controllers improvements

application/src/main/java/org/thingsboard/server/controller/AlarmController.java

@@ -28,7 +28,6 @@ import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.bind.annotation.RestController;
 import org.thingsboard.server.common.data.EntityType;
 import org.thingsboard.server.common.data.alarm.Alarm;
-import org.thingsboard.server.common.data.id.AlarmId;
 import org.thingsboard.server.common.data.alarm.AlarmInfo;
 import org.thingsboard.server.common.data.alarm.AlarmQuery;
 import org.thingsboard.server.common.data.alarm.AlarmSearchStatus;
@@ -37,6 +36,7 @@ import org.thingsboard.server.common.data.alarm.AlarmStatus;
 import org.thingsboard.server.common.data.audit.ActionType;
 import org.thingsboard.server.common.data.exception.ThingsboardErrorCode;
 import org.thingsboard.server.common.data.exception.ThingsboardException;
+import org.thingsboard.server.common.data.id.AlarmId;
 import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.EntityIdFactory;
 import org.thingsboard.server.common.data.page.TimePageData;
@@ -84,8 +84,14 @@ public class AlarmController extends BaseController {
     public Alarm saveAlarm(@RequestBody Alarm alarm) throws ThingsboardException {
         try {
             alarm.setTenantId(getCurrentUser().getTenantId());
-            Operation operation = alarm.getId() == null ? Operation.CREATE : Operation.WRITE;
+
-            accessControlService.checkPermission(getCurrentUser(), Resource.ALARM, operation, alarm.getId(), alarm);
+            if (alarm.getId() == null) {
+                accessControlService
+                        .checkPermission(getCurrentUser(), Resource.ALARM, Operation.CREATE, alarm.getId(), alarm);
+            } else {
+                checkAlarmId(alarm.getId(), Operation.WRITE);
+            }
+
             Alarm savedAlarm = checkNotNull(alarmService.createOrUpdateAlarm(alarm));
             logEntityAction(savedAlarm.getId(), savedAlarm,
                     getCurrentUser().getCustomerId(),

application/src/main/java/org/thingsboard/server/controller/AssetController.java

@@ -76,10 +76,12 @@ public class AssetController extends BaseController {
         try {
             asset.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = asset.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (asset.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.ASSET, operation,
+                        .checkPermission(getCurrentUser(), Resource.ASSET, Operation.CREATE, asset.getId(), asset);
-                    asset.getId(), asset);
+            } else {
+                checkAssetId(asset.getId(), Operation.WRITE);
+            }
 
             Asset savedAsset = checkNotNull(assetService.saveAsset(asset));
 

application/src/main/java/org/thingsboard/server/controller/CustomerController.java

@@ -100,8 +100,12 @@ public class CustomerController extends BaseController {
         try {
             customer.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = customer.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (customer.getId() == null) {
-            accessControlService.checkPermission(getCurrentUser(), Resource.CUSTOMER, operation, customer.getId(), customer);
+                accessControlService
+                        .checkPermission(getCurrentUser(), Resource.CUSTOMER, Operation.CREATE, customer.getId(), customer);
+            } else {
+                checkCustomerId(customer.getId(), Operation.WRITE);
+            }
 
             Customer savedCustomer = checkNotNull(customerService.saveCustomer(customer));
 

application/src/main/java/org/thingsboard/server/controller/DashboardController.java

@@ -105,10 +105,12 @@ public class DashboardController extends BaseController {
         try {
             dashboard.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = dashboard.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (dashboard.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.DASHBOARD, operation,
+                        .checkPermission(getCurrentUser(), Resource.DASHBOARD, Operation.CREATE, dashboard.getId(), dashboard);
-                    dashboard.getId(), dashboard);
+            } else {
+                checkDashboardId(dashboard.getId(), Operation.WRITE);
+            }
 
             Dashboard savedDashboard = checkNotNull(dashboardService.saveDashboard(dashboard));
 

application/src/main/java/org/thingsboard/server/controller/DeviceController.java

@@ -92,10 +92,12 @@ public class DeviceController extends BaseController {
         try {
             device.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = device.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (device.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.DEVICE, operation,
+                        .checkPermission(getCurrentUser(), Resource.DEVICE, Operation.CREATE, device.getId(), device);
-                    device.getId(), device);
+            } else {
+                checkDeviceId(device.getId(), Operation.WRITE);
+            }
 
             Device savedDevice = checkNotNull(deviceService.saveDeviceWithAccessToken(device, accessToken));
 

application/src/main/java/org/thingsboard/server/controller/EntityViewController.java

@@ -92,10 +92,12 @@ public class EntityViewController extends BaseController {
         try {
             entityView.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = entityView.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (entityView.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, operation,
+                        .checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, Operation.CREATE, entityView.getId(), entityView);
-                    entityView.getId(), entityView);
+            } else {
+                checkEntityViewId(entityView.getId(), Operation.WRITE);
+            }
 
             EntityView savedEntityView = checkNotNull(entityViewService.saveEntityView(entityView));
             List<ListenableFuture<List<Void>>> futures = new ArrayList<>();

application/src/main/java/org/thingsboard/server/controller/RuleChainController.java

@@ -126,10 +126,12 @@ public class RuleChainController extends BaseController {
             boolean created = ruleChain.getId() == null;
             ruleChain.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = created ? Operation.CREATE : Operation.WRITE;
+            if (created) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.RULE_CHAIN, operation,
+                        .checkPermission(getCurrentUser(), Resource.RULE_CHAIN, Operation.CREATE, ruleChain.getId(), ruleChain);
-                    ruleChain.getId(), ruleChain);
+            } else {
+                checkRuleChain(ruleChain.getId(), Operation.WRITE);
+            }
 
             RuleChain savedRuleChain = checkNotNull(ruleChainService.saveRuleChain(ruleChain));
 

application/src/main/java/org/thingsboard/server/controller/TenantController.java

@@ -72,10 +72,13 @@ public class TenantController extends BaseController {
         try {
             boolean newTenant = tenant.getId() == null;
 
-            Operation operation = newTenant ? Operation.CREATE : Operation.WRITE;
+            if (newTenant) {
+                accessControlService
+                        .checkPermission(getCurrentUser(), Resource.TENANT, Operation.CREATE, tenant.getId(), tenant);
+            } else {
+                checkTenantId(tenant.getId(), Operation.WRITE);
+            }
 
-            accessControlService.checkPermission(getCurrentUser(), Resource.TENANT, operation,
-                    tenant.getId(), tenant);
             tenant = checkNotNull(tenantService.saveTenant(tenant));
             if (newTenant) {
                 installScripts.createDefaultRuleChains(tenant.getId());

application/src/main/java/org/thingsboard/server/controller/UserController.java

@@ -134,15 +134,16 @@ public class UserController extends BaseController {
                          @RequestParam(required = false, defaultValue = "true") boolean sendActivationMail,
                          HttpServletRequest request) throws ThingsboardException {
         try {
-
             if (getCurrentUser().getAuthority() == Authority.TENANT_ADMIN) {
                 user.setTenantId(getCurrentUser().getTenantId());
             }
 
-            Operation operation = user.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (user.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.USER, operation,
+                        .checkPermission(getCurrentUser(), Resource.USER, Operation.CREATE, user.getId(), user);
-                    user.getId(), user);
+            } else {
+                checkUserId(user.getId(), Operation.WRITE);
+            }
 
             boolean sendEmail = user.getId() == null && sendActivationMail;
             User savedUser = checkNotNull(userService.saveUser(user));

application/src/main/java/org/thingsboard/server/controller/WidgetTypeController.java

@@ -66,10 +66,12 @@ public class WidgetTypeController extends BaseController {
                 widgetType.setTenantId(getCurrentUser().getTenantId());
             }
 
-            Operation operation = widgetType.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (widgetType.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.WIDGET_TYPE, operation,
+                        .checkPermission(getCurrentUser(), Resource.WIDGET_TYPE, Operation.CREATE, widgetType.getId(), widgetType);
-                    widgetType.getId(), widgetType);
+            } else {
+                checkWidgetTypeId(widgetType.getId(), Operation.WRITE);
+            }
 
             return checkNotNull(widgetTypeService.saveWidgetType(widgetType));
         } catch (Exception e) {

application/src/main/java/org/thingsboard/server/controller/WidgetsBundleController.java

@@ -67,10 +67,12 @@ public class WidgetsBundleController extends BaseController {
                 widgetsBundle.setTenantId(getCurrentUser().getTenantId());
             }
 
-            Operation operation = widgetsBundle.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (widgetsBundle.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.WIDGETS_BUNDLE, operation,
+                        .checkPermission(getCurrentUser(), Resource.WIDGETS_BUNDLE, Operation.CREATE, widgetsBundle.getId(), widgetsBundle);
-                    widgetsBundle.getId(), widgetsBundle);
+            } else {
+                checkWidgetsBundleId(widgetsBundle.getId(), Operation.WRITE);
+            }
 
             return checkNotNull(widgetsBundleService.saveWidgetsBundle(widgetsBundle));
         } catch (Exception e) {