diff --git a/application/src/main/java/org/thingsboard/server/controller/BaseController.java b/application/src/main/java/org/thingsboard/server/controller/BaseController.java index 51a5e4c96c..582bbedebd 100644 --- a/application/src/main/java/org/thingsboard/server/controller/BaseController.java +++ b/application/src/main/java/org/thingsboard/server/controller/BaseController.java @@ -259,7 +259,6 @@ public abstract class BaseController { Customer checkCustomerId(CustomerId customerId) throws ThingsboardException { try { - validateId(customerId, "Incorrect customerId " + customerId); SecurityUser authUser = getCurrentUser(); if (authUser.getAuthority() == Authority.SYS_ADMIN || (authUser.getAuthority() != Authority.TENANT_ADMIN && @@ -267,9 +266,13 @@ public abstract class BaseController { throw new ThingsboardException(YOU_DON_T_HAVE_PERMISSION_TO_PERFORM_THIS_OPERATION, ThingsboardErrorCode.PERMISSION_DENIED); } - Customer customer = customerService.findCustomerById(customerId); - checkCustomer(customer); - return customer; + if (customerId != null && !customerId.isNullUid()) { + Customer customer = customerService.findCustomerById(customerId); + checkCustomer(customer); + return customer; + } else { + return null; + } } catch (Exception e) { throw handleException(e, false); } @@ -350,9 +353,7 @@ public abstract class BaseController { protected void checkDevice(Device device) throws ThingsboardException { checkNotNull(device); checkTenantId(device.getTenantId()); - if (device.getCustomerId() != null && !device.getCustomerId().getId().equals(ModelConstants.NULL_UUID)) { - checkCustomerId(device.getCustomerId()); - } + checkCustomerId(device.getCustomerId()); } protected EntityView checkEntityViewId(EntityViewId entityViewId) throws ThingsboardException { @@ -369,9 +370,7 @@ public abstract class BaseController { protected void checkEntityView(EntityView entityView) throws ThingsboardException { checkNotNull(entityView); checkTenantId(entityView.getTenantId()); - if (entityView.getCustomerId() != null && !entityView.getCustomerId().getId().equals(ModelConstants.NULL_UUID)) { - checkCustomerId(entityView.getCustomerId()); - } + checkCustomerId(entityView.getCustomerId()); } Asset checkAssetId(AssetId assetId) throws ThingsboardException { @@ -388,9 +387,7 @@ public abstract class BaseController { protected void checkAsset(Asset asset) throws ThingsboardException { checkNotNull(asset); checkTenantId(asset.getTenantId()); - if (asset.getCustomerId() != null && !asset.getCustomerId().getId().equals(ModelConstants.NULL_UUID)) { - checkCustomerId(asset.getCustomerId()); - } + checkCustomerId(asset.getCustomerId()); } Alarm checkAlarmId(AlarmId alarmId) throws ThingsboardException { @@ -499,8 +496,7 @@ public abstract class BaseController { ComponentDescriptor checkComponentDescriptorByClazz(String clazz) throws ThingsboardException { try { log.debug("[{}] Lookup component descriptor", clazz); - ComponentDescriptor componentDescriptor = checkNotNull(componentDescriptorService.getComponent(clazz)); - return componentDescriptor; + return checkNotNull(componentDescriptorService.getComponent(clazz)); } catch (Exception e) { throw handleException(e, false); } @@ -564,16 +560,16 @@ public abstract class BaseController { } protected I emptyId(EntityType entityType) { - return (I)EntityIdFactory.getByTypeAndUuid(entityType, ModelConstants.NULL_UUID); + return (I) EntityIdFactory.getByTypeAndUuid(entityType, ModelConstants.NULL_UUID); } protected void logEntityAction(I entityId, E entity, CustomerId customerId, - ActionType actionType, Exception e, Object... additionalInfo) throws ThingsboardException { + ActionType actionType, Exception e, Object... additionalInfo) throws ThingsboardException { logEntityAction(getCurrentUser(), entityId, entity, customerId, actionType, e, additionalInfo); } protected void logEntityAction(User user, I entityId, E entity, CustomerId customerId, - ActionType actionType, Exception e, Object... additionalInfo) throws ThingsboardException { + ActionType actionType, Exception e, Object... additionalInfo) throws ThingsboardException { if (customerId == null || customerId.isNullUid()) { customerId = user.getCustomerId(); } @@ -589,7 +585,7 @@ public abstract class BaseController { } private void pushEntityActionToRuleEngine(I entityId, E entity, User user, CustomerId customerId, - ActionType actionType, Object... additionalInfo) { + ActionType actionType, Object... additionalInfo) { String msgType = null; switch (actionType) { case ADDED: @@ -668,7 +664,7 @@ public abstract class BaseController { String scope = extractParameter(String.class, 0, additionalInfo); List keys = extractParameter(List.class, 1, additionalInfo); metaData.putValue("scope", scope); - ArrayNode attrsArrayNode = entityNode.putArray("attributes"); + ArrayNode attrsArrayNode = entityNode.putArray("attributes"); if (keys != null) { keys.forEach(attrsArrayNode::add); } diff --git a/application/src/main/java/org/thingsboard/server/service/security/ValidationCallback.java b/application/src/main/java/org/thingsboard/server/service/security/ValidationCallback.java index 81ab9b4eb6..d4ac75374f 100644 --- a/application/src/main/java/org/thingsboard/server/service/security/ValidationCallback.java +++ b/application/src/main/java/org/thingsboard/server/service/security/ValidationCallback.java @@ -36,29 +36,10 @@ public class ValidationCallback implements FutureCallback { @Override public void onSuccess(ValidationResult result) { - ValidationResultCode resultCode = result.getResultCode(); - if (resultCode == ValidationResultCode.OK) { + if (result.getResultCode() == ValidationResultCode.OK) { action.onSuccess(response); } else { - Exception e; - switch (resultCode) { - case ENTITY_NOT_FOUND: - e = new EntityNotFoundException(result.getMessage()); - break; - case UNAUTHORIZED: - e = new UnauthorizedException(result.getMessage()); - break; - case ACCESS_DENIED: - e = new AccessDeniedException(result.getMessage()); - break; - case INTERNAL_ERROR: - e = new InternalErrorException(result.getMessage()); - break; - default: - e = new UnauthorizedException("Permission denied."); - break; - } - onFailure(e); + onFailure(getException(result)); } } @@ -66,4 +47,28 @@ public class ValidationCallback implements FutureCallback { public void onFailure(Throwable e) { action.onFailure(e); } + + public static Exception getException(ValidationResult result) { + ValidationResultCode resultCode = result.getResultCode(); + Exception e; + switch (resultCode) { + case ENTITY_NOT_FOUND: + e = new EntityNotFoundException(result.getMessage()); + break; + case UNAUTHORIZED: + e = new UnauthorizedException(result.getMessage()); + break; + case ACCESS_DENIED: + e = new AccessDeniedException(result.getMessage()); + break; + case INTERNAL_ERROR: + e = new InternalErrorException(result.getMessage()); + break; + default: + e = new UnauthorizedException("Permission denied."); + break; + } + return e; + } + } diff --git a/application/src/main/java/org/thingsboard/server/service/telemetry/DefaultTelemetryWebSocketService.java b/application/src/main/java/org/thingsboard/server/service/telemetry/DefaultTelemetryWebSocketService.java index 2ff8e89070..1251ca3b7e 100644 --- a/application/src/main/java/org/thingsboard/server/service/telemetry/DefaultTelemetryWebSocketService.java +++ b/application/src/main/java/org/thingsboard/server/service/telemetry/DefaultTelemetryWebSocketService.java @@ -37,13 +37,18 @@ import org.thingsboard.server.common.data.kv.TsKvEntry; import org.thingsboard.server.dao.attributes.AttributesService; import org.thingsboard.server.dao.timeseries.TimeseriesService; import org.thingsboard.server.service.security.AccessValidator; +import org.thingsboard.server.service.security.ValidationCallback; import org.thingsboard.server.service.security.ValidationResult; +import org.thingsboard.server.service.security.ValidationResultCode; import org.thingsboard.server.service.telemetry.cmd.AttributesSubscriptionCmd; import org.thingsboard.server.service.telemetry.cmd.GetHistoryCmd; import org.thingsboard.server.service.telemetry.cmd.SubscriptionCmd; import org.thingsboard.server.service.telemetry.cmd.TelemetryPluginCmd; import org.thingsboard.server.service.telemetry.cmd.TelemetryPluginCmdsWrapper; import org.thingsboard.server.service.telemetry.cmd.TimeseriesSubscriptionCmd; +import org.thingsboard.server.service.telemetry.exception.AccessDeniedException; +import org.thingsboard.server.service.telemetry.exception.EntityNotFoundException; +import org.thingsboard.server.service.telemetry.exception.InternalErrorException; import org.thingsboard.server.service.telemetry.exception.UnauthorizedException; import org.thingsboard.server.service.telemetry.sub.SubscriptionErrorCode; import org.thingsboard.server.service.telemetry.sub.SubscriptionState; @@ -535,11 +540,16 @@ public class DefaultTelemetryWebSocketService implements TelemetryWebSocketServi }; } - private FutureCallback on(Consumer success, Consumer failure) { + private FutureCallback on(Consumer success, Consumer failure) { return new FutureCallback() { @Override public void onSuccess(@Nullable ValidationResult result) { - success.accept(result); + ValidationResultCode resultCode = result.getResultCode(); + if (resultCode == ValidationResultCode.OK) { + success.accept(null); + } else { + onFailure(ValidationCallback.getException(result)); + } } @Override