Commit 8c9213cff5fc56e0c9143f64a5ee0ba0d1e3262d
Committed by
Andrew Shvayka
Andrew Shvayka
1 parent
6b008e52
Provide querying by customer for API usage states
Showing
2 changed files
with
24 additions
and
3 deletions
| ... | ... | @@ -16,10 +16,13 @@ |
| 16 | 16 | package org.thingsboard.server.common.data.query; |
| 17 | 17 | |
| 18 | 18 | import lombok.Data; |
| 19 | -import org.thingsboard.server.common.data.id.EntityId; | |
| 19 | +import org.thingsboard.server.common.data.id.CustomerId; | |
| 20 | 20 | |
| 21 | 21 | @Data |
| 22 | 22 | public class ApiUsageStateFilter implements EntityFilter { |
| 23 | + | |
| 24 | + private CustomerId customerId; | |
| 25 | + | |
| 23 | 26 | @Override |
| 24 | 27 | public EntityFilterType getType() { |
| 25 | 28 | return EntityFilterType.API_USAGE_STATE; | ... | ... |
| ... | ... | @@ -25,6 +25,7 @@ import org.thingsboard.server.common.data.id.CustomerId; |
| 25 | 25 | import org.thingsboard.server.common.data.id.EntityId; |
| 26 | 26 | import org.thingsboard.server.common.data.id.TenantId; |
| 27 | 27 | import org.thingsboard.server.common.data.page.PageData; |
| 28 | +import org.thingsboard.server.common.data.query.ApiUsageStateFilter; | |
| 28 | 29 | import org.thingsboard.server.common.data.query.AssetSearchQueryFilter; |
| 29 | 30 | import org.thingsboard.server.common.data.query.AssetTypeFilter; |
| 30 | 31 | import org.thingsboard.server.common.data.query.DeviceSearchQueryFilter; |
| ... | ... | @@ -219,8 +220,9 @@ public class DefaultEntityQueryRepository implements EntityQueryRepository { |
| 219 | 220 | " THEN (select additional_info from edge where id = entity_id)" + |
| 220 | 221 | " END as additional_info"; |
| 221 | 222 | |
| 222 | - private static final String SELECT_API_USAGE_STATE = "(select aus.id, aus.created_time, aus.tenant_id, '13814000-1dd2-11b2-8080-808080808080'::uuid as customer_id, " + | |
| 223 | - "(select title from tenant where id = aus.tenant_id) as name from api_usage_state as aus)"; | |
| 223 | + private static final String SELECT_API_USAGE_STATE = "(select aus.id, aus.created_time, aus.tenant_id, aus.entity_id, " + | |
| 224 | + "coalesce((select title from tenant where id = aus.entity_id), (select title from customer where id = aus.entity_id)) as name " + | |
| 225 | + "from api_usage_state as aus)"; | |
| 224 | 226 | |
| 225 | 227 | static { |
| 226 | 228 | entityTableMap.put(EntityType.ASSET, "asset"); |
| ... | ... | @@ -466,6 +468,22 @@ public class DefaultEntityQueryRepository implements EntityQueryRepository { |
| 466 | 468 | case ENTITY_VIEW_SEARCH_QUERY: |
| 467 | 469 | case EDGE_SEARCH_QUERY: |
| 468 | 470 | return this.defaultPermissionQuery(ctx); |
| 471 | + case API_USAGE_STATE: | |
| 472 | + CustomerId filterCustomerId = ((ApiUsageStateFilter) entityFilter).getCustomerId(); | |
| 473 | + if (ctx.getCustomerId() != null && !ctx.getCustomerId().isNullUid()) { | |
| 474 | + if (filterCustomerId != null && !filterCustomerId.equals(ctx.getCustomerId())) { | |
| 475 | + throw new SecurityException("Customer is not allowed to query other customer's data"); | |
| 476 | + } | |
| 477 | + filterCustomerId = ctx.getCustomerId(); | |
| 478 | + } | |
| 479 | + | |
| 480 | + ctx.addUuidParameter("permissions_tenant_id", ctx.getTenantId().getId()); | |
| 481 | + if (filterCustomerId != null) { | |
| 482 | + ctx.addUuidParameter("permissions_customer_id", filterCustomerId.getId()); | |
| 483 | + return "e.tenant_id=:permissions_tenant_id and e.entity_id=:permissions_customer_id"; | |
| 484 | + } else { | |
| 485 | + return "e.tenant_id=:permissions_tenant_id and e.entity_id=:permissions_tenant_id"; | |
| 486 | + } | |
| 469 | 487 | default: |
| 470 | 488 | if (ctx.getEntityType() == EntityType.TENANT) { |
| 471 | 489 | ctx.addUuidParameter("permissions_tenant_id", ctx.getTenantId().getId()); | ... | ... |