Search in sources :

Example 51 with PermissionHolder

use of com.serotonin.m2m2.vo.permission.PermissionHolder in project ma-modules-public by infiniteautomation.

the class UserRestController method updateHomeUrl.

@ApiOperation(value = "Update a user's home url")
@RequestMapping(method = RequestMethod.PUT, value = "/{username}/homepage")
public ResponseEntity<UserModel> updateHomeUrl(@ApiParam(value = "Username", required = true) @PathVariable String username, @ApiParam(value = "Home Url", required = true) @RequestParam String url, @AuthenticationPrincipal PermissionHolder user, HttpServletRequest request, UriComponentsBuilder builder, Authentication authentication) {
    User update = service.get(username);
    User currentUser = user.getUser();
    if (currentUser != null && update.getId() == currentUser.getId() && !(authentication instanceof UsernamePasswordAuthenticationToken))
        throw new PermissionException(new TranslatableMessage("rest.error.usernamePasswordOnly"), user);
    update.setHomeUrl(url);
    update = service.update(username, update);
    sessionRegistry.userUpdated(request, update);
    URI location = builder.path("/users/{username}").buildAndExpand(update.getUsername()).toUri();
    HttpHeaders headers = new HttpHeaders();
    headers.setLocation(location);
    return new ResponseEntity<>(new UserModel(update), headers, HttpStatus.OK);
}
Also used : PermissionException(com.serotonin.m2m2.vo.permission.PermissionException) UserModel(com.infiniteautomation.mango.rest.latest.model.user.UserModel) HttpHeaders(org.springframework.http.HttpHeaders) ResponseEntity(org.springframework.http.ResponseEntity) User(com.serotonin.m2m2.vo.User) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) TranslatableMessage(com.serotonin.m2m2.i18n.TranslatableMessage) URI(java.net.URI) ApiOperation(io.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 52 with PermissionHolder

use of com.serotonin.m2m2.vo.permission.PermissionHolder in project ma-modules-public by infiniteautomation.

the class UserRestController method updateLinkedAccounts.

@RequestMapping(method = RequestMethod.PUT, value = "/linked-accounts/{username}")
public void updateLinkedAccounts(@PathVariable String username, @RequestBody List<LinkedAccountModel> linkedAccountModels, @AuthenticationPrincipal PermissionHolder currentUser) {
    User userToUpdate = service.get(username);
    List<LinkedAccount> linkedAccounts = linkedAccountModels.stream().map(a -> mapper.unMap(a, LinkedAccount.class, currentUser)).collect(Collectors.toList());
    service.updateLinkedAccounts(userToUpdate.getId(), linkedAccounts);
}
Also used : BadRequestException(com.infiniteautomation.mango.rest.latest.exception.BadRequestException) PathVariable(org.springframework.web.bind.annotation.PathVariable) UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder) RequestParam(org.springframework.web.bind.annotation.RequestParam) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) StreamedVORqlQueryWithTotal(com.infiniteautomation.mango.rest.latest.model.StreamedVORqlQueryWithTotal) Autowired(org.springframework.beans.factory.annotation.Autowired) ApiParam(io.swagger.annotations.ApiParam) Translations(com.serotonin.m2m2.i18n.Translations) PermissionHolder(com.serotonin.m2m2.vo.permission.PermissionHolder) RestModelMapper(com.infiniteautomation.mango.rest.latest.model.RestModelMapper) PatchVORequestBody(com.infiniteautomation.mango.rest.latest.patch.PatchVORequestBody) ApiOperation(io.swagger.annotations.ApiOperation) Map(java.util.Map) URI(java.net.URI) UserActionAndModel(com.infiniteautomation.mango.rest.latest.model.user.UserActionAndModel) RuntimeStatusModel(com.infiniteautomation.mango.rest.latest.model.datasource.RuntimeStatusModel) TemporaryResourceStatusUpdate(com.infiniteautomation.mango.rest.latest.temporaryResource.TemporaryResourceStatusUpdate) HttpHeaders(org.springframework.http.HttpHeaders) RQLUtils(com.infiniteautomation.mango.util.RQLUtils) RequestMethod(org.springframework.web.bind.annotation.RequestMethod) TranslatableMessage(com.serotonin.m2m2.i18n.TranslatableMessage) Collectors(java.util.stream.Collectors) RestController(org.springframework.web.bind.annotation.RestController) JsonStreamedArray(com.serotonin.json.type.JsonStreamedArray) List(java.util.List) UserModel(com.infiniteautomation.mango.rest.latest.model.user.UserModel) StreamedSeroJsonVORqlQuery(com.infiniteautomation.mango.rest.latest.model.StreamedSeroJsonVORqlQuery) ASTNode(net.jazdw.rql.parser.ASTNode) Environment(org.springframework.core.env.Environment) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) Authentication(org.springframework.security.core.Authentication) UserIndividualRequest(com.infiniteautomation.mango.rest.latest.model.user.UserIndividualRequest) User(com.serotonin.m2m2.vo.User) PermissionService(com.infiniteautomation.mango.spring.service.PermissionService) PatchIdField(com.infiniteautomation.mango.rest.latest.patch.PatchVORequestBody.PatchIdField) FilteredStreamWithTotal(com.infiniteautomation.mango.rest.latest.model.FilteredStreamWithTotal) VoAction(com.infiniteautomation.mango.rest.latest.bulk.VoAction) TemporaryResourceStatus(com.infiniteautomation.mango.rest.latest.temporaryResource.TemporaryResource.TemporaryResourceStatus) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) HashMap(java.util.HashMap) Function(java.util.function.Function) ArrayList(java.util.ArrayList) RequestBody(org.springframework.web.bind.annotation.RequestBody) UserModelMapping(com.infiniteautomation.mango.rest.latest.model.user.UserModelMapping) HttpServletRequest(javax.servlet.http.HttpServletRequest) UsersService(com.infiniteautomation.mango.spring.service.UsersService) MappingJacksonValue(org.springframework.http.converter.json.MappingJacksonValue) StreamedArrayWithTotal(com.infiniteautomation.mango.rest.latest.model.StreamedArrayWithTotal) Api(io.swagger.annotations.Api) UserIndividualResponse(com.infiniteautomation.mango.rest.latest.model.user.UserIndividualResponse) TemporaryResourceWebSocketHandler(com.infiniteautomation.mango.rest.latest.temporaryResource.TemporaryResourceWebSocketHandler) TemporaryResource(com.infiniteautomation.mango.rest.latest.temporaryResource.TemporaryResource) TranslatableExceptionI(com.infiniteautomation.mango.util.exception.TranslatableExceptionI) MangoSessionRegistry(com.serotonin.m2m2.web.mvc.spring.security.MangoSessionRegistry) MangoTaskTemporaryResourceManager(com.infiniteautomation.mango.rest.latest.temporaryResource.MangoTaskTemporaryResourceManager) Common(com.serotonin.m2m2.Common) LinkedAccount(com.serotonin.m2m2.vo.LinkedAccount) LinkedAccountModel(com.infiniteautomation.mango.rest.latest.model.user.LinkedAccountModel) BulkResponse(com.infiniteautomation.mango.rest.latest.bulk.BulkResponse) BulkRequest(com.infiniteautomation.mango.rest.latest.bulk.BulkRequest) HttpStatus(org.springframework.http.HttpStatus) ApprovedUsersModel(com.infiniteautomation.mango.rest.latest.model.user.ApprovedUsersModel) AuthenticationPrincipal(org.springframework.security.core.annotation.AuthenticationPrincipal) MediaTypes(com.serotonin.m2m2.web.MediaTypes) ResponseEntity(org.springframework.http.ResponseEntity) AbstractRestException(com.infiniteautomation.mango.rest.latest.exception.AbstractRestException) TemporaryResourceManager(com.infiniteautomation.mango.rest.latest.temporaryResource.TemporaryResourceManager) ApproveUsersModel(com.infiniteautomation.mango.rest.latest.model.user.ApproveUsersModel) PermissionException(com.serotonin.m2m2.vo.permission.PermissionException) User(com.serotonin.m2m2.vo.User) LinkedAccount(com.serotonin.m2m2.vo.LinkedAccount) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 53 with PermissionHolder

use of com.serotonin.m2m2.vo.permission.PermissionHolder in project ma-modules-public by infiniteautomation.

the class UserRestController method doIndividualRequest.

private UserIndividualResponse doIndividualRequest(UserIndividualRequest request, VoAction defaultAction, UserModel defaultBody, PermissionHolder user, HttpServletRequest servletRequest, Authentication authentication, UriComponentsBuilder builder) {
    UserIndividualResponse result = new UserIndividualResponse();
    try {
        String username = request.getUsername();
        result.setUsername(username);
        VoAction action = request.getAction() == null ? defaultAction : request.getAction();
        if (action == null) {
            throw new BadRequestException(new TranslatableMessage("rest.error.mustNotBeNull", "action"));
        }
        result.setAction(action);
        UserModel body = request.getBody() == null ? defaultBody : request.getBody();
        switch(action) {
            case GET:
                if (username == null) {
                    throw new BadRequestException(new TranslatableMessage("rest.error.mustNotBeNull", "xid"));
                }
                result.setBody(this.getUser(username));
                break;
            case CREATE:
                if (body == null) {
                    throw new BadRequestException(new TranslatableMessage("rest.error.mustNotBeNull", "body"));
                }
                result.setBody(body);
                result.setBody(this.createUser(body, builder).getBody());
                break;
            case UPDATE:
                if (username == null) {
                    throw new BadRequestException(new TranslatableMessage("rest.error.mustNotBeNull", "xid"));
                }
                if (body == null) {
                    throw new BadRequestException(new TranslatableMessage("rest.error.mustNotBeNull", "body"));
                }
                result.setBody(body);
                result.setBody(this.updateUser(username, body, user, servletRequest, builder, authentication).getBody());
                break;
            case DELETE:
                if (username == null) {
                    throw new BadRequestException(new TranslatableMessage("rest.error.mustNotBeNull", "xid"));
                }
                result.setBody(this.deleteUser(username));
                break;
        }
    } catch (Exception e) {
        result.exceptionCaught(e);
    }
    return result;
}
Also used : UserModel(com.infiniteautomation.mango.rest.latest.model.user.UserModel) VoAction(com.infiniteautomation.mango.rest.latest.bulk.VoAction) UserIndividualResponse(com.infiniteautomation.mango.rest.latest.model.user.UserIndividualResponse) BadRequestException(com.infiniteautomation.mango.rest.latest.exception.BadRequestException) TranslatableMessage(com.serotonin.m2m2.i18n.TranslatableMessage) BadRequestException(com.infiniteautomation.mango.rest.latest.exception.BadRequestException) AbstractRestException(com.infiniteautomation.mango.rest.latest.exception.AbstractRestException) PermissionException(com.serotonin.m2m2.vo.permission.PermissionException)

Example 54 with PermissionHolder

use of com.serotonin.m2m2.vo.permission.PermissionHolder in project ma-modules-public by infiniteautomation.

the class SystemActionRestController method performAction.

@ApiOperation(value = "Perform an Action", notes = "Kicks off action and returns temporary URL for status")
@ApiResponses({ @ApiResponse(code = 500, message = "Internal error", response = ResponseEntity.class), @ApiResponse(code = 404, message = "Not Found", response = ResponseEntity.class) })
@RequestMapping(method = RequestMethod.PUT, value = "/trigger/{action}")
public ResponseEntity<SystemActionTemporaryResource> performAction(@ApiParam(value = "Valid System Action", required = true, allowMultiple = false) @PathVariable String action, @ApiParam(value = "Input for task", required = false, allowMultiple = false) @RequestBody(required = false) JsonNode input, @RequestParam(required = false, defaultValue = "12000000") Long timeout, @AuthenticationPrincipal PermissionHolder user, UriComponentsBuilder builder) {
    // Kick off action
    SystemActionDefinition def = ModuleRegistry.getSystemActionDefinition(action);
    if (def == null)
        throw new NotFoundRestException();
    String resourceId = resources.generateResourceId();
    SystemActionTemporaryResource resource = new SystemActionTemporaryResource(resourceId, def.getTask(user, input), resources, new Date(System.currentTimeMillis() + timeout));
    // Resource can live for up to 10 minutes (TODO Configurable?)
    resources.put(resourceId, resource);
    URI location = builder.path("/actions/status/{resourceId}").buildAndExpand(resourceId).toUri();
    HttpHeaders headers = new HttpHeaders();
    headers.setLocation(location);
    return new ResponseEntity<>(resource, headers, HttpStatus.OK);
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) NotFoundRestException(com.infiniteautomation.mango.rest.latest.exception.NotFoundRestException) ResponseEntity(org.springframework.http.ResponseEntity) SystemActionTemporaryResource(com.infiniteautomation.mango.rest.latest.util.SystemActionTemporaryResource) URI(java.net.URI) Date(java.util.Date) SystemActionDefinition(com.serotonin.m2m2.module.SystemActionDefinition) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 55 with PermissionHolder

use of com.serotonin.m2m2.vo.permission.PermissionHolder in project ma-modules-public by infiniteautomation.

the class WorkItemRestController method getWorkItemsByPriority.

@ApiOperation(value = "Get list of work items by classname", notes = "Returns the Work Item specified by the given classname and priority")
@RequestMapping(method = RequestMethod.GET, value = "/by-priority/{priority}")
public List<WorkItemInfo> getWorkItemsByPriority(@ApiParam(value = "priority", required = true, allowMultiple = false) @PathVariable String priority, @RequestParam(value = "classname", required = false, defaultValue = "") String classname, @AuthenticationPrincipal PermissionHolder user) {
    permissionService.ensureAdminRole(user);
    List<WorkItemInfo> list;
    if (priority.equalsIgnoreCase("HIGH")) {
        list = Common.backgroundProcessing.getHighPriorityServiceItems();
    } else if (priority.equalsIgnoreCase("MEDIUM")) {
        list = Common.backgroundProcessing.getMediumPriorityServiceQueueItems();
    } else if (priority.equalsIgnoreCase("LOW")) {
        list = Common.backgroundProcessing.getLowPriorityServiceQueueItems();
    } else {
        ProcessResult result = new ProcessResult();
        result.addContextualMessage("priority", "validate.invalidValue");
        throw new ValidationException(result);
    }
    // Filter if we need to
    if (StringUtils.isNotEmpty(classname)) {
        List<WorkItemInfo> modelList = new ArrayList<>();
        for (WorkItemInfo model : list) {
            if (model.getClassname().equalsIgnoreCase(classname)) {
                modelList.add(model);
            }
        }
        return modelList;
    } else {
        return list;
    }
}
Also used : ValidationException(com.infiniteautomation.mango.util.exception.ValidationException) ProcessResult(com.serotonin.m2m2.i18n.ProcessResult) ArrayList(java.util.ArrayList) WorkItemInfo(com.infiniteautomation.mango.util.WorkItemInfo) ApiOperation(io.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

PermissionHolder (com.serotonin.m2m2.vo.permission.PermissionHolder)120 ApiOperation (io.swagger.annotations.ApiOperation)97 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)97 TranslatableMessage (com.serotonin.m2m2.i18n.TranslatableMessage)64 ResponseEntity (org.springframework.http.ResponseEntity)53 HttpHeaders (org.springframework.http.HttpHeaders)50 URI (java.net.URI)48 ArrayList (java.util.ArrayList)37 DataPointVO (com.serotonin.m2m2.vo.DataPointVO)34 ProcessResult (com.serotonin.m2m2.i18n.ProcessResult)29 List (java.util.List)27 User (com.serotonin.m2m2.vo.User)25 NotFoundException (com.infiniteautomation.mango.util.exception.NotFoundException)24 PermissionException (com.serotonin.m2m2.vo.permission.PermissionException)24 BadRequestException (com.infiniteautomation.mango.rest.latest.exception.BadRequestException)19 HashMap (java.util.HashMap)19 ValidationException (com.infiniteautomation.mango.util.exception.ValidationException)18 Common (com.serotonin.m2m2.Common)18 Collectors (java.util.stream.Collectors)17 Role (com.serotonin.m2m2.vo.role.Role)16