mirror of
https://repository.entgra.net/community/device-mgt-core.git
synced 2025-10-06 02:01:45 +00:00
Merge branch 'reporting2' into 'master'
Reporting conflict fixes See merge request entgra/carbon-device-mgt!485
This commit is contained in:
Inosh Perara
commit
9ddb6b4f9e
@ -49,6 +49,7 @@ import org.apache.axis2.transport.http.HTTPConstants;
|
||||
import org.wso2.carbon.apimgt.annotations.api.Scope;
|
||||
import org.wso2.carbon.apimgt.annotations.api.Scopes;
|
||||
import org.wso2.carbon.device.mgt.common.Device;
|
||||
import org.wso2.carbon.device.mgt.common.general.TenantDetail;
|
||||
import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceGroupList;
|
||||
import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList;
|
||||
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
|
||||
@ -100,6 +101,12 @@ import java.util.List;
|
||||
description = "Permanently Delete the device specified by device id",
|
||||
key = "perm:devices:permanent-delete",
|
||||
permissions = {"/device-mgt/admin/devices/permanent-delete"}
|
||||
),
|
||||
@Scope(
|
||||
name = "Getting Details of Device tenants",
|
||||
description = "Getting Details of Device tenants",
|
||||
key = "perm:admin:tenant:view",
|
||||
permissions = {"/device-mgt/devices/tenants/view"}
|
||||
)
|
||||
}
|
||||
)
|
||||
@ -353,4 +360,54 @@ public interface DeviceManagementAdminService {
|
||||
value = "List of device identifiers.",
|
||||
required = true)
|
||||
List<String> deviceIdentifiers);
|
||||
|
||||
@GET
|
||||
@Path("/tenants")
|
||||
@ApiOperation(
|
||||
produces = MediaType.APPLICATION_JSON,
|
||||
httpMethod = "GET",
|
||||
value = "Getting Details of tenants",
|
||||
notes = "Get the details of tenants.",
|
||||
response = TenantDetail.class,
|
||||
responseContainer = "List",
|
||||
tags = "Device Management Administrative Service",
|
||||
extensions = {
|
||||
@Extension(properties = {
|
||||
@ExtensionProperty(name = Constants.SCOPE, value =
|
||||
"perm:admin:tenant:view")
|
||||
})
|
||||
}
|
||||
)
|
||||
@ApiResponses(value = {
|
||||
@ApiResponse(code = 200, message = "OK. \n Successfully fetched the list of tenants.",
|
||||
response = TenantDetail.class,
|
||||
responseContainer = "List",
|
||||
responseHeaders = {
|
||||
@ResponseHeader(
|
||||
name = "Content-Type",
|
||||
description = "The content type of the body"),
|
||||
@ResponseHeader(
|
||||
name = "ETag",
|
||||
description = "Entity Tag of the response resource.\n" +
|
||||
"Used by caches, or in conditional requests."),
|
||||
@ResponseHeader(
|
||||
name = "Last-Modified",
|
||||
description = "Date and time the resource was last modified.\n" +
|
||||
"Used by caches, or in conditional requests."),
|
||||
}),
|
||||
@ApiResponse(
|
||||
code = 304,
|
||||
message = "Not Modified. Empty body because the client already has the latest version of the " +
|
||||
"requested resource.\n"),
|
||||
@ApiResponse(
|
||||
code = 401,
|
||||
message = "Unauthorized.\n The unauthorized access to the requested resource.",
|
||||
response = ErrorResponse.class),
|
||||
@ApiResponse(
|
||||
code = 500,
|
||||
message = "Internal Server Error. \n Server error occurred while fetching the" +
|
||||
" tenant list.",
|
||||
response = ErrorResponse.class)
|
||||
})
|
||||
Response getTenants();
|
||||
}
|
||||
|
||||
@ -45,13 +45,19 @@ import org.wso2.carbon.device.mgt.common.PaginationRequest;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.InvalidDeviceException;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.UserNotFoundException;
|
||||
import org.wso2.carbon.device.mgt.common.general.TenantDetail;
|
||||
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
|
||||
import org.wso2.carbon.device.mgt.jaxrs.beans.DeviceList;
|
||||
import org.wso2.carbon.device.mgt.jaxrs.beans.ErrorResponse;
|
||||
import org.wso2.carbon.device.mgt.jaxrs.service.api.admin.DeviceManagementAdminService;
|
||||
import org.wso2.carbon.device.mgt.jaxrs.service.impl.util.RequestValidationUtil;
|
||||
import org.wso2.carbon.device.mgt.jaxrs.util.DeviceMgtAPIUtils;
|
||||
import org.wso2.carbon.user.api.Tenant;
|
||||
import org.wso2.carbon.user.api.TenantManager;
|
||||
import org.wso2.carbon.user.api.UserStoreException;
|
||||
import org.wso2.carbon.user.core.service.RealmService;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.validation.constraints.Size;
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.GET;
|
||||
@ -62,6 +68,7 @@ import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
@Path("/admin/devices")
|
||||
@ -189,4 +196,51 @@ public class DeviceManagementAdminServiceImpl implements DeviceManagementAdminSe
|
||||
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
@Path("/tenants")
|
||||
@GET
|
||||
public Response getTenants() {
|
||||
List<TenantDetail> tenantDetails;
|
||||
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
|
||||
if (tenantId == MultitenantConstants.SUPER_TENANT_ID) {
|
||||
RealmService realmService = (RealmService) PrivilegedCarbonContext
|
||||
.getThreadLocalCarbonContext().getOSGiService(RealmService.class, null);
|
||||
if (realmService == null) {
|
||||
String msg = "RealmService is not initialized";
|
||||
log.error(msg);
|
||||
return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
|
||||
}
|
||||
|
||||
try {
|
||||
Tenant[] tenants = realmService.getTenantManager().getAllTenants();
|
||||
tenantDetails = new ArrayList<>();
|
||||
if (tenants != null && tenants.length > 0) {
|
||||
for (Tenant tenant : tenants) {
|
||||
TenantDetail tenantDetail = new TenantDetail();
|
||||
tenantDetail.setId(tenant.getId());
|
||||
tenantDetail.setAdminFirstName(tenant.getAdminFirstName());
|
||||
tenantDetail.setAdminFullName(tenant.getAdminFullName());
|
||||
tenantDetail.setAdminLastName(tenant.getAdminLastName());
|
||||
tenantDetail.setAdminName(tenant.getAdminName());
|
||||
tenantDetail.setDomain(tenant.getDomain());
|
||||
tenantDetail.setEmail(tenant.getEmail());
|
||||
tenantDetails.add(tenantDetail);
|
||||
}
|
||||
return Response.status(Response.Status.OK).entity(tenantDetails).build();
|
||||
} else {
|
||||
return Response.status(Response.Status.NOT_FOUND).entity("No tenants found")
|
||||
.build();
|
||||
}
|
||||
} catch (UserStoreException e) {
|
||||
String msg = "Error occurred while fetching tenant list";
|
||||
log.error(msg, e);
|
||||
return Response.serverError().entity(
|
||||
new ErrorResponse.ErrorResponseBuilder().setMessage(msg).build()).build();
|
||||
}
|
||||
} else {
|
||||
return Response.status(Response.Status.BAD_REQUEST).entity("This API is available " +
|
||||
"for super tenant admin only.").build();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -53,6 +53,10 @@ public class Application implements Serializable {
|
||||
private int memoryUsage;
|
||||
@ApiModelProperty(name = "isActive", value = "Is the application actively running", required = true)
|
||||
private boolean isActive;
|
||||
@ApiModelProperty(name = "hourlyUsage", value = "App hourly usage")
|
||||
private long hourlyUsage;
|
||||
@ApiModelProperty(name = "dailyUsage", value = "App daily usage")
|
||||
private long dailyUsage;
|
||||
|
||||
|
||||
public String getType() {
|
||||
@ -179,4 +183,20 @@ public class Application implements Serializable {
|
||||
public void setActive(boolean active) {
|
||||
isActive = active;
|
||||
}
|
||||
|
||||
public long getHourlyUsage() {
|
||||
return hourlyUsage;
|
||||
}
|
||||
|
||||
public void setHourlyUsage(long hourlyUsage) {
|
||||
this.hourlyUsage = hourlyUsage;
|
||||
}
|
||||
|
||||
public long getDailyUsage() {
|
||||
return dailyUsage;
|
||||
}
|
||||
|
||||
public void setDailyUsage(long dailyUsage) {
|
||||
this.dailyUsage = dailyUsage;
|
||||
}
|
||||
}
|
||||
|
||||
@ -20,6 +20,7 @@ package org.wso2.carbon.device.mgt.common.device.details;
|
||||
import com.google.gson.Gson;
|
||||
import org.wso2.carbon.device.mgt.common.Device;
|
||||
import org.wso2.carbon.device.mgt.common.app.mgt.Application;
|
||||
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@ -31,6 +32,25 @@ public class DeviceDetailsWrapper {
|
||||
DeviceLocation location;
|
||||
int tenantId;
|
||||
|
||||
List<DeviceGroup> groups;
|
||||
String [] role;
|
||||
|
||||
public List<DeviceGroup> getGroups() {
|
||||
return groups;
|
||||
}
|
||||
|
||||
public void setGroups(List<DeviceGroup> groups) {
|
||||
this.groups = groups;
|
||||
}
|
||||
|
||||
public String [] getRole() {
|
||||
return role;
|
||||
}
|
||||
|
||||
public void setRole(String [] role) {
|
||||
this.role = role;
|
||||
}
|
||||
|
||||
public int getTenantId() {
|
||||
return tenantId;
|
||||
}
|
||||
|
||||
@ -0,0 +1,88 @@
|
||||
/*
|
||||
* Copyright (c) 2019, Entgra (pvt) Ltd. (https://entgra.io) All Rights Reserved.
|
||||
*
|
||||
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.device.mgt.common.general;
|
||||
|
||||
public class TenantDetail {
|
||||
|
||||
private int id;
|
||||
private String domain;
|
||||
|
||||
private String adminName;
|
||||
private String adminFullName;
|
||||
private String adminFirstName;
|
||||
private String adminLastName;
|
||||
private String email;
|
||||
|
||||
|
||||
public int getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(int id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public String getDomain() {
|
||||
return domain;
|
||||
}
|
||||
|
||||
public void setDomain(String domain) {
|
||||
this.domain = domain;
|
||||
}
|
||||
|
||||
public String getAdminName() {
|
||||
return adminName;
|
||||
}
|
||||
|
||||
public void setAdminName(String adminName) {
|
||||
this.adminName = adminName;
|
||||
}
|
||||
|
||||
public String getAdminFullName() {
|
||||
return adminFullName;
|
||||
}
|
||||
|
||||
public void setAdminFullName(String adminFullName) {
|
||||
this.adminFullName = adminFullName;
|
||||
}
|
||||
|
||||
public String getAdminFirstName() {
|
||||
return adminFirstName;
|
||||
}
|
||||
|
||||
public void setAdminFirstName(String adminFirstName) {
|
||||
this.adminFirstName = adminFirstName;
|
||||
}
|
||||
|
||||
public String getAdminLastName() {
|
||||
return adminLastName;
|
||||
}
|
||||
|
||||
public void setAdminLastName(String adminLastName) {
|
||||
this.adminLastName = adminLastName;
|
||||
}
|
||||
|
||||
public String getEmail() {
|
||||
return email;
|
||||
}
|
||||
|
||||
public void setEmail(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
}
|
||||
@ -144,8 +144,9 @@ public final class DeviceManagementConstants {
|
||||
private Report() {
|
||||
throw new AssertionError();
|
||||
}
|
||||
public static final String REPORTING_EVENT_HOST = "iot.reporting.event.host";
|
||||
public static final String REPORTING_CONTEXT = "/event";
|
||||
public static final String DEVICE_INFO_ENDPOINT = REPORTING_CONTEXT + "/device-info";
|
||||
public static final String REPORTING_EVENT_HOST = "iot.reporting.event.host";
|
||||
public static final String APP_USAGE_ENDPOINT = REPORTING_CONTEXT + "/app-usage";
|
||||
}
|
||||
}
|
||||
|
||||
@ -25,6 +25,7 @@ import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.context.CarbonContext;
|
||||
import org.wso2.carbon.device.mgt.common.Device;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
||||
import org.wso2.carbon.device.mgt.common.device.details.DeviceDetailsWrapper;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.InvalidDeviceException;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException;
|
||||
@ -39,6 +40,7 @@ import org.wso2.carbon.device.mgt.core.dao.ApplicationDAO;
|
||||
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOException;
|
||||
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory;
|
||||
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
|
||||
import org.wso2.carbon.device.mgt.core.util.HttpReportingUtil;
|
||||
|
||||
import java.sql.SQLException;
|
||||
import java.util.ArrayList;
|
||||
@ -277,6 +279,17 @@ public class ApplicationManagerProviderServiceImpl implements ApplicationManagem
|
||||
device.getEnrolmentInfo().getId(), tenantId);
|
||||
}
|
||||
DeviceManagementDAOFactory.commitTransaction();
|
||||
|
||||
String reportingHost = HttpReportingUtil.getReportingHost();
|
||||
if (!StringUtils.isBlank(reportingHost)) {
|
||||
DeviceDetailsWrapper deviceDetailsWrapper = new DeviceDetailsWrapper();
|
||||
deviceDetailsWrapper.setTenantId(tenantId);
|
||||
deviceDetailsWrapper.setDevice(device);
|
||||
deviceDetailsWrapper.setApplications(newApplications);
|
||||
HttpReportingUtil.invokeApi(deviceDetailsWrapper.getJSONString(),
|
||||
reportingHost + DeviceManagementConstants.Report.APP_USAGE_ENDPOINT);
|
||||
}
|
||||
|
||||
} catch (DeviceManagementDAOException e) {
|
||||
DeviceManagementDAOFactory.rollbackTransaction();
|
||||
String msg = "Error occurred saving application list of the device " + device.getDeviceIdentifier();
|
||||
|
||||
@ -22,16 +22,21 @@ import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.context.CarbonContext;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.device.mgt.analytics.data.publisher.exception.DataPublisherConfigurationException;
|
||||
import org.wso2.carbon.device.mgt.common.Device;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
||||
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfigurationManagementService;
|
||||
import org.wso2.carbon.device.mgt.common.device.details.DeviceDetailsWrapper;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.EventPublishingException;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.device.details.DeviceInfo;
|
||||
import org.wso2.carbon.device.mgt.common.device.details.DeviceLocation;
|
||||
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroup;
|
||||
import org.wso2.carbon.device.mgt.common.group.mgt.GroupManagementException;
|
||||
import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
|
||||
import org.wso2.carbon.device.mgt.core.config.tenant.PlatformConfigurationManagementServiceImpl;
|
||||
import org.wso2.carbon.device.mgt.core.dao.DeviceDAO;
|
||||
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOException;
|
||||
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory;
|
||||
@ -40,12 +45,17 @@ import org.wso2.carbon.device.mgt.core.device.details.mgt.DeviceInformationManag
|
||||
import org.wso2.carbon.device.mgt.core.device.details.mgt.dao.DeviceDetailsDAO;
|
||||
import org.wso2.carbon.device.mgt.core.device.details.mgt.dao.DeviceDetailsMgtDAOException;
|
||||
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
|
||||
|
||||
import org.wso2.carbon.device.mgt.core.service.GroupManagementProviderService;
|
||||
import org.wso2.carbon.device.mgt.core.report.mgt.Constants;
|
||||
import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
|
||||
import org.wso2.carbon.device.mgt.core.util.HttpReportingUtil;
|
||||
import org.wso2.carbon.user.api.UserRealm;
|
||||
import org.wso2.carbon.user.api.UserStoreException;
|
||||
|
||||
import java.sql.SQLException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Calendar;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
@ -58,6 +68,7 @@ public class DeviceInformationManagerImpl implements DeviceInformationManager {
|
||||
private static final Log log = LogFactory.getLog(DeviceInformationManagerImpl.class);
|
||||
private static final String LOCATION_EVENT_STREAM_DEFINITION = "org.wso2.iot.LocationStream";
|
||||
private static final String DEVICE_INFO_EVENT_STREAM_DEFINITION = "org.wso2.iot.DeviceInfoStream";
|
||||
private static final String IS_EVENT_PUBLISHING_ENABED = "isEventPublishingEnabled";
|
||||
|
||||
public DeviceInformationManagerImpl() {
|
||||
this.deviceDAO = DeviceManagementDAOFactory.getDeviceDAO();
|
||||
@ -79,6 +90,7 @@ public class DeviceInformationManagerImpl implements DeviceInformationManager {
|
||||
@Override
|
||||
public void addDeviceInfo(Device device, DeviceInfo deviceInfo) throws DeviceDetailsMgtException {
|
||||
try {
|
||||
publishEvents(device, deviceInfo);
|
||||
DeviceManagementDAOFactory.beginTransaction();
|
||||
DeviceInfo newDeviceInfo;
|
||||
DeviceInfo previousDeviceInfo = deviceDetailsDAO.getDeviceInformation(device.getId(),
|
||||
@ -117,18 +129,6 @@ public class DeviceInformationManagerImpl implements DeviceInformationManager {
|
||||
deviceDAO.updateDevice(device, CarbonContext.getThreadLocalCarbonContext().getTenantId());
|
||||
DeviceManagementDAOFactory.commitTransaction();
|
||||
|
||||
String reportingHost = System.getProperty(DeviceManagementConstants.Report
|
||||
.REPORTING_EVENT_HOST);
|
||||
if (reportingHost != null && !reportingHost.isEmpty()) {
|
||||
DeviceDetailsWrapper deviceDetailsWrapper = new DeviceDetailsWrapper();
|
||||
deviceDetailsWrapper.setDevice(device);
|
||||
deviceDetailsWrapper.setDeviceInfo(deviceInfo);
|
||||
deviceDetailsWrapper.getJSONString();
|
||||
|
||||
HttpReportingUtil.invokeApi(deviceDetailsWrapper.getJSONString(),
|
||||
reportingHost + DeviceManagementConstants.Report.DEVICE_INFO_ENDPOINT);
|
||||
}
|
||||
|
||||
//TODO :: This has to be fixed by adding the enrollment ID.
|
||||
if (DeviceManagerUtil.isPublishDeviceInfoResponseEnabled()) {
|
||||
Object[] metaData = {device.getDeviceIdentifier(), device.getType()};
|
||||
@ -170,18 +170,62 @@ public class DeviceInformationManagerImpl implements DeviceInformationManager {
|
||||
} catch (DeviceManagementDAOException e) {
|
||||
DeviceManagementDAOFactory.rollbackTransaction();
|
||||
throw new DeviceDetailsMgtException("Error occurred while updating the last update timestamp of the " +
|
||||
"device", e);
|
||||
"device", e);
|
||||
} catch (DataPublisherConfigurationException e) {
|
||||
DeviceManagementDAOFactory.rollbackTransaction();
|
||||
throw new DeviceDetailsMgtException("Error occurred while publishing the device location information.", e);
|
||||
} catch (EventPublishingException e) {
|
||||
DeviceManagementDAOFactory.rollbackTransaction();
|
||||
throw new DeviceDetailsMgtException("Error occurred while sending events", e);
|
||||
} finally {
|
||||
DeviceManagementDAOFactory.closeConnection();
|
||||
}
|
||||
}
|
||||
|
||||
private void publishEvents(Device device, DeviceInfo deviceInfo) {
|
||||
String reportingHost = HttpReportingUtil.getReportingHost();
|
||||
if (!StringUtils.isBlank(reportingHost) && isPublishingEnabledForTenant()) {
|
||||
try {
|
||||
DeviceDetailsWrapper deviceDetailsWrapper = new DeviceDetailsWrapper();
|
||||
deviceDetailsWrapper.setDevice(device);
|
||||
deviceDetailsWrapper.setDeviceInfo(deviceInfo);
|
||||
deviceDetailsWrapper.setTenantId(DeviceManagerUtil.getTenantId());
|
||||
GroupManagementProviderService groupManagementService = DeviceManagementDataHolder
|
||||
.getInstance().getGroupManagementProviderService();
|
||||
|
||||
List<DeviceGroup> groups = groupManagementService.getGroups(device, false);
|
||||
if (groups != null && groups.size() > 0) {
|
||||
deviceDetailsWrapper.setGroups(groups);
|
||||
}
|
||||
|
||||
String[] rolesOfUser = getRolesOfUser(CarbonContext.getThreadLocalCarbonContext()
|
||||
.getUsername());
|
||||
if (rolesOfUser != null && rolesOfUser.length > 0) {
|
||||
deviceDetailsWrapper.setRole(rolesOfUser);
|
||||
}
|
||||
|
||||
HttpReportingUtil.invokeApi(deviceDetailsWrapper.getJSONString(),
|
||||
reportingHost + DeviceManagementConstants.Report.DEVICE_INFO_ENDPOINT);
|
||||
} catch (EventPublishingException e) {
|
||||
log.error("Error occurred while sending events", e);
|
||||
} catch (GroupManagementException e) {
|
||||
log.error("Error occurred while getting group list", e);
|
||||
} catch (UserStoreException e) {
|
||||
log.error("Error occurred while getting role list", e);
|
||||
}
|
||||
} else {
|
||||
if(log.isTraceEnabled()) {
|
||||
log.trace("Event publishing is not enabled for tenant "
|
||||
+ DeviceManagerUtil.getTenantId());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private boolean isPublishingEnabledForTenant() {
|
||||
Object configuration = DeviceManagerUtil.getConfiguration(IS_EVENT_PUBLISHING_ENABED);
|
||||
if (configuration != null) {
|
||||
return Boolean.valueOf(configuration.toString());
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public DeviceInfo getDeviceInfo(DeviceIdentifier deviceId) throws DeviceDetailsMgtException {
|
||||
Device device = getDevice(deviceId);
|
||||
@ -426,6 +470,22 @@ public class DeviceInformationManagerImpl implements DeviceInformationManager {
|
||||
return newDeviceInfo;
|
||||
}
|
||||
|
||||
|
||||
private String[] getRolesOfUser(String userName) throws UserStoreException {
|
||||
UserRealm userRealm = CarbonContext.getThreadLocalCarbonContext().getUserRealm();
|
||||
String[] roleList;
|
||||
if (userRealm != null) {
|
||||
userRealm.getUserStoreManager().getRoleNames();
|
||||
roleList = userRealm.getUserStoreManager().getRoleListOfUser(userName);
|
||||
} else {
|
||||
String msg = "User realm is not initiated. Logged in user: " + userName;
|
||||
log.error(msg);
|
||||
throw new UserStoreException(msg);
|
||||
}
|
||||
return roleList;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Generate and add a value depending on the device's OS version included in device info
|
||||
*
|
||||
|
||||
@ -243,6 +243,16 @@ public interface GroupManagementProviderService {
|
||||
*/
|
||||
List<DeviceGroup> getGroups(DeviceIdentifier deviceIdentifier, boolean requireGroupProps) throws GroupManagementException;
|
||||
|
||||
/**
|
||||
* Get groups which contains particular device.
|
||||
*
|
||||
* @param device interested devoce.
|
||||
* @return groups contain the device.
|
||||
* @throws GroupManagementException
|
||||
*/
|
||||
public List<DeviceGroup> getGroups(Device device, boolean requireGroupProps)
|
||||
throws GroupManagementException;
|
||||
|
||||
/**
|
||||
* Checks for the default group existence and create group based on device ownership.
|
||||
* @param groupName of the group
|
||||
|
||||
@ -938,6 +938,42 @@ public class GroupManagementProviderServiceImpl implements GroupManagementProvid
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<DeviceGroup> getGroups(Device device, boolean requireGroupProps)
|
||||
throws GroupManagementException {
|
||||
if (device.getDeviceIdentifier() == null) {
|
||||
String msg = "Received empty device identifier for getGroups";
|
||||
log.error(msg);
|
||||
throw new GroupManagementException(msg);
|
||||
}
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Get groups of device " + device.getDeviceIdentifier());
|
||||
}
|
||||
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
|
||||
try {
|
||||
GroupManagementDAOFactory.openConnection();
|
||||
List<DeviceGroup> deviceGroups = groupDAO.getGroups(device.getId(), tenantId);
|
||||
if (requireGroupProps) {
|
||||
if (deviceGroups != null && !deviceGroups.isEmpty()) {
|
||||
for (DeviceGroup group : deviceGroups) {
|
||||
populateGroupProperties(group, tenantId);
|
||||
}
|
||||
}
|
||||
}
|
||||
return deviceGroups;
|
||||
} catch (GroupManagementDAOException | SQLException e) {
|
||||
String msg = "Error occurred while retrieving device groups.";
|
||||
log.error(msg, e);
|
||||
throw new GroupManagementException(msg, e);
|
||||
} catch (Exception e) {
|
||||
String msg = "Error occurred in getGroups";
|
||||
log.error(msg, e);
|
||||
throw new GroupManagementException(msg, e);
|
||||
} finally {
|
||||
GroupManagementDAOFactory.closeConnection();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
|
||||
@ -38,6 +38,10 @@ import org.wso2.carbon.device.mgt.common.ApplicationRegistration;
|
||||
import org.wso2.carbon.device.mgt.common.ApplicationRegistrationException;
|
||||
import org.wso2.carbon.device.mgt.common.Device;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
||||
import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationEntry;
|
||||
import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfiguration;
|
||||
import org.wso2.carbon.device.mgt.common.configuration.mgt.PlatformConfigurationManagementService;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
|
||||
import org.wso2.carbon.device.mgt.common.GroupPaginationRequest;
|
||||
@ -53,6 +57,8 @@ import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
|
||||
import org.wso2.carbon.device.mgt.core.config.DeviceManagementConfig;
|
||||
import org.wso2.carbon.device.mgt.core.config.datasource.DataSourceConfig;
|
||||
import org.wso2.carbon.device.mgt.core.config.datasource.JNDILookupDefinition;
|
||||
import org.wso2.carbon.device.mgt.core.config.policy.PolicyConfiguration;
|
||||
import org.wso2.carbon.device.mgt.core.config.tenant.PlatformConfigurationManagementServiceImpl;
|
||||
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOException;
|
||||
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory;
|
||||
import org.wso2.carbon.device.mgt.core.dao.DeviceTypeDAO;
|
||||
@ -100,6 +106,7 @@ import java.util.stream.IntStream;
|
||||
public final class DeviceManagerUtil {
|
||||
|
||||
private static final Log log = LogFactory.getLog(DeviceManagerUtil.class);
|
||||
public static final String GENERAL_CONFIG_RESOURCE_PATH = "general";
|
||||
|
||||
private static boolean isDeviceCacheInitialized = false;
|
||||
|
||||
@ -348,6 +355,11 @@ public final class DeviceManagerUtil {
|
||||
}
|
||||
}
|
||||
|
||||
public static int getTenantId() {
|
||||
return PrivilegedCarbonContext
|
||||
.getThreadLocalCarbonContext().getTenantId();
|
||||
}
|
||||
|
||||
public static int validateActivityListPageSize(int limit) throws OperationManagementException {
|
||||
if (limit == 0) {
|
||||
DeviceManagementConfig deviceManagementConfig = DeviceConfigurationManager.getInstance().
|
||||
@ -700,6 +712,30 @@ public final class DeviceManagerUtil {
|
||||
return jwtClient.getAccessToken(clientId, clientSecret, deviceOwner, scopes);
|
||||
}
|
||||
|
||||
public static Object getConfiguration(String key) {
|
||||
|
||||
PlatformConfigurationManagementService configMgtService =
|
||||
new PlatformConfigurationManagementServiceImpl();
|
||||
|
||||
try {
|
||||
PlatformConfiguration tenantConfiguration = configMgtService.getConfiguration
|
||||
(GENERAL_CONFIG_RESOURCE_PATH);
|
||||
List<ConfigurationEntry> configuration = tenantConfiguration.getConfiguration();
|
||||
|
||||
if (configuration != null && !configuration.isEmpty()) {
|
||||
for (ConfigurationEntry cEntry : configuration) {
|
||||
if (key.equalsIgnoreCase(cEntry.getName())) {
|
||||
return cEntry.getValue();
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch (ConfigurationManagementException e) {
|
||||
log.error("Error while getting the configurations from registry.", e);
|
||||
return null;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* <h1>Generate a value for the passed os version</h1>
|
||||
*
|
||||
|
||||
@ -25,11 +25,16 @@ import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.http.protocol.HTTP;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.EventPublishingException;
|
||||
import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
public class HttpReportingUtil {
|
||||
|
||||
public static String getReportingHost() {
|
||||
return System.getProperty(DeviceManagementConstants.Report.REPORTING_EVENT_HOST);
|
||||
}
|
||||
|
||||
public static int invokeApi(String payload, String endpoint) throws EventPublishingException {
|
||||
try (CloseableHttpClient client = HttpClients.createDefault()) {
|
||||
HttpPost apiEndpoint = new HttpPost(endpoint);
|
||||
|
||||
@ -95,6 +95,21 @@
|
||||
class="form-control"
|
||||
placeholder="[ Required Field ]">
|
||||
</div>
|
||||
<div class="wr-input-control">
|
||||
<label class="wr-input-label" for="publish-for-analytics">
|
||||
Publish For Analytics
|
||||
<span class="helper" title="Should publish events">
|
||||
<span class="wr-help-tip glyphicon glyphicon-question-sign"></span>
|
||||
</span>
|
||||
</label>
|
||||
<select id="publish-for-analytics"
|
||||
class="form-control">
|
||||
<option value="false" selected="selected">
|
||||
false
|
||||
</option>
|
||||
<option value="true">true</option>
|
||||
</select>
|
||||
</div>
|
||||
<div class="wr-input-control wr-btn-grp">
|
||||
<button id="save-general-btn" class="wr-btn">Save</button>
|
||||
</div>
|
||||
|
||||
@ -22,7 +22,8 @@ $(document).ready(function () {
|
||||
|
||||
var configParams = {
|
||||
"NOTIFIER_TYPE": "notifierType",
|
||||
"NOTIFIER_FREQUENCY": "notifierFrequency"
|
||||
"NOTIFIER_FREQUENCY": "notifierFrequency",
|
||||
"IS_EVENT_PUBLISHING_ENABLED": "isEventPublishingEnabled"
|
||||
};
|
||||
|
||||
var responseCodes = {
|
||||
@ -51,6 +52,8 @@ $(document).ready(function () {
|
||||
var config = data.configuration[i];
|
||||
if (config.name == configParams["NOTIFIER_FREQUENCY"]) {
|
||||
$("input#monitoring-config-frequency").val(config.value / 1000);
|
||||
} else if (config.name == configParams["IS_EVENT_PUBLISHING_ENABLED"]) {
|
||||
$("select#publish-for-analytics").val(config.value);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -65,6 +68,7 @@ $(document).ready(function () {
|
||||
*/
|
||||
$("button#save-general-btn").click(function () {
|
||||
var notifierFrequency = $("input#monitoring-config-frequency").val();
|
||||
var publishEvents = $("select#publish-for-analytics").val();
|
||||
var errorMsgWrapper = "#email-config-error-msg";
|
||||
var errorMsg = "#email-config-error-msg span";
|
||||
|
||||
@ -84,6 +88,13 @@ $(document).ready(function () {
|
||||
"contentType": "text"
|
||||
};
|
||||
|
||||
var publishEventsDetails = {
|
||||
"name": configParams["IS_EVENT_PUBLISHING_ENABLED"],
|
||||
"value": publishEvents,
|
||||
"contentType": "text"
|
||||
};
|
||||
|
||||
configList.push(publishEventsDetails);
|
||||
configList.push(monitorFrequency);
|
||||
addConfigFormData.configuration = configList;
|
||||
|
||||
|
||||
@ -86,6 +86,7 @@
|
||||
org.wso2.carbon.utils,
|
||||
org.wso2.carbon.utils.multitenancy,
|
||||
org.xml.sax,
|
||||
com.google.gson.*,
|
||||
javax.servlet,
|
||||
javax.servlet.http,
|
||||
javax.xml,
|
||||
@ -215,6 +216,10 @@
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>org.wso2.carbon.device.mgt.common</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.code.gson</groupId>
|
||||
<artifactId>gson</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.orbit.org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpclient</artifactId>
|
||||
|
||||
@ -22,6 +22,13 @@ import org.apache.catalina.connector.Response;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.w3c.dom.Document;
|
||||
import org.wso2.carbon.base.MultitenantConstants;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.user.api.UserRealm;
|
||||
import org.wso2.carbon.user.api.UserStoreException;
|
||||
import org.wso2.carbon.user.core.service.RealmService;
|
||||
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.internal.AuthenticatorFrameworkDataHolder;
|
||||
|
||||
import javax.xml.XMLConstants;
|
||||
import javax.xml.parsers.DocumentBuilder;
|
||||
@ -32,6 +39,7 @@ import java.io.IOException;
|
||||
public class AuthenticationFrameworkUtil {
|
||||
|
||||
private static final Log log = LogFactory.getLog(AuthenticationFrameworkUtil.class);
|
||||
private static final String UI_EXECUTE = "ui.execute";
|
||||
|
||||
static void handleResponse(Request request, Response response, int statusCode, String payload) {
|
||||
response.setStatus(statusCode);
|
||||
@ -65,4 +73,43 @@ public class AuthenticationFrameworkUtil {
|
||||
}
|
||||
}
|
||||
|
||||
static boolean isUserAuthorized(int tenantId, String tenantDomain, String username, String
|
||||
permission) throws
|
||||
AuthenticationException {
|
||||
boolean tenantFlowStarted = false;
|
||||
|
||||
try{
|
||||
//If this is a tenant user
|
||||
if(tenantId != MultitenantConstants.SUPER_TENANT_ID){
|
||||
PrivilegedCarbonContext.startTenantFlow();
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain);
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(tenantId);
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(username);
|
||||
tenantFlowStarted = true;
|
||||
}
|
||||
|
||||
RealmService realmService = AuthenticatorFrameworkDataHolder.getInstance().getRealmService();
|
||||
if (realmService == null) {
|
||||
String msg = "RealmService is not initialized";
|
||||
log.error(msg);
|
||||
throw new AuthenticationException(msg);
|
||||
}
|
||||
UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
|
||||
|
||||
return userRealm.getAuthorizationManager()
|
||||
.isUserAuthorized(MultitenantUtils
|
||||
.getTenantAwareUsername(username), permission, UI_EXECUTE);
|
||||
|
||||
} catch (UserStoreException e) {
|
||||
String msg = "Error while getting username";
|
||||
log.error(msg, e);
|
||||
throw new AuthenticationException(msg, e);
|
||||
}
|
||||
finally {
|
||||
if (tenantFlowStarted) {
|
||||
PrivilegedCarbonContext.endTenantFlow();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -30,6 +30,7 @@ public class AuthenticationInfo {
|
||||
private String username;
|
||||
private String tenantDomain;
|
||||
private int tenantId = -1;
|
||||
private boolean isSuperTenantAdmin;
|
||||
|
||||
public WebappAuthenticator.Status getStatus() {
|
||||
return status;
|
||||
@ -71,4 +72,12 @@ public class AuthenticationInfo {
|
||||
public void setTenantId(int tenantId) {
|
||||
this.tenantId = tenantId;
|
||||
}
|
||||
|
||||
public boolean isSuperTenantAdmin() {
|
||||
return isSuperTenantAdmin;
|
||||
}
|
||||
|
||||
public void setSuperTenantAdmin(boolean superTenantAdmin) {
|
||||
isSuperTenantAdmin = superTenantAdmin;
|
||||
}
|
||||
}
|
||||
|
||||
@ -22,6 +22,7 @@ public final class Constants {
|
||||
|
||||
public static final String AUTHORIZATION_HEADER_PREFIX_BEARER = "Bearer";
|
||||
public static final String NO_MATCHING_AUTH_SCHEME = "noMatchedAuthScheme";
|
||||
public static final String PROXY_TENANT_ID = "Proxy-Tenant-Id";
|
||||
|
||||
public static final class HTTPHeaders {
|
||||
private HTTPHeaders() {
|
||||
|
||||
@ -18,15 +18,20 @@
|
||||
*/
|
||||
package org.wso2.carbon.webapp.authenticator.framework;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import org.apache.catalina.Context;
|
||||
import org.apache.catalina.connector.Request;
|
||||
import org.apache.catalina.connector.Response;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.owasp.encoder.Encode;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve;
|
||||
import org.wso2.carbon.tomcat.ext.valves.CompositeValve;
|
||||
import org.wso2.carbon.user.api.Tenant;
|
||||
import org.wso2.carbon.user.api.UserStoreException;
|
||||
import org.wso2.carbon.user.core.service.RealmService;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.authorizer.WebappTenantAuthorizer;
|
||||
|
||||
@ -39,12 +44,15 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
|
||||
|
||||
private static final Log log = LogFactory.getLog(WebappAuthenticationValve.class);
|
||||
private static TreeMap<String, String> nonSecuredEndpoints = new TreeMap<>();
|
||||
private static final String PERMISSION_PREFIX = "/permission/admin";
|
||||
public static final String AUTHORIZE_PERMISSION = "Authorize-Permission";
|
||||
|
||||
@Override
|
||||
public void invoke(Request request, Response response, CompositeValve compositeValve) {
|
||||
|
||||
if (this.isContextSkipped(request) || this.skipAuthentication(request)) {
|
||||
this.getNext().invoke(request, response, compositeValve);
|
||||
if ((this.isContextSkipped(request) || this.skipAuthentication(request))
|
||||
&& (StringUtils.isEmpty(request.getHeader(AUTHORIZE_PERMISSION)))) {
|
||||
this.getNext().invoke(request, response, compositeValve);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -60,6 +68,41 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
|
||||
WebappAuthenticator.Status status = WebappTenantAuthorizer.authorize(request, authenticationInfo);
|
||||
authenticationInfo.setStatus(status);
|
||||
}
|
||||
|
||||
// This section will allow to validate a given access token is authenticated to access given
|
||||
// resource(permission)
|
||||
if (request.getCoyoteRequest() != null
|
||||
&& StringUtils.isNotEmpty(request.getHeader(AUTHORIZE_PERMISSION))
|
||||
&& (authenticationInfo.getStatus() == WebappAuthenticator.Status.CONTINUE ||
|
||||
authenticationInfo.getStatus() == WebappAuthenticator.Status.SUCCESS)) {
|
||||
boolean isAllowed;
|
||||
try {
|
||||
isAllowed = AuthenticationFrameworkUtil.isUserAuthorized(
|
||||
authenticationInfo.getTenantId(), authenticationInfo.getTenantDomain(),
|
||||
authenticationInfo.getUsername(),
|
||||
PERMISSION_PREFIX + request.getHeader (AUTHORIZE_PERMISSION));
|
||||
} catch (AuthenticationException e) {
|
||||
String msg = "Could not authorize permission";
|
||||
log.error(msg);
|
||||
AuthenticationFrameworkUtil.handleResponse(request, response,
|
||||
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg);
|
||||
return;
|
||||
}
|
||||
|
||||
if (isAllowed) {
|
||||
Gson gson = new Gson();
|
||||
AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_OK,
|
||||
gson.toJson(authenticationInfo));
|
||||
return;
|
||||
} else {
|
||||
log.error("Unauthorized message from user " + authenticationInfo.getUsername());
|
||||
AuthenticationFrameworkUtil.handleResponse(request, response,
|
||||
HttpServletResponse.SC_FORBIDDEN, "Unauthorized to access the API");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
Tenant tenant = null;
|
||||
if (authenticationInfo.getTenantId() != -1) {
|
||||
try {
|
||||
PrivilegedCarbonContext.startTenantFlow();
|
||||
@ -67,10 +110,49 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
|
||||
privilegedCarbonContext.setTenantId(authenticationInfo.getTenantId());
|
||||
privilegedCarbonContext.setTenantDomain(authenticationInfo.getTenantDomain());
|
||||
privilegedCarbonContext.setUsername(authenticationInfo.getUsername());
|
||||
this.processRequest(request, response, compositeValve, authenticationInfo);
|
||||
if (authenticationInfo.isSuperTenantAdmin() && request.getHeader(Constants
|
||||
.PROXY_TENANT_ID) != null) {
|
||||
// If this is a call from super admin to an API and the ProxyTenantId is also
|
||||
// present, this is a call that is made with super admin credentials to call
|
||||
// an API on behalf of another tenant. Hence the actual tenants, details are
|
||||
// resolved instead of calling processRequest.
|
||||
int tenantId = Integer.valueOf(request.getHeader(Constants.PROXY_TENANT_ID));
|
||||
RealmService realmService = (RealmService) PrivilegedCarbonContext
|
||||
.getThreadLocalCarbonContext().getOSGiService(RealmService.class, null);
|
||||
if (realmService == null) {
|
||||
String msg = "RealmService is not initialized";
|
||||
log.error(msg);
|
||||
AuthenticationFrameworkUtil.handleResponse(request, response,
|
||||
HttpServletResponse.SC_BAD_REQUEST, msg);
|
||||
return;
|
||||
}
|
||||
tenant = realmService.getTenantManager().getTenant(tenantId);
|
||||
} else {
|
||||
this.processRequest(request, response, compositeValve, authenticationInfo);
|
||||
}
|
||||
} catch (UserStoreException e) {
|
||||
String msg = "Could not locate the tenant";
|
||||
log.error(msg);
|
||||
AuthenticationFrameworkUtil.handleResponse(request, response,
|
||||
HttpServletResponse.SC_BAD_REQUEST, msg);
|
||||
} finally {
|
||||
PrivilegedCarbonContext.endTenantFlow();
|
||||
}
|
||||
|
||||
// A call from super admin to a child tenant. Start a new tenant flow of the target
|
||||
// tenant and pass to the API.
|
||||
if (tenant != null) {
|
||||
try {
|
||||
PrivilegedCarbonContext.startTenantFlow();
|
||||
PrivilegedCarbonContext privilegedCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
|
||||
privilegedCarbonContext.setTenantId(tenant.getId());
|
||||
privilegedCarbonContext.setTenantDomain(tenant.getDomain());
|
||||
privilegedCarbonContext.setUsername(tenant.getAdminName());
|
||||
this.processRequest(request, response, compositeValve, authenticationInfo);
|
||||
} finally {
|
||||
PrivilegedCarbonContext.endTenantFlow();
|
||||
}
|
||||
}
|
||||
} else {
|
||||
this.processRequest(request, response, compositeValve, authenticationInfo);
|
||||
}
|
||||
|
||||
@ -25,6 +25,7 @@ import org.apache.tomcat.util.buf.ByteChunk;
|
||||
import org.apache.tomcat.util.buf.MessageBytes;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationException;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.Constants;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.Utils.Utils;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuthTokenValidationException;
|
||||
@ -77,6 +78,11 @@ public class OAuthAuthenticator implements WebappAuthenticator {
|
||||
String resource = requestUri + ":" + requestMethod;
|
||||
OAuthValidationResponse oAuthValidationResponse = this.tokenValidator.validateToken(bearerToken, resource);
|
||||
authenticationInfo = Utils.setAuthenticationInfo(oAuthValidationResponse, authenticationInfo);
|
||||
if (authenticationInfo.getTenantId() == -1234 && properties.getProperty("Username")
|
||||
.equals(authenticationInfo.getUsername())
|
||||
&& request.getHeader(Constants.PROXY_TENANT_ID) != null) {
|
||||
authenticationInfo.setSuperTenantAdmin(true);
|
||||
}
|
||||
} catch (AuthenticationException e) {
|
||||
log.error("Failed to authenticate the incoming request", e);
|
||||
} catch (OAuthTokenValidationException e) {
|
||||
|
||||
@ -55,8 +55,9 @@ public class WebappAuthenticationValveTest {
|
||||
|
||||
@Test(description = "This method tests the invoke method of the WebAppAuthenticationValve with the context path "
|
||||
+ "starting with carbon")
|
||||
public void testInvokeWithContextSkippedScenario1() {
|
||||
public void testInvokeWithContextSkippedScenario1() throws NoSuchFieldException, IllegalAccessException {
|
||||
Request request = new Request();
|
||||
getCoyoteRequest(request);
|
||||
Context context = new StandardContext();
|
||||
context.setPath("carbon");
|
||||
CompositeValve compositeValve = Mockito.mock(CompositeValve.class);
|
||||
@ -64,6 +65,7 @@ public class WebappAuthenticationValveTest {
|
||||
request.setContext(context);
|
||||
webappAuthenticationValve.invoke(request, null, compositeValve);
|
||||
request = new TestRequest("", "test");
|
||||
getCoyoteRequest(request);
|
||||
context = new StandardContext();
|
||||
compositeValve = Mockito.mock(CompositeValve.class);
|
||||
Mockito.doNothing().when(compositeValve).continueInvocation(Mockito.any(), Mockito.any());
|
||||
@ -73,8 +75,9 @@ public class WebappAuthenticationValveTest {
|
||||
|
||||
@Test(description = "This method tests the behaviour of the invoke method of WebAuthenticationValve when "
|
||||
+ "un-secured endpoints are invoked.")
|
||||
public void testInvokeUnSecuredEndpoints() {
|
||||
public void testInvokeUnSecuredEndpoints() throws IllegalAccessException, NoSuchFieldException {
|
||||
Request request = new TestRequest("", "test");
|
||||
getCoyoteRequest(request);
|
||||
Context context = new StandardContext();
|
||||
context.setPath("carbon1");
|
||||
context.addParameter("doAuthentication", String.valueOf(true));
|
||||
@ -85,6 +88,22 @@ public class WebappAuthenticationValveTest {
|
||||
webappAuthenticationValve.invoke(request, null, compositeValve);
|
||||
}
|
||||
|
||||
private void getCoyoteRequest(Request request) throws
|
||||
IllegalAccessException,
|
||||
NoSuchFieldException {
|
||||
|
||||
Field headersField = org.apache.coyote.Request.class.getDeclaredField("headers");
|
||||
headersField.setAccessible(true);
|
||||
org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
|
||||
|
||||
MimeHeaders mimeHeaders = new MimeHeaders();
|
||||
MessageBytes bytes = mimeHeaders.addValue("content-type");
|
||||
bytes.setString("test");
|
||||
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
}
|
||||
|
||||
@Test(description = "This method tests the behaviour of the invoke method of WebAuthenticationValve when "
|
||||
+ "secured endpoints are invoked.")
|
||||
public void testInvokeSecuredEndpoints() throws NoSuchFieldException, IllegalAccessException {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user