Search in sources :

Example 61 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class DataPointRestController method copy.

@ApiOperation(value = "Copy data point", notes = "Copy the data point with optional new XID and Name and enable/disable state (default disabled)")
@RequestMapping(method = RequestMethod.PUT, value = "/copy/{xid}", produces = { "application/json" })
public ResponseEntity<DataPointModel> copy(@PathVariable String xid, @ApiParam(value = "Copy's new XID", required = false, defaultValue = "null", allowMultiple = false) @RequestParam(required = false, defaultValue = "null") String copyXid, @ApiParam(value = "Copy's name", required = false, defaultValue = "null", allowMultiple = false) @RequestParam(required = false, defaultValue = "null") String copyName, @ApiParam(value = "Enable/disabled state", required = false, defaultValue = "false", allowMultiple = false) @RequestParam(required = false, defaultValue = "false") boolean enabled, UriComponentsBuilder builder, HttpServletRequest request) {
    RestProcessResult<DataPointModel> result = new RestProcessResult<DataPointModel>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        DataPointVO existing = this.dao.getByXid(xid);
        if (existing == null) {
            result.addRestMessage(getDoesNotExistMessage());
            return result.createResponseEntity();
        }
        // Check permissions
        try {
            if (!Permissions.hasDataSourcePermission(user, existing.getDataSourceId())) {
                result.addRestMessage(getUnauthorizedMessage());
                return result.createResponseEntity();
            }
        } catch (PermissionException e) {
            LOG.warn(e.getMessage(), e);
            result.addRestMessage(getUnauthorizedMessage());
            return result.createResponseEntity();
        }
        // Determine the new name
        String name;
        if (StringUtils.isEmpty(copyName))
            name = StringUtils.abbreviate(TranslatableMessage.translate(Common.getTranslations(), "common.copyPrefix", existing.getName()), 40);
        else
            name = copyName;
        // Determine the new xid
        String newXid;
        if (StringUtils.isEmpty(copyXid))
            newXid = dao.generateUniqueXid();
        else
            newXid = copyXid;
        // Setup the Copy
        DataPointVO copy = existing.copy();
        copy.setId(Common.NEW_ID);
        copy.setName(name);
        copy.setXid(newXid);
        copy.setEnabled(enabled);
        copy.getComments().clear();
        // Copy the event detectors
        for (AbstractPointEventDetectorVO<?> ped : copy.getEventDetectors()) {
            ped.setId(Common.NEW_ID);
            ped.njbSetDataPoint(copy);
        }
        ProcessResult validation = new ProcessResult();
        copy.validate(validation);
        DataPointModel model = new DataPointModel(copy);
        if (model.validate()) {
            Common.runtimeManager.saveDataPoint(copy);
        } else {
            result.addRestMessage(this.getValidationFailedError());
            return result.createResponseEntity(model);
        }
        // Put a link to the updated data in the header?
        URI location = builder.path("/v1/data-points/{xid}").buildAndExpand(copy.getXid()).toUri();
        result.addRestMessage(getResourceUpdatedMessage(location));
        return result.createResponseEntity(model);
    }
    // Not logged in
    return result.createResponseEntity();
}
Also used : DataPointVO(com.serotonin.m2m2.vo.DataPointVO) PermissionException(com.serotonin.m2m2.vo.permission.PermissionException) RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) DataPointModel(com.serotonin.m2m2.web.mvc.rest.v1.model.DataPointModel) User(com.serotonin.m2m2.vo.User) RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) ProcessResult(com.serotonin.m2m2.i18n.ProcessResult) URI(java.net.URI) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 62 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class DataPointRestController method saveDataPoints.

@ApiOperation(value = "Insert/Update multiple data points", notes = "CSV content must be limited to 1 type of data source.")
@RequestMapping(method = RequestMethod.PUT, consumes = { "application/json;charset=UTF-8", "text/csv;charset=UTF-8" }, produces = { "application/json", "application/sero-json" })
public ResponseEntity<List<DataPointModel>> saveDataPoints(@ApiParam(value = "List of updated data point models", required = true) @RequestBody(required = true) List<DataPointModel> models, UriComponentsBuilder builder, HttpServletRequest request) {
    RestProcessResult<List<DataPointModel>> result = new RestProcessResult<List<DataPointModel>>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        boolean contentTypeCsv = false;
        if (request.getContentType().toLowerCase().contains("text/csv"))
            contentTypeCsv = true;
        DataPointModel first;
        DataSourceVO<?> ds = null;
        if (models.size() > 0) {
            first = models.get(0);
            ds = DataSourceDao.instance.getByXid(first.getDataSourceXid());
        }
        for (DataPointModel model : models) {
            DataPointVO vo = model.getData();
            DataSourceVO<?> myDataSource = DataSourceDao.instance.getByXid(vo.getDataSourceXid());
            if (myDataSource == null) {
                model.addValidationMessage("validate.invalidReference", RestMessageLevel.ERROR, "dataSourceXid");
                continue;
            }
            // If we don't have a reference data source we need to set one
            if (ds == null) {
                ds = myDataSource;
            }
            // First check to see that the data source types match
            if (!ds.getDefinition().getDataSourceTypeName().equals(myDataSource.getDefinition().getDataSourceTypeName())) {
                model.addValidationMessage("validate.incompatibleDataSourceType", RestMessageLevel.ERROR, "dataSourceXid");
                continue;
            }
            // Set the ID for the data source
            vo.setDataSourceId(myDataSource.getId());
            // Are we a new one?
            DataPointVO existingDp = DataPointDao.instance.getByXid(vo.getXid());
            boolean updated = true;
            if (existingDp == null) {
                updated = false;
            } else {
                // Must Do this as ID is NOT in the model
                vo.setId(existingDp.getId());
                // Set all properties that are not in the template or the spreadsheet
                vo.setPointFolderId(existingDp.getPointFolderId());
                // Use ID to get detectors
                DataPointDao.instance.setEventDetectors(vo);
            }
            // Check permissions
            try {
                if (!Permissions.hasDataPointReadPermission(user, vo)) {
                    // TODO add what point
                    result.addRestMessage(getUnauthorizedMessage());
                    continue;
                }
            } catch (PermissionException e) {
                // TODO add what point
                result.addRestMessage(getUnauthorizedMessage());
                continue;
            }
            if (vo.getTextRenderer() == null) {
                vo.setTextRenderer(new PlainRenderer());
            }
            if (vo.getChartColour() == null) {
                vo.setChartColour("");
            }
            // Check the Template and see if we need to use it
            if (model.getTemplateXid() != null) {
                DataPointPropertiesTemplateVO template = (DataPointPropertiesTemplateVO) TemplateDao.instance.getByXid(model.getTemplateXid());
                if (template != null) {
                    template.updateDataPointVO(vo);
                    template.updateDataPointVO(model.getData());
                } else {
                    model.addValidationMessage("validate.invalidReference", RestMessageLevel.ERROR, "templateXid");
                    result.addRestMessage(new RestMessage(HttpStatus.NOT_ACCEPTABLE, new TranslatableMessage("emport.dataPoint.badReference", model.getTemplateXid())));
                    continue;
                }
            } else {
                // We need to update the various pieces
                if (updated) {
                    DataPointPropertiesTemplateVO tempTemplate = new DataPointPropertiesTemplateVO();
                    tempTemplate.updateTemplate(existingDp);
                    tempTemplate.updateDataPointVO(vo);
                    // Kludge to allow this template to not be our real template
                    vo.setTemplateId(null);
                } else {
                    if (contentTypeCsv) {
                        model.addValidationMessage("validate.required", RestMessageLevel.ERROR, "templateXid");
                        result.addRestMessage(this.getValidationFailedError());
                        continue;
                    }
                }
            }
            if (StringUtils.isEmpty(vo.getXid()))
                vo.setXid(DataPointDao.instance.generateUniqueXid());
            // allow empty string, but if its null use the data source name
            if (vo.getDeviceName() == null) {
                vo.setDeviceName(myDataSource.getName());
            }
            if (model.validate()) {
                if (updated)
                    model.addValidationMessage("common.updated", RestMessageLevel.INFORMATION, "all");
                else
                    model.addValidationMessage("common.saved", RestMessageLevel.INFORMATION, "all");
                // Save it
                Common.runtimeManager.saveDataPoint(vo);
            }
        }
        return result.createResponseEntity(models);
    }
    // Not logged in
    return result.createResponseEntity();
}
Also used : DataPointVO(com.serotonin.m2m2.vo.DataPointVO) PermissionException(com.serotonin.m2m2.vo.permission.PermissionException) DataPointModel(com.serotonin.m2m2.web.mvc.rest.v1.model.DataPointModel) User(com.serotonin.m2m2.vo.User) PlainRenderer(com.serotonin.m2m2.view.text.PlainRenderer) DataPointPropertiesTemplateVO(com.serotonin.m2m2.vo.template.DataPointPropertiesTemplateVO) RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) RestMessage(com.serotonin.m2m2.web.mvc.rest.v1.message.RestMessage) List(java.util.List) ArrayList(java.util.ArrayList) TranslatableMessage(com.serotonin.m2m2.i18n.TranslatableMessage) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 63 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class DataPointRestController method bulkClearSetPermissions.

@ApiOperation(value = "Bulk Clear Set Permissions", notes = "", response = Long.class)
@RequestMapping(method = RequestMethod.POST, consumes = { "application/json" }, produces = { "application/json" }, value = "/bulk-clear-set-permissions")
public ResponseEntity<Long> bulkClearSetPermissions(HttpServletRequest request) {
    RestProcessResult<Long> result = new RestProcessResult<Long>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        if (!user.isAdmin()) {
            LOG.warn("User " + user.getUsername() + " attempted to clear bulk permissions");
            result.addRestMessage(getUnauthorizedMessage());
            return result.createResponseEntity();
        }
        try {
            ASTNode node = parseRQLtoAST(request.getQueryString());
            long changed = this.dao.bulkClearPermissions(node, true);
            return result.createResponseEntity(changed);
        } catch (InvalidRQLRestException e) {
            LOG.error(e.getMessage(), e);
            result.addRestMessage(getInternalServerErrorMessage(e.getMessage()));
            return result.createResponseEntity();
        }
    }
    return result.createResponseEntity();
}
Also used : RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) User(com.serotonin.m2m2.vo.User) InvalidRQLRestException(com.infiniteautomation.mango.rest.v2.exception.InvalidRQLRestException) ASTNode(net.jazdw.rql.parser.ASTNode) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 64 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class DataPointRestController method bulkClearReadPermissions.

@ApiOperation(value = "Bulk Clear Read Permissions", notes = "", response = Long.class)
@RequestMapping(method = RequestMethod.POST, consumes = { "application/json" }, produces = { "application/json" }, value = "/bulk-clear-read-permissions")
public ResponseEntity<Long> bulkClearReadPermissions(HttpServletRequest request) {
    RestProcessResult<Long> result = new RestProcessResult<Long>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        if (!user.isAdmin()) {
            LOG.warn("User " + user.getUsername() + " attempted to clear bulk permissions");
            result.addRestMessage(getUnauthorizedMessage());
            return result.createResponseEntity();
        }
        try {
            ASTNode node = parseRQLtoAST(request.getQueryString());
            long changed = this.dao.bulkClearPermissions(node, false);
            return result.createResponseEntity(changed);
        } catch (InvalidRQLRestException e) {
            LOG.error(e.getMessage(), e);
            result.addRestMessage(getInternalServerErrorMessage(e.getMessage()));
            return result.createResponseEntity();
        }
    }
    return result.createResponseEntity();
}
Also used : RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) User(com.serotonin.m2m2.vo.User) InvalidRQLRestException(com.infiniteautomation.mango.rest.v2.exception.InvalidRQLRestException) ASTNode(net.jazdw.rql.parser.ASTNode) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 65 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class DataPointRestController method bulkApplySetPermissions.

@ApiOperation(value = "Bulk Update Set Permissions", notes = "", response = Long.class)
@RequestMapping(method = RequestMethod.POST, consumes = { "application/json" }, produces = { "application/json" }, value = "/bulk-apply-set-permissions")
public ResponseEntity<Long> bulkApplySetPermissions(@ApiParam(value = "Permissions", required = true) @RequestBody(required = true) String permissions, HttpServletRequest request) {
    RestProcessResult<Long> result = new RestProcessResult<Long>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        if (!user.isAdmin()) {
            LOG.warn("User " + user.getUsername() + " attempted to set bulk permissions");
            result.addRestMessage(getUnauthorizedMessage());
            return result.createResponseEntity();
        }
        try {
            ASTNode node = parseRQLtoAST(request.getQueryString());
            long changed = this.dao.bulkUpdatePermissions(node, permissions, true);
            return result.createResponseEntity(changed);
        } catch (InvalidRQLRestException e) {
            LOG.error(e.getMessage(), e);
            result.addRestMessage(getInternalServerErrorMessage(e.getMessage()));
            return result.createResponseEntity();
        }
    }
    return result.createResponseEntity();
}
Also used : RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) User(com.serotonin.m2m2.vo.User) InvalidRQLRestException(com.infiniteautomation.mango.rest.v2.exception.InvalidRQLRestException) ASTNode(net.jazdw.rql.parser.ASTNode) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

User (com.serotonin.m2m2.vo.User)61 ApiOperation (com.wordnik.swagger.annotations.ApiOperation)43 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)43 DataPointVO (com.serotonin.m2m2.vo.DataPointVO)40 RestProcessResult (com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult)36 ArrayList (java.util.ArrayList)27 TranslatableMessage (com.serotonin.m2m2.i18n.TranslatableMessage)20 PermissionException (com.serotonin.m2m2.vo.permission.PermissionException)17 DwrPermission (com.serotonin.m2m2.web.dwr.util.DwrPermission)16 NotFoundRestException (com.infiniteautomation.mango.rest.v2.exception.NotFoundRestException)15 HashMap (java.util.HashMap)15 List (java.util.List)14 ProcessResult (com.serotonin.m2m2.i18n.ProcessResult)10 ASTNode (net.jazdw.rql.parser.ASTNode)10 PointValueTime (com.serotonin.m2m2.rt.dataImage.PointValueTime)9 RestValidationFailedException (com.serotonin.m2m2.web.mvc.rest.v1.exception.RestValidationFailedException)8 DataPointModel (com.serotonin.m2m2.web.mvc.rest.v1.model.DataPointModel)8 URI (java.net.URI)8 Map (java.util.Map)8 ResponseEntity (org.springframework.http.ResponseEntity)7