Example 1 with ApiUsageStateFilter
use of org.thingsboard.server.common.data.query.ApiUsageStateFilter in project thingsboard by thingsboard.
the class DefaultEntityQueryRepository method buildPermissionQuery.
private String buildPermissionQuery(QueryContext ctx, EntityFilter entityFilter) {
switch(entityFilter.getType()) {
case RELATIONS_QUERY:
case DEVICE_SEARCH_QUERY:
case ASSET_SEARCH_QUERY:
case ENTITY_VIEW_SEARCH_QUERY:
case EDGE_SEARCH_QUERY:
return this.defaultPermissionQuery(ctx);
case API_USAGE_STATE:
CustomerId filterCustomerId = ((ApiUsageStateFilter) entityFilter).getCustomerId();
if (ctx.getCustomerId() != null && !ctx.getCustomerId().isNullUid()) {
if (filterCustomerId != null && !filterCustomerId.equals(ctx.getCustomerId())) {
throw new SecurityException("Customer is not allowed to query other customer's data");
}
filterCustomerId = ctx.getCustomerId();
}
ctx.addUuidParameter("permissions_tenant_id", ctx.getTenantId().getId());
if (filterCustomerId != null) {
ctx.addUuidParameter("permissions_customer_id", filterCustomerId.getId());
return "e.tenant_id=:permissions_tenant_id and e.entity_id=:permissions_customer_id";
} else {
return "e.tenant_id=:permissions_tenant_id and e.entity_id=:permissions_tenant_id";
}
default:
if (ctx.getEntityType() == EntityType.TENANT) {
ctx.addUuidParameter("permissions_tenant_id", ctx.getTenantId().getId());
return "e.id=:permissions_tenant_id";
} else {
return this.defaultPermissionQuery(ctx);
}
}
}
Also used :
CustomerId(org.thingsboard.server.common.data.id.CustomerId)
ApiUsageStateFilter(org.thingsboard.server.common.data.query.ApiUsageStateFilter)
Aggregations
CustomerId (org.thingsboard.server.common.data.id.CustomerId)1
ApiUsageStateFilter (org.thingsboard.server.common.data.query.ApiUsageStateFilter)1
