Search in sources :

Example 26 with CustomerId

use of org.thingsboard.server.common.data.id.CustomerId in project thingsboard by thingsboard.

the class DashboardController method removeDashboardCustomers.

@PreAuthorize("hasAuthority('TENANT_ADMIN')")
@RequestMapping(value = "/dashboard/{dashboardId}/customers/remove", method = RequestMethod.POST)
@ResponseBody
public Dashboard removeDashboardCustomers(@PathVariable(DASHBOARD_ID) String strDashboardId, @RequestBody String[] strCustomerIds) throws ThingsboardException {
    checkParameter(DASHBOARD_ID, strDashboardId);
    try {
        DashboardId dashboardId = new DashboardId(toUUID(strDashboardId));
        Dashboard dashboard = checkDashboardId(dashboardId);
        Set<CustomerId> customerIds = new HashSet<>();
        if (strCustomerIds != null) {
            for (String strCustomerId : strCustomerIds) {
                CustomerId customerId = new CustomerId(toUUID(strCustomerId));
                if (dashboard.isAssignedToCustomer(customerId)) {
                    customerIds.add(customerId);
                }
            }
        }
        if (customerIds.isEmpty()) {
            return dashboard;
        } else {
            Dashboard savedDashboard = null;
            for (CustomerId customerId : customerIds) {
                ShortCustomerInfo customerInfo = dashboard.getAssignedCustomerInfo(customerId);
                savedDashboard = checkNotNull(dashboardService.unassignDashboardFromCustomer(dashboardId, customerId));
                logEntityAction(dashboardId, dashboard, customerId, ActionType.UNASSIGNED_FROM_CUSTOMER, null, strDashboardId, customerId.toString(), customerInfo.getTitle());
            }
            return savedDashboard;
        }
    } catch (Exception e) {
        logEntityAction(emptyId(EntityType.DASHBOARD), null, null, ActionType.UNASSIGNED_FROM_CUSTOMER, e, strDashboardId);
        throw handleException(e);
    }
}
Also used : DashboardId(org.thingsboard.server.common.data.id.DashboardId) CustomerId(org.thingsboard.server.common.data.id.CustomerId) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) IncorrectParameterException(org.thingsboard.server.dao.exception.IncorrectParameterException) HashSet(java.util.HashSet) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Example 27 with CustomerId

use of org.thingsboard.server.common.data.id.CustomerId in project thingsboard by thingsboard.

the class DeviceController method getCustomerDevices.

@PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
@RequestMapping(value = "/customer/{customerId}/devices", params = { "limit" }, method = RequestMethod.GET)
@ResponseBody
public TextPageData<Device> getCustomerDevices(@PathVariable("customerId") String strCustomerId, @RequestParam int limit, @RequestParam(required = false) String type, @RequestParam(required = false) String textSearch, @RequestParam(required = false) String idOffset, @RequestParam(required = false) String textOffset) throws ThingsboardException {
    checkParameter("customerId", strCustomerId);
    try {
        TenantId tenantId = getCurrentUser().getTenantId();
        CustomerId customerId = new CustomerId(toUUID(strCustomerId));
        checkCustomerId(customerId);
        TextPageLink pageLink = createPageLink(limit, textSearch, idOffset, textOffset);
        if (type != null && type.trim().length() > 0) {
            return checkNotNull(deviceService.findDevicesByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink));
        } else {
            return checkNotNull(deviceService.findDevicesByTenantIdAndCustomerId(tenantId, customerId, pageLink));
        }
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : TenantId(org.thingsboard.server.common.data.id.TenantId) TextPageLink(org.thingsboard.server.common.data.page.TextPageLink) CustomerId(org.thingsboard.server.common.data.id.CustomerId) IncorrectParameterException(org.thingsboard.server.dao.exception.IncorrectParameterException) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Example 28 with CustomerId

use of org.thingsboard.server.common.data.id.CustomerId in project thingsboard by thingsboard.

the class PluginApiController method processRequest.

@SuppressWarnings("rawtypes")
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
@RequestMapping(value = "/{pluginToken}/**")
@ResponseStatus(value = HttpStatus.OK)
public DeferredResult<ResponseEntity> processRequest(@PathVariable("pluginToken") String pluginToken, RequestEntity<byte[]> requestEntity, HttpServletRequest request) throws ThingsboardException {
    log.debug("[{}] Going to process requst uri: {}", pluginToken, requestEntity.getUrl());
    DeferredResult<ResponseEntity> result = new DeferredResult<ResponseEntity>();
    PluginMetaData pluginMd = pluginService.findPluginByApiToken(pluginToken);
    if (pluginMd == null) {
        result.setErrorResult(new PluginNotFoundException("Plugin with token: " + pluginToken + " not found!"));
    } else {
        TenantId tenantId = getCurrentUser().getTenantId();
        CustomerId customerId = getCurrentUser().getCustomerId();
        if (validatePluginAccess(pluginMd, tenantId, customerId)) {
            if (tenantId != null && ModelConstants.NULL_UUID.equals(tenantId.getId())) {
                tenantId = null;
            }
            UserId userId = getCurrentUser().getId();
            String userName = getCurrentUser().getName();
            PluginApiCallSecurityContext securityCtx = new PluginApiCallSecurityContext(pluginMd.getTenantId(), pluginMd.getId(), tenantId, customerId, userId, userName);
            actorService.process(new BasicPluginRestMsg(securityCtx, new RestRequest(requestEntity, request), result));
        } else {
            result.setResult(new ResponseEntity<>(HttpStatus.FORBIDDEN));
        }
    }
    return result;
}
Also used : BasicPluginRestMsg(org.thingsboard.server.extensions.api.plugins.rest.BasicPluginRestMsg) PluginMetaData(org.thingsboard.server.common.data.plugin.PluginMetaData) CustomerId(org.thingsboard.server.common.data.id.CustomerId) PluginApiCallSecurityContext(org.thingsboard.server.extensions.api.plugins.PluginApiCallSecurityContext) ResponseEntity(org.springframework.http.ResponseEntity) TenantId(org.thingsboard.server.common.data.id.TenantId) RestRequest(org.thingsboard.server.extensions.api.plugins.rest.RestRequest) UserId(org.thingsboard.server.common.data.id.UserId) DeferredResult(org.springframework.web.context.request.async.DeferredResult) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 29 with CustomerId

use of org.thingsboard.server.common.data.id.CustomerId in project thingsboard by thingsboard.

the class PluginWebSocketHandler method toRef.

private PluginWebsocketSessionRef toRef(WebSocketSession session) throws IOException {
    URI sessionUri = session.getUri();
    String path = sessionUri.getPath();
    path = path.substring(WebSocketConfiguration.WS_PLUGIN_PREFIX.length());
    if (path.length() == 0) {
        throw new IllegalArgumentException("URL should contain plugin token!");
    }
    String[] pathElements = path.split("/");
    String pluginToken = pathElements[0];
    // TODO: cache
    PluginMetaData pluginMd = pluginService.findPluginByApiToken(pluginToken);
    if (pluginMd == null) {
        throw new InvalidParameterException("Can't find plugin with specified token!");
    } else {
        SecurityUser currentUser = (SecurityUser) session.getAttributes().get(WebSocketConfiguration.WS_SECURITY_USER_ATTRIBUTE);
        TenantId tenantId = currentUser.getTenantId();
        CustomerId customerId = currentUser.getCustomerId();
        if (PluginApiController.validatePluginAccess(pluginMd, tenantId, customerId)) {
            UserId userId = currentUser.getId();
            String userName = currentUser.getName();
            PluginApiCallSecurityContext securityCtx = new PluginApiCallSecurityContext(pluginMd.getTenantId(), pluginMd.getId(), tenantId, currentUser.getCustomerId(), userId, userName);
            return new BasicPluginWebsocketSessionRef(UUID.randomUUID().toString(), securityCtx, session.getUri(), session.getAttributes(), session.getLocalAddress(), session.getRemoteAddress());
        } else {
            throw new SecurityException("Current user is not allowed to use this plugin!");
        }
    }
}
Also used : BasicPluginWebsocketSessionRef(org.thingsboard.server.extensions.api.plugins.ws.BasicPluginWebsocketSessionRef) PluginMetaData(org.thingsboard.server.common.data.plugin.PluginMetaData) CustomerId(org.thingsboard.server.common.data.id.CustomerId) URI(java.net.URI) PluginApiCallSecurityContext(org.thingsboard.server.extensions.api.plugins.PluginApiCallSecurityContext) InvalidParameterException(java.security.InvalidParameterException) TenantId(org.thingsboard.server.common.data.id.TenantId) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) UserId(org.thingsboard.server.common.data.id.UserId)

Example 30 with CustomerId

use of org.thingsboard.server.common.data.id.CustomerId in project thingsboard by thingsboard.

the class DashboardController method updateDashboardCustomers.

@PreAuthorize("hasAuthority('TENANT_ADMIN')")
@RequestMapping(value = "/dashboard/{dashboardId}/customers", method = RequestMethod.POST)
@ResponseBody
public Dashboard updateDashboardCustomers(@PathVariable(DASHBOARD_ID) String strDashboardId, @RequestBody String[] strCustomerIds) throws ThingsboardException {
    checkParameter(DASHBOARD_ID, strDashboardId);
    try {
        DashboardId dashboardId = new DashboardId(toUUID(strDashboardId));
        Dashboard dashboard = checkDashboardId(dashboardId);
        Set<CustomerId> customerIds = new HashSet<>();
        if (strCustomerIds != null) {
            for (String strCustomerId : strCustomerIds) {
                customerIds.add(new CustomerId(toUUID(strCustomerId)));
            }
        }
        Set<CustomerId> addedCustomerIds = new HashSet<>();
        Set<CustomerId> removedCustomerIds = new HashSet<>();
        for (CustomerId customerId : customerIds) {
            if (!dashboard.isAssignedToCustomer(customerId)) {
                addedCustomerIds.add(customerId);
            }
        }
        Set<ShortCustomerInfo> assignedCustomers = dashboard.getAssignedCustomers();
        if (assignedCustomers != null) {
            for (ShortCustomerInfo customerInfo : assignedCustomers) {
                if (!customerIds.contains(customerInfo.getCustomerId())) {
                    removedCustomerIds.add(customerInfo.getCustomerId());
                }
            }
        }
        if (addedCustomerIds.isEmpty() && removedCustomerIds.isEmpty()) {
            return dashboard;
        } else {
            Dashboard savedDashboard = null;
            for (CustomerId customerId : addedCustomerIds) {
                savedDashboard = checkNotNull(dashboardService.assignDashboardToCustomer(dashboardId, customerId));
                ShortCustomerInfo customerInfo = savedDashboard.getAssignedCustomerInfo(customerId);
                logEntityAction(dashboardId, savedDashboard, customerId, ActionType.ASSIGNED_TO_CUSTOMER, null, strDashboardId, customerId.toString(), customerInfo.getTitle());
            }
            for (CustomerId customerId : removedCustomerIds) {
                ShortCustomerInfo customerInfo = dashboard.getAssignedCustomerInfo(customerId);
                savedDashboard = checkNotNull(dashboardService.unassignDashboardFromCustomer(dashboardId, customerId));
                logEntityAction(dashboardId, dashboard, customerId, ActionType.UNASSIGNED_FROM_CUSTOMER, null, strDashboardId, customerId.toString(), customerInfo.getTitle());
            }
            return savedDashboard;
        }
    } catch (Exception e) {
        logEntityAction(emptyId(EntityType.DASHBOARD), null, null, ActionType.ASSIGNED_TO_CUSTOMER, e, strDashboardId);
        throw handleException(e);
    }
}
Also used : DashboardId(org.thingsboard.server.common.data.id.DashboardId) CustomerId(org.thingsboard.server.common.data.id.CustomerId) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) IncorrectParameterException(org.thingsboard.server.dao.exception.IncorrectParameterException) HashSet(java.util.HashSet) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Aggregations

CustomerId (org.thingsboard.server.common.data.id.CustomerId)59 TenantId (org.thingsboard.server.common.data.id.TenantId)30 Customer (org.thingsboard.server.common.data.Customer)24 ArrayList (java.util.ArrayList)22 Test (org.junit.Test)22 TextPageLink (org.thingsboard.server.common.data.page.TextPageLink)21 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)18 ThingsboardException (org.thingsboard.server.exception.ThingsboardException)17 IncorrectParameterException (org.thingsboard.server.dao.exception.IncorrectParameterException)12 Asset (org.thingsboard.server.common.data.asset.Asset)11 User (org.thingsboard.server.common.data.User)10 TypeReference (com.fasterxml.jackson.core.type.TypeReference)9 UserId (org.thingsboard.server.common.data.id.UserId)9 Device (org.thingsboard.server.common.data.Device)8 Tenant (org.thingsboard.server.common.data.Tenant)7 DashboardId (org.thingsboard.server.common.data.id.DashboardId)6 TimePageLink (org.thingsboard.server.common.data.page.TimePageLink)6 SecurityUser (org.thingsboard.server.service.security.model.SecurityUser)6 List (java.util.List)4 Matchers.containsString (org.hamcrest.Matchers.containsString)4