added generic permission for get all endpoints

application/src/main/java/org/thingsboard/server/controller/DomainController.java

@@ -106,6 +106,7 @@ public class DomainController extends BaseController {
                                                      @RequestParam(required = false) String sortProperty,
                                                      @Parameter(description = SORT_ORDER_DESCRIPTION)
                                                      @RequestParam(required = false) String sortOrder) throws ThingsboardException {
+        accessControlService.checkPermission(getCurrentUser(), Resource.DOMAIN, Operation.READ);
         PageLink pageLink = createPageLink(pageSize, page, textSearch, sortProperty, sortOrder);
         return domainService.findDomainInfosByTenantId(getTenantId(), pageLink);
     }

application/src/main/java/org/thingsboard/server/controller/MobileAppController.java

@@ -107,6 +107,7 @@ public class MobileAppController extends BaseController {
                                                            @RequestParam(required = false) String sortProperty,
                                                            @Parameter(description = SORT_ORDER_DESCRIPTION)
                                                            @RequestParam(required = false) String sortOrder) throws ThingsboardException {
+        accessControlService.checkPermission(getCurrentUser(), Resource.MOBILE_APP, Operation.READ);
         PageLink pageLink = createPageLink(pageSize, page, textSearch, sortProperty, sortOrder);
         return mobileAppService.findMobileAppInfosByTenantId(getTenantId(), pageLink);
     }

application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java

@@ -127,6 +127,7 @@ public class OAuth2Controller extends BaseController {
                                                                   @RequestParam(required = false) String sortProperty,
                                                                   @Parameter(description = SORT_ORDER_DESCRIPTION)
                                                                   @RequestParam(required = false) String sortOrder) throws ThingsboardException {
+        accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CLIENT, Operation.READ);
         PageLink pageLink = createPageLink(pageSize, page, textSearch, sortProperty, sortOrder);
         return oAuth2ClientService.findOAuth2ClientInfosByTenantId(getTenantId(), pageLink);
     }
@@ -166,7 +167,8 @@ public class OAuth2Controller extends BaseController {
             "as 'SECURITY_OAUTH2_LOGIN_PROCESSING_URL' env variable. By default it is '/login/oauth2/code/'" + SYSTEM_AUTHORITY_PARAGRAPH)
     @PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
     @GetMapping(value = "/oauth2/loginProcessingUrl")
-    public String getLoginProcessingUrl() {
+    public String getLoginProcessingUrl() throws ThingsboardException {
+        accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CLIENT, Operation.READ);
         return "\"" + oAuth2Configuration.getLoginProcessingUrl() + "\"";
     }
 

application/src/main/java/org/thingsboard/server/service/entitiy/mobile/DefaultTbMobileAppService.java

@@ -60,9 +60,9 @@ public class DefaultTbMobileAppService extends AbstractTbEntityService implement
         MobileAppId mobileAppId = mobileApp.getId();
         try {
             mobileAppService.updateOauth2Clients(tenantId, mobileAppId, oAuth2ClientIds);
-            logEntityActionService.logEntityAction(tenantId, mobileAppId, mobileApp, actionType, user, oAuth2ClientIds.toString());
+            logEntityActionService.logEntityAction(tenantId, mobileAppId, mobileApp, actionType, user, oAuth2ClientIds);
         } catch (Exception e) {
-            logEntityActionService.logEntityAction(tenantId, mobileAppId, mobileApp, actionType, user, e, oAuth2ClientIds.toString());
+            logEntityActionService.logEntityAction(tenantId, mobileAppId, mobileApp, actionType, user, e, oAuth2ClientIds);
             throw e;
         }
     }

application/src/main/java/org/thingsboard/server/service/install/DefaultSystemDataLoaderService.java

@@ -311,14 +311,14 @@ public class DefaultSystemDataLoaderService implements SystemDataLoaderService {
         List<MobileApp> mobiles = mobileAppDao.findByTenantId(TenantId.SYS_TENANT_ID, new PageLink(Integer.MAX_VALUE,0)).getData();
         if (CollectionUtils.isNotEmpty(mobiles)) {
             mobiles.stream()
-                    .filter(config -> !validateKeyLength(config.getAppSecret()))
+                    .filter(mobileApp -> !validateKeyLength(mobileApp.getAppSecret()))
-                    .forEach(config -> {
+                    .forEach(mobileApp -> {
                         log.warn("WARNING: The App secret is shorter than 512 bits, which is a security risk. " +
                                 "A new Application Secret has been added automatically for Mobile Application [{}]. " +
                                 "You can change the Application Secret using the Web UI: " +
-                                "Navigate to \"Security settings -> OAuth2 -> Mobile applications\" while logged in as a System Administrator.", config.getPkgName());
+                                "Navigate to \"Security settings -> OAuth2 -> Mobile applications\" while logged in as a System Administrator.", mobileApp.getPkgName());
-                        config.setAppSecret(generateRandomKey());
+                        mobileApp.setAppSecret(generateRandomKey());
-                        mobileAppDao.save(TenantId.SYS_TENANT_ID, config);
+                        mobileAppDao.save(TenantId.SYS_TENANT_ID, mobileApp);
                     });
         }
     }

dao/src/main/java/org/thingsboard/server/dao/oauth2/HybridClientRegistrationRepository.java

@@ -36,9 +36,9 @@ public class HybridClientRegistrationRepository implements ClientRegistrationRep
 
     @Override
     public ClientRegistration findByRegistrationId(String registrationId) {
-        OAuth2Client registration = oAuth2ClientService.findOAuth2ClientById(TenantId.SYS_TENANT_ID, new OAuth2ClientId(UUID.fromString(registrationId)));
+        OAuth2Client oAuth2Client = oAuth2ClientService.findOAuth2ClientById(TenantId.SYS_TENANT_ID, new OAuth2ClientId(UUID.fromString(registrationId)));
-        return registration == null ?
+        return oAuth2Client == null ?
-                null : toSpringClientRegistration(registration);
+                null : toSpringClientRegistration(oAuth2Client);
     }
 
     private ClientRegistration toSpringClientRegistration(OAuth2Client oAuth2Client){

dao/src/main/java/org/thingsboard/server/dao/oauth2/OAuth2ClientServiceImpl.java

@@ -91,7 +91,7 @@ public class OAuth2ClientServiceImpl extends AbstractEntityService implements OA
 
     @Override
     public String findAppSecret(OAuth2ClientId oAuth2ClientId, String pkgName) {
-        log.trace("Executing findAppSecret [{}][{}]", oAuth2ClientId, pkgName);
+        log.trace("Executing findAppSecret oAuth2ClientId = [{}] pkgName = [{}]", oAuth2ClientId, pkgName);
         return oauth2ClientDao.findAppSecret(oAuth2ClientId.getId(), pkgName);
     }
 
@@ -122,7 +122,7 @@ public class OAuth2ClientServiceImpl extends AbstractEntityService implements OA
 
     @Override
     public List<OAuth2ClientInfo> findOAuth2ClientInfosByIds(TenantId tenantId, List<OAuth2ClientId> oAuth2ClientIds) {
-        log.trace("Executing findQueueStatsByIds, tenantId [{}], queueStatsIds [{}]", tenantId, oAuth2ClientIds);
+        log.trace("Executing findQueueStatsByIds, tenantId [{}], oAuth2ClientIds [{}]", tenantId, oAuth2ClientIds);
         return oauth2ClientDao.findByIds(tenantId, oAuth2ClientIds)
                 .stream()
                 .map(OAuth2ClientInfo::new)

dao/src/main/resources/sql/schema-entities.sql

@@ -677,49 +677,6 @@ CREATE TABLE IF NOT EXISTS oauth2_client_registration_template (
     CONSTRAINT oauth2_template_provider_id_unq_key UNIQUE (provider_id)
 );
 
--- Deprecated
-CREATE TABLE IF NOT EXISTS oauth2_client_registration_info (
-    id uuid NOT NULL CONSTRAINT oauth2_client_registration_info_pkey PRIMARY KEY,
-    enabled boolean,
-    created_time bigint NOT NULL,
-    additional_info varchar,
-    client_id varchar(255),
-    client_secret varchar(255),
-    authorization_uri varchar(255),
-    token_uri varchar(255),
-    scope varchar(255),
-    user_info_uri varchar(255),
-    user_name_attribute_name varchar(255),
-    jwk_set_uri varchar(255),
-    client_authentication_method varchar(255),
-    login_button_label varchar(255),
-    login_button_icon varchar(255),
-    allow_user_creation boolean,
-    activate_user boolean,
-    type varchar(31),
-    basic_email_attribute_key varchar(31),
-    basic_first_name_attribute_key varchar(31),
-    basic_last_name_attribute_key varchar(31),
-    basic_tenant_name_strategy varchar(31),
-    basic_tenant_name_pattern varchar(255),
-    basic_customer_name_pattern varchar(255),
-    basic_default_dashboard_name varchar(255),
-    basic_always_full_screen boolean,
-    custom_url varchar(255),
-    custom_username varchar(255),
-    custom_password varchar(255),
-    custom_send_token boolean
-);
-
--- Deprecated
-CREATE TABLE IF NOT EXISTS oauth2_client_registration (
-    id uuid NOT NULL CONSTRAINT oauth2_client_registration_pkey PRIMARY KEY,
-    created_time bigint NOT NULL,
-    domain_name varchar(255),
-    domain_scheme varchar(31),
-    client_registration_info_id uuid
-);
-
 CREATE TABLE IF NOT EXISTS api_usage_state (
     id uuid NOT NULL CONSTRAINT usage_record_pkey PRIMARY KEY,
     created_time bigint NOT NULL,