controllers improvements

application/src/main/java/org/thingsboard/server/controller/AlarmController.java

@@ -28,7 +28,6 @@ import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.bind.annotation.RestController;
 import org.thingsboard.server.common.data.EntityType;
 import org.thingsboard.server.common.data.alarm.Alarm;
-import org.thingsboard.server.common.data.id.AlarmId;
 import org.thingsboard.server.common.data.alarm.AlarmInfo;
 import org.thingsboard.server.common.data.alarm.AlarmQuery;
 import org.thingsboard.server.common.data.alarm.AlarmSearchStatus;
@@ -37,6 +36,7 @@ import org.thingsboard.server.common.data.alarm.AlarmStatus;
 import org.thingsboard.server.common.data.audit.ActionType;
 import org.thingsboard.server.common.data.exception.ThingsboardErrorCode;
 import org.thingsboard.server.common.data.exception.ThingsboardException;
+import org.thingsboard.server.common.data.id.AlarmId;
 import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.EntityIdFactory;
 import org.thingsboard.server.common.data.page.TimePageData;
@@ -84,8 +84,14 @@ public class AlarmController extends BaseController {
     public Alarm saveAlarm(@RequestBody Alarm alarm) throws ThingsboardException {
         try {
             alarm.setTenantId(getCurrentUser().getTenantId());
-            Operation operation = alarm.getId() == null ? Operation.CREATE : Operation.WRITE;
+
-            accessControlService.checkPermission(getCurrentUser(), Resource.ALARM, operation, alarm.getId(), alarm);
+            if (alarm.getId() == null) {
+                accessControlService
+                        .checkPermission(getCurrentUser(), Resource.ALARM, Operation.CREATE, alarm.getId(), alarm);
+            } else {
+                checkAlarmId(alarm.getId(), Operation.WRITE);
+            }
+
             Alarm savedAlarm = checkNotNull(alarmService.createOrUpdateAlarm(alarm));
             logEntityAction(savedAlarm.getId(), savedAlarm,
                     getCurrentUser().getCustomerId(),

application/src/main/java/org/thingsboard/server/controller/AssetController.java

@@ -76,18 +76,20 @@ public class AssetController extends BaseController {
         try {
             asset.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = asset.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (asset.getId() == null) {
+                accessControlService
+                        .checkPermission(getCurrentUser(), Resource.ASSET, Operation.CREATE, asset.getId(), asset);
+            } else {
+                checkAssetId(asset.getId(), Operation.WRITE);
+            }
 
-            accessControlService.checkPermission(getCurrentUser(), Resource.ASSET, operation,
+            Asset savedAsset = checkNotNull(assetService.saveAsset(asset));
-                    asset.getId(), asset);
-
-            Asset savedAsset  = checkNotNull(assetService.saveAsset(asset));
 
             logEntityAction(savedAsset.getId(), savedAsset,
                     savedAsset.getCustomerId(),
                     asset.getId() == null ? ActionType.ADDED : ActionType.UPDATED, null);
 
-            return  savedAsset;
+            return savedAsset;
         } catch (Exception e) {
             logEntityAction(emptyId(EntityType.ASSET), asset,
                     null, asset.getId() == null ? ActionType.ADDED : ActionType.UPDATED, e);
@@ -138,7 +140,7 @@ public class AssetController extends BaseController {
                     savedAsset.getCustomerId(),
                     ActionType.ASSIGNED_TO_CUSTOMER, null, strAssetId, strCustomerId, customer.getName());
 
-            return  savedAsset;
+            return savedAsset;
         } catch (Exception e) {
 
             logEntityAction(emptyId(EntityType.ASSET), null,
@@ -218,7 +220,7 @@ public class AssetController extends BaseController {
         try {
             TenantId tenantId = getCurrentUser().getTenantId();
             TextPageLink pageLink = createPageLink(limit, textSearch, idOffset, textOffset);
-            if (type != null && type.trim().length()>0) {
+            if (type != null && type.trim().length() > 0) {
                 return checkNotNull(assetService.findAssetsByTenantIdAndType(tenantId, type, pageLink));
             } else {
                 return checkNotNull(assetService.findAssetsByTenantId(tenantId, pageLink));
@@ -257,7 +259,7 @@ public class AssetController extends BaseController {
             CustomerId customerId = new CustomerId(toUUID(strCustomerId));
             checkCustomerId(customerId, Operation.READ);
             TextPageLink pageLink = createPageLink(limit, textSearch, idOffset, textOffset);
-            if (type != null && type.trim().length()>0) {
+            if (type != null && type.trim().length() > 0) {
                 return checkNotNull(assetService.findAssetsByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink));
             } else {
                 return checkNotNull(assetService.findAssetsByTenantIdAndCustomerId(tenantId, customerId, pageLink));

application/src/main/java/org/thingsboard/server/controller/CustomerController.java

@@ -100,8 +100,12 @@ public class CustomerController extends BaseController {
         try {
             customer.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = customer.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (customer.getId() == null) {
-            accessControlService.checkPermission(getCurrentUser(), Resource.CUSTOMER, operation, customer.getId(), customer);
+                accessControlService
+                        .checkPermission(getCurrentUser(), Resource.CUSTOMER, Operation.CREATE, customer.getId(), customer);
+            } else {
+                checkCustomerId(customer.getId(), Operation.WRITE);
+            }
 
             Customer savedCustomer = checkNotNull(customerService.saveCustomer(customer));
 

application/src/main/java/org/thingsboard/server/controller/DashboardController.java

@@ -105,10 +105,12 @@ public class DashboardController extends BaseController {
         try {
             dashboard.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = dashboard.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (dashboard.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.DASHBOARD, operation,
+                        .checkPermission(getCurrentUser(), Resource.DASHBOARD, Operation.CREATE, dashboard.getId(), dashboard);
-                    dashboard.getId(), dashboard);
+            } else {
+                checkDashboardId(dashboard.getId(), Operation.WRITE);
+            }
 
             Dashboard savedDashboard = checkNotNull(dashboardService.saveDashboard(dashboard));
 
@@ -154,7 +156,7 @@ public class DashboardController extends BaseController {
     @RequestMapping(value = "/customer/{customerId}/dashboard/{dashboardId}", method = RequestMethod.POST)
     @ResponseBody
     public Dashboard assignDashboardToCustomer(@PathVariable("customerId") String strCustomerId,
-                                         @PathVariable(DASHBOARD_ID) String strDashboardId) throws ThingsboardException {
+                                               @PathVariable(DASHBOARD_ID) String strDashboardId) throws ThingsboardException {
         checkParameter("customerId", strCustomerId);
         checkParameter(DASHBOARD_ID, strDashboardId);
         try {
@@ -418,7 +420,7 @@ public class DashboardController extends BaseController {
     }
 
     @PreAuthorize("hasAuthority('SYS_ADMIN')")
-    @RequestMapping(value = "/tenant/{tenantId}/dashboards", params = { "limit" }, method = RequestMethod.GET)
+    @RequestMapping(value = "/tenant/{tenantId}/dashboards", params = {"limit"}, method = RequestMethod.GET)
     @ResponseBody
     public TextPageData<DashboardInfo> getTenantDashboards(
             @PathVariable("tenantId") String strTenantId,
@@ -437,7 +439,7 @@ public class DashboardController extends BaseController {
     }
 
     @PreAuthorize("hasAuthority('TENANT_ADMIN')")
-    @RequestMapping(value = "/tenant/dashboards", params = { "limit" }, method = RequestMethod.GET)
+    @RequestMapping(value = "/tenant/dashboards", params = {"limit"}, method = RequestMethod.GET)
     @ResponseBody
     public TextPageData<DashboardInfo> getTenantDashboards(
             @RequestParam int limit,
@@ -454,7 +456,7 @@ public class DashboardController extends BaseController {
     }
 
     @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
-    @RequestMapping(value = "/customer/{customerId}/dashboards", params = { "limit" }, method = RequestMethod.GET)
+    @RequestMapping(value = "/customer/{customerId}/dashboards", params = {"limit"}, method = RequestMethod.GET)
     @ResponseBody
     public TimePageData<DashboardInfo> getCustomerDashboards(
             @PathVariable("customerId") String strCustomerId,

application/src/main/java/org/thingsboard/server/controller/DeviceController.java

@@ -92,10 +92,12 @@ public class DeviceController extends BaseController {
         try {
             device.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = device.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (device.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.DEVICE, operation,
+                        .checkPermission(getCurrentUser(), Resource.DEVICE, Operation.CREATE, device.getId(), device);
-                    device.getId(), device);
+            } else {
+                checkDeviceId(device.getId(), Operation.WRITE);
+            }
 
             Device savedDevice = checkNotNull(deviceService.saveDeviceWithAccessToken(device, accessToken));
 

application/src/main/java/org/thingsboard/server/controller/EntityViewController.java

@@ -92,10 +92,12 @@ public class EntityViewController extends BaseController {
         try {
             entityView.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = entityView.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (entityView.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, operation,
+                        .checkPermission(getCurrentUser(), Resource.ENTITY_VIEW, Operation.CREATE, entityView.getId(), entityView);
-                    entityView.getId(), entityView);
+            } else {
+                checkEntityViewId(entityView.getId(), Operation.WRITE);
+            }
 
             EntityView savedEntityView = checkNotNull(entityViewService.saveEntityView(entityView));
             List<ListenableFuture<List<Void>>> futures = new ArrayList<>();

application/src/main/java/org/thingsboard/server/controller/RuleChainController.java

@@ -126,10 +126,12 @@ public class RuleChainController extends BaseController {
             boolean created = ruleChain.getId() == null;
             ruleChain.setTenantId(getCurrentUser().getTenantId());
 
-            Operation operation = created ? Operation.CREATE : Operation.WRITE;
+            if (created) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.RULE_CHAIN, operation,
+                        .checkPermission(getCurrentUser(), Resource.RULE_CHAIN, Operation.CREATE, ruleChain.getId(), ruleChain);
-                    ruleChain.getId(), ruleChain);
+            } else {
+                checkRuleChain(ruleChain.getId(), Operation.WRITE);
+            }
 
             RuleChain savedRuleChain = checkNotNull(ruleChainService.saveRuleChain(ruleChain));
 

application/src/main/java/org/thingsboard/server/controller/TenantController.java

@@ -72,10 +72,13 @@ public class TenantController extends BaseController {
         try {
             boolean newTenant = tenant.getId() == null;
 
-            Operation operation = newTenant ? Operation.CREATE : Operation.WRITE;
+            if (newTenant) {
+                accessControlService
+                        .checkPermission(getCurrentUser(), Resource.TENANT, Operation.CREATE, tenant.getId(), tenant);
+            } else {
+                checkTenantId(tenant.getId(), Operation.WRITE);
+            }
 
-            accessControlService.checkPermission(getCurrentUser(), Resource.TENANT, operation,
-                    tenant.getId(), tenant);
             tenant = checkNotNull(tenantService.saveTenant(tenant));
             if (newTenant) {
                 installScripts.createDefaultRuleChains(tenant.getId());

application/src/main/java/org/thingsboard/server/controller/UserController.java

@@ -132,17 +132,18 @@ public class UserController extends BaseController {
     @ResponseBody
     public User saveUser(@RequestBody User user,
                          @RequestParam(required = false, defaultValue = "true") boolean sendActivationMail,
-            HttpServletRequest request) throws ThingsboardException {
+                         HttpServletRequest request) throws ThingsboardException {
         try {
-
             if (getCurrentUser().getAuthority() == Authority.TENANT_ADMIN) {
                 user.setTenantId(getCurrentUser().getTenantId());
             }
 
-            Operation operation = user.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (user.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.USER, operation,
+                        .checkPermission(getCurrentUser(), Resource.USER, Operation.CREATE, user.getId(), user);
-                    user.getId(), user);
+            } else {
+                checkUserId(user.getId(), Operation.WRITE);
+            }
 
             boolean sendEmail = user.getId() == null && sendActivationMail;
             User savedUser = checkNotNull(userService.saveUser(user));
@@ -250,7 +251,7 @@ public class UserController extends BaseController {
     }
 
     @PreAuthorize("hasAuthority('SYS_ADMIN')")
-    @RequestMapping(value = "/tenant/{tenantId}/users", params = { "limit" }, method = RequestMethod.GET)
+    @RequestMapping(value = "/tenant/{tenantId}/users", params = {"limit"}, method = RequestMethod.GET)
     @ResponseBody
     public TextPageData<User> getTenantAdmins(
             @PathVariable("tenantId") String strTenantId,
@@ -269,7 +270,7 @@ public class UserController extends BaseController {
     }
 
     @PreAuthorize("hasAuthority('TENANT_ADMIN')")
-    @RequestMapping(value = "/customer/{customerId}/users", params = { "limit" }, method = RequestMethod.GET)
+    @RequestMapping(value = "/customer/{customerId}/users", params = {"limit"}, method = RequestMethod.GET)
     @ResponseBody
     public TextPageData<User> getCustomerUsers(
             @PathVariable("customerId") String strCustomerId,

application/src/main/java/org/thingsboard/server/controller/WidgetTypeController.java

@@ -66,10 +66,12 @@ public class WidgetTypeController extends BaseController {
                 widgetType.setTenantId(getCurrentUser().getTenantId());
             }
 
-            Operation operation = widgetType.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (widgetType.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.WIDGET_TYPE, operation,
+                        .checkPermission(getCurrentUser(), Resource.WIDGET_TYPE, Operation.CREATE, widgetType.getId(), widgetType);
-                    widgetType.getId(), widgetType);
+            } else {
+                checkWidgetTypeId(widgetType.getId(), Operation.WRITE);
+            }
 
             return checkNotNull(widgetTypeService.saveWidgetType(widgetType));
         } catch (Exception e) {
@@ -92,7 +94,7 @@ public class WidgetTypeController extends BaseController {
     }
 
     @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
-    @RequestMapping(value = "/widgetTypes", params = { "isSystem", "bundleAlias"}, method = RequestMethod.GET)
+    @RequestMapping(value = "/widgetTypes", params = {"isSystem", "bundleAlias"}, method = RequestMethod.GET)
     @ResponseBody
     public List<WidgetType> getBundleWidgetTypes(
             @RequestParam boolean isSystem,
@@ -111,7 +113,7 @@ public class WidgetTypeController extends BaseController {
     }
 
     @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
-    @RequestMapping(value = "/widgetType", params = { "isSystem", "bundleAlias", "alias" }, method = RequestMethod.GET)
+    @RequestMapping(value = "/widgetType", params = {"isSystem", "bundleAlias", "alias"}, method = RequestMethod.GET)
     @ResponseBody
     public WidgetType getWidgetType(
             @RequestParam boolean isSystem,

application/src/main/java/org/thingsboard/server/controller/WidgetsBundleController.java

@@ -67,10 +67,12 @@ public class WidgetsBundleController extends BaseController {
                 widgetsBundle.setTenantId(getCurrentUser().getTenantId());
             }
 
-            Operation operation = widgetsBundle.getId() == null ? Operation.CREATE : Operation.WRITE;
+            if (widgetsBundle.getId() == null) {
-
+                accessControlService
-            accessControlService.checkPermission(getCurrentUser(), Resource.WIDGETS_BUNDLE, operation,
+                        .checkPermission(getCurrentUser(), Resource.WIDGETS_BUNDLE, Operation.CREATE, widgetsBundle.getId(), widgetsBundle);
-                    widgetsBundle.getId(), widgetsBundle);
+            } else {
+                checkWidgetsBundleId(widgetsBundle.getId(), Operation.WRITE);
+            }
 
             return checkNotNull(widgetsBundleService.saveWidgetsBundle(widgetsBundle));
         } catch (Exception e) {
@@ -93,7 +95,7 @@ public class WidgetsBundleController extends BaseController {
     }
 
     @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
-    @RequestMapping(value = "/widgetsBundles", params = { "limit" }, method = RequestMethod.GET)
+    @RequestMapping(value = "/widgetsBundles", params = {"limit"}, method = RequestMethod.GET)
     @ResponseBody
     public TextPageData<WidgetsBundle> getWidgetsBundles(
             @RequestParam int limit,