Example 16 with PermissionHolder
use of com.serotonin.m2m2.vo.permission.PermissionHolder in project ma-modules-public by infiniteautomation.
the class PublishersWithoutPointsRestController method exportQuery.
@ApiOperation(value = "Export formatted for Configuration Import by supplying an RQL query", notes = "User must have read permission")
@RequestMapping(method = RequestMethod.GET, value = "/export", produces = MediaTypes.SEROTONIN_JSON_VALUE)
public Map<String, JsonStreamedArray> exportQuery(HttpServletRequest request, @AuthenticationPrincipal PermissionHolder user) {
ASTNode rql = RQLUtils.parseRQLtoAST(request.getQueryString());
Map<String, JsonStreamedArray> export = new HashMap<>();
if (permissionService.hasAdminRole(user)) {
export.put("publishers", new StreamedSeroJsonVORqlQuery<>(service, rql, null, null, null));
} else {
export.put("publishers", new StreamedSeroJsonVORqlQuery<>(service, rql, null, null, null, vo -> service.hasReadPermission(user, vo)));
}
return export;
}
Also used :
PathVariable(org.springframework.web.bind.annotation.PathVariable)
UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder)
RequestParam(org.springframework.web.bind.annotation.RequestParam)
BiFunction(java.util.function.BiFunction)
StreamedVORqlQueryWithTotal(com.infiniteautomation.mango.rest.latest.model.StreamedVORqlQueryWithTotal)
ApiParam(io.swagger.annotations.ApiParam)
Autowired(org.springframework.beans.factory.annotation.Autowired)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
HashMap(java.util.HashMap)
PublisherService(com.infiniteautomation.mango.spring.service.PublisherService)
PermissionHolder(com.serotonin.m2m2.vo.permission.PermissionHolder)
PublisherVO(com.serotonin.m2m2.vo.publish.PublisherVO)
RestModelMapper(com.infiniteautomation.mango.rest.latest.model.RestModelMapper)
PatchVORequestBody(com.infiniteautomation.mango.rest.latest.patch.PatchVORequestBody)
LinkedHashMap(java.util.LinkedHashMap)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
ApiOperation(io.swagger.annotations.ApiOperation)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Map(java.util.Map)
StreamedArrayWithTotal(com.infiniteautomation.mango.rest.latest.model.StreamedArrayWithTotal)
Api(io.swagger.annotations.Api)
URI(java.net.URI)
HttpHeaders(org.springframework.http.HttpHeaders)
RQLUtils(com.infiniteautomation.mango.util.RQLUtils)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
RestController(org.springframework.web.bind.annotation.RestController)
JsonStreamedArray(com.serotonin.json.type.JsonStreamedArray)
HttpStatus(org.springframework.http.HttpStatus)
StreamedSeroJsonVORqlQuery(com.infiniteautomation.mango.rest.latest.model.StreamedSeroJsonVORqlQuery)
ASTNode(net.jazdw.rql.parser.ASTNode)
AuthenticationPrincipal(org.springframework.security.core.annotation.AuthenticationPrincipal)
MediaTypes(com.serotonin.m2m2.web.MediaTypes)
ResponseEntity(org.springframework.http.ResponseEntity)
AbstractPublisherModel(com.infiniteautomation.mango.rest.latest.model.publisher.AbstractPublisherModel)
Collections(java.util.Collections)
PermissionService(com.infiniteautomation.mango.spring.service.PermissionService)
PublishedPointService(com.infiniteautomation.mango.spring.service.PublishedPointService)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
ASTNode(net.jazdw.rql.parser.ASTNode)
JsonStreamedArray(com.serotonin.json.type.JsonStreamedArray)
ApiOperation(io.swagger.annotations.ApiOperation)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 17 with PermissionHolder
use of com.serotonin.m2m2.vo.permission.PermissionHolder in project ma-modules-public by infiniteautomation.
the class RoleRestController method update.
@ApiOperation(value = "Update a Role List", notes = "Admin only")
@RequestMapping(method = RequestMethod.PUT, value = "/{xid}")
public ResponseEntity<RoleModel> update(@ApiParam(value = "XID of Role to update", required = true, allowMultiple = false) @PathVariable String xid, @ApiParam(value = "Role List of update", required = true, allowMultiple = false) @RequestBody RoleModel model, @AuthenticationPrincipal PermissionHolder user, UriComponentsBuilder builder) {
RoleVO vo = service.update(xid, mapping.unmap(model, user, mapper));
URI location = builder.path("/roles/{xid}").buildAndExpand(vo.getXid()).toUri();
HttpHeaders headers = new HttpHeaders();
headers.setLocation(location);
return new ResponseEntity<>(mapping.map(vo, user, mapper), headers, HttpStatus.OK);
}
Also used :
HttpHeaders(org.springframework.http.HttpHeaders)
ResponseEntity(org.springframework.http.ResponseEntity)
RoleVO(com.serotonin.m2m2.vo.role.RoleVO)
URI(java.net.URI)
ApiOperation(io.swagger.annotations.ApiOperation)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 18 with PermissionHolder
use of com.serotonin.m2m2.vo.permission.PermissionHolder in project ma-modules-public by infiniteautomation.
the class RoleRestController method partialUpdate.
@ApiOperation(value = "Partially update a Role", notes = "Admin only")
@RequestMapping(method = RequestMethod.PATCH, value = "/{xid}")
public ResponseEntity<RoleModel> partialUpdate(@PathVariable String xid, @ApiParam(value = "Updated role", required = true) @PatchVORequestBody(service = RoleService.class, modelClass = RoleModel.class) RoleModel model, @AuthenticationPrincipal PermissionHolder user, UriComponentsBuilder builder) {
RoleVO vo = service.update(xid, mapping.unmap(model, user, mapper));
URI location = builder.path("/roles/{xid}").buildAndExpand(vo.getXid()).toUri();
HttpHeaders headers = new HttpHeaders();
headers.setLocation(location);
return new ResponseEntity<>(mapping.map(vo, user, mapper), headers, HttpStatus.OK);
}
Also used :
HttpHeaders(org.springframework.http.HttpHeaders)
ResponseEntity(org.springframework.http.ResponseEntity)
RoleVO(com.serotonin.m2m2.vo.role.RoleVO)
URI(java.net.URI)
ApiOperation(io.swagger.annotations.ApiOperation)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 19 with PermissionHolder
use of com.serotonin.m2m2.vo.permission.PermissionHolder in project ma-modules-public by infiniteautomation.
the class ScriptRestController method evalScript.
@Async
@ApiOperation(value = "Evaluate a filestore file as a script on the backend using a scripting engine")
@RequestMapping(method = RequestMethod.POST, value = "/eval-file-store/{fileStoreName}/**")
public CompletableFuture<Void> evalScript(@ApiParam(value = "File store name", required = true) @PathVariable(required = true) String fileStoreName, @ApiParam(value = "Script engine name", required = false) @RequestParam(required = false) String engineName, @ApiParam(value = "Script file character set", required = false, defaultValue = "UTF-8") @RequestParam(required = false, defaultValue = "UTF-8") String fileCharset, @ApiParam(value = "Script roles", required = false, allowMultiple = true) @RequestParam(required = false) String[] roles, @ApiIgnore @RemainingPath String path, @AuthenticationPrincipal PermissionHolder user, HttpServletRequest request, HttpServletResponse response) throws IOException {
Path filePath = fileStoreService.getPathForRead(fileStoreName, path);
if (!Files.exists(filePath)) {
throw new NotFoundException();
}
if (engineName == null) {
engineName = scriptService.findEngineForFile(filePath);
}
Charset fileCharsetParsed = Charset.forName(fileCharset);
Set<Role> roleSet;
if (roles != null) {
roleSet = Arrays.stream(roles).map(xid -> this.roleService.get(xid).getRole()).collect(Collectors.toSet());
} else {
roleSet = user.getRoles();
}
EvalContext evalContext = new EvalContext();
Reader reader = new BufferedReader(new InputStreamReader(request.getInputStream(), Charset.forName(request.getCharacterEncoding())));
Writer writer = new OutputStreamWriter(response.getOutputStream(), Charset.forName(response.getCharacterEncoding()));
evalContext.setReader(reader);
evalContext.setWriter(writer);
evalContext.addBinding("reader", reader);
evalContext.addBinding("writer", writer);
if (permissionService.hasPermission(user, requestResponsePermission.getPermission())) {
evalContext.addBinding("request", request);
evalContext.addBinding("response", response);
}
this.scriptService.eval(new PathMangoScript(engineName, roleSet, filePath, fileCharsetParsed), evalContext);
return CompletableFuture.completedFuture(null);
}
Also used :
Path(java.nio.file.Path)
RemainingPath(com.infiniteautomation.mango.rest.latest.resolver.RemainingPath)
Role(com.serotonin.m2m2.vo.role.Role)
InputStreamReader(java.io.InputStreamReader)
EvalContext(com.infiniteautomation.mango.spring.script.EvalContext)
BufferedReader(java.io.BufferedReader)
NotFoundException(com.infiniteautomation.mango.util.exception.NotFoundException)
Charset(java.nio.charset.Charset)
Reader(java.io.Reader)
InputStreamReader(java.io.InputStreamReader)
BufferedReader(java.io.BufferedReader)
PathMangoScript(com.infiniteautomation.mango.spring.script.PathMangoScript)
OutputStreamWriter(java.io.OutputStreamWriter)
OutputStreamWriter(java.io.OutputStreamWriter)
Writer(java.io.Writer)
Async(org.springframework.scheduling.annotation.Async)
ApiOperation(io.swagger.annotations.ApiOperation)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 20 with PermissionHolder
use of com.serotonin.m2m2.vo.permission.PermissionHolder in project ma-modules-public by infiniteautomation.
the class MailingListRestController method create.
@ApiOperation(value = "Create a Mailing List", notes = "Requires global Create Mailing List privileges", response = MailingListWithRecipientsModel.class)
@RequestMapping(method = RequestMethod.POST)
public ResponseEntity<MailingListModel> create(@RequestBody MailingListWithRecipientsModel model, @ApiParam(value = "User", required = true) @AuthenticationPrincipal PermissionHolder user, UriComponentsBuilder builder) {
MailingList vo = service.insert(mapping.unmap(model, user, mapper));
URI location = builder.path("/mailing-lists/{xid}").buildAndExpand(vo.getXid()).toUri();
HttpHeaders headers = new HttpHeaders();
headers.setLocation(location);
return new ResponseEntity<>(mapping.map(vo, user, mapper), headers, HttpStatus.OK);
}
Also used :
HttpHeaders(org.springframework.http.HttpHeaders)
ResponseEntity(org.springframework.http.ResponseEntity)
MailingList(com.serotonin.m2m2.vo.mailingList.MailingList)
URI(java.net.URI)
ApiOperation(io.swagger.annotations.ApiOperation)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
PermissionHolder (com.serotonin.m2m2.vo.permission.PermissionHolder)120
ApiOperation (io.swagger.annotations.ApiOperation)97
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)97
TranslatableMessage (com.serotonin.m2m2.i18n.TranslatableMessage)64
ResponseEntity (org.springframework.http.ResponseEntity)53
HttpHeaders (org.springframework.http.HttpHeaders)50
URI (java.net.URI)48
ArrayList (java.util.ArrayList)37
DataPointVO (com.serotonin.m2m2.vo.DataPointVO)34
ProcessResult (com.serotonin.m2m2.i18n.ProcessResult)29
List (java.util.List)27
User (com.serotonin.m2m2.vo.User)25
NotFoundException (com.infiniteautomation.mango.util.exception.NotFoundException)24
PermissionException (com.serotonin.m2m2.vo.permission.PermissionException)24
BadRequestException (com.infiniteautomation.mango.rest.latest.exception.BadRequestException)19
HashMap (java.util.HashMap)19
ValidationException (com.infiniteautomation.mango.util.exception.ValidationException)18
Common (com.serotonin.m2m2.Common)18
Collectors (java.util.stream.Collectors)17
Role (com.serotonin.m2m2.vo.role.Role)16
