Search in sources :

Example 21 with ThingsboardException

use of org.thingsboard.server.common.data.exception.ThingsboardException in project thingsboard by thingsboard.

the class UserController method sendActivationEmail.

@ApiOperation(value = "Send or re-send the activation email", notes = "Force send the activation email to the user. Useful to resend the email if user has accidentally deleted it. " + SYSTEM_OR_TENANT_AUTHORITY_PARAGRAPH)
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
@RequestMapping(value = "/user/sendActivationMail", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
public void sendActivationEmail(@ApiParam(value = "Email of the user", required = true) @RequestParam(value = "email") String email, HttpServletRequest request) throws ThingsboardException {
    try {
        User user = checkNotNull(userService.findUserByEmail(getCurrentUser().getTenantId(), email));
        accessControlService.checkPermission(getCurrentUser(), Resource.USER, Operation.READ, user.getId(), user);
        UserCredentials userCredentials = userService.findUserCredentialsByUserId(getCurrentUser().getTenantId(), user.getId());
        if (!userCredentials.isEnabled() && userCredentials.getActivateToken() != null) {
            String baseUrl = systemSecurityService.getBaseUrl(getTenantId(), getCurrentUser().getCustomerId(), request);
            String activateUrl = String.format(ACTIVATE_URL_PATTERN, baseUrl, userCredentials.getActivateToken());
            mailService.sendActivationEmail(activateUrl, email);
        } else {
            throw new ThingsboardException("User is already activated!", ThingsboardErrorCode.BAD_REQUEST_PARAMS);
        }
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) User(org.thingsboard.server.common.data.User) ThingsboardException(org.thingsboard.server.common.data.exception.ThingsboardException) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) ThingsboardException(org.thingsboard.server.common.data.exception.ThingsboardException) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 22 with ThingsboardException

use of org.thingsboard.server.common.data.exception.ThingsboardException in project thingsboard by thingsboard.

the class UserController method getUserById.

@ApiOperation(value = "Get User (getUserById)", notes = "Fetch the User object based on the provided User Id. " + "If the user has the authority of 'SYS_ADMIN', the server does not perform additional checks. " + "If the user has the authority of 'TENANT_ADMIN', the server checks that the requested user is owned by the same tenant. " + "If the user has the authority of 'CUSTOMER_USER', the server checks that the requested user is owned by the same customer.")
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
@RequestMapping(value = "/user/{userId}", method = RequestMethod.GET)
@ResponseBody
public User getUserById(@ApiParam(value = USER_ID_PARAM_DESCRIPTION) @PathVariable(USER_ID) String strUserId) throws ThingsboardException {
    checkParameter(USER_ID, strUserId);
    try {
        UserId userId = new UserId(toUUID(strUserId));
        User user = checkUserId(userId, Operation.READ);
        if (user.getAdditionalInfo().isObject()) {
            ObjectNode additionalInfo = (ObjectNode) user.getAdditionalInfo();
            processDashboardIdFromAdditionalInfo(additionalInfo, DEFAULT_DASHBOARD);
            processDashboardIdFromAdditionalInfo(additionalInfo, HOME_DASHBOARD);
            UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getTenantId(), user.getId());
            if (userCredentials.isEnabled() && !additionalInfo.has("userCredentialsEnabled")) {
                additionalInfo.put("userCredentialsEnabled", true);
            }
        }
        return user;
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) User(org.thingsboard.server.common.data.User) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) UserId(org.thingsboard.server.common.data.id.UserId) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) ThingsboardException(org.thingsboard.server.common.data.exception.ThingsboardException) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 23 with ThingsboardException

use of org.thingsboard.server.common.data.exception.ThingsboardException in project thingsboard by thingsboard.

the class UserController method getTenantAdmins.

@ApiOperation(value = "Get Tenant Users (getTenantAdmins)", notes = "Returns a page of users owned by tenant. " + PAGE_DATA_PARAMETERS + SYSTEM_AUTHORITY_PARAGRAPH)
@PreAuthorize("hasAuthority('SYS_ADMIN')")
@RequestMapping(value = "/tenant/{tenantId}/users", params = { "pageSize", "page" }, method = RequestMethod.GET)
@ResponseBody
public PageData<User> getTenantAdmins(@ApiParam(value = TENANT_ID_PARAM_DESCRIPTION, required = true) @PathVariable(TENANT_ID) String strTenantId, @ApiParam(value = PAGE_SIZE_DESCRIPTION, required = true) @RequestParam int pageSize, @ApiParam(value = PAGE_NUMBER_DESCRIPTION, required = true) @RequestParam int page, @ApiParam(value = USER_TEXT_SEARCH_DESCRIPTION) @RequestParam(required = false) String textSearch, @ApiParam(value = SORT_PROPERTY_DESCRIPTION, allowableValues = USER_SORT_PROPERTY_ALLOWABLE_VALUES) @RequestParam(required = false) String sortProperty, @ApiParam(value = SORT_ORDER_DESCRIPTION, allowableValues = SORT_ORDER_ALLOWABLE_VALUES) @RequestParam(required = false) String sortOrder) throws ThingsboardException {
    checkParameter("tenantId", strTenantId);
    try {
        TenantId tenantId = TenantId.fromUUID(toUUID(strTenantId));
        PageLink pageLink = createPageLink(pageSize, page, textSearch, sortProperty, sortOrder);
        return checkNotNull(userService.findTenantAdmins(tenantId, pageLink));
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : TenantId(org.thingsboard.server.common.data.id.TenantId) PageLink(org.thingsboard.server.common.data.page.PageLink) ThingsboardException(org.thingsboard.server.common.data.exception.ThingsboardException) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 24 with ThingsboardException

use of org.thingsboard.server.common.data.exception.ThingsboardException in project thingsboard by thingsboard.

the class UserController method deleteUser.

@ApiOperation(value = "Delete User (deleteUser)", notes = "Deletes the User, it's credentials and all the relations (from and to the User). " + "Referencing non-existing User Id will cause an error. " + SYSTEM_OR_TENANT_AUTHORITY_PARAGRAPH)
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
@RequestMapping(value = "/user/{userId}", method = RequestMethod.DELETE)
@ResponseStatus(value = HttpStatus.OK)
public void deleteUser(@ApiParam(value = USER_ID_PARAM_DESCRIPTION) @PathVariable(USER_ID) String strUserId) throws ThingsboardException {
    checkParameter(USER_ID, strUserId);
    try {
        UserId userId = new UserId(toUUID(strUserId));
        User user = checkUserId(userId, Operation.DELETE);
        if (user.getAuthority() == Authority.SYS_ADMIN && getCurrentUser().getId().equals(userId)) {
            throw new ThingsboardException("Sysadmin is not allowed to delete himself", ThingsboardErrorCode.PERMISSION_DENIED);
        }
        List<EdgeId> relatedEdgeIds = findRelatedEdgeIds(getTenantId(), userId);
        userService.deleteUser(getCurrentUser().getTenantId(), userId);
        logEntityAction(userId, user, user.getCustomerId(), ActionType.DELETED, null, strUserId);
        sendDeleteNotificationMsg(getTenantId(), userId, relatedEdgeIds);
    } catch (Exception e) {
        logEntityAction(emptyId(EntityType.USER), null, null, ActionType.DELETED, e, strUserId);
        throw handleException(e);
    }
}
Also used : SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) User(org.thingsboard.server.common.data.User) UserId(org.thingsboard.server.common.data.id.UserId) EdgeId(org.thingsboard.server.common.data.id.EdgeId) ThingsboardException(org.thingsboard.server.common.data.exception.ThingsboardException) ThingsboardException(org.thingsboard.server.common.data.exception.ThingsboardException) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 25 with ThingsboardException

use of org.thingsboard.server.common.data.exception.ThingsboardException in project thingsboard by thingsboard.

the class WidgetsBundleController method deleteWidgetsBundle.

@ApiOperation(value = "Delete widgets bundle (deleteWidgetsBundle)", notes = "Deletes the widget bundle. Referencing non-existing Widget Bundle Id will cause an error." + SYSTEM_OR_TENANT_AUTHORITY_PARAGRAPH)
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
@RequestMapping(value = "/widgetsBundle/{widgetsBundleId}", method = RequestMethod.DELETE)
@ResponseStatus(value = HttpStatus.OK)
public void deleteWidgetsBundle(@ApiParam(value = WIDGET_BUNDLE_ID_PARAM_DESCRIPTION, required = true) @PathVariable("widgetsBundleId") String strWidgetsBundleId) throws ThingsboardException {
    checkParameter("widgetsBundleId", strWidgetsBundleId);
    try {
        WidgetsBundleId widgetsBundleId = new WidgetsBundleId(toUUID(strWidgetsBundleId));
        checkWidgetsBundleId(widgetsBundleId, Operation.DELETE);
        widgetsBundleService.deleteWidgetsBundle(getTenantId(), widgetsBundleId);
        sendEntityNotificationMsg(getTenantId(), widgetsBundleId, EdgeEventActionType.DELETED);
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : WidgetsBundleId(org.thingsboard.server.common.data.id.WidgetsBundleId) ThingsboardException(org.thingsboard.server.common.data.exception.ThingsboardException) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

ThingsboardException (org.thingsboard.server.common.data.exception.ThingsboardException)225 ApiOperation (io.swagger.annotations.ApiOperation)176 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)176 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)172 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)150 IncorrectParameterException (org.thingsboard.server.dao.exception.IncorrectParameterException)102 TenantId (org.thingsboard.server.common.data.id.TenantId)75 SecurityUser (org.thingsboard.server.service.security.model.SecurityUser)48 CustomerId (org.thingsboard.server.common.data.id.CustomerId)42 EdgeId (org.thingsboard.server.common.data.id.EdgeId)42 DataValidationException (org.thingsboard.server.dao.exception.DataValidationException)42 Customer (org.thingsboard.server.common.data.Customer)39 IOException (java.io.IOException)38 Edge (org.thingsboard.server.common.data.edge.Edge)34 PageLink (org.thingsboard.server.common.data.page.PageLink)34 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)30 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)25 MessagingException (javax.mail.MessagingException)25 EntityId (org.thingsboard.server.common.data.id.EntityId)25 TimePageLink (org.thingsboard.server.common.data.page.TimePageLink)25