Example 1 with PermissionService
use of com.infiniteautomation.mango.spring.service.PermissionService in project ma-modules-public by infiniteautomation.
the class SetPointEventHandlerModel method readInto.
@Override
public void readInto(SetPointEventHandlerVO vo) {
super.readInto(vo);
Integer targetId = DataPointDao.getInstance().getIdByXid(targetPointXid);
if (targetId != null)
vo.setTargetPointId(targetId);
vo.setActiveAction(SetPointEventHandlerVO.SET_ACTION_CODES.getId(activeAction));
if (activeValueToSet != null)
vo.setActiveValueToSet(activeValueToSet.toString());
if (activePointXid != null) {
Integer activePointId = DataPointDao.getInstance().getIdByXid(activePointXid);
if (activePointId != null)
vo.setActivePointId(activePointId);
}
vo.setActiveScript(activeScript);
vo.setInactiveAction(SetPointEventHandlerVO.SET_ACTION_CODES.getId(inactiveAction));
if (inactiveValueToSet != null)
vo.setInactiveValueToSet(inactiveValueToSet.toString());
if (inactivePointXid != null) {
Integer inactivePointId = DataPointDao.getInstance().getIdByXid(inactivePointXid);
if (inactivePointId != null)
vo.setInactivePointId(inactivePointId);
}
vo.setInactiveScript(inactiveScript);
PermissionService service = Common.getBean(PermissionService.class);
vo.setScriptRoles(new ScriptPermissions(service.explodeLegacyPermissionGroupsToRoles(scriptPermissions)));
if (scriptContext != null) {
List<IntStringPair> additionalContext = new ArrayList<>();
for (ScriptContextVariableModel var : scriptContext) {
Integer id = DataPointDao.getInstance().getIdByXid(var.getXid());
if (id != null) {
additionalContext.add(new IntStringPair(id, var.getVariableName()));
} else {
additionalContext.add(new IntStringPair(Common.NEW_ID, var.getVariableName()));
}
}
vo.setAdditionalContext(additionalContext);
}
}
Also used :
PermissionService(com.infiniteautomation.mango.spring.service.PermissionService)
IntStringPair(com.serotonin.db.pair.IntStringPair)
ScriptContextVariableModel(com.infiniteautomation.mango.rest.latest.model.javascript.MangoJavaScriptModel.ScriptContextVariableModel)
ArrayList(java.util.ArrayList)
ScriptPermissions(com.infiniteautomation.mango.util.script.ScriptPermissions)
Example 2 with PermissionService
use of com.infiniteautomation.mango.spring.service.PermissionService in project ma-core-public by infiniteautomation.
the class MangoPermissionConverter method jsonRead.
@Override
public Object jsonRead(JsonReader reader, JsonValue jsonValue, Type type) throws JsonException {
Set<Set<Role>> roles = new HashSet<>();
PermissionService permissionService = Common.getBean(PermissionService.class);
if (jsonValue instanceof JsonArray) {
for (JsonValue val : (JsonArray) jsonValue) {
if (val instanceof JsonArray) {
Set<Role> inner = new HashSet<>();
roles.add(inner);
for (JsonValue v : (JsonArray) val) {
Role r = permissionService.getRole(v.toString());
if (r != null) {
inner.add(r);
} else {
inner.add(new Role(Common.NEW_ID, v.toString()));
}
}
} else {
// Just a single string
Role r = permissionService.getRole(val.toString());
if (r != null) {
roles.add(Collections.singleton(r));
} else {
roles.add(Collections.singleton(new Role(Common.NEW_ID, val.toString())));
}
}
}
} else {
for (String role : PermissionService.explodeLegacyPermissionGroups(jsonValue.toString())) {
Role r = permissionService.getRole(role);
if (r != null) {
roles.add(Collections.singleton(r));
} else {
roles.add(Collections.singleton(new Role(Common.NEW_ID, role)));
}
}
}
return new MangoPermission(roles);
}
Also used :
PermissionService(com.infiniteautomation.mango.spring.service.PermissionService)
JsonArray(com.serotonin.json.type.JsonArray)
Role(com.serotonin.m2m2.vo.role.Role)
Set(java.util.Set)
HashSet(java.util.HashSet)
JsonValue(com.serotonin.json.type.JsonValue)
MangoPermission(com.infiniteautomation.mango.permission.MangoPermission)
HashSet(java.util.HashSet)
Example 3 with PermissionService
use of com.infiniteautomation.mango.spring.service.PermissionService in project ma-core-public by infiniteautomation.
the class UserEventMulticasterTest method testMulticastEventsForUsersWithPermissions.
@Test
public void testMulticastEventsForUsersWithPermissions() {
PermissionService service = Common.getBean(PermissionService.class);
int dataPointId = 1;
int eventCount = 100;
int userCount = 5 * 6;
// Add them out of order so the tree is jumbled with permissions hither and yon
List<User> users = new ArrayList<>();
int added = 0;
for (int i = 0; i < (userCount / 6); i++) {
users.add(createUser("User" + added, "user" + added, "password", "user" + added + "@yourMangoDomain.com", PermissionHolder.SUPERADMIN_ROLE));
added++;
}
for (int i = 0; i < (userCount / 6); i++) {
users.add(createUser("User" + added, "user" + added, "password", "user" + added + "@yourMangoDomain.com", mockRole.getRole()));
added++;
}
for (int i = 0; i < (userCount / 6); i++) {
users.add(createUser("User" + added, "user" + added, "password", "user" + added + "@yourMangoDomain.com"));
added++;
}
for (int i = 0; i < (userCount / 6); i++) {
users.add(createUser("User" + added, "user" + added, "password", "user" + added + "@yourMangoDomain.com", PermissionHolder.SUPERADMIN_ROLE));
added++;
}
for (int i = 0; i < (userCount / 6); i++) {
users.add(createUser("User" + added, "user" + added, "password", "user" + added + "@yourMangoDomain.com", mockRole.getRole()));
added++;
}
for (int i = 0; i < (userCount / 6); i++) {
users.add(createUser("User" + added, "user" + added, "password", "user" + added + "@yourMangoDomain.com"));
added++;
}
List<Integer> idsToNotify = new ArrayList<>();
List<MockUserEventListener> listeners = new ArrayList<>();
UserEventListener multicaster = null;
MockEventType mockEventType = new MockEventType(DuplicateHandling.ALLOW, null, 0, dataPointId, this.mockRole.getRole());
for (User u : users) {
MockUserEventListener l = new MockUserEventListener(u);
if (// This work is normally done by the event manager handling the raiseEvent calls
mockEventType.hasPermission(u, service))
// through an EventNotifyWorkItem
idsToNotify.add(u.getId());
listeners.add(l);
multicaster = UserEventMulticaster.add(multicaster, l);
}
List<EventInstance> events = new ArrayList<>();
long time = 0;
for (int i = 0; i < eventCount; i++) {
EventInstance event = createMockEventInstance(i, dataPointId, time);
events.add(event);
event.setIdsToNotify(idsToNotify);
multicaster.raised(event);
time += 1;
}
// Ack
for (EventInstance e : events) multicaster.acknowledged(e);
// Rtn
for (EventInstance e : events) multicaster.returnToNormal(e);
// Confirm those with correct permissions permissions saw all raised
for (MockUserEventListener l : listeners) {
if (!(service.hasPermission(l.getUser(), MangoPermission.requireAnyRole(mockRole.getRole())) || service.hasAdminRole(l.getUser()))) {
assertEquals(0, l.getRaised().size());
} else {
assertEquals(eventCount, l.getRaised().size());
}
}
// Confirm those with permissions saw all acked
for (MockUserEventListener l : listeners) {
if (!(service.hasPermission(l.getUser(), MangoPermission.requireAnyRole(mockRole.getRole())) || service.hasAdminRole(l.getUser()))) {
assertEquals(0, l.getAcknowledged().size());
} else {
assertEquals(eventCount, l.getAcknowledged().size());
}
}
// Confirm those with permissions saw all rtned
for (MockUserEventListener l : listeners) {
if (!(service.hasPermission(l.getUser(), MangoPermission.requireAnyRole(mockRole.getRole())) || service.hasAdminRole(l.getUser()))) {
assertEquals(0, l.getReturned().size());
} else {
assertEquals(eventCount, l.getReturned().size());
}
}
}
Also used :
User(com.serotonin.m2m2.vo.User)
ArrayList(java.util.ArrayList)
MockEventType(com.serotonin.m2m2.rt.event.type.MockEventType)
PermissionService(com.infiniteautomation.mango.spring.service.PermissionService)
Test(org.junit.Test)
Example 4 with PermissionService
use of com.infiniteautomation.mango.spring.service.PermissionService in project ma-core-public by infiniteautomation.
the class RoleDao method joinPermissions.
@Override
public <R extends Record> SelectJoinStep<R> joinPermissions(SelectJoinStep<R> select, PermissionHolder user) {
PermissionService permissionService = permissionServiceSupplier.get();
Set<Role> heldRoles = permissionService.getAllInheritedRoles(user);
if (heldRoles.contains(PermissionHolder.SUPERADMIN_ROLE)) {
return select;
}
List<String> xids = heldRoles.stream().map(Role::getXid).collect(Collectors.toList());
return select.innerJoin(DSL.selectOne()).on(table.xid.in(xids));
}
Also used :
PermissionService(com.infiniteautomation.mango.spring.service.PermissionService)
Role(com.serotonin.m2m2.vo.role.Role)
Example 5 with PermissionService
use of com.infiniteautomation.mango.spring.service.PermissionService in project ma-core-public by infiniteautomation.
the class RoleDao method createSubSelectMap.
@Override
protected Map<String, RQLSubSelectCondition> createSubSelectMap() {
Map<String, RQLSubSelectCondition> subselects = super.createSubSelectMap();
subselects.put("inherited", (operation, node) -> {
if (operation != RQLOperation.CONTAINS) {
throw new RQLVisitException(String.format("Unsupported node type '%s' for field '%s'", node.getName(), node.getArgument(0)));
}
PermissionService permissionService = permissionServiceSupplier.get();
Set<Integer> roleIds = extractArrayArguments(node, o -> o == null ? null : o.toString()).stream().filter(Objects::nonNull).map(permissionService::getRole).filter(Objects::nonNull).map(Role::getId).collect(Collectors.toSet());
SelectConditionStep<Record1<Integer>> afterWhere;
if (!roleIds.isEmpty()) {
SelectJoinStep<Record1<Integer>> select = create.select(RoleInheritance.ROLE_INHERITANCE.roleId).from(RoleInheritance.ROLE_INHERITANCE);
afterWhere = select.where(RoleInheritance.ROLE_INHERITANCE.inheritedRoleId.in(roleIds));
} else {
// Find all roles with no inherited roles
SelectJoinStep<Record1<Integer>> select = create.select(getIdField()).from(table);
SelectOnConditionStep<Record1<Integer>> afterJoin = select.leftJoin(RoleInheritance.ROLE_INHERITANCE).on(RoleInheritance.ROLE_INHERITANCE.roleId.eq(getIdField()));
afterWhere = afterJoin.where(RoleInheritance.ROLE_INHERITANCE.roleId.isNull());
}
return table.id.in(afterWhere.asField());
});
subselects.put("inheritedBy", (operation, node) -> {
if (operation != RQLOperation.CONTAINS) {
throw new RQLVisitException(String.format("Unsupported node type '%s' for field '%s'", node.getName(), node.getArgument(0)));
}
PermissionService permissionService = permissionServiceSupplier.get();
Set<Integer> roleIds = extractArrayArguments(node, o -> o == null ? null : o.toString()).stream().filter(Objects::nonNull).map(permissionService::getRole).filter(Objects::nonNull).map(Role::getId).collect(Collectors.toSet());
SelectConditionStep<Record1<Integer>> afterWhere;
if (!roleIds.isEmpty()) {
// Find all roles inherited by this role
SelectJoinStep<Record1<Integer>> select = create.select(RoleInheritance.ROLE_INHERITANCE.inheritedRoleId).from(RoleInheritance.ROLE_INHERITANCE);
afterWhere = select.where(RoleInheritance.ROLE_INHERITANCE.roleId.in(roleIds));
} else {
// Find all roles with that are not inherited by any role
SelectJoinStep<Record1<Integer>> select = create.select(getIdField()).from(table);
SelectOnConditionStep<Record1<Integer>> afterJoin = select.leftJoin(RoleInheritance.ROLE_INHERITANCE).on(RoleInheritance.ROLE_INHERITANCE.inheritedRoleId.eq(getIdField()));
afterWhere = afterJoin.where(RoleInheritance.ROLE_INHERITANCE.inheritedRoleId.isNull());
}
return table.id.in(afterWhere.asField());
});
return subselects;
}
Also used :
PermissionService(com.infiniteautomation.mango.spring.service.PermissionService)
RQLVisitException(com.infiniteautomation.mango.db.query.RQLToCondition.RQLVisitException)
Objects(java.util.Objects)
RQLSubSelectCondition(com.infiniteautomation.mango.db.query.RQLSubSelectCondition)
Record1(org.jooq.Record1)
Aggregations
PermissionService (com.infiniteautomation.mango.spring.service.PermissionService)26
Test (org.junit.Test)16
Role (com.serotonin.m2m2.vo.role.Role)13
Set (java.util.Set)10
HashSet (java.util.HashSet)9
Common (com.serotonin.m2m2.Common)7
DatabaseProxy (com.serotonin.m2m2.db.DatabaseProxy)7
List (java.util.List)7
MangoTestBase (com.serotonin.m2m2.MangoTestBase)6
Collectors (java.util.stream.Collectors)6
PermissionsMinterms (com.infiniteautomation.mango.db.tables.PermissionsMinterms)5
RoleDao (com.serotonin.m2m2.db.dao.RoleDao)5
ArrayList (java.util.ArrayList)5
Iterator (java.util.Iterator)5
DSLContext (org.jooq.DSLContext)5
Assert.assertEquals (org.junit.Assert.assertEquals)5
Assert.assertTrue (org.junit.Assert.assertTrue)5
DataSourceService (com.infiniteautomation.mango.spring.service.DataSourceService)4
JsonValue (com.serotonin.json.type.JsonValue)4
MockDataSourceVO (com.serotonin.m2m2.vo.dataSource.mock.MockDataSourceVO)4
