Search in sources :

Example 1 with Resource

use of org.thingsboard.server.service.security.permission.Resource in project thingsboard by thingsboard.

the class AccessValidator method validateResource.

private void validateResource(SecurityUser currentUser, Operation operation, EntityId entityId, FutureCallback<ValidationResult> callback) {
    ListenableFuture<TbResourceInfo> resourceFuture = resourceService.findResourceInfoByIdAsync(currentUser.getTenantId(), new TbResourceId(entityId.getId()));
    Futures.addCallback(resourceFuture, getCallback(callback, resource -> {
        if (resource == null) {
            return ValidationResult.entityNotFound("Resource with requested id wasn't found!");
        } else {
            try {
                accessControlService.checkPermission(currentUser, Resource.TB_RESOURCE, operation, entityId, resource);
            } catch (ThingsboardException e) {
                return ValidationResult.accessDenied(e.getMessage());
            }
            return ValidationResult.ok(resource);
        }
    }), executor);
}
Also used : Edge(org.thingsboard.server.common.data.edge.Edge) HttpValidationCallback(org.thingsboard.server.controller.HttpValidationCallback) Customer(org.thingsboard.server.common.data.Customer) Autowired(org.springframework.beans.factory.annotation.Autowired) DeviceProfileId(org.thingsboard.server.common.data.id.DeviceProfileId) RuleNodeId(org.thingsboard.server.common.data.id.RuleNodeId) TenantId(org.thingsboard.server.common.data.id.TenantId) ToErrorResponseEntity(org.thingsboard.server.service.telemetry.exception.ToErrorResponseEntity) PreDestroy(javax.annotation.PreDestroy) TenantService(org.thingsboard.server.dao.tenant.TenantService) Rpc(org.thingsboard.server.common.data.rpc.Rpc) ResourceService(org.thingsboard.server.dao.resource.ResourceService) RpcService(org.thingsboard.server.dao.rpc.RpcService) ApiUsageStateService(org.thingsboard.server.dao.usagerecord.ApiUsageStateService) EntityViewService(org.thingsboard.server.dao.entityview.EntityViewService) IncorrectParameterException(org.thingsboard.server.dao.exception.IncorrectParameterException) EdgeId(org.thingsboard.server.common.data.id.EdgeId) AssetService(org.thingsboard.server.dao.asset.AssetService) DeviceId(org.thingsboard.server.common.data.id.DeviceId) Function(com.google.common.base.Function) DeviceProfile(org.thingsboard.server.common.data.DeviceProfile) EdgeService(org.thingsboard.server.dao.edge.EdgeService) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ThingsBoardThreadFactory(org.thingsboard.common.util.ThingsBoardThreadFactory) ApiUsageStateId(org.thingsboard.server.common.data.id.ApiUsageStateId) OtaPackageId(org.thingsboard.server.common.data.id.OtaPackageId) Executors(java.util.concurrent.Executors) EntityView(org.thingsboard.server.common.data.EntityView) PostConstruct(javax.annotation.PostConstruct) RuleChainId(org.thingsboard.server.common.data.id.RuleChainId) Operation(org.thingsboard.server.service.security.permission.Operation) EntityViewId(org.thingsboard.server.common.data.id.EntityViewId) CustomerId(org.thingsboard.server.common.data.id.CustomerId) OtaPackageService(org.thingsboard.server.dao.ota.OtaPackageService) UserService(org.thingsboard.server.dao.user.UserService) OtaPackageInfo(org.thingsboard.server.common.data.OtaPackageInfo) ListenableFuture(com.google.common.util.concurrent.ListenableFuture) Device(org.thingsboard.server.common.data.Device) DeferredResult(org.springframework.web.context.request.async.DeferredResult) AssetId(org.thingsboard.server.common.data.id.AssetId) Tenant(org.thingsboard.server.common.data.Tenant) RuleChainService(org.thingsboard.server.dao.rule.RuleChainService) User(org.thingsboard.server.common.data.User) EntityIdFactory(org.thingsboard.server.common.data.id.EntityIdFactory) DeviceService(org.thingsboard.server.dao.device.DeviceService) AlarmService(org.thingsboard.server.dao.alarm.AlarmService) EntityId(org.thingsboard.server.common.data.id.EntityId) BiConsumer(java.util.function.BiConsumer) CustomerService(org.thingsboard.server.dao.customer.CustomerService) Nullable(javax.annotation.Nullable) ExecutorService(java.util.concurrent.ExecutorService) RpcId(org.thingsboard.server.common.data.id.RpcId) RuleNode(org.thingsboard.server.common.data.rule.RuleNode) ThingsboardException(org.thingsboard.server.common.data.exception.ThingsboardException) TbResourceId(org.thingsboard.server.common.data.id.TbResourceId) FutureCallback(com.google.common.util.concurrent.FutureCallback) ApiUsageState(org.thingsboard.server.common.data.ApiUsageState) DeviceProfileService(org.thingsboard.server.dao.device.DeviceProfileService) HttpStatus(org.springframework.http.HttpStatus) Futures(com.google.common.util.concurrent.Futures) Component(org.springframework.stereotype.Component) UserId(org.thingsboard.server.common.data.id.UserId) TbResourceInfo(org.thingsboard.server.common.data.TbResourceInfo) RuleChain(org.thingsboard.server.common.data.rule.RuleChain) Resource(org.thingsboard.server.service.security.permission.Resource) ResponseEntity(org.springframework.http.ResponseEntity) Asset(org.thingsboard.server.common.data.asset.Asset) AccessControlService(org.thingsboard.server.service.security.permission.AccessControlService) TbResourceInfo(org.thingsboard.server.common.data.TbResourceInfo) TbResourceId(org.thingsboard.server.common.data.id.TbResourceId) ThingsboardException(org.thingsboard.server.common.data.exception.ThingsboardException)

Aggregations

Function (com.google.common.base.Function)1 FutureCallback (com.google.common.util.concurrent.FutureCallback)1 Futures (com.google.common.util.concurrent.Futures)1 ListenableFuture (com.google.common.util.concurrent.ListenableFuture)1 ExecutorService (java.util.concurrent.ExecutorService)1 Executors (java.util.concurrent.Executors)1 BiConsumer (java.util.function.BiConsumer)1 Nullable (javax.annotation.Nullable)1 PostConstruct (javax.annotation.PostConstruct)1 PreDestroy (javax.annotation.PreDestroy)1 Autowired (org.springframework.beans.factory.annotation.Autowired)1 HttpStatus (org.springframework.http.HttpStatus)1 ResponseEntity (org.springframework.http.ResponseEntity)1 Component (org.springframework.stereotype.Component)1 DeferredResult (org.springframework.web.context.request.async.DeferredResult)1 ThingsBoardThreadFactory (org.thingsboard.common.util.ThingsBoardThreadFactory)1 ApiUsageState (org.thingsboard.server.common.data.ApiUsageState)1 Customer (org.thingsboard.server.common.data.Customer)1 Device (org.thingsboard.server.common.data.Device)1 DeviceProfile (org.thingsboard.server.common.data.DeviceProfile)1