简柏林 / thingskit · Commits

Commit 8683357d7348ace5eaef5e5dfbfa00cdb0afe94c

Authored by YevhenBondarenko
1 parent 5e40f16d

controllers improvements

Inline Side-by-side
Showing 11 changed files with 88 additions and 60 deletions
... ... @@ -28,7 +28,6 @@ import org.springframework.web.bind.annotation.ResponseStatus;
28 28 import org.springframework.web.bind.annotation.RestController;
29 29 import org.thingsboard.server.common.data.EntityType;
30 30 import org.thingsboard.server.common.data.alarm.Alarm;
31   -import org.thingsboard.server.common.data.id.AlarmId;
32 31 import org.thingsboard.server.common.data.alarm.AlarmInfo;
33 32 import org.thingsboard.server.common.data.alarm.AlarmQuery;
34 33 import org.thingsboard.server.common.data.alarm.AlarmSearchStatus;
... ... @@ -37,6 +36,7 @@ import org.thingsboard.server.common.data.alarm.AlarmStatus;
37 36 import org.thingsboard.server.common.data.audit.ActionType;
38 37 import org.thingsboard.server.common.data.exception.ThingsboardErrorCode;
39 38 import org.thingsboard.server.common.data.exception.ThingsboardException;
  39 +import org.thingsboard.server.common.data.id.AlarmId;
40 40 import org.thingsboard.server.common.data.id.EntityId;
41 41 import org.thingsboard.server.common.data.id.EntityIdFactory;
42 42 import org.thingsboard.server.common.data.page.TimePageData;
... ... @@ -84,8 +84,14 @@ public class AlarmController extends BaseController {
84 84 public Alarm saveAlarm(@RequestBody Alarm alarm) throws ThingsboardException {
85 85 try {
86 86 alarm.setTenantId(getCurrentUser().getTenantId());
87   - Operation operation = alarm.getId() == null ? Operation.CREATE : Operation.WRITE;
88   - accessControlService.checkPermission(getCurrentUser(), Resource.ALARM, operation, alarm.getId(), alarm);
  87 +
  88 + if (alarm.getId() == null) {
  89 + accessControlService
  90 + .checkPermission(getCurrentUser(), Resource.ALARM, Operation.CREATE, alarm.getId(), alarm);
  91 + } else {
  92 + checkAlarmId(alarm.getId(), Operation.WRITE);
  93 + }
  94 +
89 95 Alarm savedAlarm = checkNotNull(alarmService.createOrUpdateAlarm(alarm));
90 96 logEntityAction(savedAlarm.getId(), savedAlarm,
91 97 getCurrentUser().getCustomerId(),
... ...
... ... @@ -76,18 +76,20 @@ public class AssetController extends BaseController {
76 76 try {
77 77 asset.setTenantId(getCurrentUser().getTenantId());
78 78
79   - Operation operation = asset.getId() == null ? Operation.CREATE : Operation.WRITE;
80   -
81   - accessControlService.checkPermission(getCurrentUser(), Resource.ASSET, operation,
82   - asset.getId(), asset);
  79 + if (asset.getId() == null) {
  80 + accessControlService
  81 + .checkPermission(getCurrentUser(), Resource.ASSET, Operation.CREATE, asset.getId(), asset);
  82 + } else {
  83 + checkAssetId(asset.getId(), Operation.WRITE);
  84 + }
83 85
84   - Asset savedAsset = checkNotNull(assetService.saveAsset(asset));
  86 + Asset savedAsset = checkNotNull(assetService.saveAsset(asset));
85 87
86 88 logEntityAction(savedAsset.getId(), savedAsset,
87 89 savedAsset.getCustomerId(),
88 90 asset.getId() == null ? ActionType.ADDED : ActionType.UPDATED, null);
89 91
90   - return savedAsset;
  92 + return savedAsset;
91 93 } catch (Exception e) {
92 94 logEntityAction(emptyId(EntityType.ASSET), asset,
93 95 null, asset.getId() == null ? ActionType.ADDED : ActionType.UPDATED, e);
... ... @@ -138,7 +140,7 @@ public class AssetController extends BaseController {
138 140 savedAsset.getCustomerId(),
139 141 ActionType.ASSIGNED_TO_CUSTOMER, null, strAssetId, strCustomerId, customer.getName());
140 142
141   - return savedAsset;
  143 + return savedAsset;
142 144 } catch (Exception e) {
143 145
144 146 logEntityAction(emptyId(EntityType.ASSET), null,
... ... @@ -218,7 +220,7 @@ public class AssetController extends BaseController {
218 220 try {
219 221 TenantId tenantId = getCurrentUser().getTenantId();
220 222 TextPageLink pageLink = createPageLink(limit, textSearch, idOffset, textOffset);
221   - if (type != null && type.trim().length()>0) {
  223 + if (type != null && type.trim().length() > 0) {
222 224 return checkNotNull(assetService.findAssetsByTenantIdAndType(tenantId, type, pageLink));
223 225 } else {
224 226 return checkNotNull(assetService.findAssetsByTenantId(tenantId, pageLink));
... ... @@ -257,7 +259,7 @@ public class AssetController extends BaseController {
257 259 CustomerId customerId = new CustomerId(toUUID(strCustomerId));
258 260 checkCustomerId(customerId, Operation.READ);
259 261 TextPageLink pageLink = createPageLink(limit, textSearch, idOffset, textOffset);
260   - if (type != null && type.trim().length()>0) {
  262 + if (type != null && type.trim().length() > 0) {
261 263 return checkNotNull(assetService.findAssetsByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink));
262 264 } else {
263 265 return checkNotNull(assetService.findAssetsByTenantIdAndCustomerId(tenantId, customerId, pageLink));
... ...
... ... @@ -100,8 +100,12 @@ public class CustomerController extends BaseController {
100 100 try {
101 101 customer.setTenantId(getCurrentUser().getTenantId());
102 102
103   - Operation operation = customer.getId() == null ? Operation.CREATE : Operation.WRITE;
104   - accessControlService.checkPermission(getCurrentUser(), Resource.CUSTOMER, operation, customer.getId(), customer);
  103 + if (customer.getId() == null) {
  104 + accessControlService
  105 + .checkPermission(getCurrentUser(), Resource.CUSTOMER, Operation.CREATE, customer.getId(), customer);
  106 + } else {
  107 + checkCustomerId(customer.getId(), Operation.WRITE);
  108 + }
105 109
106 110 Customer savedCustomer = checkNotNull(customerService.saveCustomer(customer));
107 111
... ...
... ... @@ -100,15 +100,17 @@ public class DashboardController extends BaseController {
100 100
101 101 @PreAuthorize("hasAuthority('TENANT_ADMIN')")
102 102 @RequestMapping(value = "/dashboard", method = RequestMethod.POST)
103   - @ResponseBody
  103 + @ResponseBody
104 104 public Dashboard saveDashboard(@RequestBody Dashboard dashboard) throws ThingsboardException {
105 105 try {
106 106 dashboard.setTenantId(getCurrentUser().getTenantId());
107 107
108   - Operation operation = dashboard.getId() == null ? Operation.CREATE : Operation.WRITE;
109   -
110   - accessControlService.checkPermission(getCurrentUser(), Resource.DASHBOARD, operation,
111   - dashboard.getId(), dashboard);
  108 + if (dashboard.getId() == null) {
  109 + accessControlService
  110 + .checkPermission(getCurrentUser(), Resource.DASHBOARD, Operation.CREATE, dashboard.getId(), dashboard);
  111 + } else {
  112 + checkDashboardId(dashboard.getId(), Operation.WRITE);
  113 + }
112 114
113 115 Dashboard savedDashboard = checkNotNull(dashboardService.saveDashboard(dashboard));
114 116
... ... @@ -152,9 +154,9 @@ public class DashboardController extends BaseController {
152 154
153 155 @PreAuthorize("hasAuthority('TENANT_ADMIN')")
154 156 @RequestMapping(value = "/customer/{customerId}/dashboard/{dashboardId}", method = RequestMethod.POST)
155   - @ResponseBody
  157 + @ResponseBody
156 158 public Dashboard assignDashboardToCustomer(@PathVariable("customerId") String strCustomerId,
157   - @PathVariable(DASHBOARD_ID) String strDashboardId) throws ThingsboardException {
  159 + @PathVariable(DASHBOARD_ID) String strDashboardId) throws ThingsboardException {
158 160 checkParameter("customerId", strCustomerId);
159 161 checkParameter(DASHBOARD_ID, strDashboardId);
160 162 try {
... ... @@ -163,7 +165,7 @@ public class DashboardController extends BaseController {
163 165
164 166 DashboardId dashboardId = new DashboardId(toUUID(strDashboardId));
165 167 checkDashboardId(dashboardId, Operation.ASSIGN_TO_CUSTOMER);
166   -
  168 +
167 169 Dashboard savedDashboard = checkNotNull(dashboardService.assignDashboardToCustomer(getCurrentUser().getTenantId(), dashboardId, customerId));
168 170
169 171 logEntityAction(dashboardId, savedDashboard,
... ... @@ -184,7 +186,7 @@ public class DashboardController extends BaseController {
184 186
185 187 @PreAuthorize("hasAuthority('TENANT_ADMIN')")
186 188 @RequestMapping(value = "/customer/{customerId}/dashboard/{dashboardId}", method = RequestMethod.DELETE)
187   - @ResponseBody
  189 + @ResponseBody
188 190 public Dashboard unassignDashboardFromCustomer(@PathVariable("customerId") String strCustomerId,
189 191 @PathVariable(DASHBOARD_ID) String strDashboardId) throws ThingsboardException {
190 192 checkParameter("customerId", strCustomerId);
... ... @@ -418,7 +420,7 @@ public class DashboardController extends BaseController {
418 420 }
419 421
420 422 @PreAuthorize("hasAuthority('SYS_ADMIN')")
421   - @RequestMapping(value = "/tenant/{tenantId}/dashboards", params = { "limit" }, method = RequestMethod.GET)
  423 + @RequestMapping(value = "/tenant/{tenantId}/dashboards", params = {"limit"}, method = RequestMethod.GET)
422 424 @ResponseBody
423 425 public TextPageData<DashboardInfo> getTenantDashboards(
424 426 @PathVariable("tenantId") String strTenantId,
... ... @@ -437,7 +439,7 @@ public class DashboardController extends BaseController {
437 439 }
438 440
439 441 @PreAuthorize("hasAuthority('TENANT_ADMIN')")
440   - @RequestMapping(value = "/tenant/dashboards", params = { "limit" }, method = RequestMethod.GET)
  442 + @RequestMapping(value = "/tenant/dashboards", params = {"limit"}, method = RequestMethod.GET)
441 443 @ResponseBody
442 444 public TextPageData<DashboardInfo> getTenantDashboards(
443 445 @RequestParam int limit,
... ... @@ -454,7 +456,7 @@ public class DashboardController extends BaseController {
454 456 }
455 457
456 458 @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
457   - @RequestMapping(value = "/customer/{customerId}/dashboards", params = { "limit" }, method = RequestMethod.GET)
  459 + @RequestMapping(value = "/customer/{customerId}/dashboards", params = {"limit"}, method = RequestMethod.GET)
458 460 @ResponseBody
459 461 public TimePageData<DashboardInfo> getCustomerDashboards(
460 462 @PathVariable("customerId") String strCustomerId,
... ...
... ... @@ -92,10 +92,12 @@ public class DeviceController extends BaseController {
92 92 try {
93 93 device.setTenantId(getCurrentUser().getTenantId());
94 94
95   - Operation operation = device.getId() == null ? Operation.CREATE : Operation.WRITE;
96   -
97   - accessControlService.checkPermission(getCurrentUser(), Resource.DEVICE, operation,
98   - device.getId(), device);
  95 + if (device.getId() == null) {
  96 + accessControlService
  97 + .checkPermission(getCurrentUser(), Resource.DEVICE, Operation.CREATE, device.getId(), device);
  98 + } else {
  99 + checkDeviceId(device.getId(), Operation.WRITE);
  100 + }
99 101
100 102 Device savedDevice = checkNotNull(deviceService.saveDeviceWithAccessToken(device, accessToken));
101 103
... ...
... ... @@ -92,10 +92,12 @@ public class EntityViewController extends BaseController {
92 92 try {
93 93 entityView.setTenantId(getCurrentUser().getTenantId());
94 94
95   - Operation operation = entityView.getId() == null ? Operation.CREATE : Operation.WRITE;
96   -
97   - accessControlService.checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, operation,
98   - entityView.getId(), entityView);
  95 + if (entityView.getId() == null) {
  96 + accessControlService
  97 + .checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, Operation.CREATE, entityView.getId(), entityView);
  98 + } else {
  99 + checkEntityViewId(entityView.getId(), Operation.WRITE);
  100 + }
99 101
100 102 EntityView savedEntityView = checkNotNull(entityViewService.saveEntityView(entityView));
101 103 List<ListenableFuture<List<Void>>> futures = new ArrayList<>();
... ...
... ... @@ -126,10 +126,12 @@ public class RuleChainController extends BaseController {
126 126 boolean created = ruleChain.getId() == null;
127 127 ruleChain.setTenantId(getCurrentUser().getTenantId());
128 128
129   - Operation operation = created ? Operation.CREATE : Operation.WRITE;
130   -
131   - accessControlService.checkPermission(getCurrentUser(), Resource.RULE_CHAIN, operation,
132   - ruleChain.getId(), ruleChain);
  129 + if (created) {
  130 + accessControlService
  131 + .checkPermission(getCurrentUser(), Resource.RULE_CHAIN, Operation.CREATE, ruleChain.getId(), ruleChain);
  132 + } else {
  133 + checkRuleChain(ruleChain.getId(), Operation.WRITE);
  134 + }
133 135
134 136 RuleChain savedRuleChain = checkNotNull(ruleChainService.saveRuleChain(ruleChain));
135 137
... ...
... ... @@ -72,10 +72,13 @@ public class TenantController extends BaseController {
72 72 try {
73 73 boolean newTenant = tenant.getId() == null;
74 74
75   - Operation operation = newTenant ? Operation.CREATE : Operation.WRITE;
  75 + if (newTenant) {
  76 + accessControlService
  77 + .checkPermission(getCurrentUser(), Resource.TENANT, Operation.CREATE, tenant.getId(), tenant);
  78 + } else {
  79 + checkTenantId(tenant.getId(), Operation.WRITE);
  80 + }
76 81
77   - accessControlService.checkPermission(getCurrentUser(), Resource.TENANT, operation,
78   - tenant.getId(), tenant);
79 82 tenant = checkNotNull(tenantService.saveTenant(tenant));
80 83 if (newTenant) {
81 84 installScripts.createDefaultRuleChains(tenant.getId());
... ...
... ... @@ -132,17 +132,18 @@ public class UserController extends BaseController {
132 132 @ResponseBody
133 133 public User saveUser(@RequestBody User user,
134 134 @RequestParam(required = false, defaultValue = "true") boolean sendActivationMail,
135   - HttpServletRequest request) throws ThingsboardException {
  135 + HttpServletRequest request) throws ThingsboardException {
136 136 try {
137   -
138 137 if (getCurrentUser().getAuthority() == Authority.TENANT_ADMIN) {
139 138 user.setTenantId(getCurrentUser().getTenantId());
140 139 }
141 140
142   - Operation operation = user.getId() == null ? Operation.CREATE : Operation.WRITE;
143   -
144   - accessControlService.checkPermission(getCurrentUser(), Resource.USER, operation,
145   - user.getId(), user);
  141 + if (user.getId() == null) {
  142 + accessControlService
  143 + .checkPermission(getCurrentUser(), Resource.USER, Operation.CREATE, user.getId(), user);
  144 + } else {
  145 + checkUserId(user.getId(), Operation.WRITE);
  146 + }
146 147
147 148 boolean sendEmail = user.getId() == null && sendActivationMail;
148 149 User savedUser = checkNotNull(userService.saveUser(user));
... ... @@ -250,7 +251,7 @@ public class UserController extends BaseController {
250 251 }
251 252
252 253 @PreAuthorize("hasAuthority('SYS_ADMIN')")
253   - @RequestMapping(value = "/tenant/{tenantId}/users", params = { "limit" }, method = RequestMethod.GET)
  254 + @RequestMapping(value = "/tenant/{tenantId}/users", params = {"limit"}, method = RequestMethod.GET)
254 255 @ResponseBody
255 256 public TextPageData<User> getTenantAdmins(
256 257 @PathVariable("tenantId") String strTenantId,
... ... @@ -269,7 +270,7 @@ public class UserController extends BaseController {
269 270 }
270 271
271 272 @PreAuthorize("hasAuthority('TENANT_ADMIN')")
272   - @RequestMapping(value = "/customer/{customerId}/users", params = { "limit" }, method = RequestMethod.GET)
  273 + @RequestMapping(value = "/customer/{customerId}/users", params = {"limit"}, method = RequestMethod.GET)
273 274 @ResponseBody
274 275 public TextPageData<User> getCustomerUsers(
275 276 @PathVariable("customerId") String strCustomerId,
... ...
... ... @@ -66,10 +66,12 @@ public class WidgetTypeController extends BaseController {
66 66 widgetType.setTenantId(getCurrentUser().getTenantId());
67 67 }
68 68
69   - Operation operation = widgetType.getId() == null ? Operation.CREATE : Operation.WRITE;
70   -
71   - accessControlService.checkPermission(getCurrentUser(), Resource.WIDGET_TYPE, operation,
72   - widgetType.getId(), widgetType);
  69 + if (widgetType.getId() == null) {
  70 + accessControlService
  71 + .checkPermission(getCurrentUser(), Resource.WIDGET_TYPE, Operation.CREATE, widgetType.getId(), widgetType);
  72 + } else {
  73 + checkWidgetTypeId(widgetType.getId(), Operation.WRITE);
  74 + }
73 75
74 76 return checkNotNull(widgetTypeService.saveWidgetType(widgetType));
75 77 } catch (Exception e) {
... ... @@ -92,7 +94,7 @@ public class WidgetTypeController extends BaseController {
92 94 }
93 95
94 96 @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
95   - @RequestMapping(value = "/widgetTypes", params = { "isSystem", "bundleAlias"}, method = RequestMethod.GET)
  97 + @RequestMapping(value = "/widgetTypes", params = {"isSystem", "bundleAlias"}, method = RequestMethod.GET)
96 98 @ResponseBody
97 99 public List<WidgetType> getBundleWidgetTypes(
98 100 @RequestParam boolean isSystem,
... ... @@ -111,7 +113,7 @@ public class WidgetTypeController extends BaseController {
111 113 }
112 114
113 115 @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
114   - @RequestMapping(value = "/widgetType", params = { "isSystem", "bundleAlias", "alias" }, method = RequestMethod.GET)
  116 + @RequestMapping(value = "/widgetType", params = {"isSystem", "bundleAlias", "alias"}, method = RequestMethod.GET)
115 117 @ResponseBody
116 118 public WidgetType getWidgetType(
117 119 @RequestParam boolean isSystem,
... ...
... ... @@ -67,10 +67,12 @@ public class WidgetsBundleController extends BaseController {
67 67 widgetsBundle.setTenantId(getCurrentUser().getTenantId());
68 68 }
69 69
70   - Operation operation = widgetsBundle.getId() == null ? Operation.CREATE : Operation.WRITE;
71   -
72   - accessControlService.checkPermission(getCurrentUser(), Resource.WIDGETS_BUNDLE, operation,
73   - widgetsBundle.getId(), widgetsBundle);
  70 + if (widgetsBundle.getId() == null) {
  71 + accessControlService
  72 + .checkPermission(getCurrentUser(), Resource.WIDGETS_BUNDLE, Operation.CREATE, widgetsBundle.getId(), widgetsBundle);
  73 + } else {
  74 + checkWidgetsBundleId(widgetsBundle.getId(), Operation.WRITE);
  75 + }
74 76
75 77 return checkNotNull(widgetsBundleService.saveWidgetsBundle(widgetsBundle));
76 78 } catch (Exception e) {
... ... @@ -93,7 +95,7 @@ public class WidgetsBundleController extends BaseController {
93 95 }
94 96
95 97 @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
96   - @RequestMapping(value = "/widgetsBundles", params = { "limit" }, method = RequestMethod.GET)
  98 + @RequestMapping(value = "/widgetsBundles", params = {"limit"}, method = RequestMethod.GET)
97 99 @ResponseBody
98 100 public TextPageData<WidgetsBundle> getWidgetsBundles(
99 101 @RequestParam int limit,
... ...