use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.
the class FileStoreRestV2Controller method delete.
@ApiOperation(value = "Delete a file or directory")
@RequestMapping(method = RequestMethod.DELETE, produces = {}, value = "/{name}/**")
public ResponseEntity<Void> delete(@ApiParam(value = "Valid File Store name", required = true, allowMultiple = false) @PathVariable("name") String name, @ApiParam(value = "Recurisve delete of directory", required = false, defaultValue = "false", allowMultiple = false) @RequestParam(required = false, defaultValue = "false") boolean recursive, @AuthenticationPrincipal User user, HttpServletRequest request) throws IOException, HttpMediaTypeNotAcceptableException {
FileStoreDefinition def = ModuleRegistry.getFileStoreDefinition(name);
if (def == null)
throw new ResourceNotFoundException("File store: " + name);
// Check permissions
def.ensureStoreWritePermission(user);
File root = def.getRoot().getCanonicalFile();
String path = parsePath(request);
File file = new File(root, path).getCanonicalFile();
if (!file.toPath().startsWith(root.toPath())) {
throw new GenericRestException(HttpStatus.FORBIDDEN, new TranslatableMessage("filestore.belowRoot", path));
}
if (!file.exists())
throw new NotFoundRestException();
if (file.isDirectory() && recursive) {
FileUtils.deleteDirectory(file);
} else {
if (!file.delete()) {
throw new GenericRestException(HttpStatus.INTERNAL_SERVER_ERROR, new TranslatableMessage("filestore.errorDeletingFile"));
}
}
return new ResponseEntity<>(null, HttpStatus.OK);
}
use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.
the class PermissionsRestController method listPermissions.
@ApiOperation(value = "List permissions and their system setting keys")
@RequestMapping(method = RequestMethod.GET)
public ResponseEntity<List<PermissionDefinitionModel>> listPermissions() {
List<PermissionDefinitionModel> permissions = new ArrayList<>();
permissions.add(new PermissionDefinitionModel(SystemSettingsDao.PERMISSION_DATASOURCE, "systemSettings.permissions.datasourceManagement"));
for (PermissionDefinition def : ModuleRegistry.getDefinitions(PermissionDefinition.class)) {
permissions.add(new PermissionDefinitionModel(def));
}
return new ResponseEntity<>(permissions, HttpStatus.OK);
}
use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.
the class GraphicalView method validateUpdatedPermissions.
/**
* Validate permissions by:
*
* 1. Removed permissions must be in the user's groups
* 2. Added permissions must be in the user's groups
*
* @param existingPermissionsString - Previous permissions of object
* @param newPermissionsString - New permissions of object
* @param user - User who's permissions to compare to
* @param response - ProcessResult to add messages
* @param contextKey - context key for messages to be applied
* @return
*/
private boolean validateUpdatedPermissions(String existingPermissionsString, String newPermissionsString, User user, ProcessResult response, String contextKey) {
if (user == null) {
response.addContextualMessage(contextKey, "validate.invalidPermission", "No User Found");
return false;
}
// Track the result
boolean success = true;
// Explode the current permissions for comparison
Set<String> newPermissions = Permissions.explodePermissionGroups(newPermissionsString);
Set<String> existingPermissions = Permissions.explodePermissionGroups(existingPermissionsString);
// TODO add trim to the explode method?
for (String newPermission : newPermissions) {
newPermission = newPermission.trim();
if (StringUtils.isBlank(newPermission))
response.addMessage(contextKey, new TranslatableMessage("validate.cannotContainEmptyString"));
}
// Check that we are not removing a permission we do not have
for (String existingPermission : existingPermissions) {
if (!Permissions.hasPermission(user, existingPermission)) {
// Make sure it is in the new permissions
if (!newPermissions.contains(existingPermission)) {
success = false;
response.addMessage(contextKey, new TranslatableMessage("viewEdit.validate.ungrantedPermissionRemoved", existingPermission));
}
}
}
// they are assumed to be valid.
for (String newPermission : newPermissions) {
if (!existingPermissions.contains(newPermission)) {
// We didn't have this permission, validate it
if (!Permissions.hasPermission(user, newPermission)) {
success = false;
response.addContextualMessage(contextKey, "validate.invalidPermission", newPermission);
}
}
}
return success;
}
use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.
the class GraphicalView method validate.
public void validate(ProcessResult response) {
if (StringUtils.isBlank(name))
response.addMessage("name", new TranslatableMessage("validate.required"));
else if (StringValidation.isLengthGreaterThan(name, 100))
response.addMessage("name", new TranslatableMessage("validate.notLongerThan", 100));
if (StringUtils.isBlank(xid))
response.addMessage("xid", new TranslatableMessage("validate.required"));
else if (StringValidation.isLengthGreaterThan(xid, 50))
response.addMessage("xid", new TranslatableMessage("validate.notLongerThan", 50));
else if (!new GraphicalViewDao().isXidUnique(xid, id))
response.addMessage("xid", new TranslatableMessage("validate.xidUsed"));
for (ViewComponent vc : viewComponents) vc.validate(response);
// Validate the permissions
User user = Common.getUser();
GraphicalView existingView = null;
if (this.id != Common.NEW_ID) {
existingView = new GraphicalViewDao().getView(id);
}
if (existingView == null) {
Permissions.validateAddedPermissions(this.readPermission, user, response, "readPermission");
Permissions.validateAddedPermissions(this.setPermission, user, response, "setPermission");
Permissions.validateAddedPermissions(this.editPermission, user, response, "editPermission");
} else {
// We are updating a view so only validate the new permissions, allow existing ones to remain and don't let
// the user remove permissions they do not have
this.readPermission = trimPermission(this.readPermission);
validateUpdatedPermissions(existingView.readPermission, this.readPermission, user, response, "readPermission");
this.setPermission = trimPermission(this.setPermission);
validateUpdatedPermissions(existingView.setPermission, this.setPermission, user, response, "setPermission");
this.editPermission = trimPermission(this.editPermission);
validateUpdatedPermissions(existingView.editPermission, this.editPermission, user, response, "editPermission");
}
}
use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.
the class ImageUploadServlet method doPost.
@SuppressWarnings("unchecked")
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {
if (ServletFileUpload.isMultipartContent(request)) {
User user = Common.getUser(request);
GraphicalView view = GraphicalViewsCommon.getUserEditView(user);
ServletFileUpload upload = new ServletFileUpload(new DiskFileItemFactory());
// Fail if we don't have permissions for this
if (!Permissions.hasPermission(user, SystemSettingsDao.getValue(GraphicalViewUploadPermissionDefinition.PERMISSION))) {
// The GraphicalViewDwr.clearBackground() method will notify the user of a failure so we can ignore them here
return;
}
List<FileItem> items;
try {
items = upload.parseRequest(request);
} catch (Exception e) {
throw new RuntimeException(e);
}
for (FileItem item : items) {
if ("backgroundImage".equals(item.getFieldName())) {
final DiskFileItem diskItem = (DiskFileItem) item;
try {
// will throw IOException if not supported or null if not an image
if (ImageIO.read(diskItem.getInputStream()) != null) {
// Create the path to the upload directory.
File dir = GraphicalViewsCommon.getUploadDir();
// Create the image file name.
String filename = GraphicalViewsCommon.getNextImageFilename(dir, diskItem.getName());
// Save the file.
FileOutputStream fos = new FileOutputStream(new File(dir, filename));
StreamUtils.transfer(diskItem.getInputStream(), fos);
fos.close();
view.setBackgroundFilename(ImageUploadServletDefinition.IMAGE_DIR + "/" + filename);
} else {
// Unsupported File Type
}
} catch (Exception e) {
// Unsupported Image Type
}
}
}
}
}
Aggregations