mirror of
https://repository.entgra.net/community/device-mgt-plugins.git
synced 2025-09-16 23:42:15 +00:00
Add wipe API for Google enterprise
This commit is contained in:
inoshperera
parent
64e55629f1
commit
9efd3c601d
@ -1332,29 +1332,26 @@ public interface AndroidEnterpriseService {
|
||||
name = "applicationPolicyDTO",
|
||||
value = "Enterprise managed conf.") ApplicationPolicyDTO applicationPolicyDTO);
|
||||
|
||||
|
||||
//######################################################################################################################
|
||||
//######################################################################################################################
|
||||
//######################################################################################################################
|
||||
|
||||
@PUT
|
||||
@Path("/unenroll")
|
||||
@GET
|
||||
@Path("/wipe-enterprise")
|
||||
@ApiOperation(
|
||||
produces = MediaType.APPLICATION_JSON,
|
||||
consumes = MediaType.APPLICATION_JSON,
|
||||
httpMethod = "PUT",
|
||||
value = "Unenroll an enterprise from EMM",
|
||||
notes = "Unenroll an enterprise from EMM.",
|
||||
tags = "Android Enterprise Service",
|
||||
httpMethod = "GET",
|
||||
value = "Getting managed configs",
|
||||
notes = "Getting managed configs.",
|
||||
tags = "Device Type Management Administrative Service",
|
||||
extensions = {
|
||||
@Extension(properties = {
|
||||
@ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:enterprise:modify")
|
||||
@ExtensionProperty(name = AndroidConstants.SCOPE, value = "perm:enterprise:view")
|
||||
})
|
||||
}
|
||||
)
|
||||
@ApiResponses(
|
||||
value = {
|
||||
@ApiResponse(code = 201, message = "Created. \n Successfully removed",
|
||||
@ApiResponses(value = {
|
||||
@ApiResponse(code = 200, message = "Created. \n Successfully fetched managed configs",
|
||||
responseHeaders = {
|
||||
@ResponseHeader(
|
||||
name = "Content-Location",
|
||||
@ -1387,9 +1384,8 @@ public interface AndroidEnterpriseService {
|
||||
@ApiResponse(
|
||||
code = 500,
|
||||
message = "Internal Server Error. \n " +
|
||||
"Server error occurred while unenrolling.")
|
||||
"Server error occurred while getting managed configs.")
|
||||
})
|
||||
|
||||
Response unenroll();
|
||||
Response wipeEnterprise();
|
||||
|
||||
}
|
||||
|
||||
@ -31,8 +31,17 @@ import org.wso2.carbon.device.application.mgt.common.dto.ApplicationPolicyDTO;
|
||||
import org.wso2.carbon.device.application.mgt.common.dto.ApplicationReleaseDTO;
|
||||
import org.wso2.carbon.device.application.mgt.common.exception.ApplicationManagementException;
|
||||
import org.wso2.carbon.device.application.mgt.common.services.ApplicationManager;
|
||||
import org.wso2.carbon.device.mgt.common.Device;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceManagementConstants;
|
||||
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.exceptions.InvalidDeviceException;
|
||||
import org.wso2.carbon.device.mgt.common.operation.mgt.Activity;
|
||||
import org.wso2.carbon.device.mgt.common.operation.mgt.Operation;
|
||||
import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementException;
|
||||
import org.wso2.carbon.device.mgt.common.policy.mgt.ProfileFeature;
|
||||
import org.wso2.carbon.device.mgt.core.operation.mgt.CommandOperation;
|
||||
import org.wso2.carbon.device.mgt.mobile.android.impl.EnterpriseServiceException;
|
||||
import org.wso2.carbon.device.mgt.mobile.android.impl.dto.AndroidEnterpriseManagedConfig;
|
||||
import org.wso2.carbon.device.mgt.mobile.android.impl.dto.AndroidEnterpriseUser;
|
||||
@ -798,28 +807,73 @@ public class AndroidEnterpriseServiceImpl implements AndroidEnterpriseService {
|
||||
}
|
||||
}
|
||||
|
||||
@PUT
|
||||
@Path("/{id}/unenroll")
|
||||
@Override
|
||||
public Response unenroll() {
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@GET
|
||||
@Path("/wipe-device")
|
||||
public Response wipeEnterprise() {
|
||||
log.warn("Wiping all devices!!!");
|
||||
EnterpriseConfigs enterpriseConfigs = AndroidEnterpriseUtils.getEnterpriseConfigs();
|
||||
GoogleAPIInvoker googleAPIInvoker = new GoogleAPIInvoker(enterpriseConfigs.getEsa());
|
||||
try {
|
||||
googleAPIInvoker.unenroll(enterpriseConfigs.getEnterpriseId());
|
||||
} catch (IOException e) {
|
||||
String errorMessage = "Could not unenroll the enterprise " + enterpriseConfigs.getEnterpriseId();
|
||||
log.error(errorMessage);
|
||||
throw new NotFoundException(
|
||||
new ErrorResponse.ErrorResponseBuilder().setCode(Response.Status.INTERNAL_SERVER_ERROR
|
||||
.getStatusCode()).setMessage(errorMessage).build());
|
||||
} catch (EnterpriseServiceException e) {
|
||||
String errorMessage = "Could not get client to call Google to unenroll enterprise " + enterpriseConfigs.getEnterpriseId();
|
||||
log.error(errorMessage);
|
||||
throw new NotFoundException(
|
||||
new ErrorResponse.ErrorResponseBuilder().setCode(Response.Status.INTERNAL_SERVER_ERROR
|
||||
.getStatusCode()).setMessage(errorMessage).build());
|
||||
// Take all enterprise devices in the DB.
|
||||
List<AndroidEnterpriseUser> androidEnterpriseUsers = AndroidAPIUtils.getAndroidPluginService()
|
||||
.getAllEnterpriseDevices(enterpriseConfigs.getEnterpriseId());
|
||||
|
||||
// Extract the device identifiers of enterprise devices.
|
||||
List<String> deviceID = new ArrayList<>();
|
||||
if (androidEnterpriseUsers != null && androidEnterpriseUsers.size() > 0) {
|
||||
for (AndroidEnterpriseUser userDevice: androidEnterpriseUsers) {
|
||||
deviceID.add(userDevice.getEmmDeviceId());
|
||||
}
|
||||
}
|
||||
|
||||
List<String> byodDevices = new ArrayList<>();
|
||||
List<String> copeDevices = new ArrayList<>();
|
||||
// Get all registered device
|
||||
List<Device> devices = AndroidAPIUtils.getDeviceManagementService().
|
||||
getAllDevices(DeviceManagementConstants.MobileDeviceTypes.MOBILE_DEVICE_TYPE_ANDROID, false);
|
||||
for (Device device : devices) { // Go through all enrolled devices
|
||||
if (deviceID.contains(device.getDeviceIdentifier())) { // Filter out only enterprise enrolled devices.
|
||||
if (device.getEnrolmentInfo().getOwnership().equals(EnrolmentInfo.OwnerShip.BYOD)) {
|
||||
byodDevices.add(device.getDeviceIdentifier());
|
||||
} else {
|
||||
copeDevices.add(device.getDeviceIdentifier());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
CommandOperation operation = new CommandOperation();
|
||||
operation.setType(Operation.Type.COMMAND);
|
||||
if (byodDevices != null && byodDevices.size() > 0) { // BYOD devices only needs a data wipe(work profile)
|
||||
log.warn("Wiping " + byodDevices.size() + " BYOD devices");
|
||||
operation.setCode(AndroidConstants.OperationCodes.ENTERPRISE_WIPE);
|
||||
} else if (copeDevices != null && copeDevices.size() > 0) {
|
||||
log.warn("Wiping " + copeDevices.size() + " BYOD devices");
|
||||
operation.setCode(AndroidConstants.OperationCodes.ENTERPRISE_WIPE);//TODO: fix
|
||||
}
|
||||
AndroidDeviceUtils.getOperationResponse(deviceID, operation);
|
||||
log.warn("Added wipe to all devices");
|
||||
return Response.status(Response.Status.OK).build();
|
||||
} catch (EnterpriseServiceException e) {
|
||||
return Response.serverError().entity(
|
||||
new ErrorResponse.ErrorResponseBuilder().setMessage("Error when saving configs").build()).build();
|
||||
} catch (OperationManagementException e) {
|
||||
String errorMessage = "Could not add wipe command to enterprise " + enterpriseConfigs.getEnterpriseId();
|
||||
log.error(errorMessage);
|
||||
return Response.serverError().entity(
|
||||
new ErrorResponse.ErrorResponseBuilder().setMessage(errorMessage).build()).build();
|
||||
} catch (DeviceManagementException e) {
|
||||
String errorMessage = "Could not add wipe command to enterprise " + enterpriseConfigs.getEnterpriseId() +
|
||||
" due to an error in device management";
|
||||
log.error(errorMessage);
|
||||
return Response.serverError().entity(
|
||||
new ErrorResponse.ErrorResponseBuilder().setMessage(errorMessage).build()).build();
|
||||
} catch (InvalidDeviceException e) {
|
||||
String errorMessage = "Could not add wipe command to enterprise due to invalid device ids";
|
||||
log.error(errorMessage);
|
||||
return Response.serverError().entity(
|
||||
new ErrorResponse.ErrorResponseBuilder().setMessage(errorMessage).build()).build();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -321,21 +321,27 @@ public class AndroidDeviceUtils {
|
||||
JsonArray appListArray = appListElement.getAsJsonArray();
|
||||
|
||||
// Find if there are Apps with Work profile configurations
|
||||
boolean alreadySendToGoogle = false;
|
||||
for (JsonElement appElement : appListArray) {
|
||||
JsonElement googlePolicyPayload = appElement.getAsJsonObject().
|
||||
get(AndroidConstants.ApplicationInstall.GOOGLE_POLICY_PAYLOAD);
|
||||
|
||||
|
||||
if (googlePolicyPayload != null) {
|
||||
String uuid = appElement.getAsJsonObject().get("uuid").toString();
|
||||
containsGoogleAppPolicy = true;// breaking out of outer for loop
|
||||
try {
|
||||
uuid = uuid.replace("\"", "");
|
||||
sendPayloadToGoogle(uuid, payload, deviceIdentifier);
|
||||
if (alreadySendToGoogle) {
|
||||
sendPayloadToGoogle(uuid, payload, deviceIdentifier, false);
|
||||
} else {
|
||||
sendPayloadToGoogle(uuid, payload, deviceIdentifier, true);
|
||||
alreadySendToGoogle = true;
|
||||
}
|
||||
} catch (org.wso2.carbon.device.application.mgt.common.exception.ApplicationManagementException e) {
|
||||
String errorMessage = "App install failed for device " + deviceIdentifier.getId();
|
||||
log.error(errorMessage, e);
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
@ -349,8 +355,10 @@ public class AndroidDeviceUtils {
|
||||
* Sends the app install policy to Google
|
||||
* @param payload policy profile
|
||||
* @param deviceIdentifier device to apply policy
|
||||
* @param requireSendingToGoogle
|
||||
*/
|
||||
private static void sendPayloadToGoogle(String uuid, String payload, DeviceIdentifier deviceIdentifier)
|
||||
private static void sendPayloadToGoogle(String uuid, String payload, DeviceIdentifier deviceIdentifier,
|
||||
boolean requireSendingToGoogle)
|
||||
throws org.wso2.carbon.device.application.mgt.common.exception.ApplicationManagementException {
|
||||
try {
|
||||
EnterpriseConfigs enterpriseConfigs = AndroidEnterpriseUtils.getEnterpriseConfigsFromGoogle();
|
||||
@ -370,10 +378,12 @@ public class AndroidDeviceUtils {
|
||||
for (EnterpriseApp enterpriseApp : enterpriseInstallPolicy.getApps()) {
|
||||
apps.add(enterpriseApp.getProductId());
|
||||
}
|
||||
if (requireSendingToGoogle) {
|
||||
googleAPIInvoker.approveAppsForUser(enterpriseConfigs.getEnterpriseId(), userDetail
|
||||
.getGoogleUserId(), apps, enterpriseInstallPolicy.getProductSetBehavior());
|
||||
googleAPIInvoker.updateAppsForUser(enterpriseConfigs.getEnterpriseId(), userDetail.getGoogleUserId(),
|
||||
AndroidEnterpriseUtils.convertToDeviceInstance(enterpriseInstallPolicy));
|
||||
}
|
||||
AndroidEnterpriseUtils.getAppSubscriptionService()
|
||||
.performEntAppSubscription(uuid,
|
||||
Arrays.asList(CarbonContext.getThreadLocalCarbonContext().getUsername()),
|
||||
@ -698,6 +708,10 @@ public class AndroidDeviceUtils {
|
||||
StringEntity requestEntity = new StringEntity(payload.toString(), ContentType.APPLICATION_JSON);
|
||||
JsonArray appListArray = appListElement.getAsJsonArray();
|
||||
for (JsonElement appElement : appListArray) {
|
||||
JsonElement googlePolicyPayload = appElement.getAsJsonObject().
|
||||
get(AndroidConstants.ApplicationInstall.GOOGLE_POLICY_PAYLOAD);
|
||||
|
||||
if (googlePolicyPayload == null) {
|
||||
uuid = appElement.getAsJsonObject().
|
||||
get(AndroidConstants.ApplicationInstall.ENROLLMENT_APP_INSTALL_UUID).getAsString();
|
||||
try (CloseableHttpClient httpClient = HttpClients.createDefault()) {
|
||||
@ -709,6 +723,7 @@ public class AndroidDeviceUtils {
|
||||
httpClient.execute(postRequest);
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch (UserStoreException e) {
|
||||
String msg = "Error while accessing user store for user with Android device id: " +
|
||||
deviceIdentifier.getId();
|
||||
|
||||
@ -39,4 +39,7 @@ public interface AndroidPluginService {
|
||||
boolean updateMobileDevice(AndroidEnterpriseManagedConfig managedConfig) throws EnterpriseServiceException;
|
||||
|
||||
boolean deleteMobileDevice(String id) throws EnterpriseServiceException;
|
||||
|
||||
List<AndroidEnterpriseUser> getAllEnterpriseDevices(String enterpriseId)
|
||||
throws EnterpriseServiceException ;
|
||||
}
|
||||
|
||||
@ -215,4 +215,29 @@ public class AndroidPluginServiceImpl implements AndroidPluginService {
|
||||
}
|
||||
return status;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<AndroidEnterpriseUser> getAllEnterpriseDevices(String enterpriseId)
|
||||
throws EnterpriseServiceException {
|
||||
|
||||
List<AndroidEnterpriseUser> androidEnterpriseUsers;
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Calling get enterprise device service by enterprise identifier: " + enterpriseId);
|
||||
}
|
||||
try {
|
||||
AndroidDAOFactory.openConnection();
|
||||
androidEnterpriseUsers = this.enterpriseDAO.getAllEnterpriseDevices(CarbonContext
|
||||
.getThreadLocalCarbonContext()
|
||||
.getTenantId(), enterpriseId);
|
||||
|
||||
} catch (EnterpriseManagementDAOException e) {
|
||||
String msg = "Error occurred while adding the user "
|
||||
+ CarbonContext.getThreadLocalCarbonContext().getUsername();
|
||||
log.error(msg, e);
|
||||
throw new EnterpriseServiceException(msg, e);
|
||||
} finally {
|
||||
AndroidDAOFactory.closeConnection();
|
||||
}
|
||||
return androidEnterpriseUsers;
|
||||
}
|
||||
}
|
||||
|
||||
@ -49,4 +49,7 @@ public interface EnterpriseDAO {
|
||||
boolean updateConfig(AndroidEnterpriseManagedConfig managedConfig) throws EnterpriseManagementDAOException;
|
||||
|
||||
boolean deleteConfig(String id, int tenantId) throws EnterpriseManagementDAOException;
|
||||
|
||||
List<AndroidEnterpriseUser> getAllEnterpriseDevices(int tenantId, String enterpriseId) throws
|
||||
EnterpriseManagementDAOException;
|
||||
}
|
||||
|
||||
@ -291,4 +291,44 @@ public class EnterpriseDAOImpl implements EnterpriseDAO {
|
||||
return status;
|
||||
}
|
||||
|
||||
|
||||
public List<AndroidEnterpriseUser> getAllEnterpriseDevices(int tenantId, String enterpriseId)
|
||||
throws EnterpriseManagementDAOException {
|
||||
Connection conn;
|
||||
PreparedStatement stmt = null;
|
||||
List<AndroidEnterpriseUser> enterpriseUsers = new ArrayList<>();
|
||||
ResultSet rs = null;
|
||||
try {
|
||||
conn = AndroidDAOFactory.getConnection();
|
||||
String selectDBQuery =
|
||||
"SELECT * FROM AD_ENTERPRISE_USER_DEVICE WHERE ENTERPRISE_ID = ? AND TENANT_ID = ?";
|
||||
stmt = conn.prepareStatement(selectDBQuery);
|
||||
stmt.setString(1, enterpriseId);
|
||||
stmt.setInt(2, tenantId);
|
||||
|
||||
rs = stmt.executeQuery();
|
||||
|
||||
while (rs.next()) {
|
||||
AndroidEnterpriseUser enterpriseUser = new AndroidEnterpriseUser();
|
||||
enterpriseUser.setEmmUsername(rs.getString("EMM_USERNAME"));
|
||||
enterpriseUser.setTenantId(rs.getInt("TENANT_ID"));
|
||||
enterpriseUser.setLastUpdatedTime(rs.getString("LAST_UPDATED_TIMESTAMP"));
|
||||
enterpriseUser.setAndroidPlayDeviceId(rs.getString("ANDROID_PLAY_DEVICE_ID"));
|
||||
enterpriseUser.setEnterpriseId(rs.getString("ENTERPRISE_ID"));
|
||||
enterpriseUser.setGoogleUserId(rs.getString("GOOGLE_USER_ID"));
|
||||
enterpriseUser.setEmmDeviceId(rs.getString("EMM_DEVICE_ID"));
|
||||
enterpriseUsers.add(enterpriseUser);
|
||||
}
|
||||
} catch (SQLException e) {
|
||||
String msg = "Error occurred while fetching user of enterprise: '" + enterpriseId + "'";
|
||||
log.error(msg, e);
|
||||
throw new EnterpriseManagementDAOException(msg, e);
|
||||
} finally {
|
||||
MobileDeviceManagementDAOUtil.cleanupResources(stmt, rs);
|
||||
AndroidDAOFactory.closeConnection();
|
||||
}
|
||||
|
||||
return enterpriseUsers;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user