Bug fixes and fix for https://wso2.org/jira/browse/IOTS-158

2025-10-06 02:01:45 +00:00 · 2016-05-17 23:33:33 +05:30 · 2016-05-17 23:33:33 +05:30 · aadf87e5d9
commit aadf87e5d9
parent 3d870786ae
8 changed files with 65 additions and 13 deletions
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/api/impl/GroupImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/api/impl/GroupImpl.java
@ -118,7 +118,7 @@ public class GroupImpl implements Group {
    @Override
    @GET
    @Produces("application/json")
-    public Response getGroups(@QueryParam("start") int startIndex, @PathParam("length") int length) {
+    public Response getGroups(@QueryParam("start") int startIndex, @QueryParam("length") int length) {
        try {
            PaginationResult paginationResult = DeviceMgtAPIUtils.getGroupManagementProviderService()
                    .getGroups(startIndex, length);
@ -331,8 +331,7 @@ public class GroupImpl implements Group {
    @Produces("application/json")
    public Response addSharing(@QueryParam("shareUser") String shareUser,
                               @PathParam("groupName") String groupName, @PathParam("owner") String owner,
-                               @PathParam("roleName") String roleName,
-                               @FormParam("permissions") String[] permissions) {
+                               @PathParam("roleName") String roleName, String[] permissions) {

        try {
            boolean isAdded = DeviceMgtAPIUtils.getGroupManagementProviderService().addGroupSharingRole(
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/api/impl/PolicyImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/api/impl/PolicyImpl.java
@ -21,6 +21,11 @@ package org.wso2.carbon.device.mgt.jaxrs.api.impl;
 import org.apache.commons.httpclient.HttpStatus;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.device.mgt.common.Device;
+import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
+import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
+import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
 import org.wso2.carbon.device.mgt.jaxrs.api.common.MDMAPIException;
 import org.wso2.carbon.device.mgt.jaxrs.api.util.DeviceMgtAPIUtils;
 import org.wso2.carbon.device.mgt.jaxrs.beans.PriorityUpdatedPolicyWrapper;
@ -97,6 +102,22 @@ public class PolicyImpl implements org.wso2.carbon.device.mgt.jaxrs.api.Policy {

    private Response addPolicy(PolicyManagerService policyManagementService, ResponsePayload responseMsg,
                               org.wso2.carbon.policy.mgt.common.Policy policy) {
+        List<Device> devices = policy.getDevices();
+        if (devices != null && devices.size() == 1) {
+            DeviceAccessAuthorizationService deviceAccessAuthorizationService = DeviceManagementDataHolder.getInstance().getDeviceAccessAuthorizationService();
+            DeviceIdentifier deviceIdentifier = new DeviceIdentifier(devices.get(0).getDeviceIdentifier(), devices.get(0).getType());
+            PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
+            String username = threadLocalCarbonContext.getUsername();
+            try {
+                if (!deviceAccessAuthorizationService.isUserAuthorized(deviceIdentifier, username)) {
+                    return Response.status(Response.Status.UNAUTHORIZED).build();
+                }
+            } catch (DeviceAccessAuthorizationException e) {
+                String msg = "Device access authorization exception";
+                log.error(msg, e);
+                return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+            }
+        }
        try {
            PolicyAdministratorPoint pap = policyManagementService.getPAP();
            pap.addPolicy(policy);
--- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml
@ -669,6 +669,12 @@
        <url>/policies/inactive-policy</url>
        <method>POST</method>
    </Permission>
+    <Permission>
+        <name>Add Policy</name>
+        <path>/device-mgt/user/policies/add</path>
+        <url>/policies/inactive-policy</url>
+        <method>POST</method>
+    </Permission>

    <Permission>
        <name>List policies</name>
@ -704,6 +710,12 @@
        <url>/policies/active-policy</url>
        <method>POST</method>
    </Permission>
+    <Permission>
+        <name>Add Policy</name>
+        <path>/device-mgt/user/policies/add</path>
+        <url>/policies/inactive-policy</url>
+        <method>POST</method>
+    </Permission>

    <Permission>
        <name>Remove policy</name>
@ -726,6 +738,20 @@
        <method>GET</method>
    </Permission>

+    <Permission>
+        <name>List user policies</name>
+        <path>/device-mgt/user/policies/list</path>
+        <url>/policies</url>
+        <method>GET</method>
+    </Permission>
+
+    <Permission>
+        <name>List user policies</name>
+        <path>/device-mgt/user/policies/list</path>
+        <url>/policies/*</url>
+        <method>GET</method>
+    </Permission>
+
    <Permission>
        <name>Update policy</name>
        <path>/device-mgt/admin/policies/update</path>
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/user.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/modules/user.js
@ -668,6 +668,9 @@ var userModule = function () {
        if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/roles/add")) {
            permissions["ADD_ROLE"] = true;
        }
+        if (publicMethods.isAuthorized("/permission/admin/device-mgt/admin/policies/add")) {
+            permissions["ADD_ADMIN_POLICY"] = true;
+        }
        if (publicMethods.isAuthorized("/permission/admin/device-mgt/user/policies/add")) {
            permissions["ADD_POLICY"] = true;
        }
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policies/policies.hbs
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policies/policies.hbs
@ -16,6 +16,7 @@
 {{/zone}}

 {{#zone "navbarActions"}}
+    {{#if permissions.ADD_ADMIN_POLICY}}
    <li>
        <a href="{{@app.context}}/policy/add" class="cu-btn">
            <span class="icon fw-stack">
@ -25,7 +26,9 @@
            Add Policy
        </a>
    </li>
-    <li>
+    {{/if}}
+    {{#if permissions.CHANGE_POLICY_PRIORITY}}
+        <li>
        <a href="{{@app.context}}/policy/priority" class="cu-btn">
            <span class="icon fw-stack">
                <i class="fw fw-throttling-policy fw-stack-1x"></i>
@ -34,6 +37,7 @@
            Policy Priority
        </a>
    </li>
+    {{/if}}
    <li>
        <a href="#" class="cu-btn" id="appbar-btn-apply-changes">
            <span class="icon fw-stack">
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policies/policies.js
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/pages/cdmf.page.policies/policies.js
@ -16,14 +16,17 @@
 * under the License.
 */

-function onRequest(context){
+function onRequest(context) {
    context.handlebars.registerHelper('equal', function (lvalue, rvalue, options) {
-        if (arguments.length < 3)
+        if (arguments.length < 3) {
            throw new Error("Handlebars Helper equal needs 2 parameters");
-        if( lvalue!=rvalue ) {
+        }
+        if (lvalue != rvalue) {
            return options.inverse(this);
        } else {
            return options.fn(this);
        }
    });
+    var userModule = require("/app/modules/user.js").userModule;
+    return {permissions: userModule.getUIPermissions()};
 }
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.operation-mod/operation-mod.json
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.device.operation-mod/operation-mod.json
@ -1,7 +1,3 @@
 {
-  "version": "1.0.0",
-  "pushedUris": [
-    "/policies",
-    "/policy/{+any}"
-  ]
+  "version": "1.0.0"
 }
--- a/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.hbs
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/resources/jaggeryapps/devicemgt/app/units/cdmf.unit.policy.create/create.hbs
@ -22,7 +22,7 @@
                    <div class="col-md-3 col-xs-3">
                        <div class="itm-wiz" data-step="policy-criteria">
                            <div class="wiz-no">3</div>
-                            <div class="wiz-lbl hidden-xs"><span>Assign to groups</span></div>
+                            <div class="wiz-lbl hidden-xs"><span>Assign</span></div>
                        </div>
                        <br class="c-both"/>
                    </div>