controllers improvements

@@ -85,12 +85,7 @@ public class AlarmController extends BaseController {
         try {
             alarm.setTenantId(getCurrentUser().getTenantId());
 
-            if (alarm.getId() == null) {
-                accessControlService
-                        .checkPermission(getCurrentUser(), Resource.ALARM, Operation.CREATE, alarm.getId(), alarm);
-            } else {
-                checkAlarmId(alarm.getId(), Operation.WRITE);
-            }
+           checkEntity(alarm.getId(), alarm);
 
             Alarm savedAlarm = checkNotNull(alarmService.createOrUpdateAlarm(alarm));
             logEntityAction(savedAlarm.getId(), savedAlarm,

@@ -76,12 +76,7 @@ public class AssetController extends BaseController {
         try {
             asset.setTenantId(getCurrentUser().getTenantId());
 
-            if (asset.getId() == null) {
-                accessControlService
-                        .checkPermission(getCurrentUser(), Resource.ASSET, Operation.CREATE, asset.getId(), asset);
-            } else {
-                checkAssetId(asset.getId(), Operation.WRITE);
-            }
+           checkEntity(asset.getId(), asset);
 
             Asset savedAsset = checkNotNull(assetService.saveAsset(asset));
 

@@ -26,6 +26,7 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.thingsboard.server.common.data.BaseData;
 import org.thingsboard.server.common.data.Customer;
 import org.thingsboard.server.common.data.Dashboard;
 import org.thingsboard.server.common.data.DashboardInfo;
@@ -103,7 +104,6 @@ import org.thingsboard.server.service.state.DeviceStateService;
 import org.thingsboard.server.service.telemetry.TelemetrySubscriptionService;
 
 import javax.mail.MessagingException;
-import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.util.List;
 import java.util.Optional;
@@ -330,11 +330,23 @@ public abstract class BaseController {
         }
     }
 
+    protected <I extends EntityId, T extends HasTenantId> void checkEntity(I entityId, T entity) throws ThingsboardException {
+        if (entityId == null) {
+            accessControlService
+                    .checkPermission(getCurrentUser(), Resource.ALARM, Operation.CREATE, null, entity);
+        } else {
+            checkEntityId(entityId, Operation.WRITE);
+        }
+    }
+
     protected void checkEntityId(EntityId entityId, Operation operation) throws ThingsboardException {
         try {
             checkNotNull(entityId);
             validateId(entityId.getId(), "Incorrect entityId " + entityId);
             switch (entityId.getEntityType()) {
+                case ALARM:
+                    checkAlarmId(new AlarmId(entityId.getId()), operation);
+                    return;
                 case DEVICE:
                     checkDeviceId(new DeviceId(entityId.getId()), operation);
                     return;
@@ -362,6 +374,12 @@ public abstract class BaseController {
                 case ENTITY_VIEW:
                     checkEntityViewId(new EntityViewId(entityId.getId()), operation);
                     return;
+                case WIDGETS_BUNDLE:
+                    checkWidgetsBundleId(new WidgetsBundleId(entityId.getId()), operation);
+                    return;
+                case WIDGET_TYPE:
+                    checkWidgetTypeId(new WidgetTypeId(entityId.getId()), operation);
+                    return;
                 default:
                     throw new IllegalArgumentException("Unsupported entity type: " + entityId.getEntityType());
             }

@@ -100,12 +100,7 @@ public class CustomerController extends BaseController {
         try {
             customer.setTenantId(getCurrentUser().getTenantId());
 
-            if (customer.getId() == null) {
-                accessControlService
-                        .checkPermission(getCurrentUser(), Resource.CUSTOMER, Operation.CREATE, customer.getId(), customer);
-            } else {
-                checkCustomerId(customer.getId(), Operation.WRITE);
-            }
+            checkEntity(customer.getId(), customer);
 
             Customer savedCustomer = checkNotNull(customerService.saveCustomer(customer));
 

@@ -92,12 +92,7 @@ public class DeviceController extends BaseController {
         try {
             device.setTenantId(getCurrentUser().getTenantId());
 
-            if (device.getId() == null) {
-                accessControlService
-                        .checkPermission(getCurrentUser(), Resource.DEVICE, Operation.CREATE, device.getId(), device);
-            } else {
-                checkDeviceId(device.getId(), Operation.WRITE);
-            }
+            checkEntity(device.getId(), device);
 
             Device savedDevice = checkNotNull(deviceService.saveDeviceWithAccessToken(device, accessToken));
 

@@ -92,12 +92,7 @@ public class EntityViewController extends BaseController {
         try {
             entityView.setTenantId(getCurrentUser().getTenantId());
 
-            if (entityView.getId() == null) {
-                accessControlService
-                        .checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, Operation.CREATE, entityView.getId(), entityView);
-            } else {
-                checkEntityViewId(entityView.getId(), Operation.WRITE);
-            }
+            checkEntity(entityView.getId(), entityView);
 
             EntityView savedEntityView = checkNotNull(entityViewService.saveEntityView(entityView));
             List<ListenableFuture<List<Void>>> futures = new ArrayList<>();

@@ -126,12 +126,7 @@ public class RuleChainController extends BaseController {
             boolean created = ruleChain.getId() == null;
             ruleChain.setTenantId(getCurrentUser().getTenantId());
 
-            if (created) {
-                accessControlService
-                        .checkPermission(getCurrentUser(), Resource.RULE_CHAIN, Operation.CREATE, ruleChain.getId(), ruleChain);
-            } else {
-                checkRuleChain(ruleChain.getId(), Operation.WRITE);
-            }
+            checkEntity(ruleChain.getId(), ruleChain);
 
             RuleChain savedRuleChain = checkNotNull(ruleChainService.saveRuleChain(ruleChain));
 

@@ -72,12 +72,7 @@ public class TenantController extends BaseController {
         try {
             boolean newTenant = tenant.getId() == null;
 
-            if (newTenant) {
-                accessControlService
-                        .checkPermission(getCurrentUser(), Resource.TENANT, Operation.CREATE, tenant.getId(), tenant);
-            } else {
-                checkTenantId(tenant.getId(), Operation.WRITE);
-            }
+            checkEntity(tenant.getId(), tenant);
 
             tenant = checkNotNull(tenantService.saveTenant(tenant));
             if (newTenant) {

@@ -138,12 +138,7 @@ public class UserController extends BaseController {
                 user.setTenantId(getCurrentUser().getTenantId());
             }
 
-            if (user.getId() == null) {
-                accessControlService
-                        .checkPermission(getCurrentUser(), Resource.USER, Operation.CREATE, user.getId(), user);
-            } else {
-                checkUserId(user.getId(), Operation.WRITE);
-            }
+            checkEntity(user.getId(), user);
 
             boolean sendEmail = user.getId() == null && sendActivationMail;
             User savedUser = checkNotNull(userService.saveUser(user));

@@ -66,12 +66,7 @@ public class WidgetTypeController extends BaseController {
                 widgetType.setTenantId(getCurrentUser().getTenantId());
             }
 
-            if (widgetType.getId() == null) {
-                accessControlService
-                        .checkPermission(getCurrentUser(), Resource.WIDGET_TYPE, Operation.CREATE, widgetType.getId(), widgetType);
-            } else {
-                checkWidgetTypeId(widgetType.getId(), Operation.WRITE);
-            }
+            checkEntity(widgetType.getId(), widgetType);
 
             return checkNotNull(widgetTypeService.saveWidgetType(widgetType));
         } catch (Exception e) {

@@ -61,11 +61,7 @@ public class WidgetsBundleController extends BaseController {
     @ResponseBody
     public WidgetsBundle saveWidgetsBundle(@RequestBody WidgetsBundle widgetsBundle) throws ThingsboardException {
         try {
-            if (getCurrentUser().getAuthority() == Authority.SYS_ADMIN) {
-                widgetsBundle.setTenantId(TenantId.SYS_TENANT_ID);
-            } else {
-                widgetsBundle.setTenantId(getCurrentUser().getTenantId());
-            }
+            checkEntity(widgetsBundle.getId(), widgetsBundle);
 
             if (widgetsBundle.getId() == null) {
                 accessControlService