Merge pull request #689 from Megala21/fix_issue

Fixing the role creation problem
2025-10-06 02:01:45 +00:00 · 2017-04-17 16:33:38 +05:30 · 2017-04-17 16:33:38 +05:30 · 2c0ec2d768
commit 2c0ec2d768
parent fc15f43b31 2360b338d8
1 changed files with 19 additions and 7 deletions
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/UserManagementServiceImpl.java
@ -40,6 +40,7 @@ import org.wso2.carbon.device.mgt.jaxrs.util.CredentialManagementResponseBuilder
 import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
 import org.wso2.carbon.identity.user.store.count.UserStoreCountRetriever;
 import org.wso2.carbon.identity.user.store.count.exception.UserStoreCounterException;
+import org.wso2.carbon.user.api.Permission;
 import org.wso2.carbon.user.api.UserStoreException;
 import org.wso2.carbon.user.api.UserStoreManager;
 import org.wso2.carbon.utils.CarbonUtils;
@ -82,6 +83,16 @@ public class UserManagementServiceImpl implements UserManagementService {
    private static final String DEFAULT_DEVICE_USER = "Internal/devicemgt-user";
    private static final String DEFAULT_DEVICE_ADMIN = "Internal/devicemgt-admin";

+    // Permissions that are given for a normal device user.
+    private static final Permission[] PERMISSIONS_FOR_DEVICE_USER = {
+        new Permission("/permission/admin/Login", "ui.execute"),
+        new Permission("/permission/admin/device-mgt/device/api/subscribe", "ui.execute"),
+        new Permission("/permission/admin/device-mgt/devices/enroll", "ui.execute"),
+        new Permission("/permission/admin/device-mgt/devices/disenroll", "ui.execute"),
+        new Permission("/permission/admin/device-mgt/devices/owning-device/view", "ui.execute"),
+        new Permission("/permission/admin/manage/portal", "ui.execute")
+    };
+
    @POST
    @Override
    public Response addUser(UserInfo userInfo) {
@ -114,6 +125,11 @@ public class UserManagementServiceImpl implements UserManagementService {
            String[] roles = new String[tmpRoles.size()];
            tmpRoles.toArray(roles);

+            // If the normal device user role does not exist, create a new role with the minimal permissions
+            if (!userStoreManager.isExistingRole(DEFAULT_DEVICE_USER)) {
+                userStoreManager.addRole(DEFAULT_DEVICE_USER, null, PERMISSIONS_FOR_DEVICE_USER);
+            }
+
            userStoreManager.addUser(userInfo.getUsername(), initialUserPassword,
                                     roles, defaultUserClaims, null);
            // Outputting debug message upon successful addition of user
@ -258,13 +274,10 @@ public class UserManagementServiceImpl implements UserManagementService {
        }
    }

-    private List<String> getFilteredRoles(UserStoreManager userStoreManager, String username) {
+    private List<String> getFilteredRoles(UserStoreManager userStoreManager, String username)
+            throws UserStoreException {
        String[] roleListOfUser = new String[0];
-        try {
-            roleListOfUser = userStoreManager.getRoleListOfUser(username);
-        } catch (UserStoreException e) {
-            e.printStackTrace();
-        }
+        roleListOfUser = userStoreManager.getRoleListOfUser(username);
        List<String> filteredRoles = new ArrayList<>();
        for (String role : roleListOfUser) {
            if (!(role.startsWith("Internal/") || role.startsWith("Authentication/"))) {
@ -380,7 +393,6 @@ public class UserManagementServiceImpl implements UserManagementService {
            } else {
                offsetList = new ArrayList<>();
            }
-
            BasicUserInfoList result = new BasicUserInfoList();
            result.setList(offsetList);
            result.setCount(users.length);