Commit 61da5d5d6e17685c3a57cacc07b693ca1a4adcb8
1 parent
80c2721d
Was addet to validate instance of entity-view
Showing
1 changed file
with
31 additions
and
8 deletions
| ... | ... | @@ -26,17 +26,11 @@ import org.springframework.stereotype.Component; |
| 26 | 26 | import org.springframework.web.context.request.async.DeferredResult; |
| 27 | 27 | import org.thingsboard.server.common.data.Customer; |
| 28 | 28 | import org.thingsboard.server.common.data.Device; |
| 29 | +import org.thingsboard.server.common.data.EntityView; | |
| 29 | 30 | import org.thingsboard.server.common.data.Tenant; |
| 30 | 31 | import org.thingsboard.server.common.data.asset.Asset; |
| 31 | 32 | import org.thingsboard.server.common.data.exception.ThingsboardException; |
| 32 | -import org.thingsboard.server.common.data.id.AssetId; | |
| 33 | -import org.thingsboard.server.common.data.id.CustomerId; | |
| 34 | -import org.thingsboard.server.common.data.id.DeviceId; | |
| 35 | -import org.thingsboard.server.common.data.id.EntityId; | |
| 36 | -import org.thingsboard.server.common.data.id.EntityIdFactory; | |
| 37 | -import org.thingsboard.server.common.data.id.RuleChainId; | |
| 38 | -import org.thingsboard.server.common.data.id.RuleNodeId; | |
| 39 | -import org.thingsboard.server.common.data.id.TenantId; | |
| 33 | +import org.thingsboard.server.common.data.id.*; | |
| 40 | 34 | import org.thingsboard.server.common.data.rule.RuleChain; |
| 41 | 35 | import org.thingsboard.server.common.data.rule.RuleNode; |
| 42 | 36 | import org.thingsboard.server.controller.HttpValidationCallback; |
| ... | ... | @@ -44,6 +38,7 @@ import org.thingsboard.server.dao.alarm.AlarmService; |
| 44 | 38 | import org.thingsboard.server.dao.asset.AssetService; |
| 45 | 39 | import org.thingsboard.server.dao.customer.CustomerService; |
| 46 | 40 | import org.thingsboard.server.dao.device.DeviceService; |
| 41 | +import org.thingsboard.server.dao.entityview.EntityViewService; | |
| 47 | 42 | import org.thingsboard.server.dao.rule.RuleChainService; |
| 48 | 43 | import org.thingsboard.server.dao.tenant.TenantService; |
| 49 | 44 | import org.thingsboard.server.dao.user.UserService; |
| ... | ... | @@ -66,6 +61,7 @@ public class AccessValidator { |
| 66 | 61 | public static final String CUSTOMER_USER_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION = "Customer user is not allowed to perform this operation!"; |
| 67 | 62 | public static final String SYSTEM_ADMINISTRATOR_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION = "System administrator is not allowed to perform this operation!"; |
| 68 | 63 | public static final String DEVICE_WITH_REQUESTED_ID_NOT_FOUND = "Device with requested id wasn't found!"; |
| 64 | + public static final String ENTITY_VIEW_WITH_REQUESTED_ID_NOT_FOUND = "Entity-view with requested id wasn't found!"; | |
| 69 | 65 | |
| 70 | 66 | @Autowired |
| 71 | 67 | protected TenantService tenantService; |
| ... | ... | @@ -88,6 +84,9 @@ public class AccessValidator { |
| 88 | 84 | @Autowired |
| 89 | 85 | protected RuleChainService ruleChainService; |
| 90 | 86 | |
| 87 | + @Autowired | |
| 88 | + protected EntityViewService entityViewService; | |
| 89 | + | |
| 91 | 90 | private ExecutorService executor; |
| 92 | 91 | |
| 93 | 92 | @PostConstruct |
| ... | ... | @@ -158,6 +157,9 @@ public class AccessValidator { |
| 158 | 157 | case TENANT: |
| 159 | 158 | validateTenant(currentUser, entityId, callback); |
| 160 | 159 | return; |
| 160 | + case ENTITY_VIEW: | |
| 161 | + validateEntityView(currentUser, entityId, callback); | |
| 162 | + return; | |
| 161 | 163 | default: |
| 162 | 164 | //TODO: add support of other entities |
| 163 | 165 | throw new IllegalStateException("Not Implemented!"); |
| ... | ... | @@ -293,6 +295,27 @@ public class AccessValidator { |
| 293 | 295 | } |
| 294 | 296 | } |
| 295 | 297 | |
| 298 | + private void validateEntityView(final SecurityUser currentUser, EntityId entityId, FutureCallback<ValidationResult> callback) { | |
| 299 | + if (currentUser.isSystemAdmin()) { | |
| 300 | + callback.onSuccess(ValidationResult.accessDenied(SYSTEM_ADMINISTRATOR_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION)); | |
| 301 | + } else { | |
| 302 | + ListenableFuture<EntityView> entityViewFuture = entityViewService.findEntityViewByIdAsync(new EntityViewId(entityId.getId())); | |
| 303 | + Futures.addCallback(entityViewFuture, getCallback(callback, entityView -> { | |
| 304 | + if (entityView == null) { | |
| 305 | + return ValidationResult.entityNotFound(ENTITY_VIEW_WITH_REQUESTED_ID_NOT_FOUND); | |
| 306 | + } else { | |
| 307 | + if (!entityView.getTenantId().equals(currentUser.getTenantId())) { | |
| 308 | + return ValidationResult.accessDenied("Entity-view doesn't belong to the current Tenant!"); | |
| 309 | + } else if (currentUser.isCustomerUser() && !entityView.getCustomerId().equals(currentUser.getCustomerId())) { | |
| 310 | + return ValidationResult.accessDenied("Entity-view doesn't belong to the current Customer!"); | |
| 311 | + } else { | |
| 312 | + return ValidationResult.ok(entityView); | |
| 313 | + } | |
| 314 | + } | |
| 315 | + }), executor); | |
| 316 | + } | |
| 317 | + } | |
| 318 | + | |
| 296 | 319 | private <T, V> FutureCallback<T> getCallback(FutureCallback<ValidationResult> callback, Function<T, ValidationResult<V>> transformer) { |
| 297 | 320 | return new FutureCallback<T>() { |
| 298 | 321 | @Override | ... | ... |