use of com.infiniteautomation.mango.db.tables.Permissions in project ma-core-public by infiniteautomation.
the class DataPointPermissionTest method getPermissionIds.
private List<Integer> getPermissionIds(Integer permissionId) {
DSLContext create = Common.getBean(DatabaseProxy.class).getContext();
Permissions table = Permissions.PERMISSIONS;
if (permissionId != null) {
return create.select(table.id).from(table).where(table.id.eq(permissionId)).fetch(table.id);
}
return create.select(table.id).from(table).fetch(table.id);
}
use of com.infiniteautomation.mango.db.tables.Permissions in project ma-core-public by infiniteautomation.
the class DataPointPermissionTest method testUpdatePermission.
/**
* Update permission ensure no orphaned minterms or permissions exist
*/
@Test
public void testUpdatePermission() {
DataPointDao dao = Common.getBean(DataPointDao.class);
// Insert some data points
Set<Role> readRoles = this.createRoles(2).stream().map(r -> r.getRole()).collect(Collectors.toSet());
DataPointVO point = (DataPointVO) this.createMockDataPoints(1, false, MangoPermission.requireAnyRole(readRoles), new MangoPermission()).get(0);
// Save for later to see if the permission is removed
int permissionId = point.getReadPermission().getId();
// Update permission
point.setReadPermission(MangoPermission.requireAnyRole(readRoles.iterator().next()));
dao.update(point.getId(), point);
// Check for the recently orphaned permission (it should not be there)
List<Integer> permissionIds = getPermissionIds(permissionId);
assertEquals(0, permissionIds.size());
// Check for orphaned minterm mappings
List<Integer> mintermIds = getMintermIds(permissionId);
assertEquals(0, mintermIds.size());
}
use of com.infiniteautomation.mango.db.tables.Permissions in project ma-core-public by infiniteautomation.
the class DatabaseProxy method initializeCoreDatabase.
/**
* Inserts and updates data for a new installation
*/
default void initializeCoreDatabase(DSLContext context) {
SystemSettings ss = SystemSettings.SYSTEM_SETTINGS;
Roles r = Roles.ROLES;
Users u = Users.USERS;
UserRoleMappings urm = UserRoleMappings.USER_ROLE_MAPPINGS;
RoleInheritance ri = RoleInheritance.ROLE_INHERITANCE;
Permissions permissions = Permissions.PERMISSIONS;
context.insertInto(ss, ss.settingName, ss.settingValue).values(SystemSettingsDao.NEW_INSTANCE, BaseDao.boolToChar(true)).values(SystemSettingsDao.DATABASE_SCHEMA_VERSION, Integer.toString(Common.getDatabaseSchemaVersion())).execute();
Translations translations = Common.getTranslations();
context.insertInto(r, r.id, r.xid, r.name).values(PermissionHolder.SUPERADMIN_ROLE.getId(), PermissionHolder.SUPERADMIN_ROLE.getXid(), translations.translate("roles.superadmin")).values(PermissionHolder.USER_ROLE.getId(), PermissionHolder.USER_ROLE.getXid(), translations.translate("roles.user")).values(PermissionHolder.ANONYMOUS_ROLE.getId(), PermissionHolder.ANONYMOUS_ROLE.getXid(), translations.translate("roles.anonymous")).execute();
// Fix next sequence value for postgres
if (getType().getDialect() == SQLDialect.POSTGRES) {
String sequence = r.getName() + "_" + r.id.getName() + "_seq";
context.alterSequence(sequence).restartWith(4).execute();
}
context.insertInto(ri, ri.roleId, ri.inheritedRoleId).values(PermissionHolder.SUPERADMIN_ROLE.getId(), PermissionHolder.USER_ROLE.getId()).values(PermissionHolder.USER_ROLE.getId(), PermissionHolder.ANONYMOUS_ROLE.getId()).execute();
// create superadmin only permission, with no minterm mappings
int adminOnlyPermissionId = context.insertInto(permissions).defaultValues().returningResult(permissions.id).fetchOptional().orElseThrow(IllegalStateException::new).get(permissions.id);
if (Common.envProps.getBoolean("initialize.admin.create")) {
long createdTs = System.currentTimeMillis();
String defaultPassword = Common.envProps.getProperty("initialize.admin.password");
long passwordChangeTs = defaultPassword.equals("admin") ? createdTs : createdTs + 1;
int adminId = context.insertInto(u).set(u.name, translations.translate("users.defaultAdministratorName")).set(u.username, Common.envProps.getProperty("initialize.admin.username")).set(u.password, Common.encrypt(defaultPassword)).set(u.email, Common.envProps.getProperty("initialize.admin.email")).set(u.phone, "").set(u.disabled, BaseDao.boolToChar(false)).set(u.lastLogin, 0L).set(u.homeUrl, "/ui/administration/home").set(u.receiveAlarmEmails, AlarmLevels.IGNORE.value()).set(u.receiveOwnAuditEvents, BaseDao.boolToChar(false)).set(u.muted, BaseDao.boolToChar(true)).set(u.tokenVersion, 1).set(u.passwordVersion, 1).set(u.passwordChangeTimestamp, passwordChangeTs).set(u.sessionExpirationOverride, BaseDao.boolToChar(false)).set(u.createdTs, createdTs).set(u.readPermissionId, adminOnlyPermissionId).set(u.editPermissionId, adminOnlyPermissionId).returningResult(u.id).fetchOptional().orElseThrow(IllegalStateException::new).get(u.id);
context.insertInto(urm, urm.userId, urm.roleId).values(adminId, PermissionHolder.SUPERADMIN_ROLE.getId()).values(adminId, PermissionHolder.USER_ROLE.getId()).execute();
}
}
use of com.infiniteautomation.mango.db.tables.Permissions in project ma-core-public by infiniteautomation.
the class Upgrade38 method upgrade.
@Override
protected void upgrade() throws Exception {
Users users = Users.USERS;
Permissions permissions = Permissions.PERMISSIONS;
create.batch(// allow null values for now
DSL.alterTable(users).addColumn(users.readPermissionId.getName(), users.readPermissionId.getDataType().nullable(true)), DSL.alterTable(users).addColumn(users.editPermissionId.getName(), users.editPermissionId.getDataType().nullable(true))).execute();
doInTransaction(txStatus -> {
MangoPermission adminOnlyPermission = getOrCreatePermissionNoCache(MangoPermission.superadminOnly());
create.batch(DSL.update(users).set(users.readPermissionId, adminOnlyPermission.getId()), DSL.update(users).set(users.editPermissionId, adminOnlyPermission.getId())).execute();
});
create.batch(// change columns to non-null
DSL.alterTable(users).alterColumn(users.readPermissionId).set(users.readPermissionId.getDataType()), DSL.alterTable(users).alterColumn(users.editPermissionId).set(users.editPermissionId.getDataType()), DSL.alterTable(users).add(DSL.constraint("usersFk1").foreignKey(users.readPermissionId).references(permissions, permissions.id).onDeleteRestrict()), DSL.alterTable(users).add(DSL.constraint("usersFk2").foreignKey(users.editPermissionId).references(permissions, permissions.id).onDeleteRestrict())).execute();
}
use of com.infiniteautomation.mango.db.tables.Permissions in project ma-core-public by infiniteautomation.
the class PermissionDao method get.
/**
* Get a MangoPermission by id
* @return permission if found or null
*/
public MangoPermission get(Integer id) {
// TODO Mango 4.0 improve performance
// Fist check to see if it exists as it may have no minterms
Integer foundId = create.select(permissions.id).from(permissions).where(permissions.id.equal(id)).fetchOneInto(Integer.class);
if (foundId == null) {
return null;
}
Map<Integer, Set<Role>> mintermMap = new HashMap<>();
create.select(roleTable.id, roleTable.xid, permissionsMinterms.mintermId).from(permissionsMinterms).join(mintermsRoles).on(permissionsMinterms.mintermId.eq(mintermsRoles.mintermId)).join(roleTable).on(roleTable.id.eq(mintermsRoles.roleId)).where(permissionsMinterms.permissionId.eq(id)).orderBy(permissionsMinterms.permissionId.asc(), permissionsMinterms.mintermId.asc()).fetch().forEach(record -> {
Role role = new Role(record.get(roleTable.id), record.get(roleTable.xid));
Integer mintermId = record.get(permissionsMinterms.mintermId);
mintermMap.computeIfAbsent(mintermId, m -> new HashSet<>()).add(role);
});
if (mintermMap.size() > 0) {
Set<Set<Role>> roleSet = new HashSet<>(mintermMap.values());
return new MangoPermission(roleSet).withId(id);
}
return new MangoPermission(id);
}
Aggregations