Commit 61da5d5d6e17685c3a57cacc07b693ca1a4adcb8
1 parent
80c2721d
Was addet to validate instance of entity-view
Showing
1 changed file
with
31 additions
and
8 deletions
| @@ -26,17 +26,11 @@ import org.springframework.stereotype.Component; | @@ -26,17 +26,11 @@ import org.springframework.stereotype.Component; | ||
| 26 | import org.springframework.web.context.request.async.DeferredResult; | 26 | import org.springframework.web.context.request.async.DeferredResult; |
| 27 | import org.thingsboard.server.common.data.Customer; | 27 | import org.thingsboard.server.common.data.Customer; |
| 28 | import org.thingsboard.server.common.data.Device; | 28 | import org.thingsboard.server.common.data.Device; |
| 29 | +import org.thingsboard.server.common.data.EntityView; | ||
| 29 | import org.thingsboard.server.common.data.Tenant; | 30 | import org.thingsboard.server.common.data.Tenant; |
| 30 | import org.thingsboard.server.common.data.asset.Asset; | 31 | import org.thingsboard.server.common.data.asset.Asset; |
| 31 | import org.thingsboard.server.common.data.exception.ThingsboardException; | 32 | import org.thingsboard.server.common.data.exception.ThingsboardException; |
| 32 | -import org.thingsboard.server.common.data.id.AssetId; | ||
| 33 | -import org.thingsboard.server.common.data.id.CustomerId; | ||
| 34 | -import org.thingsboard.server.common.data.id.DeviceId; | ||
| 35 | -import org.thingsboard.server.common.data.id.EntityId; | ||
| 36 | -import org.thingsboard.server.common.data.id.EntityIdFactory; | ||
| 37 | -import org.thingsboard.server.common.data.id.RuleChainId; | ||
| 38 | -import org.thingsboard.server.common.data.id.RuleNodeId; | ||
| 39 | -import org.thingsboard.server.common.data.id.TenantId; | 33 | +import org.thingsboard.server.common.data.id.*; |
| 40 | import org.thingsboard.server.common.data.rule.RuleChain; | 34 | import org.thingsboard.server.common.data.rule.RuleChain; |
| 41 | import org.thingsboard.server.common.data.rule.RuleNode; | 35 | import org.thingsboard.server.common.data.rule.RuleNode; |
| 42 | import org.thingsboard.server.controller.HttpValidationCallback; | 36 | import org.thingsboard.server.controller.HttpValidationCallback; |
| @@ -44,6 +38,7 @@ import org.thingsboard.server.dao.alarm.AlarmService; | @@ -44,6 +38,7 @@ import org.thingsboard.server.dao.alarm.AlarmService; | ||
| 44 | import org.thingsboard.server.dao.asset.AssetService; | 38 | import org.thingsboard.server.dao.asset.AssetService; |
| 45 | import org.thingsboard.server.dao.customer.CustomerService; | 39 | import org.thingsboard.server.dao.customer.CustomerService; |
| 46 | import org.thingsboard.server.dao.device.DeviceService; | 40 | import org.thingsboard.server.dao.device.DeviceService; |
| 41 | +import org.thingsboard.server.dao.entityview.EntityViewService; | ||
| 47 | import org.thingsboard.server.dao.rule.RuleChainService; | 42 | import org.thingsboard.server.dao.rule.RuleChainService; |
| 48 | import org.thingsboard.server.dao.tenant.TenantService; | 43 | import org.thingsboard.server.dao.tenant.TenantService; |
| 49 | import org.thingsboard.server.dao.user.UserService; | 44 | import org.thingsboard.server.dao.user.UserService; |
| @@ -66,6 +61,7 @@ public class AccessValidator { | @@ -66,6 +61,7 @@ public class AccessValidator { | ||
| 66 | public static final String CUSTOMER_USER_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION = "Customer user is not allowed to perform this operation!"; | 61 | public static final String CUSTOMER_USER_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION = "Customer user is not allowed to perform this operation!"; |
| 67 | public static final String SYSTEM_ADMINISTRATOR_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION = "System administrator is not allowed to perform this operation!"; | 62 | public static final String SYSTEM_ADMINISTRATOR_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION = "System administrator is not allowed to perform this operation!"; |
| 68 | public static final String DEVICE_WITH_REQUESTED_ID_NOT_FOUND = "Device with requested id wasn't found!"; | 63 | public static final String DEVICE_WITH_REQUESTED_ID_NOT_FOUND = "Device with requested id wasn't found!"; |
| 64 | + public static final String ENTITY_VIEW_WITH_REQUESTED_ID_NOT_FOUND = "Entity-view with requested id wasn't found!"; | ||
| 69 | 65 | ||
| 70 | @Autowired | 66 | @Autowired |
| 71 | protected TenantService tenantService; | 67 | protected TenantService tenantService; |
| @@ -88,6 +84,9 @@ public class AccessValidator { | @@ -88,6 +84,9 @@ public class AccessValidator { | ||
| 88 | @Autowired | 84 | @Autowired |
| 89 | protected RuleChainService ruleChainService; | 85 | protected RuleChainService ruleChainService; |
| 90 | 86 | ||
| 87 | + @Autowired | ||
| 88 | + protected EntityViewService entityViewService; | ||
| 89 | + | ||
| 91 | private ExecutorService executor; | 90 | private ExecutorService executor; |
| 92 | 91 | ||
| 93 | @PostConstruct | 92 | @PostConstruct |
| @@ -158,6 +157,9 @@ public class AccessValidator { | @@ -158,6 +157,9 @@ public class AccessValidator { | ||
| 158 | case TENANT: | 157 | case TENANT: |
| 159 | validateTenant(currentUser, entityId, callback); | 158 | validateTenant(currentUser, entityId, callback); |
| 160 | return; | 159 | return; |
| 160 | + case ENTITY_VIEW: | ||
| 161 | + validateEntityView(currentUser, entityId, callback); | ||
| 162 | + return; | ||
| 161 | default: | 163 | default: |
| 162 | //TODO: add support of other entities | 164 | //TODO: add support of other entities |
| 163 | throw new IllegalStateException("Not Implemented!"); | 165 | throw new IllegalStateException("Not Implemented!"); |
| @@ -293,6 +295,27 @@ public class AccessValidator { | @@ -293,6 +295,27 @@ public class AccessValidator { | ||
| 293 | } | 295 | } |
| 294 | } | 296 | } |
| 295 | 297 | ||
| 298 | + private void validateEntityView(final SecurityUser currentUser, EntityId entityId, FutureCallback<ValidationResult> callback) { | ||
| 299 | + if (currentUser.isSystemAdmin()) { | ||
| 300 | + callback.onSuccess(ValidationResult.accessDenied(SYSTEM_ADMINISTRATOR_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION)); | ||
| 301 | + } else { | ||
| 302 | + ListenableFuture<EntityView> entityViewFuture = entityViewService.findEntityViewByIdAsync(new EntityViewId(entityId.getId())); | ||
| 303 | + Futures.addCallback(entityViewFuture, getCallback(callback, entityView -> { | ||
| 304 | + if (entityView == null) { | ||
| 305 | + return ValidationResult.entityNotFound(ENTITY_VIEW_WITH_REQUESTED_ID_NOT_FOUND); | ||
| 306 | + } else { | ||
| 307 | + if (!entityView.getTenantId().equals(currentUser.getTenantId())) { | ||
| 308 | + return ValidationResult.accessDenied("Entity-view doesn't belong to the current Tenant!"); | ||
| 309 | + } else if (currentUser.isCustomerUser() && !entityView.getCustomerId().equals(currentUser.getCustomerId())) { | ||
| 310 | + return ValidationResult.accessDenied("Entity-view doesn't belong to the current Customer!"); | ||
| 311 | + } else { | ||
| 312 | + return ValidationResult.ok(entityView); | ||
| 313 | + } | ||
| 314 | + } | ||
| 315 | + }), executor); | ||
| 316 | + } | ||
| 317 | + } | ||
| 318 | + | ||
| 296 | private <T, V> FutureCallback<T> getCallback(FutureCallback<ValidationResult> callback, Function<T, ValidationResult<V>> transformer) { | 319 | private <T, V> FutureCallback<T> getCallback(FutureCallback<ValidationResult> callback, Function<T, ValidationResult<V>> transformer) { |
| 297 | return new FutureCallback<T>() { | 320 | return new FutureCallback<T>() { |
| 298 | @Override | 321 | @Override |