Hide sensitive data from customer

@@ -43,6 +43,7 @@ import org.thingsboard.server.common.data.page.TextPageData;
 import org.thingsboard.server.common.data.page.TextPageLink;
 import org.thingsboard.server.common.data.plugin.ComponentLifecycleEvent;
 import org.thingsboard.server.common.data.rule.RuleChain;
+import org.thingsboard.server.common.data.security.Authority;
 import org.thingsboard.server.dao.exception.DataValidationException;
 import org.thingsboard.server.dao.exception.IncorrectParameterException;
 import org.thingsboard.server.dao.model.ModelConstants;
@@ -70,14 +71,18 @@ public class EdgeController extends BaseController {
         return edgesEnabled;
     }
 
-    @PreAuthorize("hasAuthority('TENANT_ADMIN')")
+    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
     @RequestMapping(value = "/edge/{edgeId}", method = RequestMethod.GET)
     @ResponseBody
     public Edge getEdgeById(@PathVariable(EDGE_ID) String strEdgeId) throws ThingsboardException {
         checkParameter(EDGE_ID, strEdgeId);
         try {
             EdgeId edgeId = new EdgeId(toUUID(strEdgeId));
-            return checkEdgeId(edgeId, Operation.READ);
+            Edge edge = checkEdgeId(edgeId, Operation.READ);
+            if (Authority.CUSTOMER_USER.equals(getCurrentUser().getAuthority())) {
+                cleanUpSensitiveData(edge);
+            }
+            return edge;
         } catch (Exception e) {
             throw handleException(e);
         }
@@ -340,15 +345,23 @@ public class EdgeController extends BaseController {
             @RequestParam(required = false) String textOffset) throws ThingsboardException {
         checkParameter("customerId", strCustomerId);
         try {
-            TenantId tenantId = getCurrentUser().getTenantId();
+            SecurityUser user = getCurrentUser();
+            TenantId tenantId = user.getTenantId();
             CustomerId customerId = new CustomerId(toUUID(strCustomerId));
             checkCustomerId(customerId, Operation.READ);
             TextPageLink pageLink = createPageLink(limit, textSearch, idOffset, textOffset);
+            TextPageData<Edge> result;
             if (type != null && type.trim().length() > 0) {
-                return checkNotNull(edgeService.findEdgesByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink));
+                result = edgeService.findEdgesByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink);
             } else {
-                return checkNotNull(edgeService.findEdgesByTenantIdAndCustomerId(tenantId, customerId, pageLink));
+                result = edgeService.findEdgesByTenantIdAndCustomerId(tenantId, customerId, pageLink);
+            }
+            if (Authority.CUSTOMER_USER.equals(user.getAuthority())) {
+                for (Edge edge : result.getData()) {
+                    cleanUpSensitiveData(edge);
+                }
             }
+            return checkNotNull(result);
         } catch (Exception e) {
             throw handleException(e);
         }
@@ -368,13 +381,19 @@ public class EdgeController extends BaseController {
             for (String strEdgeId : strEdgeIds) {
                 edgeIds.add(new EdgeId(toUUID(strEdgeId)));
             }
-            ListenableFuture<List<Edge>> edges;
+            ListenableFuture<List<Edge>> edgesFuture;
             if (customerId == null || customerId.isNullUid()) {
-                edges = edgeService.findEdgesByTenantIdAndIdsAsync(tenantId, edgeIds);
+                edgesFuture = edgeService.findEdgesByTenantIdAndIdsAsync(tenantId, edgeIds);
             } else {
-                edges = edgeService.findEdgesByTenantIdCustomerIdAndIdsAsync(tenantId, customerId, edgeIds);
+                edgesFuture = edgeService.findEdgesByTenantIdCustomerIdAndIdsAsync(tenantId, customerId, edgeIds);
+            }
+            List<Edge> edges = edgesFuture.get();
+            if (Authority.CUSTOMER_USER.equals(user.getAuthority())) {
+                for (Edge edge : edges) {
+                    cleanUpSensitiveData(edge);
+                }
             }
-            return checkNotNull(edges.get());
+            return checkNotNull(edges);
         } catch (Exception e) {
             throw handleException(e);
         }
@@ -400,6 +419,11 @@ public class EdgeController extends BaseController {
                     return false;
                 }
             }).collect(Collectors.toList());
+            if (Authority.CUSTOMER_USER.equals(user.getAuthority())) {
+                for (Edge edge : edges) {
+                    cleanUpSensitiveData(edge);
+                }
+            }
             return edges;
         } catch (Exception e) {
             throw handleException(e);
@@ -476,4 +500,12 @@ public class EdgeController extends BaseController {
             throw handleException(e);
         }
     }
+
+    private void cleanUpSensitiveData(Edge edge) {
+        edge.setEdgeLicenseKey(null);
+        edge.setRoutingKey(null);
+        edge.setSecret(null);
+        edge.setCloudEndpoint(null);
+        edge.setRootRuleChainId(null);
+    }
 }

@@ -45,7 +45,7 @@ public class EdgeEventController extends BaseController {
 
     public static final String EDGE_ID = "edgeId";
 
-    @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
+    @PreAuthorize("hasAuthority('TENANT_ADMIN')")
     @RequestMapping(value = "/edge/{edgeId}/events", method = RequestMethod.GET)
     @ResponseBody
     public TimePageData<EdgeEvent> getEdgeEvents(