Search in sources :

Example 71 with MangoPermission

use of com.infiniteautomation.mango.permission.MangoPermission in project ma-core-public by infiniteautomation.

the class UserDao method mapRecord.

@Override
@NonNull
public User mapRecord(@NonNull Record record) {
    User user = new User();
    user.setId(record.get(table.id));
    user.setUsername(record.get(table.username));
    user.setName(record.get(table.name));
    user.setPassword(record.get(table.password));
    user.setEmail(record.get(table.email));
    user.setPhone(record.get(table.phone));
    user.setDisabled(charToBool(record.get(table.disabled)));
    Long lastLogin = record.get(table.lastLogin);
    if (lastLogin != null) {
        user.setLastLogin(lastLogin);
    }
    user.setHomeUrl(record.get(table.homeUrl));
    user.setReceiveAlarmEmails(AlarmLevels.fromValue(record.get(table.receiveAlarmEmails)));
    user.setReceiveOwnAuditEvents(charToBool(record.get(table.receiveOwnAuditEvents)));
    user.setTimezone(record.get(table.timezone));
    user.setMuted(charToBool(record.get(table.muted)));
    user.setLocale(record.get(table.locale));
    user.setTokenVersion(record.get(table.tokenVersion));
    user.setPasswordVersion(record.get(table.passwordVersion));
    user.setPasswordChangeTimestamp(record.get(table.passwordChangeTimestamp));
    user.setSessionExpirationOverride(charToBool(record.get(table.sessionExpirationOverride)));
    Integer sessionExpirationPeriods = record.get(table.sessionExpirationPeriods);
    if (sessionExpirationPeriods != null) {
        user.setSessionExpirationPeriods(sessionExpirationPeriods);
    }
    user.setSessionExpirationPeriodType(record.get(table.sessionExpirationPeriodType));
    user.setOrganization(record.get(table.organization));
    user.setOrganizationalRole(record.get(table.organizationalRole));
    user.setCreated(new Date(record.get(table.createdTs)));
    Long emailVerifiedTs = record.get(table.emailVerifiedTs);
    if (emailVerifiedTs != null) {
        user.setEmailVerifiedDate(new Date(emailVerifiedTs));
    }
    user.setData(extractDataFromObject(record.get(table.data)));
    user.setReadPermission(new MangoPermission(record.get(table.readPermissionId)));
    user.setEditPermission(new MangoPermission(record.get(table.editPermissionId)));
    return user;
}
Also used : User(com.serotonin.m2m2.vo.User) Date(java.util.Date) MangoPermission(com.infiniteautomation.mango.permission.MangoPermission) NonNull(org.checkerframework.checker.nullness.qual.NonNull)

Example 72 with MangoPermission

use of com.infiniteautomation.mango.permission.MangoPermission in project ma-core-public by infiniteautomation.

the class Upgrade29 method convertFileStores.

private void convertFileStores(OutputStream out) {
    // Add permission id columns
    Map<String, String[]> scripts = new HashMap<>();
    scripts.put(DatabaseType.MYSQL.name(), fileStoresPermissionMySQL);
    scripts.put(DatabaseType.H2.name(), fileStoresPermissionH2);
    scripts.put(DatabaseType.MSSQL.name(), fileStoresPermissionMSSQL);
    scripts.put(DatabaseType.POSTGRES.name(), fileStoresPermissionMySQL);
    runScript(scripts, out);
    // Move current permissions to roles
    ejt.query("SELECT id, readPermission, writePermission FROM fileStores", rs -> {
        int voId = rs.getInt(1);
        // Add role/mapping
        MangoPermission readPermissions = PermissionMigration.parseLegacyPermission(rs.getString(2));
        Integer readId = getOrCreatePermission(readPermissions).getId();
        MangoPermission writePermissions = PermissionMigration.parseLegacyPermission(rs.getString(3));
        Integer writeId = getOrCreatePermission(writePermissions).getId();
        ejt.update("UPDATE fileStores SET readPermissionId=?, writePermissionId=? WHERE id=?", readId, writeId, voId);
    });
    // Restrict to NOT NULL
    scripts = new HashMap<>();
    scripts.put(DatabaseType.MYSQL.name(), fileStoresPermissionNotNullMySQL);
    scripts.put(DatabaseType.H2.name(), fileStoresPermissionNotNull);
    scripts.put(DatabaseType.MSSQL.name(), fileStoresPermissionNotNull);
    scripts.put(DatabaseType.POSTGRES.name(), fileStoresPermissionNotNull);
    runScript(scripts, out);
    scripts = new HashMap<>();
    scripts.put(DatabaseType.MYSQL.name(), fileStoresDropPermissionsSQL);
    scripts.put(DatabaseType.H2.name(), fileStoresDropPermissionsSQL);
    scripts.put(DatabaseType.MSSQL.name(), fileStoresDropPermissionsSQL);
    scripts.put(DatabaseType.POSTGRES.name(), fileStoresDropPermissionsSQL);
    runScript(scripts, out);
}
Also used : HashMap(java.util.HashMap) MangoPermission(com.infiniteautomation.mango.permission.MangoPermission)

Example 73 with MangoPermission

use of com.infiniteautomation.mango.permission.MangoPermission in project ma-core-public by infiniteautomation.

the class Upgrade33 method upgrade.

@Override
protected void upgrade() throws Exception {
    try (OutputStream out = createUpdateLogOutputStream()) {
        // Get a reference to the superadmin permission in DB
        MangoPermission superadmin = getOrCreatePermissionNoCache(MangoPermission.superadminOnly());
        // Add readPermission ID column to events
        runScript(Collections.singletonMap(DEFAULT_DATABASE_TYPE, new String[] { "ALTER TABLE events ADD COLUMN readPermissionId INT;", "ALTER TABLE events ADD CONSTRAINT eventsFk2 FOREIGN KEY (readPermissionId) REFERENCES permissions(id) ON DELETE RESTRICT;" }), out);
        // Upgrade all permissions
        final int batchSize = Common.envProps.getInt("db.in.maxOperands", 1000);
        final String update = "UPDATE events SET readPermissionId=? WHERE id=?";
        final List<Object[]> batchArgs = new ArrayList<>();
        final AtomicInteger currentBatchSize = new AtomicInteger();
        ejt.query("SELECT id, typeName, typeRef1 FROM events", rs -> {
            int eventId = rs.getInt(1);
            String typeName = rs.getString(2);
            Integer voId = rs.getInt(3);
            Integer readPermissionId = null;
            if (typeName.equals(EventType.EventTypeNames.DATA_POINT)) {
                readPermissionId = dataPointPermissionMap.computeIfAbsent(voId, (k) -> {
                    Integer id = ejt.queryForInt("SELECT readPermissionId from dataPoints where id=?", new Object[] { k }, Common.NEW_ID);
                    if (id == Common.NEW_ID) {
                        return superadmin.getId();
                    } else {
                        return id;
                    }
                });
            } else if (typeName.equals(EventType.EventTypeNames.DATA_SOURCE)) {
                readPermissionId = dataSourcePermissionMap.computeIfAbsent(voId, (k) -> {
                    Integer id = ejt.queryForInt("SELECT readPermissionId from dataSources where id=?", new Object[] { k }, Common.NEW_ID);
                    if (id == Common.NEW_ID) {
                        return superadmin.getId();
                    } else {
                        return id;
                    }
                });
            } else if (typeName.equals(EventType.EventTypeNames.SYSTEM)) {
                readPermissionId = superadmin.getId();
            } else if (typeName.equals(EventType.EventTypeNames.PUBLISHER)) {
                readPermissionId = superadmin.getId();
            } else if (typeName.equals(EventType.EventTypeNames.AUDIT)) {
                readPermissionId = superadmin.getId();
            } else {
                // Let the module upgrades do this
                readPermissionId = superadmin.getId();
            }
            if (readPermissionId == null || readPermissionId == Common.NEW_ID) {
                readPermissionId = superadmin.getId();
            }
            batchArgs.add(new Object[] { readPermissionId, eventId });
            if (currentBatchSize.incrementAndGet() >= batchSize) {
                ejt.batchUpdate(update, batchArgs);
                batchArgs.clear();
                currentBatchSize.set(0);
            }
        });
        // Finish the batch
        if (currentBatchSize.get() > 0) {
            ejt.batchUpdate(update, batchArgs);
        }
        // Make NON-NULL
        HashMap<String, String[]> scripts = new HashMap<>();
        scripts.put(DatabaseType.MYSQL.name(), new String[] { "ALTER TABLE events MODIFY COLUMN readPermissionId INT NOT NULL;" });
        scripts.put(DEFAULT_DATABASE_TYPE, new String[] { "ALTER TABLE events ALTER COLUMN readPermissionId INT NOT NULL;" });
        runScript(scripts, out);
    }
}
Also used : AtomicInteger(java.util.concurrent.atomic.AtomicInteger) OutputStream(java.io.OutputStream) Role(com.serotonin.m2m2.vo.role.Role) Common(com.serotonin.m2m2.Common) HashMap(java.util.HashMap) EventType(com.serotonin.m2m2.rt.event.type.EventType) ArrayList(java.util.ArrayList) ExtendedJdbcTemplate(com.serotonin.db.spring.ExtendedJdbcTemplate) List(java.util.List) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) Map(java.util.Map) TransactionTemplate(org.springframework.transaction.support.TransactionTemplate) MangoPermission(com.infiniteautomation.mango.permission.MangoPermission) Collections(java.util.Collections) DatabaseType(com.serotonin.m2m2.db.DatabaseType) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) HashMap(java.util.HashMap) OutputStream(java.io.OutputStream) ArrayList(java.util.ArrayList) MangoPermission(com.infiniteautomation.mango.permission.MangoPermission)

Example 74 with MangoPermission

use of com.infiniteautomation.mango.permission.MangoPermission in project ma-core-public by infiniteautomation.

the class PermissionMigration method parseLegacyPermission.

/**
 * Returns an unsaved MangoPermission with roles that are also not saved (i.e. their id is -1)
 * @param permissions legacy permission string to upgrade
 * @return unsaved MangoPermission
 */
static MangoPermission parseLegacyPermission(String permissions) {
    Set<String> xids = PermissionService.explodeLegacyPermissionGroups(permissions);
    Set<Set<Role>> minterms = xids.stream().map(xid -> new Role(Common.NEW_ID, xid)).map(Collections::singleton).collect(Collectors.toSet());
    return new MangoPermission(minterms);
}
Also used : Role(com.serotonin.m2m2.vo.role.Role) Set(java.util.Set) HashSet(java.util.HashSet) ResultSet(java.sql.ResultSet) MangoPermission(com.infiniteautomation.mango.permission.MangoPermission)

Example 75 with MangoPermission

use of com.infiniteautomation.mango.permission.MangoPermission in project ma-core-public by infiniteautomation.

the class Upgrade38 method upgrade.

@Override
protected void upgrade() throws Exception {
    Users users = Users.USERS;
    Permissions permissions = Permissions.PERMISSIONS;
    create.batch(// allow null values for now
    DSL.alterTable(users).addColumn(users.readPermissionId.getName(), users.readPermissionId.getDataType().nullable(true)), DSL.alterTable(users).addColumn(users.editPermissionId.getName(), users.editPermissionId.getDataType().nullable(true))).execute();
    doInTransaction(txStatus -> {
        MangoPermission adminOnlyPermission = getOrCreatePermissionNoCache(MangoPermission.superadminOnly());
        create.batch(DSL.update(users).set(users.readPermissionId, adminOnlyPermission.getId()), DSL.update(users).set(users.editPermissionId, adminOnlyPermission.getId())).execute();
    });
    create.batch(// change columns to non-null
    DSL.alterTable(users).alterColumn(users.readPermissionId).set(users.readPermissionId.getDataType()), DSL.alterTable(users).alterColumn(users.editPermissionId).set(users.editPermissionId.getDataType()), DSL.alterTable(users).add(DSL.constraint("usersFk1").foreignKey(users.readPermissionId).references(permissions, permissions.id).onDeleteRestrict()), DSL.alterTable(users).add(DSL.constraint("usersFk2").foreignKey(users.editPermissionId).references(permissions, permissions.id).onDeleteRestrict())).execute();
}
Also used : Permissions(com.infiniteautomation.mango.db.tables.Permissions) Users(com.infiniteautomation.mango.db.tables.Users) MangoPermission(com.infiniteautomation.mango.permission.MangoPermission)

Aggregations

MangoPermission (com.infiniteautomation.mango.permission.MangoPermission)93 Role (com.serotonin.m2m2.vo.role.Role)22 HashSet (java.util.HashSet)21 Set (java.util.Set)18 HashMap (java.util.HashMap)13 NotFoundException (com.infiniteautomation.mango.util.exception.NotFoundException)12 PermissionDefinition (com.serotonin.m2m2.module.PermissionDefinition)11 JsonException (com.serotonin.json.JsonException)10 ValidationException (com.infiniteautomation.mango.util.exception.ValidationException)9 TranslatableJsonException (com.serotonin.m2m2.i18n.TranslatableJsonException)8 JsonValue (com.serotonin.json.type.JsonValue)7 ArrayList (java.util.ArrayList)7 JsonArray (com.serotonin.json.type.JsonArray)6 JsonObject (com.serotonin.json.type.JsonObject)6 User (com.serotonin.m2m2.vo.User)6 OutputStream (java.io.OutputStream)5 Test (org.junit.Test)5 TranslatableMessage (com.serotonin.m2m2.i18n.TranslatableMessage)4 IOException (java.io.IOException)4 ResultSet (java.sql.ResultSet)4