Search in sources :

Example 41 with ScriptPermissions

use of com.infiniteautomation.mango.util.script.ScriptPermissions in project ma-core-public by MangoAutomation.

the class EmailEventHandlerServiceTest method testDeleteRoleUpdateVO.

@Test
public void testDeleteRoleUpdateVO() {
    EmailEventHandlerVO vo = newVO(readUser);
    ScriptPermissions permissions = new ScriptPermissions(Sets.newHashSet(readRole, editRole));
    vo.setScriptRoles(permissions);
    service.insert(vo);
    EmailEventHandlerVO fromDb = (EmailEventHandlerVO) service.get(vo.getId());
    assertVoEqual(vo, fromDb);
    roleService.delete(editRole.getId());
    roleService.delete(readRole.getId());
    EmailEventHandlerVO updated = (EmailEventHandlerVO) service.get(fromDb.getId());
    fromDb.setScriptRoles(new ScriptPermissions(Collections.emptySet()));
    assertVoEqual(fromDb, updated);
}
Also used : EmailEventHandlerVO(com.serotonin.m2m2.vo.event.EmailEventHandlerVO) ScriptPermissions(com.infiniteautomation.mango.util.script.ScriptPermissions) Test(org.junit.Test)

Example 42 with ScriptPermissions

use of com.infiniteautomation.mango.util.script.ScriptPermissions in project ma-core-public by MangoAutomation.

the class EmailEventHandlerServiceTest method testCannotUpdateUnauthorizedScriptRole.

@Test
@ExpectValidationException("scriptRoles")
public void testCannotUpdateUnauthorizedScriptRole() {
    addRoleToCreatePermission(editRole);
    EmailEventHandlerVO vo = newVO(editUser);
    vo.setReadPermission(MangoPermission.requireAnyRole(editRole));
    vo.setEditPermission(MangoPermission.requireAnyRole(editRole));
    ScriptPermissions permissions = new ScriptPermissions(Sets.newHashSet(editRole));
    vo.setScriptRoles(permissions);
    runAs.runAs(editUser, () -> {
        EmailEventHandlerVO fromDb = (EmailEventHandlerVO) service.insert(vo);
        ScriptPermissions newPermissions = new ScriptPermissions(Sets.newHashSet(readRole, editRole));
        fromDb.setScriptRoles(newPermissions);
        service.update(fromDb.getId(), fromDb);
    });
}
Also used : EmailEventHandlerVO(com.serotonin.m2m2.vo.event.EmailEventHandlerVO) ScriptPermissions(com.infiniteautomation.mango.util.script.ScriptPermissions) Test(org.junit.Test) ExpectValidationException(com.infiniteautomation.mango.rules.ExpectValidationException)

Example 43 with ScriptPermissions

use of com.infiniteautomation.mango.util.script.ScriptPermissions in project ma-core-public by MangoAutomation.

the class Upgrade29 method upgradeEventHandlers.

private void upgradeEventHandlers(OutputStream out) {
    // Add permission id columns
    Map<String, String[]> scripts = new HashMap<>();
    scripts.put(DatabaseType.MYSQL.name(), eventHandlersPermissionMySQL);
    scripts.put(DatabaseType.H2.name(), eventHandlersPermissionH2);
    scripts.put(DatabaseType.MSSQL.name(), eventHandlersPermissionMSSQL);
    scripts.put(DatabaseType.POSTGRES.name(), eventHandlersPermissionMySQL);
    runScript(scripts, out);
    // set permission to superadmin
    Integer readId = getOrCreatePermission(MangoPermission.superadminOnly()).getId();
    Integer editId = getOrCreatePermission(MangoPermission.superadminOnly()).getId();
    ejt.update("UPDATE eventHandlers SET readPermissionId=?, editPermissionId=?", readId, editId);
    // Restrict to NOT NULL
    scripts = new HashMap<>();
    scripts.put(DatabaseType.MYSQL.name(), eventHandlersPermissionNotNullMySQL);
    scripts.put(DatabaseType.H2.name(), eventHandlersPermissionNotNull);
    scripts.put(DatabaseType.MSSQL.name(), eventHandlersPermissionNotNull);
    scripts.put(DatabaseType.POSTGRES.name(), eventHandlersPermissionNotNull);
    runScript(scripts, out);
    // Upgrade Email Event Handlers to fix the script permission serialization, we don't need to clean the
    // recipient list here as we aren't going to use it.
    this.ejt.query("SELECT eh.id, eh.data FROM eventHandlers eh WHERE eh.eventHandlerType=?", new Object[] { EmailEventHandlerDefinition.TYPE_NAME }, new RowCallbackHandler() {

        @Override
        public void processRow(ResultSet rs) throws SQLException {
            int id = rs.getInt(1);
            EmailEventHandlerVO vo = (EmailEventHandlerVO) SerializationHelper.readObjectInContext(rs.getBinaryStream(2));
            Set<String> legacyScriptRoles = vo.getLegacyScriptRoles();
            if (legacyScriptRoles != null) {
                Set<Role> roles = new HashSet<>();
                for (String r : legacyScriptRoles) {
                    roles.add(getOrCreateRole(new Role(Common.NEW_ID, r)));
                }
                vo.setScriptRoles(new ScriptPermissions(roles, vo.getLegacyPermissionHolderName()));
            } else {
                // Must be a ScriptPermission that might need to be upgraded
                ScriptPermissions permission = vo.getScriptRoles();
                if (permission.getLegacyScriptRoles() != null) {
                    Set<Role> roles = new HashSet<>();
                    for (String r : permission.getLegacyScriptRoles()) {
                        roles.add(getOrCreateRole(new Role(Common.NEW_ID, r)));
                    }
                    ScriptPermissions upgraded = new ScriptPermissions(roles, permission.getPermissionHolderName());
                    vo.setScriptRoles(upgraded);
                }
            }
            ejt.update("UPDATE eventHandlers SET data=? where id=?", SerializationHelper.writeObjectToArray(vo), id);
        }
    });
    // Upgrade Set Point Event Handlers
    this.ejt.query("SELECT eh.id, eh.data FROM eventHandlers eh WHERE eh.eventHandlerType=?", new Object[] { SetPointEventHandlerDefinition.TYPE_NAME }, new RowCallbackHandler() {

        @Override
        public void processRow(ResultSet rs) throws SQLException {
            int id = rs.getInt(1);
            SetPointEventHandlerVO vo = (SetPointEventHandlerVO) SerializationHelper.readObjectInContext(rs.getBinaryStream(2));
            Set<String> legacyScriptRoles = vo.getLegacyScriptRoles();
            if (legacyScriptRoles != null) {
                Set<Role> roles = new HashSet<>();
                for (String r : legacyScriptRoles) {
                    roles.add(getOrCreateRole(new Role(Common.NEW_ID, r)));
                }
                vo.setScriptRoles(new ScriptPermissions(roles, vo.getLegacyPermissionHolderName()));
            } else {
                // Must be a ScriptPermission that might need to be upgraded
                ScriptPermissions permission = vo.getScriptRoles();
                if (permission.getLegacyScriptRoles() != null) {
                    Set<Role> roles = new HashSet<>();
                    for (String r : permission.getLegacyScriptRoles()) {
                        roles.add(getOrCreateRole(new Role(Common.NEW_ID, r)));
                    }
                    ScriptPermissions upgraded = new ScriptPermissions(roles, permission.getPermissionHolderName());
                    vo.setScriptRoles(upgraded);
                }
            }
            ejt.update("UPDATE eventHandlers SET data=? where id=?", SerializationHelper.writeObjectToArray(vo), id);
        }
    });
}
Also used : HashSet(java.util.HashSet) ResultSet(java.sql.ResultSet) Set(java.util.Set) HashMap(java.util.HashMap) SQLException(java.sql.SQLException) ScriptPermissions(com.infiniteautomation.mango.util.script.ScriptPermissions) Role(com.serotonin.m2m2.vo.role.Role) SetPointEventHandlerVO(com.serotonin.m2m2.vo.event.SetPointEventHandlerVO) ResultSet(java.sql.ResultSet) EmailEventHandlerVO(com.serotonin.m2m2.vo.event.EmailEventHandlerVO) RowCallbackHandler(org.springframework.jdbc.core.RowCallbackHandler)

Example 44 with ScriptPermissions

use of com.infiniteautomation.mango.util.script.ScriptPermissions in project ma-core-public by MangoAutomation.

the class ScriptPermissionConverter method jsonRead.

// TODO Mango 4.2 improve performance with lazy field as PermissionService is not available at construct time
@Override
public Object jsonRead(JsonReader reader, JsonValue jsonValue, Type type) throws JsonException {
    Set<Role> roles = new HashSet<>();
    PermissionService service = Common.getBean(PermissionService.class);
    if (jsonValue instanceof JsonArray) {
        for (JsonValue val : (JsonArray) jsonValue) {
            // Just a single string
            Role r = service.getRole(val.toString());
            if (r != null) {
                roles.add(r);
            } else {
                // Let the validation pick this up as a missing role, the response to the user is cleaner
                roles.add(new Role(Common.NEW_ID, val.toString()));
            }
        }
    } else if (jsonValue instanceof JsonObject) {
        // Could be the super-legacy version with 3 separate sets of roles
        JsonObject o = (JsonObject) jsonValue;
        Set<String> permissions = new HashSet<>();
        permissions.addAll(PermissionService.explodeLegacyPermissionGroups(o.getString(DATA_SOURCE)));
        permissions.addAll(PermissionService.explodeLegacyPermissionGroups(o.getString(DATA_POINT_SET)));
        permissions.addAll(PermissionService.explodeLegacyPermissionGroups(o.getString(DATA_POINT_READ)));
        permissions.addAll(PermissionService.explodeLegacyPermissionGroups(o.getString(CUSTOM)));
        for (String role : permissions) {
            Role r = service.getRole(role);
            if (r != null) {
                roles.add(r);
            } else {
                // Let the validation pick this up as a missing role, the response to the user is cleaner
                roles.add(new Role(Common.NEW_ID, role));
            }
        }
    }
    return new ScriptPermissions(roles);
}
Also used : Role(com.serotonin.m2m2.vo.role.Role) PermissionService(com.infiniteautomation.mango.spring.service.PermissionService) JsonArray(com.serotonin.json.type.JsonArray) Set(java.util.Set) HashSet(java.util.HashSet) JsonValue(com.serotonin.json.type.JsonValue) JsonObject(com.serotonin.json.type.JsonObject) ScriptPermissions(com.infiniteautomation.mango.util.script.ScriptPermissions) HashSet(java.util.HashSet)

Example 45 with ScriptPermissions

use of com.infiniteautomation.mango.util.script.ScriptPermissions in project ma-core-public by MangoAutomation.

the class ScriptPermissionConverter method jsonWrite.

@Override
public JsonValue jsonWrite(JsonTypeWriter writer, Object value) throws JsonException {
    ScriptPermissions permission = (ScriptPermissions) value;
    JsonArray roles = new JsonArray();
    for (Role role : permission.getRoles()) {
        roles.add(role.getXid());
    }
    return roles;
}
Also used : JsonArray(com.serotonin.json.type.JsonArray) Role(com.serotonin.m2m2.vo.role.Role) ScriptPermissions(com.infiniteautomation.mango.util.script.ScriptPermissions)

Aggregations

ScriptPermissions (com.infiniteautomation.mango.util.script.ScriptPermissions)45 Test (org.junit.Test)20 EmailEventHandlerVO (com.serotonin.m2m2.vo.event.EmailEventHandlerVO)16 SetPointEventHandlerVO (com.serotonin.m2m2.vo.event.SetPointEventHandlerVO)14 Role (com.serotonin.m2m2.vo.role.Role)12 ExpectValidationException (com.infiniteautomation.mango.rules.ExpectValidationException)8 HashSet (java.util.HashSet)8 IntStringPair (com.serotonin.db.pair.IntStringPair)6 JsonArray (com.serotonin.json.type.JsonArray)6 ArrayList (java.util.ArrayList)6 PermissionService (com.infiniteautomation.mango.spring.service.PermissionService)5 EventTypeMatcher (com.serotonin.m2m2.rt.event.type.EventTypeMatcher)4 MockEventType (com.serotonin.m2m2.rt.event.type.MockEventType)4 List (java.util.List)4 Set (java.util.Set)4 ScriptContextVariableModel (com.infiniteautomation.mango.rest.latest.model.javascript.MangoJavaScriptModel.ScriptContextVariableModel)2 JsonObject (com.serotonin.json.type.JsonObject)2 JsonValue (com.serotonin.json.type.JsonValue)2 RecipientListEntryBean (com.serotonin.m2m2.web.dwr.beans.RecipientListEntryBean)2 ResultSet (java.sql.ResultSet)2