Search in sources :

Example 1 with Permissions

use of com.infiniteautomation.mango.db.tables.Permissions in project ma-core-public by infiniteautomation.

the class DataPointPermissionTest method getPermissionIds.

private List<Integer> getPermissionIds(Integer permissionId) {
    DSLContext create = Common.getBean(DatabaseProxy.class).getContext();
    Permissions table = Permissions.PERMISSIONS;
    if (permissionId != null) {
        return create.select(table.id).from(table).where(table.id.eq(permissionId)).fetch(table.id);
    }
    return create.select(table.id).from(table).fetch(table.id);
}
Also used : Permissions(com.infiniteautomation.mango.db.tables.Permissions) DSLContext(org.jooq.DSLContext) DatabaseProxy(com.serotonin.m2m2.db.DatabaseProxy)

Example 2 with Permissions

use of com.infiniteautomation.mango.db.tables.Permissions in project ma-core-public by infiniteautomation.

the class DataPointPermissionTest method testUpdatePermission.

/**
 * Update permission ensure no orphaned minterms or permissions exist
 */
@Test
public void testUpdatePermission() {
    DataPointDao dao = Common.getBean(DataPointDao.class);
    // Insert some data points
    Set<Role> readRoles = this.createRoles(2).stream().map(r -> r.getRole()).collect(Collectors.toSet());
    DataPointVO point = (DataPointVO) this.createMockDataPoints(1, false, MangoPermission.requireAnyRole(readRoles), new MangoPermission()).get(0);
    // Save for later to see if the permission is removed
    int permissionId = point.getReadPermission().getId();
    // Update permission
    point.setReadPermission(MangoPermission.requireAnyRole(readRoles.iterator().next()));
    dao.update(point.getId(), point);
    // Check for the recently orphaned permission (it should not be there)
    List<Integer> permissionIds = getPermissionIds(permissionId);
    assertEquals(0, permissionIds.size());
    // Check for orphaned minterm mappings
    List<Integer> mintermIds = getMintermIds(permissionId);
    assertEquals(0, mintermIds.size());
}
Also used : Role(com.serotonin.m2m2.vo.role.Role) RunAs(com.infiniteautomation.mango.spring.components.RunAs) Role(com.serotonin.m2m2.vo.role.Role) Common(com.serotonin.m2m2.Common) DataSourceDao(com.serotonin.m2m2.db.dao.DataSourceDao) IDataPoint(com.serotonin.m2m2.vo.IDataPoint) DatabaseProxy(com.serotonin.m2m2.db.DatabaseProxy) Permissions(com.infiniteautomation.mango.db.tables.Permissions) Assert.assertTrue(org.junit.Assert.assertTrue) Set(java.util.Set) Test(org.junit.Test) PermissionHolder(com.serotonin.m2m2.vo.permission.PermissionHolder) Collectors(java.util.stream.Collectors) DataPointVO(com.serotonin.m2m2.vo.DataPointVO) QueryBuilder(com.serotonin.m2m2.db.dao.QueryBuilder) List(java.util.List) DataPointDao(com.serotonin.m2m2.db.dao.DataPointDao) MangoTestBase(com.serotonin.m2m2.MangoTestBase) DSLContext(org.jooq.DSLContext) DataPointService(com.infiniteautomation.mango.spring.service.DataPointService) Assert.assertEquals(org.junit.Assert.assertEquals) PermissionsMinterms(com.infiniteautomation.mango.db.tables.PermissionsMinterms) Before(org.junit.Before) DataPointVO(com.serotonin.m2m2.vo.DataPointVO) DataPointDao(com.serotonin.m2m2.db.dao.DataPointDao) IDataPoint(com.serotonin.m2m2.vo.IDataPoint) Test(org.junit.Test)

Example 3 with Permissions

use of com.infiniteautomation.mango.db.tables.Permissions in project ma-core-public by infiniteautomation.

the class DatabaseProxy method initializeCoreDatabase.

/**
 * Inserts and updates data for a new installation
 */
default void initializeCoreDatabase(DSLContext context) {
    SystemSettings ss = SystemSettings.SYSTEM_SETTINGS;
    Roles r = Roles.ROLES;
    Users u = Users.USERS;
    UserRoleMappings urm = UserRoleMappings.USER_ROLE_MAPPINGS;
    RoleInheritance ri = RoleInheritance.ROLE_INHERITANCE;
    Permissions permissions = Permissions.PERMISSIONS;
    context.insertInto(ss, ss.settingName, ss.settingValue).values(SystemSettingsDao.NEW_INSTANCE, BaseDao.boolToChar(true)).values(SystemSettingsDao.DATABASE_SCHEMA_VERSION, Integer.toString(Common.getDatabaseSchemaVersion())).execute();
    Translations translations = Common.getTranslations();
    context.insertInto(r, r.id, r.xid, r.name).values(PermissionHolder.SUPERADMIN_ROLE.getId(), PermissionHolder.SUPERADMIN_ROLE.getXid(), translations.translate("roles.superadmin")).values(PermissionHolder.USER_ROLE.getId(), PermissionHolder.USER_ROLE.getXid(), translations.translate("roles.user")).values(PermissionHolder.ANONYMOUS_ROLE.getId(), PermissionHolder.ANONYMOUS_ROLE.getXid(), translations.translate("roles.anonymous")).execute();
    // Fix next sequence value for postgres
    if (getType().getDialect() == SQLDialect.POSTGRES) {
        String sequence = r.getName() + "_" + r.id.getName() + "_seq";
        context.alterSequence(sequence).restartWith(4).execute();
    }
    context.insertInto(ri, ri.roleId, ri.inheritedRoleId).values(PermissionHolder.SUPERADMIN_ROLE.getId(), PermissionHolder.USER_ROLE.getId()).values(PermissionHolder.USER_ROLE.getId(), PermissionHolder.ANONYMOUS_ROLE.getId()).execute();
    // create superadmin only permission, with no minterm mappings
    int adminOnlyPermissionId = context.insertInto(permissions).defaultValues().returningResult(permissions.id).fetchOptional().orElseThrow(IllegalStateException::new).get(permissions.id);
    if (Common.envProps.getBoolean("initialize.admin.create")) {
        long createdTs = System.currentTimeMillis();
        String defaultPassword = Common.envProps.getProperty("initialize.admin.password");
        long passwordChangeTs = defaultPassword.equals("admin") ? createdTs : createdTs + 1;
        int adminId = context.insertInto(u).set(u.name, translations.translate("users.defaultAdministratorName")).set(u.username, Common.envProps.getProperty("initialize.admin.username")).set(u.password, Common.encrypt(defaultPassword)).set(u.email, Common.envProps.getProperty("initialize.admin.email")).set(u.phone, "").set(u.disabled, BaseDao.boolToChar(false)).set(u.lastLogin, 0L).set(u.homeUrl, "/ui/administration/home").set(u.receiveAlarmEmails, AlarmLevels.IGNORE.value()).set(u.receiveOwnAuditEvents, BaseDao.boolToChar(false)).set(u.muted, BaseDao.boolToChar(true)).set(u.tokenVersion, 1).set(u.passwordVersion, 1).set(u.passwordChangeTimestamp, passwordChangeTs).set(u.sessionExpirationOverride, BaseDao.boolToChar(false)).set(u.createdTs, createdTs).set(u.readPermissionId, adminOnlyPermissionId).set(u.editPermissionId, adminOnlyPermissionId).returningResult(u.id).fetchOptional().orElseThrow(IllegalStateException::new).get(u.id);
        context.insertInto(urm, urm.userId, urm.roleId).values(adminId, PermissionHolder.SUPERADMIN_ROLE.getId()).values(adminId, PermissionHolder.USER_ROLE.getId()).execute();
    }
}
Also used : UserRoleMappings(com.infiniteautomation.mango.db.tables.UserRoleMappings) RoleInheritance(com.infiniteautomation.mango.db.tables.RoleInheritance) Permissions(com.infiniteautomation.mango.db.tables.Permissions) Roles(com.infiniteautomation.mango.db.tables.Roles) Users(com.infiniteautomation.mango.db.tables.Users) SystemSettings(com.infiniteautomation.mango.db.tables.SystemSettings) Translations(com.serotonin.m2m2.i18n.Translations)

Example 4 with Permissions

use of com.infiniteautomation.mango.db.tables.Permissions in project ma-core-public by infiniteautomation.

the class Upgrade38 method upgrade.

@Override
protected void upgrade() throws Exception {
    Users users = Users.USERS;
    Permissions permissions = Permissions.PERMISSIONS;
    create.batch(// allow null values for now
    DSL.alterTable(users).addColumn(users.readPermissionId.getName(), users.readPermissionId.getDataType().nullable(true)), DSL.alterTable(users).addColumn(users.editPermissionId.getName(), users.editPermissionId.getDataType().nullable(true))).execute();
    doInTransaction(txStatus -> {
        MangoPermission adminOnlyPermission = getOrCreatePermissionNoCache(MangoPermission.superadminOnly());
        create.batch(DSL.update(users).set(users.readPermissionId, adminOnlyPermission.getId()), DSL.update(users).set(users.editPermissionId, adminOnlyPermission.getId())).execute();
    });
    create.batch(// change columns to non-null
    DSL.alterTable(users).alterColumn(users.readPermissionId).set(users.readPermissionId.getDataType()), DSL.alterTable(users).alterColumn(users.editPermissionId).set(users.editPermissionId.getDataType()), DSL.alterTable(users).add(DSL.constraint("usersFk1").foreignKey(users.readPermissionId).references(permissions, permissions.id).onDeleteRestrict()), DSL.alterTable(users).add(DSL.constraint("usersFk2").foreignKey(users.editPermissionId).references(permissions, permissions.id).onDeleteRestrict())).execute();
}
Also used : Permissions(com.infiniteautomation.mango.db.tables.Permissions) Users(com.infiniteautomation.mango.db.tables.Users) MangoPermission(com.infiniteautomation.mango.permission.MangoPermission)

Example 5 with Permissions

use of com.infiniteautomation.mango.db.tables.Permissions in project ma-core-public by infiniteautomation.

the class PermissionDao method get.

/**
 * Get a MangoPermission by id
 * @return permission if found or null
 */
public MangoPermission get(Integer id) {
    // TODO Mango 4.0 improve performance
    // Fist check to see if it exists as it may have no minterms
    Integer foundId = create.select(permissions.id).from(permissions).where(permissions.id.equal(id)).fetchOneInto(Integer.class);
    if (foundId == null) {
        return null;
    }
    Map<Integer, Set<Role>> mintermMap = new HashMap<>();
    create.select(roleTable.id, roleTable.xid, permissionsMinterms.mintermId).from(permissionsMinterms).join(mintermsRoles).on(permissionsMinterms.mintermId.eq(mintermsRoles.mintermId)).join(roleTable).on(roleTable.id.eq(mintermsRoles.roleId)).where(permissionsMinterms.permissionId.eq(id)).orderBy(permissionsMinterms.permissionId.asc(), permissionsMinterms.mintermId.asc()).fetch().forEach(record -> {
        Role role = new Role(record.get(roleTable.id), record.get(roleTable.xid));
        Integer mintermId = record.get(permissionsMinterms.mintermId);
        mintermMap.computeIfAbsent(mintermId, m -> new HashSet<>()).add(role);
    });
    if (mintermMap.size() > 0) {
        Set<Set<Role>> roleSet = new HashSet<>(mintermMap.values());
        return new MangoPermission(roleSet).withId(id);
    }
    return new MangoPermission(id);
}
Also used : Role(com.serotonin.m2m2.vo.role.Role) DSL(org.jooq.impl.DSL) Role(com.serotonin.m2m2.vo.role.Role) Minterms(com.infiniteautomation.mango.db.tables.Minterms) TransactionDefinition(org.springframework.transaction.TransactionDefinition) DatabaseProxy(com.serotonin.m2m2.db.DatabaseProxy) Permissions(com.infiniteautomation.mango.db.tables.Permissions) Set(java.util.Set) Autowired(org.springframework.beans.factory.annotation.Autowired) HashMap(java.util.HashMap) MintermsRoles(com.infiniteautomation.mango.db.tables.MintermsRoles) Collectors(java.util.stream.Collectors) HashSet(java.util.HashSet) Map(java.util.Map) TransactionTemplate(org.springframework.transaction.support.TransactionTemplate) MangoPermission(com.infiniteautomation.mango.permission.MangoPermission) Repository(org.springframework.stereotype.Repository) DefaultTransactionDefinition(org.springframework.transaction.support.DefaultTransactionDefinition) Roles(com.infiniteautomation.mango.db.tables.Roles) PermissionsMinterms(com.infiniteautomation.mango.db.tables.PermissionsMinterms) Set(java.util.Set) HashSet(java.util.HashSet) HashMap(java.util.HashMap) MangoPermission(com.infiniteautomation.mango.permission.MangoPermission) HashSet(java.util.HashSet)

Aggregations

Permissions (com.infiniteautomation.mango.db.tables.Permissions)5 DatabaseProxy (com.serotonin.m2m2.db.DatabaseProxy)3 PermissionsMinterms (com.infiniteautomation.mango.db.tables.PermissionsMinterms)2 Roles (com.infiniteautomation.mango.db.tables.Roles)2 Users (com.infiniteautomation.mango.db.tables.Users)2 MangoPermission (com.infiniteautomation.mango.permission.MangoPermission)2 Role (com.serotonin.m2m2.vo.role.Role)2 Set (java.util.Set)2 Collectors (java.util.stream.Collectors)2 DSLContext (org.jooq.DSLContext)2 Minterms (com.infiniteautomation.mango.db.tables.Minterms)1 MintermsRoles (com.infiniteautomation.mango.db.tables.MintermsRoles)1 RoleInheritance (com.infiniteautomation.mango.db.tables.RoleInheritance)1 SystemSettings (com.infiniteautomation.mango.db.tables.SystemSettings)1 UserRoleMappings (com.infiniteautomation.mango.db.tables.UserRoleMappings)1 RunAs (com.infiniteautomation.mango.spring.components.RunAs)1 DataPointService (com.infiniteautomation.mango.spring.service.DataPointService)1 Common (com.serotonin.m2m2.Common)1 MangoTestBase (com.serotonin.m2m2.MangoTestBase)1 DataPointDao (com.serotonin.m2m2.db.dao.DataPointDao)1