Fix permission check for saveEntityView

2020-08-04 15:10:05 +03:00 · 2020-08-04 15:10:05 +03:00 · 016191f3d9
commit 016191f3d9
parent 974bfd39a5
1 changed files with 1 additions and 1 deletions
--- a/application/src/main/java/org/thingsboard/server/controller/EntityViewController.java
+++ b/application/src/main/java/org/thingsboard/server/controller/EntityViewController.java
@ -116,7 +116,7 @@ public class EntityViewController extends BaseController {
                accessControlService
                        .checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, Operation.CREATE, null, entityView);
            } else {
-                EntityView existingEntityView = checkNotNull(entityViewService.findEntityViewById(getCurrentUser().getTenantId(), entityView.getId()));
+                EntityView existingEntityView = checkEntityViewId(entityView.getId(), Operation.READ);
                if (existingEntityView.getKeys() != null) {
                    if (existingEntityView.getKeys().getAttributes() != null) {
                        futures.add(deleteAttributesFromEntityView(existingEntityView, DataConstants.CLIENT_SCOPE, existingEntityView.getKeys().getAttributes().getCs(), getCurrentUser()));