Examples with Permissions com.serotonin.m2m2.vo.permission.Permissions used on opensource projects

Search in sources :

Example 36 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class EventHandlerRestController method get.

@ApiOperation(value = "Get EventHandler by XID", notes = "EventType permission required")
@RequestMapping(method = RequestMethod.GET, produces = { "application/json", "application/sero-json" }, value = "/{xid}")
public ResponseEntity<AbstractEventHandlerModel<?>> get(@ApiParam(value = "Valid Eventh Handler XID", required = true, allowMultiple = false) @PathVariable String xid, HttpServletRequest request) {
    RestProcessResult<AbstractEventHandlerModel<?>> result = new RestProcessResult<AbstractEventHandlerModel<?>>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        AbstractEventHandlerVO<?> vo = EventHandlerDao.instance.getByXid(xid);
        if (vo == null) {
            result.addRestMessage(getDoesNotExistMessage());
            return result.createResponseEntity();
        } else {
            // Check Permissions
            if (Permissions.hasAdmin(user))
                return result.createResponseEntity(vo.asModel());
            else
                result.addRestMessage(HttpStatus.UNAUTHORIZED, new TranslatableMessage("permissions.accessDenied", user.getUsername(), SuperadminPermissionDefinition.GROUP_NAME));
        }
    }
    return result.createResponseEntity();
}
Also used : RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) User(com.serotonin.m2m2.vo.User) AbstractEventHandlerModel(com.serotonin.m2m2.web.mvc.rest.v1.model.events.handlers.AbstractEventHandlerModel) TranslatableMessage(com.serotonin.m2m2.i18n.TranslatableMessage) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 37 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class JsonDataRestController method getPublicData.

@ApiOperation(value = "Get Public JSON Data", notes = "Returns only the data")
@RequestMapping(method = RequestMethod.GET, value = "/public/{xid}")
public ResponseEntity<JsonDataModel> getPublicData(HttpServletRequest request, @ApiParam(value = "XID", required = true, allowMultiple = false) @PathVariable String xid) {
    RestProcessResult<JsonDataModel> result = new RestProcessResult<JsonDataModel>(HttpStatus.OK);
    JsonDataVO vo = JsonDataDao.instance.getByXid(xid);
    if (vo == null) {
        result.addRestMessage(getDoesNotExistMessage());
        return result.createResponseEntity();
    } else {
        // Check existing permissions
        if (!vo.isPublicData()) {
            result.addRestMessage(getUnauthorizedMessage());
            return result.createResponseEntity();
        } else {
            return result.createResponseEntity(new JsonDataModel(vo));
        }
    }
}
Also used : RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) JsonDataVO(com.serotonin.m2m2.vo.json.JsonDataVO) JsonDataModel(com.serotonin.m2m2.web.mvc.rest.v1.model.jsondata.JsonDataModel) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 38 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class JsonDataRestController method getDataWithPath.

@ApiOperation(value = "Get JSON Data using a path", notes = "To get a sub component of the data use a path of member.submember")
@RequestMapping(method = RequestMethod.GET, value = "/{xid}/{path:.*}")
public ResponseEntity<JsonDataModel> getDataWithPath(HttpServletRequest request, @ApiParam(value = "XID", required = true, allowMultiple = false) @PathVariable String xid, @ApiParam(value = "Data path using dots as separator", required = true, allowMultiple = false) @PathVariable String path) throws UnsupportedEncodingException {
    RestProcessResult<JsonDataModel> result = new RestProcessResult<JsonDataModel>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        JsonDataVO vo = JsonDataDao.instance.getByXid(xid);
        if (vo == null) {
            result.addRestMessage(getDoesNotExistMessage());
        } else {
            // Check existing permissions
            if (!Permissions.hasPermission(user, vo.getReadPermission())) {
                result.addRestMessage(getUnauthorizedMessage());
                return result.createResponseEntity();
            }
            String[] pathParts = splitAndDecodePath(path);
            if (pathParts.length == 0) {
                return result.createResponseEntity(new JsonDataModel(vo));
            } else {
                JsonNode data = (JsonNode) vo.getJsonData();
                JsonNode subNode = getNode(data, pathParts);
                vo.setJsonData(subNode);
                return result.createResponseEntity(new JsonDataModel(vo));
            }
        }
    }
    return result.createResponseEntity();
}
Also used : RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) User(com.serotonin.m2m2.vo.User) JsonDataVO(com.serotonin.m2m2.vo.json.JsonDataVO) JsonDataModel(com.serotonin.m2m2.web.mvc.rest.v1.model.jsondata.JsonDataModel) JsonNode(com.fasterxml.jackson.databind.JsonNode) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 39 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class JsonDataRestController method deletePartialJsonData.

@ApiOperation(value = "Partially Delete JSON Data", notes = "{path} is the path to data with dots data.member.submember", response = JsonDataModel.class)
@ApiResponses({ @ApiResponse(code = 201, message = "Data Deleted", response = JsonDataModel.class), @ApiResponse(code = 401, message = "Unauthorized Access", response = ResponseEntity.class), @ApiResponse(code = 403, message = "Data Doesn't Exists") })
@RequestMapping(method = RequestMethod.DELETE, value = "/{xid}/{path:.*}")
public ResponseEntity<JsonDataModel> deletePartialJsonData(@ApiParam(value = "XID", required = true, allowMultiple = false) @PathVariable String xid, @ApiParam(value = "Data path using dots as separator", required = true, allowMultiple = false) @PathVariable String path, UriComponentsBuilder builder, HttpServletRequest request) throws RestValidationFailedException {
    RestProcessResult<JsonDataModel> result = new RestProcessResult<JsonDataModel>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        JsonDataVO vo = this.dao.getByXid(xid);
        if (vo != null) {
            // Check existing permissions
            if (!Permissions.hasPermission(user, vo.getEditPermission())) {
                result.addRestMessage(getUnauthorizedMessage());
                return result.createResponseEntity();
            }
            JsonDataModel model = new JsonDataModel(vo);
            String[] pathParts;
            if (path == null || (pathParts = path.split("\\.")).length == 0) {
                // Delete the whole thing
                this.dao.delete(vo.getId());
            } else {
                // Delete something from the map
                JsonNode existingData = (JsonNode) vo.getJsonData();
                boolean deleted = deleteNode(existingData, pathParts);
                if (!deleted) {
                    result.addRestMessage(getDoesNotExistMessage());
                    return result.createResponseEntity();
                }
                if (!model.validate()) {
                    result.addRestMessage(this.getValidationFailedError());
                    return result.createResponseEntity(model);
                }
                try {
                    String initiatorId = request.getHeader("initiatorId");
                    this.dao.save(vo, initiatorId);
                } catch (Exception e) {
                    LOG.error(e.getMessage(), e);
                    result.addRestMessage(getInternalServerErrorMessage(e.getMessage()));
                }
            }
            return result.createResponseEntity(model);
        } else {
            result.addRestMessage(getDoesNotExistMessage());
        }
    }
    return result.createResponseEntity();
}
Also used : RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) User(com.serotonin.m2m2.vo.User) JsonDataVO(com.serotonin.m2m2.vo.json.JsonDataVO) JsonDataModel(com.serotonin.m2m2.web.mvc.rest.v1.model.jsondata.JsonDataModel) JsonNode(com.fasterxml.jackson.databind.JsonNode) BadRequestException(com.infiniteautomation.mango.rest.v2.exception.BadRequestException) RestValidationFailedException(com.serotonin.m2m2.web.mvc.rest.v1.exception.RestValidationFailedException) NotFoundRestException(com.infiniteautomation.mango.rest.v2.exception.NotFoundRestException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) ApiResponses(com.wordnik.swagger.annotations.ApiResponses) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 40 with Permissions

use of com.serotonin.m2m2.vo.permission.Permissions in project ma-modules-public by infiniteautomation.

the class JsonDataRestController method list.

@ApiOperation(value = "List all available xids", notes = "Shows any xids that you have read permissions for", response = List.class)
@RequestMapping(method = RequestMethod.GET)
public ResponseEntity<List<String>> list(HttpServletRequest request) {
    RestProcessResult<List<String>> result = new RestProcessResult<List<String>>(HttpStatus.OK);
    User user = this.checkUser(request, result);
    if (result.isOk()) {
        List<JsonDataVO> all = this.dao.getAll();
        List<String> available = new ArrayList<String>();
        for (JsonDataVO vo : all) {
            // Check existing permissions
            if (Permissions.hasPermission(user, vo.getReadPermission())) {
                available.add(vo.getXid());
            }
        }
        return result.createResponseEntity(available);
    }
    return result.createResponseEntity();
}
Also used : RestProcessResult(com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult) User(com.serotonin.m2m2.vo.User) JsonDataVO(com.serotonin.m2m2.vo.json.JsonDataVO) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

User (com.serotonin.m2m2.vo.User)61 ApiOperation (com.wordnik.swagger.annotations.ApiOperation)43 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)43 DataPointVO (com.serotonin.m2m2.vo.DataPointVO)40 RestProcessResult (com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult)36 ArrayList (java.util.ArrayList)27 TranslatableMessage (com.serotonin.m2m2.i18n.TranslatableMessage)20 PermissionException (com.serotonin.m2m2.vo.permission.PermissionException)17 DwrPermission (com.serotonin.m2m2.web.dwr.util.DwrPermission)16 NotFoundRestException (com.infiniteautomation.mango.rest.v2.exception.NotFoundRestException)15 HashMap (java.util.HashMap)15 List (java.util.List)14 ProcessResult (com.serotonin.m2m2.i18n.ProcessResult)10 ASTNode (net.jazdw.rql.parser.ASTNode)10 PointValueTime (com.serotonin.m2m2.rt.dataImage.PointValueTime)9 RestValidationFailedException (com.serotonin.m2m2.web.mvc.rest.v1.exception.RestValidationFailedException)8 DataPointModel (com.serotonin.m2m2.web.mvc.rest.v1.model.DataPointModel)8 URI (java.net.URI)8 Map (java.util.Map)8 ResponseEntity (org.springframework.http.ResponseEntity)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial