mirror of
https://repository.entgra.net/community/device-mgt-plugins.git
synced 2025-09-16 23:42:15 +00:00
Adding group permission checking
This commit is contained in:
Rasika Perera
parent
d211f3e358
commit
7a5acb6f58
@ -26,6 +26,7 @@ import org.wso2.carbon.analytics.datasource.commons.exception.AnalyticsException
|
|||||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||||
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
||||||
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
|
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
|
||||||
|
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants;
|
||||||
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.transport.AndroidSenseMQTTConnector;
|
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.transport.AndroidSenseMQTTConnector;
|
||||||
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.util.APIUtil;
|
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.util.APIUtil;
|
||||||
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.util.SensorRecord;
|
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.util.SensorRecord;
|
||||||
@ -78,7 +79,7 @@ public class AndroidSenseControllerServiceImpl implements AndroidSenseController
|
|||||||
public Response sendThreshold(@PathParam("deviceId") String deviceId, @QueryParam("threshold") String threshold) {
|
public Response sendThreshold(@PathParam("deviceId") String deviceId, @QueryParam("threshold") String threshold) {
|
||||||
try {
|
try {
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
||||||
AndroidSenseConstants.DEVICE_TYPE))) {
|
AndroidSenseConstants.DEVICE_TYPE), DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
androidSenseMQTTConnector.publishDeviceData(deviceId, "threshold", threshold);
|
androidSenseMQTTConnector.publishDeviceData(deviceId, "threshold", threshold);
|
||||||
@ -96,7 +97,7 @@ public class AndroidSenseControllerServiceImpl implements AndroidSenseController
|
|||||||
public Response removeKeyWords(@PathParam("deviceId") String deviceId, @QueryParam("words") String words) {
|
public Response removeKeyWords(@PathParam("deviceId") String deviceId, @QueryParam("words") String words) {
|
||||||
try {
|
try {
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
||||||
AndroidSenseConstants.DEVICE_TYPE))) {
|
AndroidSenseConstants.DEVICE_TYPE), DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
androidSenseMQTTConnector.publishDeviceData(deviceId, "remove", words);
|
androidSenseMQTTConnector.publishDeviceData(deviceId, "remove", words);
|
||||||
@ -127,7 +128,7 @@ public class AndroidSenseControllerServiceImpl implements AndroidSenseController
|
|||||||
|
|
||||||
try {
|
try {
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
||||||
AndroidSenseConstants.DEVICE_TYPE))) {
|
AndroidSenseConstants.DEVICE_TYPE), DeviceGroupConstants.Permissions.DEFAULT_STATS_MONITOR_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
List<SensorRecord> sensorDatas;
|
List<SensorRecord> sensorDatas;
|
||||||
|
|||||||
@ -25,6 +25,7 @@ import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
|||||||
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
|
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
|
||||||
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
|
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
|
||||||
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
|
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
|
||||||
|
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants;
|
||||||
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.util.APIUtil;
|
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.util.APIUtil;
|
||||||
import org.wso2.carbon.device.mgt.iot.androidsense.plugin.constants.AndroidSenseConstants;
|
import org.wso2.carbon.device.mgt.iot.androidsense.plugin.constants.AndroidSenseConstants;
|
||||||
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.util.AndroidConfiguration;
|
import org.wso2.carbon.device.mgt.iot.androidsense.service.impl.util.AndroidConfiguration;
|
||||||
@ -108,7 +109,8 @@ public class AndroidSenseManagerServiceImpl implements AndroidSenseManagerServic
|
|||||||
deviceIdentifier.setId(deviceId);
|
deviceIdentifier.setId(deviceId);
|
||||||
deviceIdentifier.setType(AndroidSenseConstants.DEVICE_TYPE);
|
deviceIdentifier.setType(AndroidSenseConstants.DEVICE_TYPE);
|
||||||
try {
|
try {
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier)) {
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier, DeviceGroupConstants.
|
||||||
|
Permissions.DEFAULT_ADMIN_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
boolean removed = APIUtil.getDeviceManagementService().disenrollDevice(deviceIdentifier);
|
boolean removed = APIUtil.getDeviceManagementService().disenrollDevice(deviceIdentifier);
|
||||||
@ -133,7 +135,8 @@ public class AndroidSenseManagerServiceImpl implements AndroidSenseManagerServic
|
|||||||
deviceIdentifier.setId(deviceId);
|
deviceIdentifier.setId(deviceId);
|
||||||
deviceIdentifier.setType(AndroidSenseConstants.DEVICE_TYPE);
|
deviceIdentifier.setType(AndroidSenseConstants.DEVICE_TYPE);
|
||||||
try {
|
try {
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier)) {
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier, DeviceGroupConstants.
|
||||||
|
Permissions.DEFAULT_ADMIN_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
Device device = APIUtil.getDeviceManagementService().getDevice(deviceIdentifier);
|
Device device = APIUtil.getDeviceManagementService().getDevice(deviceIdentifier);
|
||||||
|
|||||||
@ -26,6 +26,7 @@ import org.wso2.carbon.analytics.datasource.commons.exception.AnalyticsException
|
|||||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||||
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
||||||
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
|
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
|
||||||
|
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants;
|
||||||
import org.wso2.carbon.device.mgt.iot.arduino.service.impl.dto.SensorRecord;
|
import org.wso2.carbon.device.mgt.iot.arduino.service.impl.dto.SensorRecord;
|
||||||
import org.wso2.carbon.device.mgt.iot.arduino.service.impl.util.APIUtil;
|
import org.wso2.carbon.device.mgt.iot.arduino.service.impl.util.APIUtil;
|
||||||
import org.wso2.carbon.device.mgt.iot.arduino.plugin.constants.ArduinoConstants;
|
import org.wso2.carbon.device.mgt.iot.arduino.plugin.constants.ArduinoConstants;
|
||||||
@ -54,7 +55,8 @@ public class ArduinoControllerServiceImpl implements ArduinoControllerService {
|
|||||||
public Response switchBulb(@PathParam("deviceId") String deviceId, @QueryParam("state") String state) {
|
public Response switchBulb(@PathParam("deviceId") String deviceId, @QueryParam("state") String state) {
|
||||||
try {
|
try {
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
||||||
ArduinoConstants.DEVICE_TYPE))) {
|
ArduinoConstants.DEVICE_TYPE),
|
||||||
|
DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
LinkedList<String> deviceControlList = internalControlsQueue.get(deviceId);
|
LinkedList<String> deviceControlList = internalControlsQueue.get(deviceId);
|
||||||
@ -79,7 +81,7 @@ public class ArduinoControllerServiceImpl implements ArduinoControllerService {
|
|||||||
public Response readControls(@PathParam("deviceId") String deviceId) {
|
public Response readControls(@PathParam("deviceId") String deviceId) {
|
||||||
try {
|
try {
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
||||||
ArduinoConstants.DEVICE_TYPE))) {
|
ArduinoConstants.DEVICE_TYPE), DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
String result;
|
String result;
|
||||||
@ -121,7 +123,7 @@ public class ArduinoControllerServiceImpl implements ArduinoControllerService {
|
|||||||
@QueryParam("to") long to) {
|
@QueryParam("to") long to) {
|
||||||
try {
|
try {
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
||||||
ArduinoConstants.DEVICE_TYPE))) {
|
ArduinoConstants.DEVICE_TYPE), DeviceGroupConstants.Permissions.DEFAULT_STATS_MONITOR_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
String fromDate = String.valueOf(from);
|
String fromDate = String.valueOf(from);
|
||||||
|
|||||||
@ -25,6 +25,7 @@ import org.wso2.carbon.analytics.dataservice.commons.SortByField;
|
|||||||
import org.wso2.carbon.analytics.datasource.commons.exception.AnalyticsException;
|
import org.wso2.carbon.analytics.datasource.commons.exception.AnalyticsException;
|
||||||
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
||||||
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
|
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
|
||||||
|
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants;
|
||||||
import org.wso2.carbon.device.mgt.iot.controlqueue.mqtt.MqttConfig;
|
import org.wso2.carbon.device.mgt.iot.controlqueue.mqtt.MqttConfig;
|
||||||
import org.wso2.carbon.device.mgt.iot.raspberrypi.service.impl.dto.SensorRecord;
|
import org.wso2.carbon.device.mgt.iot.raspberrypi.service.impl.dto.SensorRecord;
|
||||||
import org.wso2.carbon.device.mgt.iot.raspberrypi.service.impl.transport.RaspberryPiMQTTConnector;
|
import org.wso2.carbon.device.mgt.iot.raspberrypi.service.impl.transport.RaspberryPiMQTTConnector;
|
||||||
@ -56,7 +57,7 @@ public class RaspberryPiControllerServiceImpl implements RaspberryPiControllerSe
|
|||||||
public Response switchBulb(@PathParam("deviceId") String deviceId, @QueryParam("state") String state) {
|
public Response switchBulb(@PathParam("deviceId") String deviceId, @QueryParam("state") String state) {
|
||||||
try {
|
try {
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
||||||
RaspberrypiConstants.DEVICE_TYPE))) {
|
RaspberrypiConstants.DEVICE_TYPE), DeviceGroupConstants.Permissions.DEFAULT_OPERATOR_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
String switchToState = state.toUpperCase();
|
String switchToState = state.toUpperCase();
|
||||||
@ -90,7 +91,7 @@ public class RaspberryPiControllerServiceImpl implements RaspberryPiControllerSe
|
|||||||
String sensorTableName = RaspberrypiConstants.TEMPERATURE_EVENT_TABLE;
|
String sensorTableName = RaspberrypiConstants.TEMPERATURE_EVENT_TABLE;
|
||||||
try {
|
try {
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(new DeviceIdentifier(deviceId,
|
||||||
RaspberrypiConstants.DEVICE_TYPE))) {
|
RaspberrypiConstants.DEVICE_TYPE), DeviceGroupConstants.Permissions.DEFAULT_STATS_MONITOR_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
List<SortByField> sortByFields = new ArrayList<>();
|
List<SortByField> sortByFields = new ArrayList<>();
|
||||||
|
|||||||
@ -44,6 +44,7 @@ import org.wso2.carbon.device.mgt.iot.virtualfirealarm.agent.advanced.core.Agent
|
|||||||
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.agent.advanced.exception.AgentCoreOperationException;
|
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.agent.advanced.exception.AgentCoreOperationException;
|
||||||
import sun.security.x509.X509CertImpl;
|
import sun.security.x509.X509CertImpl;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
import java.math.BigInteger;
|
import java.math.BigInteger;
|
||||||
import java.net.MalformedURLException;
|
import java.net.MalformedURLException;
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
@ -82,6 +83,7 @@ public class EnrollmentManager {
|
|||||||
private static final String KEY_PAIR_ALGORITHM = "RSA";
|
private static final String KEY_PAIR_ALGORITHM = "RSA";
|
||||||
private static final String PROVIDER = "BC";
|
private static final String PROVIDER = "BC";
|
||||||
private static final String SIGNATURE_ALG = "SHA1withRSA";
|
private static final String SIGNATURE_ALG = "SHA1withRSA";
|
||||||
|
private static final String CERT_IS_CA_EXTENSION = "is_ca";
|
||||||
private static final int KEY_SIZE = 2048;
|
private static final int KEY_SIZE = 2048;
|
||||||
|
|
||||||
// Seed to our PRNG. Make sure this is initialised randomly, NOT LIKE THIS
|
// Seed to our PRNG. Make sure this is initialised randomly, NOT LIKE THIS
|
||||||
@ -376,9 +378,9 @@ public class EnrollmentManager {
|
|||||||
log.debug(((X509Certificate) cert).getIssuerDN().getName());
|
log.debug(((X509Certificate) cert).getIssuerDN().getName());
|
||||||
}
|
}
|
||||||
|
|
||||||
//TODO: Need to identify the correct certificate.
|
// I have chosen the CA cert based on its BasicConstraintExtension "is_ca" being set to "true"
|
||||||
// I have chosen the CA cert based on its BasicConstraint criticality being set to "true"
|
// This is because the returned keystore may contain many certificates including RAs.
|
||||||
if (((X509CertImpl) cert).getBasicConstraintsExtension().isCritical()) {
|
if (((Boolean) ((X509CertImpl) cert).getBasicConstraintsExtension().get(CERT_IS_CA_EXTENSION))) {
|
||||||
serverCertPublicKey = cert.getPublicKey();
|
serverCertPublicKey = cert.getPublicKey();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -396,6 +398,10 @@ public class EnrollmentManager {
|
|||||||
String errorMsg = "Could not retrieve [Server-Certificates] from the response message from SCEP-Server.";
|
String errorMsg = "Could not retrieve [Server-Certificates] from the response message from SCEP-Server.";
|
||||||
log.error(errorMsg);
|
log.error(errorMsg);
|
||||||
throw new AgentCoreOperationException(errorMsg, e);
|
throw new AgentCoreOperationException(errorMsg, e);
|
||||||
|
} catch (IOException e) {
|
||||||
|
String errorMsg = "Error occurred whilst trying to get property ['is_ca'] from the retreived Certificates";
|
||||||
|
log.error(errorMsg);
|
||||||
|
throw new AgentCoreOperationException(errorMsg, e);
|
||||||
}
|
}
|
||||||
|
|
||||||
return serverCertPublicKey;
|
return serverCertPublicKey;
|
||||||
|
|||||||
@ -142,7 +142,7 @@ public class VirtualFireAlarmControllerServiceImpl implements VirtualFireAlarmCo
|
|||||||
}
|
}
|
||||||
|
|
||||||
@PUT
|
@PUT
|
||||||
@Path("device/update-policy")
|
@Path("device/{deviceId}/policy")
|
||||||
public Response updatePolicy(@PathParam("deviceId") String deviceId, @QueryParam("protocol") String protocol,
|
public Response updatePolicy(@PathParam("deviceId") String deviceId, @QueryParam("protocol") String protocol,
|
||||||
@FormParam("policy") String policy) {
|
@FormParam("policy") String policy) {
|
||||||
String protocolString = protocol.toUpperCase();
|
String protocolString = protocol.toUpperCase();
|
||||||
|
|||||||
@ -30,13 +30,14 @@ import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
|||||||
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
|
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
|
||||||
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
|
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
|
||||||
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
|
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
|
||||||
|
import org.wso2.carbon.device.mgt.common.group.mgt.DeviceGroupConstants;
|
||||||
import org.wso2.carbon.device.mgt.iot.controlqueue.xmpp.XmppAccount;
|
import org.wso2.carbon.device.mgt.iot.controlqueue.xmpp.XmppAccount;
|
||||||
import org.wso2.carbon.device.mgt.iot.controlqueue.xmpp.XmppConfig;
|
import org.wso2.carbon.device.mgt.iot.controlqueue.xmpp.XmppConfig;
|
||||||
import org.wso2.carbon.device.mgt.iot.controlqueue.xmpp.XmppServerClient;
|
import org.wso2.carbon.device.mgt.iot.controlqueue.xmpp.XmppServerClient;
|
||||||
import org.wso2.carbon.device.mgt.iot.exception.DeviceControllerException;
|
import org.wso2.carbon.device.mgt.iot.exception.DeviceControllerException;
|
||||||
import org.wso2.carbon.device.mgt.iot.util.ZipArchive;
|
import org.wso2.carbon.device.mgt.iot.util.ZipArchive;
|
||||||
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.util.APIUtil;
|
|
||||||
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.constants.VirtualFireAlarmConstants;
|
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.constants.VirtualFireAlarmConstants;
|
||||||
|
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.util.APIUtil;
|
||||||
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.util.ZipUtil;
|
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.service.impl.util.ZipUtil;
|
||||||
import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
|
import org.wso2.carbon.identity.jwt.client.extension.JWTClient;
|
||||||
import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
|
import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
|
||||||
@ -75,7 +76,8 @@ public class VirtualFireAlarmManagerServiceImpl implements VirtualFireAlarmManag
|
|||||||
DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
|
DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
|
||||||
deviceIdentifier.setId(deviceId);
|
deviceIdentifier.setId(deviceId);
|
||||||
deviceIdentifier.setType(VirtualFireAlarmConstants.DEVICE_TYPE);
|
deviceIdentifier.setType(VirtualFireAlarmConstants.DEVICE_TYPE);
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier)) {
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier, DeviceGroupConstants.
|
||||||
|
Permissions.DEFAULT_ADMIN_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
boolean removed = APIUtil.getDeviceManagementService().disenrollDevice(
|
boolean removed = APIUtil.getDeviceManagementService().disenrollDevice(
|
||||||
@ -101,7 +103,8 @@ public class VirtualFireAlarmManagerServiceImpl implements VirtualFireAlarmManag
|
|||||||
DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
|
DeviceIdentifier deviceIdentifier = new DeviceIdentifier();
|
||||||
deviceIdentifier.setId(deviceId);
|
deviceIdentifier.setId(deviceId);
|
||||||
deviceIdentifier.setType(VirtualFireAlarmConstants.DEVICE_TYPE);
|
deviceIdentifier.setType(VirtualFireAlarmConstants.DEVICE_TYPE);
|
||||||
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier)) {
|
if (!APIUtil.getDeviceAccessAuthorizationService().isUserAuthorized(deviceIdentifier, DeviceGroupConstants.
|
||||||
|
Permissions.DEFAULT_ADMIN_PERMISSIONS)) {
|
||||||
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
return Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).build();
|
||||||
}
|
}
|
||||||
Device device = APIUtil.getDeviceManagementService().getDevice(deviceIdentifier);
|
Device device = APIUtil.getDeviceManagementService().getDevice(deviceIdentifier);
|
||||||
@ -158,7 +161,7 @@ public class VirtualFireAlarmManagerServiceImpl implements VirtualFireAlarmManag
|
|||||||
ArrayList<Device> userDevicesforFirealarm = new ArrayList<>();
|
ArrayList<Device> userDevicesforFirealarm = new ArrayList<>();
|
||||||
for (Device device : userDevices) {
|
for (Device device : userDevices) {
|
||||||
if (device.getType().equals(VirtualFireAlarmConstants.DEVICE_TYPE) &&
|
if (device.getType().equals(VirtualFireAlarmConstants.DEVICE_TYPE) &&
|
||||||
device.getEnrolmentInfo().getStatus().equals(EnrolmentInfo.Status.ACTIVE)) {
|
device.getEnrolmentInfo().getStatus().equals(EnrolmentInfo.Status.ACTIVE)) {
|
||||||
userDevicesforFirealarm.add(device);
|
userDevicesforFirealarm.add(device);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -239,8 +242,9 @@ public class VirtualFireAlarmManagerServiceImpl implements VirtualFireAlarmManag
|
|||||||
//create new device id
|
//create new device id
|
||||||
String deviceId = shortUUID();
|
String deviceId = shortUUID();
|
||||||
if (apiApplicationKey == null) {
|
if (apiApplicationKey == null) {
|
||||||
String applicationUsername = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration()
|
String applicationUsername =
|
||||||
.getAdminUserName();
|
PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration()
|
||||||
|
.getAdminUserName();
|
||||||
APIManagementProviderService apiManagementProviderService = APIUtil.getAPIManagementProviderService();
|
APIManagementProviderService apiManagementProviderService = APIUtil.getAPIManagementProviderService();
|
||||||
String[] tags = {VirtualFireAlarmConstants.DEVICE_TYPE};
|
String[] tags = {VirtualFireAlarmConstants.DEVICE_TYPE};
|
||||||
apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(
|
apiApplicationKey = apiManagementProviderService.generateAndRetrieveApplicationKeys(
|
||||||
@ -249,7 +253,8 @@ public class VirtualFireAlarmManagerServiceImpl implements VirtualFireAlarmManag
|
|||||||
JWTClient jwtClient = APIUtil.getJWTClientManagerService().getJWTClient();
|
JWTClient jwtClient = APIUtil.getJWTClientManagerService().getJWTClient();
|
||||||
String scopes = "device_type_" + VirtualFireAlarmConstants.DEVICE_TYPE + " device_" + deviceId;
|
String scopes = "device_type_" + VirtualFireAlarmConstants.DEVICE_TYPE + " device_" + deviceId;
|
||||||
AccessTokenInfo accessTokenInfo = jwtClient.getAccessToken(apiApplicationKey.getConsumerKey(),
|
AccessTokenInfo accessTokenInfo = jwtClient.getAccessToken(apiApplicationKey.getConsumerKey(),
|
||||||
apiApplicationKey.getConsumerSecret(), owner, scopes);
|
apiApplicationKey.getConsumerSecret(), owner,
|
||||||
|
scopes);
|
||||||
String accessToken = accessTokenInfo.getAccessToken();
|
String accessToken = accessTokenInfo.getAccessToken();
|
||||||
String refreshToken = accessTokenInfo.getRefreshToken();
|
String refreshToken = accessTokenInfo.getRefreshToken();
|
||||||
//adding registering data
|
//adding registering data
|
||||||
@ -266,8 +271,8 @@ public class VirtualFireAlarmManagerServiceImpl implements VirtualFireAlarmManag
|
|||||||
if (!status) {
|
if (!status) {
|
||||||
String msg =
|
String msg =
|
||||||
"XMPP Account was not created for device - " + deviceId + " of owner - " + owner +
|
"XMPP Account was not created for device - " + deviceId + " of owner - " + owner +
|
||||||
".XMPP might have been disabled in org.wso2.carbon.device.mgt.iot" +
|
".XMPP might have been disabled in org.wso2.carbon.device.mgt.iot" +
|
||||||
".common.config.server.configs";
|
".common.config.server.configs";
|
||||||
throw new DeviceManagementException(msg);
|
throw new DeviceManagementException(msg);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user