简柏林 / thingskit · Commits

Commit 8d3a797f56dec1696b795b40e084c071e9c09624

Authored by YevhenBondarenko
1 parent 8683357d

controllers improvements

Inline Side-by-side
Showing 11 changed files with 29 additions and 60 deletions
@@ -85,12 +85,7 @@ public class AlarmController extends BaseController { @@ -85,12 +85,7 @@ public class AlarmController extends BaseController {
85 try { 85 try {
86 alarm.setTenantId(getCurrentUser().getTenantId()); 86 alarm.setTenantId(getCurrentUser().getTenantId());
87 87
88 - if (alarm.getId() == null) {  
89 - accessControlService  
90 - .checkPermission(getCurrentUser(), Resource.ALARM, Operation.CREATE, alarm.getId(), alarm);  
91 - } else {  
92 - checkAlarmId(alarm.getId(), Operation.WRITE);  
93 - } 88 + checkEntity(alarm.getId(), alarm);
94 89
95 Alarm savedAlarm = checkNotNull(alarmService.createOrUpdateAlarm(alarm)); 90 Alarm savedAlarm = checkNotNull(alarmService.createOrUpdateAlarm(alarm));
96 logEntityAction(savedAlarm.getId(), savedAlarm, 91 logEntityAction(savedAlarm.getId(), savedAlarm,
@@ -76,12 +76,7 @@ public class AssetController extends BaseController { @@ -76,12 +76,7 @@ public class AssetController extends BaseController {
76 try { 76 try {
77 asset.setTenantId(getCurrentUser().getTenantId()); 77 asset.setTenantId(getCurrentUser().getTenantId());
78 78
79 - if (asset.getId() == null) {  
80 - accessControlService  
81 - .checkPermission(getCurrentUser(), Resource.ASSET, Operation.CREATE, asset.getId(), asset);  
82 - } else {  
83 - checkAssetId(asset.getId(), Operation.WRITE);  
84 - } 79 + checkEntity(asset.getId(), asset);
85 80
86 Asset savedAsset = checkNotNull(assetService.saveAsset(asset)); 81 Asset savedAsset = checkNotNull(assetService.saveAsset(asset));
87 82
@@ -26,6 +26,7 @@ import org.springframework.beans.factory.annotation.Value; @@ -26,6 +26,7 @@ import org.springframework.beans.factory.annotation.Value;
26 import org.springframework.security.core.Authentication; 26 import org.springframework.security.core.Authentication;
27 import org.springframework.security.core.context.SecurityContextHolder; 27 import org.springframework.security.core.context.SecurityContextHolder;
28 import org.springframework.web.bind.annotation.ExceptionHandler; 28 import org.springframework.web.bind.annotation.ExceptionHandler;
  29 +import org.thingsboard.server.common.data.BaseData;
29 import org.thingsboard.server.common.data.Customer; 30 import org.thingsboard.server.common.data.Customer;
30 import org.thingsboard.server.common.data.Dashboard; 31 import org.thingsboard.server.common.data.Dashboard;
31 import org.thingsboard.server.common.data.DashboardInfo; 32 import org.thingsboard.server.common.data.DashboardInfo;
@@ -103,7 +104,6 @@ import org.thingsboard.server.service.state.DeviceStateService; @@ -103,7 +104,6 @@ import org.thingsboard.server.service.state.DeviceStateService;
103 import org.thingsboard.server.service.telemetry.TelemetrySubscriptionService; 104 import org.thingsboard.server.service.telemetry.TelemetrySubscriptionService;
104 105
105 import javax.mail.MessagingException; 106 import javax.mail.MessagingException;
106 -import javax.servlet.http.HttpServletRequest;  
107 import javax.servlet.http.HttpServletResponse; 107 import javax.servlet.http.HttpServletResponse;
108 import java.util.List; 108 import java.util.List;
109 import java.util.Optional; 109 import java.util.Optional;
@@ -330,11 +330,23 @@ public abstract class BaseController { @@ -330,11 +330,23 @@ public abstract class BaseController {
330 } 330 }
331 } 331 }
332 332
  333 + protected <I extends EntityId, T extends HasTenantId> void checkEntity(I entityId, T entity) throws ThingsboardException {
  334 + if (entityId == null) {
  335 + accessControlService
  336 + .checkPermission(getCurrentUser(), Resource.ALARM, Operation.CREATE, null, entity);
  337 + } else {
  338 + checkEntityId(entityId, Operation.WRITE);
  339 + }
  340 + }
  341 +
333 protected void checkEntityId(EntityId entityId, Operation operation) throws ThingsboardException { 342 protected void checkEntityId(EntityId entityId, Operation operation) throws ThingsboardException {
334 try { 343 try {
335 checkNotNull(entityId); 344 checkNotNull(entityId);
336 validateId(entityId.getId(), "Incorrect entityId " + entityId); 345 validateId(entityId.getId(), "Incorrect entityId " + entityId);
337 switch (entityId.getEntityType()) { 346 switch (entityId.getEntityType()) {
  347 + case ALARM:
  348 + checkAlarmId(new AlarmId(entityId.getId()), operation);
  349 + return;
338 case DEVICE: 350 case DEVICE:
339 checkDeviceId(new DeviceId(entityId.getId()), operation); 351 checkDeviceId(new DeviceId(entityId.getId()), operation);
340 return; 352 return;
@@ -362,6 +374,12 @@ public abstract class BaseController { @@ -362,6 +374,12 @@ public abstract class BaseController {
362 case ENTITY_VIEW: 374 case ENTITY_VIEW:
363 checkEntityViewId(new EntityViewId(entityId.getId()), operation); 375 checkEntityViewId(new EntityViewId(entityId.getId()), operation);
364 return; 376 return;
  377 + case WIDGETS_BUNDLE:
  378 + checkWidgetsBundleId(new WidgetsBundleId(entityId.getId()), operation);
  379 + return;
  380 + case WIDGET_TYPE:
  381 + checkWidgetTypeId(new WidgetTypeId(entityId.getId()), operation);
  382 + return;
365 default: 383 default:
366 throw new IllegalArgumentException("Unsupported entity type: " + entityId.getEntityType()); 384 throw new IllegalArgumentException("Unsupported entity type: " + entityId.getEntityType());
367 } 385 }
@@ -100,12 +100,7 @@ public class CustomerController extends BaseController { @@ -100,12 +100,7 @@ public class CustomerController extends BaseController {
100 try { 100 try {
101 customer.setTenantId(getCurrentUser().getTenantId()); 101 customer.setTenantId(getCurrentUser().getTenantId());
102 102
103 - if (customer.getId() == null) {  
104 - accessControlService  
105 - .checkPermission(getCurrentUser(), Resource.CUSTOMER, Operation.CREATE, customer.getId(), customer);  
106 - } else {  
107 - checkCustomerId(customer.getId(), Operation.WRITE);  
108 - } 103 + checkEntity(customer.getId(), customer);
109 104
110 Customer savedCustomer = checkNotNull(customerService.saveCustomer(customer)); 105 Customer savedCustomer = checkNotNull(customerService.saveCustomer(customer));
111 106
@@ -92,12 +92,7 @@ public class DeviceController extends BaseController { @@ -92,12 +92,7 @@ public class DeviceController extends BaseController {
92 try { 92 try {
93 device.setTenantId(getCurrentUser().getTenantId()); 93 device.setTenantId(getCurrentUser().getTenantId());
94 94
95 - if (device.getId() == null) {  
96 - accessControlService  
97 - .checkPermission(getCurrentUser(), Resource.DEVICE, Operation.CREATE, device.getId(), device);  
98 - } else {  
99 - checkDeviceId(device.getId(), Operation.WRITE);  
100 - } 95 + checkEntity(device.getId(), device);
101 96
102 Device savedDevice = checkNotNull(deviceService.saveDeviceWithAccessToken(device, accessToken)); 97 Device savedDevice = checkNotNull(deviceService.saveDeviceWithAccessToken(device, accessToken));
103 98
@@ -92,12 +92,7 @@ public class EntityViewController extends BaseController { @@ -92,12 +92,7 @@ public class EntityViewController extends BaseController {
92 try { 92 try {
93 entityView.setTenantId(getCurrentUser().getTenantId()); 93 entityView.setTenantId(getCurrentUser().getTenantId());
94 94
95 - if (entityView.getId() == null) {  
96 - accessControlService  
97 - .checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, Operation.CREATE, entityView.getId(), entityView);  
98 - } else {  
99 - checkEntityViewId(entityView.getId(), Operation.WRITE);  
100 - } 95 + checkEntity(entityView.getId(), entityView);
101 96
102 EntityView savedEntityView = checkNotNull(entityViewService.saveEntityView(entityView)); 97 EntityView savedEntityView = checkNotNull(entityViewService.saveEntityView(entityView));
103 List<ListenableFuture<List<Void>>> futures = new ArrayList<>(); 98 List<ListenableFuture<List<Void>>> futures = new ArrayList<>();
@@ -126,12 +126,7 @@ public class RuleChainController extends BaseController { @@ -126,12 +126,7 @@ public class RuleChainController extends BaseController {
126 boolean created = ruleChain.getId() == null; 126 boolean created = ruleChain.getId() == null;
127 ruleChain.setTenantId(getCurrentUser().getTenantId()); 127 ruleChain.setTenantId(getCurrentUser().getTenantId());
128 128
129 - if (created) {  
130 - accessControlService  
131 - .checkPermission(getCurrentUser(), Resource.RULE_CHAIN, Operation.CREATE, ruleChain.getId(), ruleChain);  
132 - } else {  
133 - checkRuleChain(ruleChain.getId(), Operation.WRITE);  
134 - } 129 + checkEntity(ruleChain.getId(), ruleChain);
135 130
136 RuleChain savedRuleChain = checkNotNull(ruleChainService.saveRuleChain(ruleChain)); 131 RuleChain savedRuleChain = checkNotNull(ruleChainService.saveRuleChain(ruleChain));
137 132
@@ -72,12 +72,7 @@ public class TenantController extends BaseController { @@ -72,12 +72,7 @@ public class TenantController extends BaseController {
72 try { 72 try {
73 boolean newTenant = tenant.getId() == null; 73 boolean newTenant = tenant.getId() == null;
74 74
75 - if (newTenant) {  
76 - accessControlService  
77 - .checkPermission(getCurrentUser(), Resource.TENANT, Operation.CREATE, tenant.getId(), tenant);  
78 - } else {  
79 - checkTenantId(tenant.getId(), Operation.WRITE);  
80 - } 75 + checkEntity(tenant.getId(), tenant);
81 76
82 tenant = checkNotNull(tenantService.saveTenant(tenant)); 77 tenant = checkNotNull(tenantService.saveTenant(tenant));
83 if (newTenant) { 78 if (newTenant) {
@@ -138,12 +138,7 @@ public class UserController extends BaseController { @@ -138,12 +138,7 @@ public class UserController extends BaseController {
138 user.setTenantId(getCurrentUser().getTenantId()); 138 user.setTenantId(getCurrentUser().getTenantId());
139 } 139 }
140 140
141 - if (user.getId() == null) {  
142 - accessControlService  
143 - .checkPermission(getCurrentUser(), Resource.USER, Operation.CREATE, user.getId(), user);  
144 - } else {  
145 - checkUserId(user.getId(), Operation.WRITE);  
146 - } 141 + checkEntity(user.getId(), user);
147 142
148 boolean sendEmail = user.getId() == null && sendActivationMail; 143 boolean sendEmail = user.getId() == null && sendActivationMail;
149 User savedUser = checkNotNull(userService.saveUser(user)); 144 User savedUser = checkNotNull(userService.saveUser(user));
@@ -66,12 +66,7 @@ public class WidgetTypeController extends BaseController { @@ -66,12 +66,7 @@ public class WidgetTypeController extends BaseController {
66 widgetType.setTenantId(getCurrentUser().getTenantId()); 66 widgetType.setTenantId(getCurrentUser().getTenantId());
67 } 67 }
68 68
69 - if (widgetType.getId() == null) {  
70 - accessControlService  
71 - .checkPermission(getCurrentUser(), Resource.WIDGET_TYPE, Operation.CREATE, widgetType.getId(), widgetType);  
72 - } else {  
73 - checkWidgetTypeId(widgetType.getId(), Operation.WRITE);  
74 - } 69 + checkEntity(widgetType.getId(), widgetType);
75 70
76 return checkNotNull(widgetTypeService.saveWidgetType(widgetType)); 71 return checkNotNull(widgetTypeService.saveWidgetType(widgetType));
77 } catch (Exception e) { 72 } catch (Exception e) {
@@ -61,11 +61,7 @@ public class WidgetsBundleController extends BaseController { @@ -61,11 +61,7 @@ public class WidgetsBundleController extends BaseController {
61 @ResponseBody 61 @ResponseBody
62 public WidgetsBundle saveWidgetsBundle(@RequestBody WidgetsBundle widgetsBundle) throws ThingsboardException { 62 public WidgetsBundle saveWidgetsBundle(@RequestBody WidgetsBundle widgetsBundle) throws ThingsboardException {
63 try { 63 try {
64 - if (getCurrentUser().getAuthority() == Authority.SYS_ADMIN) {  
65 - widgetsBundle.setTenantId(TenantId.SYS_TENANT_ID);  
66 - } else {  
67 - widgetsBundle.setTenantId(getCurrentUser().getTenantId());  
68 - } 64 + checkEntity(widgetsBundle.getId(), widgetsBundle);
69 65
70 if (widgetsBundle.getId() == null) { 66 if (widgetsBundle.getId() == null) {
71 accessControlService 67 accessControlService