community/device-mgt-core
1
0
Fork 0
mirror of https://repository.entgra.net/community/device-mgt-core.git synced 2025-10-06 02:01:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #234 from rasika90/master

Browse Source 
Fixing permission issue and adding group permission validation for operations
This commit is contained in:
sumedharubasinghe 2016-05-04 04:17:49 +05:30
commit 84ebba0bd7
2 changed files with 17 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/authorization/DeviceAccessAuthorizationServiceImpl.java
View File

@ -38,6 +38,7 @@ import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.api.UserStoreException;
import java.util.HashMap; import java.util.HashMap;
import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@ -186,10 +187,14 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
DeviceManagementDataHolder.getInstance().getGroupManagementProviderService() DeviceManagementDataHolder.getInstance().getGroupManagementProviderService()
.getGroups(deviceIdentifier); .getGroups(deviceIdentifier);
for (DeviceGroup group : authorizedGroups) { for (DeviceGroup group : authorizedGroups) {
if (groupsWithDevice.contains(group)) { Iterator<DeviceGroup> groupsWithDeviceIterator = groupsWithDevice.iterator();
while (groupsWithDeviceIterator.hasNext()) {
DeviceGroup deviceGroup = groupsWithDeviceIterator.next();
if (deviceGroup.getId() == group.getId()) {
return true; return true;
} }
} }
}
return false; return false;
} }

18
components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/operation/mgt/OperationManagerImpl.java
View File

@ -23,6 +23,7 @@ import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.device.mgt.common.*; import org.wso2.carbon.device.mgt.common.*;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException; import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants;
import org.wso2.carbon.device.mgt.common.operation.mgt.Operation; import org.wso2.carbon.device.mgt.common.operation.mgt.Operation;
import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException; import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManager; import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManager;
@ -88,7 +89,8 @@ public class OperationManagerImpl implements OperationManager {
authorizedDeviceList = deviceIds; authorizedDeviceList = deviceIds;
} else { } else {
authorizedDeviceList = DeviceManagementDataHolder.getInstance(). authorizedDeviceList = DeviceManagementDataHolder.getInstance().
getDeviceAccessAuthorizationService().isUserAuthorized(deviceIds).getAuthorizedDevices(); getDeviceAccessAuthorizationService().isUserAuthorized(deviceIds, DeviceGroupConstants.
Permissions.DEFAULT_OPERATOR_PERMISSIONS).getAuthorizedDevices();
} }
if (authorizedDeviceList.size() > 0) { if (authorizedDeviceList.size() > 0) {
try { try {
@ -146,7 +148,7 @@ public class OperationManagerImpl implements OperationManager {
List<Operation> operations = new ArrayList<>(); List<Operation> operations = new ArrayList<>();
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (isUserAuthorized) {
try { try {
try { try {
@ -202,7 +204,7 @@ public class OperationManagerImpl implements OperationManager {
List<Operation> operations = new ArrayList<>(); List<Operation> operations = new ArrayList<>();
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (isUserAuthorized) {
try { try {
try { try {
@ -266,7 +268,7 @@ public class OperationManagerImpl implements OperationManager {
List<org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation> dtoOperationList = new ArrayList<>(); List<org.wso2.carbon.device.mgt.core.dto.operation.mgt.Operation> dtoOperationList = new ArrayList<>();
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (isUserAuthorized) {
try { try {
try { try {
@ -330,7 +332,7 @@ public class OperationManagerImpl implements OperationManager {
int enrolmentId; int enrolmentId;
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (isUserAuthorized) {
try { try {
try { try {
@ -400,7 +402,7 @@ public class OperationManagerImpl implements OperationManager {
int enrolmentId; int enrolmentId;
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (isUserAuthorized) {
try { try {
try { try {
@ -480,7 +482,7 @@ public class OperationManagerImpl implements OperationManager {
} }
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (isUserAuthorized) {
try { try {
try { try {
@ -554,7 +556,7 @@ public class OperationManagerImpl implements OperationManager {
int enrolmentId; int enrolmentId;
try { try {
boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService(). boolean isUserAuthorized = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService().
isUserAuthorized(deviceId); isUserAuthorized(deviceId, DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS);
if (isUserAuthorized) { if (isUserAuthorized) {
try { try {
try { try {