Alarm Query fix for propagated alarms with entities assigned to customer

@@ -130,7 +130,6 @@ public class DefaultAlarmQueryRepository implements AlarmQueryRepository {
             AlarmDataPageLink pageLink = query.getPageLink();
             QueryContext ctx = new QueryContext(new QuerySecurityContext(tenantId, customerId, EntityType.ALARM));
             ctx.addUuidListParameter("entity_ids", orderedEntityIds.stream().map(EntityId::getId).collect(Collectors.toList()));
-
             StringBuilder selectPart = new StringBuilder(FIELDS_SELECTION);
             StringBuilder fromPart = new StringBuilder(" from alarm a ");
             StringBuilder wherePart = new StringBuilder(" where ");
@@ -282,24 +281,27 @@ public class DefaultAlarmQueryRepository implements AlarmQueryRepository {
         StringBuilder permissionsQuery = new StringBuilder();
         ctx.addUuidParameter("permissions_tenant_id", tenantId.getId());
         permissionsQuery.append(" a.tenant_id = :permissions_tenant_id ");
-        if (customerId != null && !customerId.isNullUid()) {
-            ctx.addUuidParameter("permissions_customer_id", customerId.getId());
-            ctx.addUuidParameter("permissions_device_customer_id", customerId.getId());
-            ctx.addUuidParameter("permissions_asset_customer_id", customerId.getId());
-            ctx.addUuidParameter("permissions_user_customer_id", customerId.getId());
-            ctx.addUuidParameter("permissions_entity_view_customer_id", customerId.getId());
-            permissionsQuery.append(" and (");
-            permissionsQuery.append("(a.originator_type = '").append(EntityType.DEVICE.ordinal()).append("' and exists (select 1 from device cd where cd.id = a.originator_id and cd.customer_id = :permissions_device_customer_id))");
-            permissionsQuery.append(" or ");
-            permissionsQuery.append("(a.originator_type = '").append(EntityType.ASSET.ordinal()).append("' and exists (select 1 from asset ca where ca.id = a.originator_id and ca.customer_id = :permissions_device_customer_id))");
-            permissionsQuery.append(" or ");
-            permissionsQuery.append("(a.originator_type = '").append(EntityType.CUSTOMER.ordinal()).append("' and exists (select 1 from customer cc where cc.id = a.originator_id and cc.id = :permissions_customer_id))");
-            permissionsQuery.append(" or ");
-            permissionsQuery.append("(a.originator_type = '").append(EntityType.USER.ordinal()).append("' and exists (select 1 from tb_user cu where cu.id = a.originator_id and cu.customer_id = :permissions_user_customer_id))");
-            permissionsQuery.append(" or ");
-            permissionsQuery.append("(a.originator_type = '").append(EntityType.ENTITY_VIEW.ordinal()).append("' and exists (select 1 from entity_view cv where cv.id = a.originator_id and cv.customer_id = :permissions_entity_view_customer_id))");
-            permissionsQuery.append(")");
-        }
+/*
+      No need to check the customer id, because we already use entity id list that passed security check when we were evaluating the data query.
+ */
+//        if (customerId != null && !customerId.isNullUid()) {
+//            ctx.addUuidParameter("permissions_customer_id", customerId.getId());
+//            ctx.addUuidParameter("permissions_device_customer_id", customerId.getId());
+//            ctx.addUuidParameter("permissions_asset_customer_id", customerId.getId());
+//            ctx.addUuidParameter("permissions_user_customer_id", customerId.getId());
+//            ctx.addUuidParameter("permissions_entity_view_customer_id", customerId.getId());
+//            permissionsQuery.append(" and (");
+//            permissionsQuery.append("(a.originator_type = '").append(EntityType.DEVICE.ordinal()).append("' and exists (select 1 from device cd where cd.id = a.originator_id and cd.customer_id = :permissions_device_customer_id))");
+//            permissionsQuery.append(" or ");
+//            permissionsQuery.append("(a.originator_type = '").append(EntityType.ASSET.ordinal()).append("' and exists (select 1 from asset ca where ca.id = a.originator_id and ca.customer_id = :permissions_device_customer_id))");
+//            permissionsQuery.append(" or ");
+//            permissionsQuery.append("(a.originator_type = '").append(EntityType.CUSTOMER.ordinal()).append("' and exists (select 1 from customer cc where cc.id = a.originator_id and cc.id = :permissions_customer_id))");
+//            permissionsQuery.append(" or ");
+//            permissionsQuery.append("(a.originator_type = '").append(EntityType.USER.ordinal()).append("' and exists (select 1 from tb_user cu where cu.id = a.originator_id and cu.customer_id = :permissions_user_customer_id))");
+//            permissionsQuery.append(" or ");
+//            permissionsQuery.append("(a.originator_type = '").append(EntityType.ENTITY_VIEW.ordinal()).append("' and exists (select 1 from entity_view cv where cv.id = a.originator_id and cv.customer_id = :permissions_entity_view_customer_id))");
+//            permissionsQuery.append(")");
+//        }
         return permissionsQuery.toString();
     }
 

@@ -32,9 +32,9 @@ public class DefaultQueryLogComponent implements QueryLogComponent {
 
     @Override
     public void logQuery(QueryContext ctx, String query, long duration) {
-        if (logSqlQueries && duration > logQueriesThreshold) {
+//        if (logSqlQueries && duration > logQueriesThreshold) {
             log.info("QUERY: {} took {}ms", query, duration);
             Arrays.asList(ctx.getParameterNames()).forEach(param -> log.info("QUERY PARAM: {} -> {}", param, ctx.getValue(param)));
-        }
+//        }
     }
 }

@@ -123,8 +123,10 @@ class AlarmState {
     }
 
     public boolean clearAlarmState(boolean stateUpdate, AlarmRuleState state) {
-        state.clear();
-        stateUpdate |= state.checkUpdate();
+        if (state != null) {
+            state.clear();
+            stateUpdate |= state.checkUpdate();
+        }
         return stateUpdate;
     }