Examples with Operation org.thingsboard.server.service.security.permission.Operation used on opensource projects

Example 6 with Operation

use of org.thingsboard.server.service.security.permission.Operation in project thingsboard by thingsboard.

the class AccessValidator method validateRule.

private void validateRule(final SecurityUser currentUser, Operation operation, EntityId entityId, FutureCallback<ValidationResult> callback) {
    if (currentUser.isCustomerUser()) {
        callback.onSuccess(ValidationResult.accessDenied(CUSTOMER_USER_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION));
    } else {
        ListenableFuture<RuleNode> ruleNodeFuture = ruleChainService.findRuleNodeByIdAsync(currentUser.getTenantId(), new RuleNodeId(entityId.getId()));
        Futures.addCallback(ruleNodeFuture, getCallback(callback, ruleNodeTmp -> {
            RuleNode ruleNode = ruleNodeTmp;
            if (ruleNode == null) {
                return ValidationResult.entityNotFound("Rule node with requested id wasn't found!");
            } else if (ruleNode.getRuleChainId() == null) {
                return ValidationResult.entityNotFound("Rule chain with requested node id wasn't found!");
            } else {
                // TODO: make async
                RuleChain ruleChain = ruleChainService.findRuleChainById(currentUser.getTenantId(), ruleNode.getRuleChainId());
                try {
                    accessControlService.checkPermission(currentUser, Resource.RULE_CHAIN, operation, ruleNode.getRuleChainId(), ruleChain);
                } catch (ThingsboardException e) {
                    return ValidationResult.accessDenied(e.getMessage());
                }
                return ValidationResult.ok(ruleNode);
            }
        }), executor);
    }
}

Example 7 with Operation

use of org.thingsboard.server.service.security.permission.Operation in project thingsboard by thingsboard.

the class AccessValidator method validateRpc.

private void validateRpc(final SecurityUser currentUser, Operation operation, EntityId entityId, FutureCallback<ValidationResult> callback) {
    ListenableFuture<Rpc> rpcFurure = rpcService.findRpcByIdAsync(currentUser.getTenantId(), new RpcId(entityId.getId()));
    Futures.addCallback(rpcFurure, getCallback(callback, rpc -> {
        if (rpc == null) {
            return ValidationResult.entityNotFound("Rpc with requested id wasn't found!");
        } else {
            try {
                accessControlService.checkPermission(currentUser, Resource.RPC, operation, entityId, rpc);
            } catch (ThingsboardException e) {
                return ValidationResult.accessDenied(e.getMessage());
            }
            return ValidationResult.ok(rpc);
        }
    }), executor);
}

Example 8 with Operation

use of org.thingsboard.server.service.security.permission.Operation in project thingsboard by thingsboard.

the class AccessValidator method validateDevice.

private void validateDevice(final SecurityUser currentUser, Operation operation, EntityId entityId, FutureCallback<ValidationResult> callback) {
    if (currentUser.isSystemAdmin()) {
        callback.onSuccess(ValidationResult.accessDenied(SYSTEM_ADMINISTRATOR_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION));
    } else {
        ListenableFuture<Device> deviceFuture = deviceService.findDeviceByIdAsync(currentUser.getTenantId(), new DeviceId(entityId.getId()));
        Futures.addCallback(deviceFuture, getCallback(callback, device -> {
            if (device == null) {
                return ValidationResult.entityNotFound(DEVICE_WITH_REQUESTED_ID_NOT_FOUND);
            } else {
                try {
                    accessControlService.checkPermission(currentUser, Resource.DEVICE, operation, entityId, device);
                } catch (ThingsboardException e) {
                    return ValidationResult.accessDenied(e.getMessage());
                }
                return ValidationResult.ok(device);
            }
        }), executor);
    }
}

Example 9 with Operation

use of org.thingsboard.server.service.security.permission.Operation in project thingsboard by thingsboard.

the class AccessValidator method validateResource.

private void validateResource(SecurityUser currentUser, Operation operation, EntityId entityId, FutureCallback<ValidationResult> callback) {
    ListenableFuture<TbResourceInfo> resourceFuture = resourceService.findResourceInfoByIdAsync(currentUser.getTenantId(), new TbResourceId(entityId.getId()));
    Futures.addCallback(resourceFuture, getCallback(callback, resource -> {
        if (resource == null) {
            return ValidationResult.entityNotFound("Resource with requested id wasn't found!");
        } else {
            try {
                accessControlService.checkPermission(currentUser, Resource.TB_RESOURCE, operation, entityId, resource);
            } catch (ThingsboardException e) {
                return ValidationResult.accessDenied(e.getMessage());
            }
            return ValidationResult.ok(resource);
        }
    }), executor);
}

Example 10 with Operation

use of org.thingsboard.server.service.security.permission.Operation in project thingsboard by thingsboard.

the class AccessValidator method validateEntityView.

private void validateEntityView(final SecurityUser currentUser, Operation operation, EntityId entityId, FutureCallback<ValidationResult> callback) {
    if (currentUser.isSystemAdmin()) {
        callback.onSuccess(ValidationResult.accessDenied(SYSTEM_ADMINISTRATOR_IS_NOT_ALLOWED_TO_PERFORM_THIS_OPERATION));
    } else {
        ListenableFuture<EntityView> entityViewFuture = entityViewService.findEntityViewByIdAsync(currentUser.getTenantId(), new EntityViewId(entityId.getId()));
        Futures.addCallback(entityViewFuture, getCallback(callback, entityView -> {
            if (entityView == null) {
                return ValidationResult.entityNotFound(ENTITY_VIEW_WITH_REQUESTED_ID_NOT_FOUND);
            } else {
                try {
                    accessControlService.checkPermission(currentUser, Resource.ENTITY_VIEW, operation, entityId, entityView);
                } catch (ThingsboardException e) {
                    return ValidationResult.accessDenied(e.getMessage());
                }
                return ValidationResult.ok(entityView);
            }
        }), executor);
    }
}