Example 1 with Select
use of org.openremote.model.asset.BaseAssetQuery.Select in project openremote by openremote.
the class AssetResourceImpl method queryPublicAssets.
@Override
public Asset[] queryPublicAssets(RequestParams requestParams, AssetQuery query) {
String requestRealm = getRequestRealm();
if (query == null || TextUtil.isNullOrEmpty(requestRealm)) {
return EMPTY_ASSETS;
}
// Force realm to be request realm
if (query.tenant == null) {
query.tenant(new TenantPredicate().realm(requestRealm));
} else {
query.tenant.realm = requestRealm;
}
// Force public access filter on query
if (query.select == null) {
query.select(new Select().filterAccess(Access.PUBLIC_READ));
} else {
query.select.filterAccess(Access.PUBLIC_READ);
}
try {
List<ServerAsset> result = assetStorageService.findAll(query);
// Compress response (the request attribute enables the interceptor)
request.setAttribute(HttpHeaders.CONTENT_ENCODING, "gzip");
return result.toArray(new Asset[result.size()]);
} catch (IllegalStateException ex) {
throw new WebApplicationException(ex, BAD_REQUEST);
}
}
Also used :
WebApplicationException(javax.ws.rs.WebApplicationException)
Select(org.openremote.model.asset.BaseAssetQuery.Select)
Example 2 with Select
use of org.openremote.model.asset.BaseAssetQuery.Select in project openremote by openremote.
the class AssetResourceImpl method queryAssets.
@Override
public Asset[] queryAssets(RequestParams requestParams, AssetQuery query) {
try {
if (query == null) {
return EMPTY_ASSETS;
}
if (isRestrictedUser()) {
// A restricted user can only query linked assets
query = query.userId(getUserId());
// A restricted user may not query private asset data, only restricted or public
if (query.select == null)
query.select = new Select();
if (query.select.access == null || query.select.access == Access.PRIVATE_READ)
query.select.filterAccess(Access.RESTRICTED_READ);
}
Tenant tenant = query.tenant != null ? !isNullOrEmpty(query.tenant.realmId) ? identityService.getIdentityProvider().getTenantForRealmId(query.tenant.realmId) : !isNullOrEmpty(query.tenant.realm) ? identityService.getIdentityProvider().getTenantForRealm(query.tenant.realm) : getAuthenticatedTenant() : getAuthenticatedTenant();
if (tenant == null) {
throw new WebApplicationException(NOT_FOUND);
}
if (!isTenantActiveAndAccessible(tenant)) {
return EMPTY_ASSETS;
}
// This replicates behaviour of old getRoot and getChildren methods
if (!isSuperUser() || query.parent == null || query.parent.noParent) {
query.tenant(new TenantPredicate(tenant.getId()));
}
List<ServerAsset> result = assetStorageService.findAll(query);
// Compress response (the request attribute enables the interceptor)
request.setAttribute(HttpHeaders.CONTENT_ENCODING, "gzip");
return result.toArray(new Asset[result.size()]);
} catch (IllegalStateException ex) {
throw new WebApplicationException(ex, BAD_REQUEST);
}
}
Also used :
Tenant(org.openremote.model.security.Tenant)
WebApplicationException(javax.ws.rs.WebApplicationException)
Select(org.openremote.model.asset.BaseAssetQuery.Select)
Example 3 with Select
use of org.openremote.model.asset.BaseAssetQuery.Select in project openremote by openremote.
the class AssetResourceImpl method getCurrentUserAssets.
@Override
public Asset[] getCurrentUserAssets(RequestParams requestParams) {
try {
if (isSuperUser()) {
return new Asset[0];
}
if (!isRestrictedUser()) {
List<ServerAsset> result = assetStorageService.findAll(new AssetQuery().parent(new ParentPredicate(true)).tenant(new TenantPredicate().realm(getAuthenticatedRealm())));
return result.toArray(new Asset[result.size()]);
}
List<ServerAsset> assets = assetStorageService.findAll(new AssetQuery().select(new Select(Include.ALL_EXCEPT_PATH_AND_ATTRIBUTES, Access.RESTRICTED_READ)).userId(getUserId()));
// Filter assets that might have been moved into a different realm and can no longer be accessed by user
// TODO: Should we forbid moving assets between realms?
Tenant authenticatedTenant = getAuthenticatedTenant();
Iterator<ServerAsset> it = assets.iterator();
while (it.hasNext()) {
ServerAsset asset = it.next();
if (!asset.getRealmId().equals(authenticatedTenant.getId())) {
LOG.warning("User '" + getUsername() + "' linked to asset in other realm, skipping: " + asset);
it.remove();
}
}
// Compress response (the request attribute enables the interceptor)
request.setAttribute(HttpHeaders.CONTENT_ENCODING, "gzip");
return assets.toArray(new ServerAsset[assets.size()]);
} catch (IllegalStateException ex) {
throw new WebApplicationException(ex, BAD_REQUEST);
}
}
Also used :
Tenant(org.openremote.model.security.Tenant)
WebApplicationException(javax.ws.rs.WebApplicationException)
AssetQuery(org.openremote.model.asset.AssetQuery)
Select(org.openremote.model.asset.BaseAssetQuery.Select)
Aggregations
WebApplicationException (javax.ws.rs.WebApplicationException)3
Select (org.openremote.model.asset.BaseAssetQuery.Select)3
Tenant (org.openremote.model.security.Tenant)2
AssetQuery (org.openremote.model.asset.AssetQuery)1
