controllers improvements
This commit is contained in:
YevhenBondarenko
parent
5e40f16d54
commit
8683357d73
@ -28,7 +28,6 @@ import org.springframework.web.bind.annotation.ResponseStatus;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.thingsboard.server.common.data.EntityType;
|
||||
import org.thingsboard.server.common.data.alarm.Alarm;
|
||||
import org.thingsboard.server.common.data.id.AlarmId;
|
||||
import org.thingsboard.server.common.data.alarm.AlarmInfo;
|
||||
import org.thingsboard.server.common.data.alarm.AlarmQuery;
|
||||
import org.thingsboard.server.common.data.alarm.AlarmSearchStatus;
|
||||
@ -37,6 +36,7 @@ import org.thingsboard.server.common.data.alarm.AlarmStatus;
|
||||
import org.thingsboard.server.common.data.audit.ActionType;
|
||||
import org.thingsboard.server.common.data.exception.ThingsboardErrorCode;
|
||||
import org.thingsboard.server.common.data.exception.ThingsboardException;
|
||||
import org.thingsboard.server.common.data.id.AlarmId;
|
||||
import org.thingsboard.server.common.data.id.EntityId;
|
||||
import org.thingsboard.server.common.data.id.EntityIdFactory;
|
||||
import org.thingsboard.server.common.data.page.TimePageData;
|
||||
@ -84,8 +84,14 @@ public class AlarmController extends BaseController {
|
||||
public Alarm saveAlarm(@RequestBody Alarm alarm) throws ThingsboardException {
|
||||
try {
|
||||
alarm.setTenantId(getCurrentUser().getTenantId());
|
||||
Operation operation = alarm.getId() == null ? Operation.CREATE : Operation.WRITE;
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.ALARM, operation, alarm.getId(), alarm);
|
||||
|
||||
if (alarm.getId() == null) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.ALARM, Operation.CREATE, alarm.getId(), alarm);
|
||||
} else {
|
||||
checkAlarmId(alarm.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
Alarm savedAlarm = checkNotNull(alarmService.createOrUpdateAlarm(alarm));
|
||||
logEntityAction(savedAlarm.getId(), savedAlarm,
|
||||
getCurrentUser().getCustomerId(),
|
||||
|
||||
@ -76,18 +76,20 @@ public class AssetController extends BaseController {
|
||||
try {
|
||||
asset.setTenantId(getCurrentUser().getTenantId());
|
||||
|
||||
Operation operation = asset.getId() == null ? Operation.CREATE : Operation.WRITE;
|
||||
if (asset.getId() == null) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.ASSET, Operation.CREATE, asset.getId(), asset);
|
||||
} else {
|
||||
checkAssetId(asset.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.ASSET, operation,
|
||||
asset.getId(), asset);
|
||||
|
||||
Asset savedAsset = checkNotNull(assetService.saveAsset(asset));
|
||||
Asset savedAsset = checkNotNull(assetService.saveAsset(asset));
|
||||
|
||||
logEntityAction(savedAsset.getId(), savedAsset,
|
||||
savedAsset.getCustomerId(),
|
||||
asset.getId() == null ? ActionType.ADDED : ActionType.UPDATED, null);
|
||||
|
||||
return savedAsset;
|
||||
return savedAsset;
|
||||
} catch (Exception e) {
|
||||
logEntityAction(emptyId(EntityType.ASSET), asset,
|
||||
null, asset.getId() == null ? ActionType.ADDED : ActionType.UPDATED, e);
|
||||
@ -138,7 +140,7 @@ public class AssetController extends BaseController {
|
||||
savedAsset.getCustomerId(),
|
||||
ActionType.ASSIGNED_TO_CUSTOMER, null, strAssetId, strCustomerId, customer.getName());
|
||||
|
||||
return savedAsset;
|
||||
return savedAsset;
|
||||
} catch (Exception e) {
|
||||
|
||||
logEntityAction(emptyId(EntityType.ASSET), null,
|
||||
@ -218,7 +220,7 @@ public class AssetController extends BaseController {
|
||||
try {
|
||||
TenantId tenantId = getCurrentUser().getTenantId();
|
||||
TextPageLink pageLink = createPageLink(limit, textSearch, idOffset, textOffset);
|
||||
if (type != null && type.trim().length()>0) {
|
||||
if (type != null && type.trim().length() > 0) {
|
||||
return checkNotNull(assetService.findAssetsByTenantIdAndType(tenantId, type, pageLink));
|
||||
} else {
|
||||
return checkNotNull(assetService.findAssetsByTenantId(tenantId, pageLink));
|
||||
@ -257,7 +259,7 @@ public class AssetController extends BaseController {
|
||||
CustomerId customerId = new CustomerId(toUUID(strCustomerId));
|
||||
checkCustomerId(customerId, Operation.READ);
|
||||
TextPageLink pageLink = createPageLink(limit, textSearch, idOffset, textOffset);
|
||||
if (type != null && type.trim().length()>0) {
|
||||
if (type != null && type.trim().length() > 0) {
|
||||
return checkNotNull(assetService.findAssetsByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink));
|
||||
} else {
|
||||
return checkNotNull(assetService.findAssetsByTenantIdAndCustomerId(tenantId, customerId, pageLink));
|
||||
|
||||
@ -100,8 +100,12 @@ public class CustomerController extends BaseController {
|
||||
try {
|
||||
customer.setTenantId(getCurrentUser().getTenantId());
|
||||
|
||||
Operation operation = customer.getId() == null ? Operation.CREATE : Operation.WRITE;
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.CUSTOMER, operation, customer.getId(), customer);
|
||||
if (customer.getId() == null) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.CUSTOMER, Operation.CREATE, customer.getId(), customer);
|
||||
} else {
|
||||
checkCustomerId(customer.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
Customer savedCustomer = checkNotNull(customerService.saveCustomer(customer));
|
||||
|
||||
|
||||
@ -100,15 +100,17 @@ public class DashboardController extends BaseController {
|
||||
|
||||
@PreAuthorize("hasAuthority('TENANT_ADMIN')")
|
||||
@RequestMapping(value = "/dashboard", method = RequestMethod.POST)
|
||||
@ResponseBody
|
||||
@ResponseBody
|
||||
public Dashboard saveDashboard(@RequestBody Dashboard dashboard) throws ThingsboardException {
|
||||
try {
|
||||
dashboard.setTenantId(getCurrentUser().getTenantId());
|
||||
|
||||
Operation operation = dashboard.getId() == null ? Operation.CREATE : Operation.WRITE;
|
||||
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.DASHBOARD, operation,
|
||||
dashboard.getId(), dashboard);
|
||||
if (dashboard.getId() == null) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.DASHBOARD, Operation.CREATE, dashboard.getId(), dashboard);
|
||||
} else {
|
||||
checkDashboardId(dashboard.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
Dashboard savedDashboard = checkNotNull(dashboardService.saveDashboard(dashboard));
|
||||
|
||||
@ -152,9 +154,9 @@ public class DashboardController extends BaseController {
|
||||
|
||||
@PreAuthorize("hasAuthority('TENANT_ADMIN')")
|
||||
@RequestMapping(value = "/customer/{customerId}/dashboard/{dashboardId}", method = RequestMethod.POST)
|
||||
@ResponseBody
|
||||
@ResponseBody
|
||||
public Dashboard assignDashboardToCustomer(@PathVariable("customerId") String strCustomerId,
|
||||
@PathVariable(DASHBOARD_ID) String strDashboardId) throws ThingsboardException {
|
||||
@PathVariable(DASHBOARD_ID) String strDashboardId) throws ThingsboardException {
|
||||
checkParameter("customerId", strCustomerId);
|
||||
checkParameter(DASHBOARD_ID, strDashboardId);
|
||||
try {
|
||||
@ -163,7 +165,7 @@ public class DashboardController extends BaseController {
|
||||
|
||||
DashboardId dashboardId = new DashboardId(toUUID(strDashboardId));
|
||||
checkDashboardId(dashboardId, Operation.ASSIGN_TO_CUSTOMER);
|
||||
|
||||
|
||||
Dashboard savedDashboard = checkNotNull(dashboardService.assignDashboardToCustomer(getCurrentUser().getTenantId(), dashboardId, customerId));
|
||||
|
||||
logEntityAction(dashboardId, savedDashboard,
|
||||
@ -184,7 +186,7 @@ public class DashboardController extends BaseController {
|
||||
|
||||
@PreAuthorize("hasAuthority('TENANT_ADMIN')")
|
||||
@RequestMapping(value = "/customer/{customerId}/dashboard/{dashboardId}", method = RequestMethod.DELETE)
|
||||
@ResponseBody
|
||||
@ResponseBody
|
||||
public Dashboard unassignDashboardFromCustomer(@PathVariable("customerId") String strCustomerId,
|
||||
@PathVariable(DASHBOARD_ID) String strDashboardId) throws ThingsboardException {
|
||||
checkParameter("customerId", strCustomerId);
|
||||
@ -418,7 +420,7 @@ public class DashboardController extends BaseController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAuthority('SYS_ADMIN')")
|
||||
@RequestMapping(value = "/tenant/{tenantId}/dashboards", params = { "limit" }, method = RequestMethod.GET)
|
||||
@RequestMapping(value = "/tenant/{tenantId}/dashboards", params = {"limit"}, method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public TextPageData<DashboardInfo> getTenantDashboards(
|
||||
@PathVariable("tenantId") String strTenantId,
|
||||
@ -437,7 +439,7 @@ public class DashboardController extends BaseController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAuthority('TENANT_ADMIN')")
|
||||
@RequestMapping(value = "/tenant/dashboards", params = { "limit" }, method = RequestMethod.GET)
|
||||
@RequestMapping(value = "/tenant/dashboards", params = {"limit"}, method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public TextPageData<DashboardInfo> getTenantDashboards(
|
||||
@RequestParam int limit,
|
||||
@ -454,7 +456,7 @@ public class DashboardController extends BaseController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
|
||||
@RequestMapping(value = "/customer/{customerId}/dashboards", params = { "limit" }, method = RequestMethod.GET)
|
||||
@RequestMapping(value = "/customer/{customerId}/dashboards", params = {"limit"}, method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public TimePageData<DashboardInfo> getCustomerDashboards(
|
||||
@PathVariable("customerId") String strCustomerId,
|
||||
|
||||
@ -92,10 +92,12 @@ public class DeviceController extends BaseController {
|
||||
try {
|
||||
device.setTenantId(getCurrentUser().getTenantId());
|
||||
|
||||
Operation operation = device.getId() == null ? Operation.CREATE : Operation.WRITE;
|
||||
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.DEVICE, operation,
|
||||
device.getId(), device);
|
||||
if (device.getId() == null) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.DEVICE, Operation.CREATE, device.getId(), device);
|
||||
} else {
|
||||
checkDeviceId(device.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
Device savedDevice = checkNotNull(deviceService.saveDeviceWithAccessToken(device, accessToken));
|
||||
|
||||
|
||||
@ -92,10 +92,12 @@ public class EntityViewController extends BaseController {
|
||||
try {
|
||||
entityView.setTenantId(getCurrentUser().getTenantId());
|
||||
|
||||
Operation operation = entityView.getId() == null ? Operation.CREATE : Operation.WRITE;
|
||||
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, operation,
|
||||
entityView.getId(), entityView);
|
||||
if (entityView.getId() == null) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, Operation.CREATE, entityView.getId(), entityView);
|
||||
} else {
|
||||
checkEntityViewId(entityView.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
EntityView savedEntityView = checkNotNull(entityViewService.saveEntityView(entityView));
|
||||
List<ListenableFuture<List<Void>>> futures = new ArrayList<>();
|
||||
|
||||
@ -126,10 +126,12 @@ public class RuleChainController extends BaseController {
|
||||
boolean created = ruleChain.getId() == null;
|
||||
ruleChain.setTenantId(getCurrentUser().getTenantId());
|
||||
|
||||
Operation operation = created ? Operation.CREATE : Operation.WRITE;
|
||||
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.RULE_CHAIN, operation,
|
||||
ruleChain.getId(), ruleChain);
|
||||
if (created) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.RULE_CHAIN, Operation.CREATE, ruleChain.getId(), ruleChain);
|
||||
} else {
|
||||
checkRuleChain(ruleChain.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
RuleChain savedRuleChain = checkNotNull(ruleChainService.saveRuleChain(ruleChain));
|
||||
|
||||
|
||||
@ -72,10 +72,13 @@ public class TenantController extends BaseController {
|
||||
try {
|
||||
boolean newTenant = tenant.getId() == null;
|
||||
|
||||
Operation operation = newTenant ? Operation.CREATE : Operation.WRITE;
|
||||
if (newTenant) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.TENANT, Operation.CREATE, tenant.getId(), tenant);
|
||||
} else {
|
||||
checkTenantId(tenant.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.TENANT, operation,
|
||||
tenant.getId(), tenant);
|
||||
tenant = checkNotNull(tenantService.saveTenant(tenant));
|
||||
if (newTenant) {
|
||||
installScripts.createDefaultRuleChains(tenant.getId());
|
||||
|
||||
@ -132,17 +132,18 @@ public class UserController extends BaseController {
|
||||
@ResponseBody
|
||||
public User saveUser(@RequestBody User user,
|
||||
@RequestParam(required = false, defaultValue = "true") boolean sendActivationMail,
|
||||
HttpServletRequest request) throws ThingsboardException {
|
||||
HttpServletRequest request) throws ThingsboardException {
|
||||
try {
|
||||
|
||||
if (getCurrentUser().getAuthority() == Authority.TENANT_ADMIN) {
|
||||
user.setTenantId(getCurrentUser().getTenantId());
|
||||
}
|
||||
|
||||
Operation operation = user.getId() == null ? Operation.CREATE : Operation.WRITE;
|
||||
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.USER, operation,
|
||||
user.getId(), user);
|
||||
if (user.getId() == null) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.USER, Operation.CREATE, user.getId(), user);
|
||||
} else {
|
||||
checkUserId(user.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
boolean sendEmail = user.getId() == null && sendActivationMail;
|
||||
User savedUser = checkNotNull(userService.saveUser(user));
|
||||
@ -250,7 +251,7 @@ public class UserController extends BaseController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAuthority('SYS_ADMIN')")
|
||||
@RequestMapping(value = "/tenant/{tenantId}/users", params = { "limit" }, method = RequestMethod.GET)
|
||||
@RequestMapping(value = "/tenant/{tenantId}/users", params = {"limit"}, method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public TextPageData<User> getTenantAdmins(
|
||||
@PathVariable("tenantId") String strTenantId,
|
||||
@ -269,7 +270,7 @@ public class UserController extends BaseController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAuthority('TENANT_ADMIN')")
|
||||
@RequestMapping(value = "/customer/{customerId}/users", params = { "limit" }, method = RequestMethod.GET)
|
||||
@RequestMapping(value = "/customer/{customerId}/users", params = {"limit"}, method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public TextPageData<User> getCustomerUsers(
|
||||
@PathVariable("customerId") String strCustomerId,
|
||||
|
||||
@ -66,10 +66,12 @@ public class WidgetTypeController extends BaseController {
|
||||
widgetType.setTenantId(getCurrentUser().getTenantId());
|
||||
}
|
||||
|
||||
Operation operation = widgetType.getId() == null ? Operation.CREATE : Operation.WRITE;
|
||||
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.WIDGET_TYPE, operation,
|
||||
widgetType.getId(), widgetType);
|
||||
if (widgetType.getId() == null) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.WIDGET_TYPE, Operation.CREATE, widgetType.getId(), widgetType);
|
||||
} else {
|
||||
checkWidgetTypeId(widgetType.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
return checkNotNull(widgetTypeService.saveWidgetType(widgetType));
|
||||
} catch (Exception e) {
|
||||
@ -92,7 +94,7 @@ public class WidgetTypeController extends BaseController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
|
||||
@RequestMapping(value = "/widgetTypes", params = { "isSystem", "bundleAlias"}, method = RequestMethod.GET)
|
||||
@RequestMapping(value = "/widgetTypes", params = {"isSystem", "bundleAlias"}, method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public List<WidgetType> getBundleWidgetTypes(
|
||||
@RequestParam boolean isSystem,
|
||||
@ -111,7 +113,7 @@ public class WidgetTypeController extends BaseController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
|
||||
@RequestMapping(value = "/widgetType", params = { "isSystem", "bundleAlias", "alias" }, method = RequestMethod.GET)
|
||||
@RequestMapping(value = "/widgetType", params = {"isSystem", "bundleAlias", "alias"}, method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public WidgetType getWidgetType(
|
||||
@RequestParam boolean isSystem,
|
||||
|
||||
@ -67,10 +67,12 @@ public class WidgetsBundleController extends BaseController {
|
||||
widgetsBundle.setTenantId(getCurrentUser().getTenantId());
|
||||
}
|
||||
|
||||
Operation operation = widgetsBundle.getId() == null ? Operation.CREATE : Operation.WRITE;
|
||||
|
||||
accessControlService.checkPermission(getCurrentUser(), Resource.WIDGETS_BUNDLE, operation,
|
||||
widgetsBundle.getId(), widgetsBundle);
|
||||
if (widgetsBundle.getId() == null) {
|
||||
accessControlService
|
||||
.checkPermission(getCurrentUser(), Resource.WIDGETS_BUNDLE, Operation.CREATE, widgetsBundle.getId(), widgetsBundle);
|
||||
} else {
|
||||
checkWidgetsBundleId(widgetsBundle.getId(), Operation.WRITE);
|
||||
}
|
||||
|
||||
return checkNotNull(widgetsBundleService.saveWidgetsBundle(widgetsBundle));
|
||||
} catch (Exception e) {
|
||||
@ -93,7 +95,7 @@ public class WidgetsBundleController extends BaseController {
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
|
||||
@RequestMapping(value = "/widgetsBundles", params = { "limit" }, method = RequestMethod.GET)
|
||||
@RequestMapping(value = "/widgetsBundles", params = {"limit"}, method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public TextPageData<WidgetsBundle> getWidgetsBundles(
|
||||
@RequestParam int limit,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user