Removed the use of web-app context in permission.xml of webapps

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java

@@ -31,6 +31,16 @@ import java.util.List;
 public class PermissionConfiguration {
 
     private List<Permission> permissions;
+    private String apiVersion;
+
+    public String getApiVersion() {
+        return apiVersion;
+    }
+
+    @XmlElement (name = "APIVersion", required = true)
+    public void setApiVersion(String apiVersion) {
+        this.apiVersion = apiVersion;
+    }
 
     public List<Permission> getPermissions() {
         return permissions;

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/lifecycle/WebAppDeploymentLifecycleListener.java

@@ -24,9 +24,11 @@ import org.apache.catalina.LifecycleListener;
 import org.apache.catalina.core.StandardContext;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.device.mgt.common.permission.mgt.Permission;
 import org.wso2.carbon.device.mgt.common.permission.mgt.PermissionManagementException;
 import org.wso2.carbon.device.mgt.core.config.permission.PermissionConfiguration;
 import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionManagerServiceImpl;
+import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionUtils;
 
 import javax.servlet.ServletContext;
 import javax.xml.bind.JAXBContext;
@@ -34,6 +36,7 @@ import javax.xml.bind.JAXBException;
 import javax.xml.bind.Unmarshaller;
 import java.io.File;
 import java.io.InputStream;
+import java.util.List;
 
 /**
  * This listener class will initiate the permission addition of permissions defined in
@@ -50,6 +53,7 @@ public class WebAppDeploymentLifecycleListener implements LifecycleListener {
 		if (Lifecycle.AFTER_START_EVENT.equals(lifecycleEvent.getType())) {
 			StandardContext context = (StandardContext) lifecycleEvent.getLifecycle();
 			ServletContext servletContext = context.getServletContext();
+			String contextPath = servletContext.getContextPath();
 			try {
 				InputStream permissionStream = servletContext.getResourceAsStream(PERMISSION_CONFIG_PATH);
 				if (permissionStream != null) {
@@ -58,10 +62,16 @@ public class WebAppDeploymentLifecycleListener implements LifecycleListener {
 					Unmarshaller unmarshaller = cdmContext.createUnmarshaller();
 					PermissionConfiguration permissionConfiguration = (PermissionConfiguration)
 							unmarshaller.unmarshal(permissionStream);
-					if (permissionConfiguration != null &&
+                    List<Permission> permissions = permissionConfiguration.getPermissions();
-					    permissionConfiguration.getPermissions() != null) {
+                    String apiVersion = permissionConfiguration.getApiVersion();
-						PermissionManagerServiceImpl.getInstance().addPermissions(
+                    if (permissionConfiguration != null && permissions != null) {
-								permissionConfiguration.getPermissions());
+                        for (Permission permission : permissions) {
+                            // update the permission path to absolute permission path
+                            permission.setPath(PermissionUtils.getAbsolutePermissionPath(permission.getPath()));
+                            permission.setUrl(PermissionUtils.getAbsoluteContextPathOfAPI(contextPath, apiVersion,
+                                                                                           permission.getUrl()));
+                            PermissionManagerServiceImpl.getInstance().addPermission(permission);
+                        }
 					}
 				}
 			} catch (JAXBException e) {

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/permission/mgt/PermissionManagerServiceImpl.java

@@ -51,17 +51,8 @@ public class PermissionManagerServiceImpl implements PermissionManagerService {
         return registryBasedPermissionManager;
     }
 
-    public boolean addPermissions(List<Permission> permissions) throws PermissionManagementException {
-        for (Permission permission : permissions) {
-            this.addPermission(permission);
-        }
-        return true;
-    }
-
     @Override
     public boolean addPermission(Permission permission) throws PermissionManagementException {
-        // update the permission path to absolute permission path
-        permission.setPath(PermissionUtils.getAbsolutePermissionPath(permission.getPath()));
         // adding a permission to the tree
         permissionTree.addPermission(permission);
         return PermissionUtils.putPermission(permission);

components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/permission/mgt/PermissionUtils.java

@@ -59,6 +59,13 @@ public class PermissionUtils {
 		return PermissionUtils.ADMIN_PERMISSION_REGISTRY_PATH + permissionPath;
 	}
 
+    public static String getAbsoluteContextPathOfAPI(String contextPath, String version, String url) {
+        if((version != null) && !version.isEmpty()) {
+          return contextPath + "/" + version + url;
+        }
+        return contextPath + url;
+    }
+
 	public static Permission getPermission(String path) throws PermissionManagementException {
 		try {
 			Resource resource = PermissionUtils.getGovernanceRegistry().get(path);

components/identity-extensions/dynamic-client-registration/org.wso2.carbon.dynamic.client.web.app.registration/src/main/java/org/wso2/carbon/dynamic/client/web/app/registration/DynamicClientWebAppRegistrationManager.java

@@ -120,10 +120,9 @@ public class DynamicClientWebAppRegistrationManager {
         String requiredDynamicClientRegistration, webAppName;
         ServletContext servletContext;
         RegistrationProfile registrationProfile;
-        OAuthAppDetails oAuthAppDetails = null;
+        OAuthAppDetails oAuthAppDetails;
         DynamicClientWebAppRegistrationManager dynamicClientWebAppRegistrationManager =
                 DynamicClientWebAppRegistrationManager.getInstance();
-        //todo move enumeration to while loop
         Enumeration enumeration = new IteratorEnumeration(DynamicClientWebAppRegistrationManager.
                 webAppContexts.keySet().iterator());
         if (log.isDebugEnabled()) {

components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/validators/PermissionBasedScopeValidator.java

@@ -51,6 +51,7 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
         public static final String WRITE = "write";
         public static final String DELETE = "delete";
         public static final String ACTION = "action";
+        public static final String UI_EXECUTE = "ui.execute";
     }
 
     private static final Log log = LogFactory.getLog(PermissionBasedScopeValidator.class);
@@ -77,7 +78,7 @@ public class PermissionBasedScopeValidator extends OAuth2ScopeValidator {
                 if (userRealm != null && userRealm.getAuthorizationManager() != null) {
                     status = userRealm.getAuthorizationManager()
                                       .isUserAuthorized(username, permission.getPath(),
-                                                        PermissionMethod.READ);
+                                                        PermissionMethod.UI_EXECUTE);
                 }
             }
         } catch (PermissionManagementException e) {

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java

@@ -81,8 +81,8 @@ public class OAuthAuthenticator implements WebappAuthenticator {
             authenticationInfo.setStatus(Status.CONTINUE);
         }
         String apiVersion = tokenizer.nextToken();
-        String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod);
+        //String authLevel = authenticator.getResourceAuthenticationScheme(context, apiVersion, requestUri, requestMethod);
-        //String authLevel = "any";
+        String authLevel = "any";
         try {
             if (Constants.NO_MATCHING_AUTH_SCHEME.equals(authLevel)) {
                 AuthenticationFrameworkUtil.handleNoMatchAuthScheme(request, response, requestMethod, apiVersion,