>
<url>/users/*</url>
<method>DELETE</method>
</Permission>
<Permission>
<name>View user</name>
<path>/device-mgt/admin/users/View</path>
<url>/users/*</url>
<method>GET</method>
</Permission>
<Permission>
<name>Update user</name>
<path>/device-mgt/admin/users/Update</path>
<url>/users/*</url>
<method>PUT</method>
</Permission>
<Permission>
<name>Update user credentials</name>
<path>/device-mgt/admin/users/Change-Password</path>
<url>/users/*/credentials</url>
<method>PUT</method>
</Permission>
<Permission>
<name>View assigned role</name>
<path>/device-mgt/admin/roles/Assigned-Roles</path>
<url>/users/*/roles</url>
<method>GET</method>
</Permission>
<Permission>
<name>Change any user credentials</name>
<path>/device-mgt/admin/users/Change-Password-Any</path>
<url>/admin/users/*/credentials</url>
<method>POST</method>
</Permission>
<Permission>
<name>Send invitation mail</name>
<path>/device-mgt/admin/users/Send-invitations</path>
<url>/users/send-invitation</url>
<method>POST</method>
</Permission>
<!-- End of User related APIs -->
<Permission>
<name>Roles</name>
<path>/device-mgt/admin/roles</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Role related APIs -->
<Permission>
<name>List roles</name>
<path>/device-mgt/admin/roles/List</path>
<url>/roles</url>
<method>GET</method>
</Permission>
<Permission>
<name>Add role</name>
<path>/device-mgt/admin/roles/Add</path>
<url>/roles</url>
<method>POST</method>
</Permission>
<Permission>
<name>Remove role</name>
<path>/device-mgt/admin/roles/Remove</path>
<url>/roles/*</url>
<method>DELETE</method>
</Permission>
<Permission>
<name>View role</name>
<path>/device-mgt/admin/roles/View</path>
<url>/roles/*</url>
<method>GET</method>
</Permission>
<Permission>
<name>Update role</name>
<path>/device-mgt/admin/roles/Update</path>
<url>/roles/*</url>
<method>PUT</method>
</Permission>
<Permission>
<name>View role permissions</name>
<path>/device-mgt/admin/roles/View-Permission</path>
<url>/roles/*/permissions</url>
<method>GET</method>
</Permission>
<Permission>
<name>Add Users to role</name>
<path>/device-mgt/admin/roles/Add-Users</path>
<url>/roles/*/users</url>
<method>PUT</method>
</Permission>
<!-- End of Role related APIs -->
<Permission>
<name>Configurations</name>
<path>/device-mgt/admin/general-configs</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Configuration related APIs -->
<Permission>
<name>View configuration</name>
<path>/device-mgt/admin/general-configuration/View</path>
<url>/configuration</url>
<method>GET</method>
</Permission>
<Permission>
<name>Update configuration</name>
<path>/device-mgt/admin/general-configuration/Update</path>
<url>/configuration</url>
<method>PUT</method>
</Permission>
<!-- End of Configuration related APIs -->
<Permission>
<name>Activities</name>
<path>/device-mgt/admin/activities</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Activity related APIs -->
<Permission>
<name>View Activities</name>
<path>/device-mgt/admin/activities/View</path>
<url>/activities</url>
<method>GET</method>
</Permission>
<Permission>
<name>View Activity Details</name>
<path>/device-mgt/admin/activities/View</path>
<url>/activities/*</url>
<method>GET</method>
</Permission>
<!-- End of Activity related APIs -->
<Permission>
<name>Applications</name>
<path>/device-mgt/admin/applications</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Application related APIs -->
<Permission>
<name>Install Applications</name>
<path>/device-mgt/admin/application/Install</path>
<url>/admin/applications/install-application</url>
<method>POST</method>
</Permission>
<Permission>
<name>Uninstall-Applications</name>
<path>/device-mgt/admin/application/Uninstall</path>
<url>/admin/applications/uninstall-application</url>
<method>POST</method>
</Permission>
<!-- End of Application related APIs -->
<!-- End of Admin Permissions -->
<!-- User Permissions -->
<Permission>
<name>Device Management User</name>
<path>/device-mgt/user</path>
<url>/</url>
<method>GET</method>
</Permission>
<Permission>
<name>User Devices</name>
<path>/device-mgt/user/devices</path>
<url>/</url>
<method>GET</method>
</Permission>
<Permission>
<name>User Policies</name>
<path>/device-mgt/user/policies</path>
<url>/</url>
<method>GET</method>
</Permission>
<Permission>
<name>User Notifications</name>
<path>/device-mgt/user/notifications</path>
<url>/</url>
<method>GET</method>
</Permission>
<Permission>
<name>User Operations</name>
<path>/device-mgt/user/operations</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- End of User Permissions -->
<Permission>
<name>Device Management</name>
<path>/device-mgt</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Admin Permissions -->
<Permission>
<name>Device Management Admin</name>
<path>/device-mgt/admin</path>
<url>/</url>
<method>GET</method>
</Permission>
<Permission>
<name>Devices</name>
<path>/device-mgt/admin/devices</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Device related APIs -->
<Permission>
<name>List devices</name>
<path>/device-mgt/admin/devices/List</path>
<url>/devices</url>
<method>GET</method>
</Permission>
<Permission>
<name>Search devices</name>
<path>/device-mgt/admin/devices/Search</path>
<url>/devices/search-devices</url>
<method>POST</method>
</Permission>
<Permission>
<name>View device</name>
<path>/device-mgt/admin/devices/View</path>
<url>/devices/*/*</url>
<method>GET</method>
</Permission>
<Permission>
<name>View device info</name>
<path>/device-mgt/admin/devices/View</path>
<url>/devices/*/*/info</url>
<method>GET</method>
</Permission>
<Permission>
<name>View device applications</name>
<path>/device-mgt/admin/devices/View-Applications</path>
<url>/devices/*/*/applications</url>
<method>GET</method>
</Permission>
<Permission>
<name>View device effective-policy</name>
<path>/device-mgt/admin/devices/View-Active-Policy</path>
<url>/devices/*/*/effective-policy</url>
<method>GET</method>
</Permission>
<Permission>
<name>View devices feature</name>
<path>/device-mgt/admin/devices/View-Features</path>
<url>/devices/*/*/features</url>
<method>GET</method>
</Permission>
<Permission>
<name>View device operations</name>
<path>/device-mgt/admin/devices/View-Operations</path>
<url>/devices/*/*/operations</url>
<method>GET</method>
</Permission>
<Permission>
<name>View Compliance Data</name>
<path>/device-mgt/admin/devices/View-Compliance-Data</path>
<url>/devices/*/*/compliance-data</url>
<method>GET</method>
</Permission>
<Permission>
<name>List all devices</name>
<path>/device-mgt/admin/devices/Admin-View</path>
<url>/admin/devices</url>
<method>GET</method>
</Permission>
<Permission>
<name>View device types</name>
<path>/device-mgt/admin/devices/Admin-DeviceType-View</path>
<url>/admin/device-types</url>
<method>GET</method>
</Permission>
<!-- End of Device related APIs -->
<Permission>
<name>Policies</name>
<path>/device-mgt/admin/policies</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Policy related APIs -->
<Permission>
<name>List policies</name>
<path>/device-mgt/admin/policies/List</path>
<url>/policies</url>
<method>GET</method>
</Permission>
<Permission>
<name>Add Policy</name>
<path>/device-mgt/admin/policies/Add</path>
<url>/policies</url>
<method>POST</method>
</Permission>
<Permission>
<name>Activate policy</name>
<path>/device-mgt/admin/policies/Activate-Policy</path>
<url>/policies/activate-policy</url>
<method>PUT</method>
</Permission>
<Permission>
<name>Deactivate Policy</name>
<path>/device-mgt/admin/policies/Deactivate-Policy</path>
<url>/policies/deactivate-policy</url>
<method>PUT</method>
</Permission>
<Permission>
<name>Remove Policy</name>
<path>/device-mgt/admin/policies/Remove</path>
<url>/policies/remove-policy</url>
<method>POST</method>
</Permission>
<Permission>
<name>View Policy</name>
<path>/device-mgt/admin/policies/View</path>
<url>/policies/*</url>
<method>GET</method>
</Permission>
<Permission>
<name>Update Policy</name>
<path>/device-mgt/admin/policies/Update</path>
<url>/policies/*</url>
<method>PUT</method>
</Permission>
<Permission>
<name>Update Policy</name>
<path>/device-mgt/admin/policies/Update</path>
<url>/policies/apply-changes</url>
<method>PUT</method>
</Permission>
<Permission>
<name>Update Policy</name>
<path>/device-mgt/admin/policies/Change-Priority</path>
<url>/policies/priorities</url>
<method>PUT</method>
</Permission>
<!-- End of Policy related APIs -->
<Permission>
<name>Notifications</name>
<path>/device-mgt/admin/notifications</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Notification related APIs -->
<Permission>
<name>View notifications</name>
<path>/device-mgt/admin/notifications/View</path>
<url>/notifications</url>
<method>GET</method>
</Permission>
<Permission>
<name>Mark checked notifications</name>
<path>/device-mgt/admin/notifications/View</path>
<url>/notifications/*/mark-checked</url>
<method>PUT</method>
</Permission>
<!-- End of Notification related APIs -->
<Permission>
<name>Users</name>
<path>/device-mgt/admin/users</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- User related APIs -->
<Permission>
<name>List users</name>
<path>/device-mgt/admin/users/List</path>
<url>/users</url>
<method>GET</method>
</Permission>
<Permission>
<name>Add user</name>
<path>/device-mgt/admin/users/Add</path>
<url>/users</url>
<method>POST</method>
</Permission>
<Permission>
<name>List users</name>
<path>/device-mgt/admin/users/Search</path>
<url>/users/search/usernames</url>
<method>GET</method>
</Permission>
<Permission>
<name>Remove user</name>
<path>/device-mgt/admin/users/Remove</path>
<url>/users/*</url>
<method>DELETE</method>
</Permission>
<Permission>
<name>View user</name>
<path>/device-mgt/admin/users/View</path>
<url>/users/*</url>
<method>GET</method>
</Permission>
<Permission>
<name>Update user</name>
<path>/device-mgt/admin/users/Update</path>
<url>/users/*</url>
<method>PUT</method>
</Permission>
<Permission>
<name>Update user credentials</name>
<path>/device-mgt/admin/users/Change-Password</path>
<url>/users/*/credentials</url>
<method>PUT</method>
</Permission>
<Permission>
<name>View assigned role</name>
<path>/device-mgt/admin/roles/Assigned-Roles</path>
<url>/users/*/roles</url>
<method>GET</method>
</Permission>
<Permission>
<name>Change any user credentials</name>
<path>/device-mgt/admin/users/Change-Password-Any</path>
<url>/admin/users/*/credentials</url>
<method>POST</method>
</Permission>
<Permission>
<name>Send invitation mail</name>
<path>/device-mgt/admin/users/Send-invitations</path>
<url>/users/send-invitation</url>
<method>POST</method>
</Permission>
<!-- End of User related APIs -->
<Permission>
<name>Roles</name>
<path>/device-mgt/admin/roles</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Role related APIs -->
<Permission>
<name>List roles</name>
<path>/device-mgt/admin/roles/List</path>
<url>/roles</url>
<method>GET</method>
</Permission>
<Permission>
<name>Add role</name>
<path>/device-mgt/admin/roles/Add</path>
<url>/roles</url>
<method>POST</method>
</Permission>
<Permission>
<name>Remove role</name>
<path>/device-mgt/admin/roles/Remove</path>
<url>/roles/*</url>
<method>DELETE</method>
</Permission>
<Permission>
<name>View role</name>
<path>/device-mgt/admin/roles/View</path>
<url>/roles/*</url>
<method>GET</method>
</Permission>
<Permission>
<name>Update role</name>
<path>/device-mgt/admin/roles/Update</path>
<url>/roles/*</url>
<method>PUT</method>
</Permission>
<Permission>
<name>View role permissions</name>
<path>/device-mgt/admin/roles/View-Permission</path>
<url>/roles/*/permissions</url>
<method>GET</method>
</Permission>
<Permission>
<name>Add Users to role</name>
<path>/device-mgt/admin/roles/Add-Users</path>
<url>/roles/*/users</url>
<method>PUT</method>
</Permission>
<!-- End of Role related APIs -->
<Permission>
<name>Configurations</name>
<path>/device-mgt/admin/general-configs</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Configuration related APIs -->
<Permission>
<name>View configuration</name>
<path>/device-mgt/admin/general-configuration/View</path>
<url>/configuration</url>
<method>GET</method>
</Permission>
<Permission>
<name>Update configuration</name>
<path>/device-mgt/admin/general-configuration/Update</path>
<url>/configuration</url>
<method>PUT</method>
</Permission>
<!-- End of Configuration related APIs -->
<Permission>
<name>Activities</name>
<path>/device-mgt/admin/activities</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Activity related APIs -->
<Permission>
<name>View Activities</name>
<path>/device-mgt/admin/activities/View</path>
<url>/activities</url>
<method>GET</method>
</Permission>
<Permission>
<name>View Activity Details</name>
<path>/device-mgt/admin/activities/View</path>
<url>/activities/*</url>
<method>GET</method>
</Permission>
<!-- End of Activity related APIs -->
<Permission>
<name>Applications</name>
<path>/device-mgt/admin/applications</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- Application related APIs -->
<Permission>
<name>Install Applications</name>
<path>/device-mgt/admin/application/Install</path>
<url>/admin/applications/install-application</url>
<method>POST</method>
</Permission>
<Permission>
<name>Uninstall-Applications</name>
<path>/device-mgt/admin/application/Uninstall</path>
<url>/admin/applications/uninstall-application</url>
<method>POST</method>
</Permission>
<!-- End of Application related APIs -->
<!-- End of Admin Permissions -->
<!-- User Permissions -->
<Permission>
<name>Device Management User</name>
<path>/device-mgt/user</path>
<url>/</url>
<method>GET</method>
</Permission>
<Permission>
<name>User Devices</name>
<path>/device-mgt/user/devices</path>
<url>/</url>
<method>GET</method>
</Permission>
<Permission>
<name>User Policies</name>
<path>/device-mgt/user/policies</path>
<url>/</url>
<method>GET</method>
</Permission>
<Permission>
<name>User Notifications</name>
<path>/device-mgt/user/notifications</path>
<url>/</url>
<method>GET</method>
</Permission>
<Permission>
<name>User Operations</name>
<path>/device-mgt/user/operations</path>
<url>/</url>
<method>GET</method>
</Permission>
<!-- End of User Permissions -->
<!--End of Permission Tree-->
</PermissionConfiguration>

19
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/WEB-INF/cxf-servlet.xml
View File

@ -17,12 +17,11 @@
~ under the License.
-->
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxrs="http://cxf.apache.org/jaxrs"
xmlns="http://www.springframework.org/schema/beans"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd">
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxrs="http://cxf.apache.org/jaxrs" xmlns:cxf="http://cxf.apache.org/core"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd">
<jaxrs:server id="services" address="/">
<jaxrs:serviceBeans>
@ -51,6 +50,8 @@
<bean id="swaggerWriter" class="io.swagger.jaxrs.listing.SwaggerSerializers" />
<bean id="swaggerResource" class="io.swagger.jaxrs.listing.ApiListingResource" />
<bean id="ValidationInterceptor" class="org.wso2.carbon.device.mgt.jaxrs.exception.ValidationInterceptor"/>
<bean id="GlobalExceptionMapper" class="org.wso2.carbon.device.mgt.jaxrs.exception.GlobalThrowableMapper"/>
<bean id="swaggerConfig" class="io.swagger.jaxrs.config.BeanConfig">
<property name="resourcePackage" value="org.wso2.carbon.device.mgt.jaxrs"/>
@ -80,6 +81,12 @@
<bean id="dashboardServiceBean" class="org.wso2.carbon.device.mgt.jaxrs.service.impl.DashboardImpl"/>
<bean id="deviceTypeManagementAdminService" class="org.wso2.carbon.device.mgt.jaxrs.service.impl.DeviceTypeManagementServiceImpl"/>
<bean id="jsonProvider" class="org.wso2.carbon.device.mgt.jaxrs.common.GsonMessageBodyHandler"/>
<!--<bean id="errorHandler" class="org.wso2.carbon.device.mgt.jaxrs.common.ErrorHandler"/>-->
<cxf:bus>
<cxf:inInterceptors>
<ref bean="ValidationInterceptor"/>
</cxf:inInterceptors>
</cxf:bus>
</beans>

5
components/device-mgt/org.wso2.carbon.device.mgt.common/pom.xml
View File

@ -50,6 +50,7 @@
<Import-Package>
javax.xml.bind.annotation,
com.fasterxml.jackson.annotation,
org.wso2.carbon.apimgt.api.model,
io.swagger.annotations.*;resolution:=optional
</Import-Package>
</instructions>
@ -68,6 +69,10 @@
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.apimgt</groupId>
<artifactId>org.wso2.carbon.apimgt.api</artifactId>
</dependency>
</dependencies>
</project>

4
components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/DeviceTypeIdentifier.java
View File

@ -29,12 +29,12 @@ public class DeviceTypeIdentifier implements Serializable {
private static final int DEFAULT_SHARE_WITH_ALL_TENANTS_ID = -1;
public DeviceTypeIdentifier(String deviceType, int tenantId) {
this.deviceType = deviceType;
this.deviceType = deviceType.toLowerCase();
this.tenantId = tenantId;
}
public DeviceTypeIdentifier(String deviceType) {
this.deviceType = deviceType;
this.deviceType = deviceType.toLowerCase();
this.tenantId = DEFAULT_SHARE_WITH_ALL_TENANTS_ID;
}

17
components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/EnrolmentInfo.java
View File

@ -40,11 +40,9 @@ public class EnrolmentInfo implements Serializable {
@ApiModelProperty(name = "id", value = "ID of the device in the WSO2 EMM device information database.",
required = true)
private int id;
@ApiModelProperty(name = "device", value = "Enrolled device.", required = true)
private Device device;
@ApiModelProperty(name = "dateOfEnrolment", value = "Date of the device enrollment.", required = true )
@ApiModelProperty(name = "dateOfEnrolment", value = "Date of the device enrollment. This value is not necessary.", required = false )
private Long dateOfEnrolment;
@ApiModelProperty(name = "dateOfLastUpdate", value = "Date of the device's last update.", required = true )
@ApiModelProperty(name = "dateOfLastUpdate", value = "Date of the device's last update. This value is not necessary.", required = false )
private Long dateOfLastUpdate;
@ApiModelProperty(name = "ownership", value = "Defines the ownership details. The ownership type can be any of the" +
" following values.\n" +
@ -60,8 +58,7 @@ public class EnrolmentInfo implements Serializable {
public EnrolmentInfo() {
}
public EnrolmentInfo(Device device, String owner, OwnerShip ownership, Status status) {
this.device = device;
public EnrolmentInfo(String owner, OwnerShip ownership, Status status) {
this.owner = owner;
this.ownership = ownership;
this.status = status;
@ -115,14 +112,6 @@ public class EnrolmentInfo implements Serializable {
this.owner = owner;
}
public Device getDevice() {
return device;
}
public void setDevice(Device device) {
this.device = device;
}
@Override
public boolean equals(Object obj) {
if (obj instanceof EnrolmentInfo) {

2
components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/PaginationResult.java
View File

@ -41,7 +41,7 @@ public class PaginationResult implements Serializable {
@ApiModelProperty(name = "draw", value = "The draw counter that this object is a response to, from the draw parameter sent as part of the data request", required = true)
private int draw;
@ApiModelProperty(name = "data", value = "The details of the SSL certificate", required = true)
@ApiModelProperty(name = "data", value = "This holds the database records that matches given criteria", required = true)
private List<?> data;
public int getRecordsTotal() {

3
components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/app/mgt/Application.java
View File

@ -150,6 +150,9 @@ public class Application implements Serializable {
if (applicationIdentifier != null ? !applicationIdentifier.equals(that.applicationIdentifier) : that.applicationIdentifier != null) {
return false;
}
if (version != null ? !version.equals(that.version) : that.version != null) {
return false;
}
return true;
}

43
components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/permission/mgt/Permission.java
View File

@ -24,47 +24,25 @@ import javax.xml.bind.annotation.XmlRootElement;
/**
* This class represents the information related to permission.
*/
@XmlRootElement (name = "Permission")
public class Permission {
private String name; // permission name
private String path; // permission string
private String url; // url of the resource
private String urlTemplate; // resource template
private String method; // http method
private String scope; //scope of the resource
private String context;
public String getName() {
return name;
public String getContext() {
return context;
}
@XmlElement (name = "name", required = true)
public void setName(String name) {
this.name = name;
public void setContext(String context) {
this.context = context;
}
public String getPath() {
return path;
}
@XmlElement (name = "path", required = true)
public void setPath(String path) {
this.path = path;
}
public String getScope() {
return scope;
}
@XmlElement(name = "scope", required = false)
public void setScope(String scope) {
this.scope = scope;
}
public String getUrl() {
return url;
}
@XmlElement (name = "url", required = true)
public void setUrl(String url) {
this.url = url;
}
@ -73,8 +51,15 @@ public class Permission {
return method;
}
@XmlElement (name = "method", required = true)
public void setMethod(String method) {
this.method = method;
}
public String getUrlTemplate() {
return urlTemplate;
}
public void setUrlTemplate(String urlTemplate) {
this.urlTemplate = urlTemplate;
}
}

3
components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/permission/mgt/PermissionManagerService.java
View File

@ -29,11 +29,10 @@ public interface PermissionManagerService {
/**
*
* @param permission - Permission to be added
* @return The status of the operation.
* @throws PermissionManagementException If some unusual behaviour is observed while adding the
* permission.
*/
boolean addPermission(Permission permission) throws PermissionManagementException;
void addPermission(Permission permission) throws PermissionManagementException;
/**
*

57
components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/scope/mgt/ScopeManagementException.java Normal file
View File

@ -0,0 +1,57 @@
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.device.mgt.common.scope.mgt;
/**
* This exception is used to throw when there is an issue in scope management service.
*/
public class ScopeManagementException extends Exception {
private static final long serialVersionUID = -315127931137779899L;
private String errorMessage;
public String getErrorMessage() {
return errorMessage;
}
public void setErrorMessage(String errorMessage) {
this.errorMessage = errorMessage;
}
public ScopeManagementException(String msg, Exception nestedEx) {
super(msg, nestedEx);
setErrorMessage(msg);
}
public ScopeManagementException(String message, Throwable cause) {
super(message, cause);
setErrorMessage(message);
}
public ScopeManagementException(String msg) {
super(msg);
setErrorMessage(msg);
}
public ScopeManagementException() {
super();
}
public ScopeManagementException(Throwable cause) {
super(cause);
}
}

Some files were not shown because too many files have changed in this diff Show More