Examples with Permissions com.serotonin.m2m2.vo.permission.Permissions used on opensource projects

Search in sources :

Example 26 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class SystemMetricsRestController method get.

@ApiOperation(value = "Get the current value for one System Metric by its ID", notes = "")
@RequestMapping(method = RequestMethod.GET, produces = { "application/json" }, value = "/{id}")
public ResponseEntity<ValueMonitor<?>> get(@ApiParam(value = "Valid Monitor id", required = true, allowMultiple = false) @PathVariable String id, HttpServletRequest request) {
    RestProcessResult<ValueMonitor<?>> result = new RestProcessResult<ValueMonitor<?>>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        // Check Permissions
        String permissions = SystemSettingsDao.getValue(internalMetricsPermission);
        if (Permissions.hasPermission(user, permissions)) {
            List<ValueMonitor<?>> values = Common.MONITORED_VALUES.getMonitors();
            ValueMonitor<?> value = null;
            for (ValueMonitor<?> v : values) {
                if (v.getId().equals(id)) {
                    value = v;
                    break;
                }
            }
            if (value != null)
                return result.createResponseEntity(value);
            else {
                result.addRestMessage(getDoesNotExistMessage());
            }
        } else {
            result.addRestMessage(getUnauthorizedMessage());
        }
    }
    return result.createResponseEntity();
}
Also used : RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) User(com.serotonin.m2m2.vo.User) ValueMonitor(com.infiniteautomation.mango.monitor.ValueMonitor) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 27 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class DataPointRestController method getDataPointById.

@ApiOperation(value = "Get data point by ID", notes = "Returned as CSV or JSON, only points that user has read permission to are returned")
@RequestMapping(method = RequestMethod.GET, produces = { "application/json", "text/csv", "application/sero-json" }, value = "/by-id/{id}")
public ResponseEntity<DataPointModel> getDataPointById(@ApiParam(value = "Valid Data Point ID", required = true, allowMultiple = false) @PathVariable int id, HttpServletRequest request) {
    RestProcessResult<DataPointModel> result = new RestProcessResult<DataPointModel>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        DataPointVO vo = DataPointDao.instance.get(id);
        if (vo == null) {
            result.addRestMessage(getDoesNotExistMessage());
            return result.createResponseEntity();
        }
        // Check permissions
        try {
            if (Permissions.hasDataPointReadPermission(user, vo))
                return result.createResponseEntity(new DataPointModel(vo));
            else {
                LOG.warn("User: " + user.getUsername() + " tried to access data point with xid " + vo.getXid());
                result.addRestMessage(getUnauthorizedMessage());
                return result.createResponseEntity();
            }
        } catch (PermissionException e) {
            LOG.warn(e.getMessage(), e);
            result.addRestMessage(getUnauthorizedMessage());
            return result.createResponseEntity();
        }
    }
    return result.createResponseEntity();
}
Also used : DataPointVO(com.serotonin.m2m2.vo.DataPointVO) PermissionException(com.serotonin.m2m2.vo.permission.PermissionException) RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) DataPointModel(com.serotonin.m2m2.web.mvc.rest.v1.model.DataPointModel) User(com.serotonin.m2m2.vo.User) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 28 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class DataPointRestController method getDataPoint.

@ApiOperation(value = "Get data point by XID", notes = "Returned as CSV or JSON, only points that user has read permission to are returned")
@RequestMapping(method = RequestMethod.GET, produces = { "application/json", "text/csv", "application/sero-json" }, value = "/{xid}")
public ResponseEntity<DataPointModel> getDataPoint(@ApiParam(value = "Valid Data Point XID", required = true, allowMultiple = false) @PathVariable String xid, HttpServletRequest request) {
    RestProcessResult<DataPointModel> result = new RestProcessResult<DataPointModel>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        DataPointVO vo = DataPointDao.instance.getByXid(xid);
        if (vo == null) {
            result.addRestMessage(getDoesNotExistMessage());
            return result.createResponseEntity();
        }
        // Check permissions
        try {
            if (Permissions.hasDataPointReadPermission(user, vo))
                return result.createResponseEntity(new DataPointModel(vo));
            else {
                LOG.warn("User: " + user.getUsername() + " tried to access data point with xid " + vo.getXid());
                result.addRestMessage(getUnauthorizedMessage());
                return result.createResponseEntity();
            }
        } catch (PermissionException e) {
            LOG.warn(e.getMessage(), e);
            result.addRestMessage(getUnauthorizedMessage());
            return result.createResponseEntity();
        }
    }
    return result.createResponseEntity();
}
Also used : DataPointVO(com.serotonin.m2m2.vo.DataPointVO) PermissionException(com.serotonin.m2m2.vo.permission.PermissionException) RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) DataPointModel(com.serotonin.m2m2.web.mvc.rest.v1.model.DataPointModel) User(com.serotonin.m2m2.vo.User) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 29 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class DataPointRestController method bulkApplyReadPermissions.

@ApiOperation(value = "Bulk Update Read Permissions", notes = "", response = Long.class)
@RequestMapping(method = RequestMethod.POST, consumes = { "application/json" }, produces = { "application/json" }, value = "/bulk-apply-read-permissions")
public ResponseEntity<Long> bulkApplyReadPermissions(@ApiParam(value = "Permissions", required = true) @RequestBody(required = true) String permissions, HttpServletRequest request) {
    RestProcessResult<Long> result = new RestProcessResult<Long>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        if (!user.isAdmin()) {
            LOG.warn("User " + user.getUsername() + " attempted to set bulk permissions");
            result.addRestMessage(getUnauthorizedMessage());
            return result.createResponseEntity();
        }
        try {
            ASTNode node = parseRQLtoAST(request.getQueryString());
            long changed = this.dao.bulkUpdatePermissions(node, permissions, false);
            return result.createResponseEntity(changed);
        } catch (InvalidRQLRestException e) {
            LOG.error(e.getMessage(), e);
            result.addRestMessage(getInternalServerErrorMessage(e.getMessage()));
            return result.createResponseEntity();
        }
    }
    return result.createResponseEntity();
}
Also used : RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) User(com.serotonin.m2m2.vo.User) InvalidRQLRestException(com.infiniteautomation.mango.rest.v2.exception.InvalidRQLRestException) ASTNode(net.jazdw.rql.parser.ASTNode) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 30 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class DataPointRestController method queryRQL.

@ApiOperation(value = "Query Data Points", notes = "Use RQL formatted query", response = DataPointModel.class, responseContainer = "List")
@RequestMapping(method = RequestMethod.GET, produces = { "application/json" })
public ResponseEntity<QueryDataPageStream<DataPointVO>> queryRQL(HttpServletRequest request) {
    RestProcessResult<QueryDataPageStream<DataPointVO>> result = new RestProcessResult<QueryDataPageStream<DataPointVO>>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        try {
            ASTNode node = parseRQLtoAST(request.getQueryString());
            if (user.isAdmin()) {
                // Admin Users Don't need to filter the results
                return result.createResponseEntity(getPageStream(node));
            } else {
                // Limit our results based on the fact that our permissions should be in the permissions strings
                node = addPermissionsFilter(node, user);
                DataPointStreamCallback callback = new DataPointStreamCallback(this, user);
                FilteredPageQueryStream<DataPointVO, DataPointModel, DataPointDao> stream = new FilteredPageQueryStream<DataPointVO, DataPointModel, DataPointDao>(DataPointDao.instance, this, node, callback);
                stream.setupQuery();
                return result.createResponseEntity(stream);
            }
        } catch (InvalidRQLRestException e) {
            LOG.error(e.getMessage(), e);
            result.addRestMessage(getInternalServerErrorMessage(e.getMessage()));
            return result.createResponseEntity();
        }
    }
    return result.createResponseEntity();
}
Also used : DataPointVO(com.serotonin.m2m2.vo.DataPointVO) RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) DataPointStreamCallback(com.serotonin.m2m2.web.mvc.rest.v1.model.dataPoint.DataPointStreamCallback) QueryDataPageStream(com.serotonin.m2m2.web.mvc.rest.v1.model.QueryDataPageStream) DataPointModel(com.serotonin.m2m2.web.mvc.rest.v1.model.DataPointModel) User(com.serotonin.m2m2.vo.User) DataPointDao(com.serotonin.m2m2.db.dao.DataPointDao) InvalidRQLRestException(com.infiniteautomation.mango.rest.v2.exception.InvalidRQLRestException) ASTNode(net.jazdw.rql.parser.ASTNode) FilteredPageQueryStream(com.serotonin.m2m2.web.mvc.rest.v1.model.FilteredPageQueryStream) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

User (com.serotonin.m2m2.vo.User)61 ApiOperation (com.wordnik.swagger.annotations.ApiOperation)43 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)43 DataPointVO (com.serotonin.m2m2.vo.DataPointVO)40 RestProcessResult (com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult)36 ArrayList (java.util.ArrayList)27 TranslatableMessage (com.serotonin.m2m2.i18n.TranslatableMessage)20 PermissionException (com.serotonin.m2m2.vo.permission.PermissionException)17 DwrPermission (com.serotonin.m2m2.web.dwr.util.DwrPermission)16 NotFoundRestException (com.infiniteautomation.mango.rest.v2.exception.NotFoundRestException)15 HashMap (java.util.HashMap)15 List (java.util.List)14 ProcessResult (com.serotonin.m2m2.i18n.ProcessResult)10 ASTNode (net.jazdw.rql.parser.ASTNode)10 PointValueTime (com.serotonin.m2m2.rt.dataImage.PointValueTime)9 RestValidationFailedException (com.serotonin.m2m2.web.mvc.rest.v1.exception.RestValidationFailedException)8 DataPointModel (com.serotonin.m2m2.web.mvc.rest.v1.model.DataPointModel)8 URI (java.net.URI)8 Map (java.util.Map)8 ResponseEntity (org.springframework.http.ResponseEntity)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial