community/device-mgt-core
1
0
Fork 0
mirror of https://repository.entgra.net/community/device-mgt-core.git synced 2025-10-06 02:01:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixing user is not authorized to view devices

Browse Source
This commit is contained in:
Rasika Perera 2016-12-24 00:40:24 +05:30
parent cef9876575
commit acb2c38799
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/DeviceManagementServiceImpl.java
View File

@ -45,6 +45,7 @@ import org.wso2.carbon.policy.mgt.common.PolicyManagementException;
import org.wso2.carbon.policy.mgt.common.monitor.ComplianceData; import org.wso2.carbon.policy.mgt.common.monitor.ComplianceData;
import org.wso2.carbon.policy.mgt.common.monitor.PolicyComplianceException; import org.wso2.carbon.policy.mgt.common.monitor.PolicyComplianceException;
import org.wso2.carbon.policy.mgt.core.PolicyManagerService; import org.wso2.carbon.policy.mgt.core.PolicyManagerService;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import javax.validation.constraints.Size; import javax.validation.constraints.Size;
import javax.ws.rs.*; import javax.ws.rs.*;
@ -113,15 +114,16 @@ public class DeviceManagementServiceImpl implements DeviceManagementService {
} }
// this is the user who initiates the request // this is the user who initiates the request
String authorizedUser = CarbonContext.getThreadLocalCarbonContext().getUsername(); String authorizedUser = MultitenantUtils.getTenantAwareUsername(CarbonContext.getThreadLocalCarbonContext().getUsername());
// check whether the user is device-mgt admin // check whether the user is device-mgt admin
if (deviceAccessAuthorizationService.isDeviceAdminUser()) { if (deviceAccessAuthorizationService.isDeviceAdminUser()) {
if (user != null && !user.isEmpty()) { if (user != null && !user.isEmpty()) {
request.setOwner(user); request.setOwner(MultitenantUtils.getTenantAwareUsername(user));
} }
} else { } else {
if (user != null && !user.isEmpty()) { if (user != null && !user.isEmpty()) {
user = MultitenantUtils.getTenantAwareUsername(user);
if (user.equals(authorizedUser)) { if (user.equals(authorizedUser)) {
request.setOwner(user); request.setOwner(user);
} else { } else {