tsai
/
thingsboard
mirror of https://github.com/thingsboard/thingsboard.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Hide sensitive data from customer

pull/3811/head
Volodymyr Babak 6 years ago
parent
056889be97
commit
962afa3f2f
5 changed files with 61 additions and 21 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 62
      application/src/main/java/org/thingsboard/server/controller/EdgeController.java
  2. 2
      application/src/main/java/org/thingsboard/server/controller/EdgeEventController.java
  3. 2
      ui-ngx/src/app/modules/home/pages/edge/edge-tabs.component.html
  4. 14
      ui-ngx/src/app/modules/home/pages/edge/edge.component.html
  5. 2
      ui-ngx/src/app/modules/home/pages/edge/edges-table-config.resolver.ts

62
application/src/main/java/org/thingsboard/server/controller/EdgeController.java
View File

@ -44,6 +44,7 @@ import org.thingsboard.server.common.data.page.PageData;
import org.thingsboard.server.common.data.page.PageLink;
import org.thingsboard.server.common.data.plugin.ComponentLifecycleEvent;
import org.thingsboard.server.common.data.rule.RuleChain;
import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.dao.exception.DataValidationException;
import org.thingsboard.server.dao.exception.IncorrectParameterException;
import org.thingsboard.server.dao.model.ModelConstants;
@ -91,7 +92,11 @@ public class EdgeController extends BaseController {
checkParameter(EDGE_ID, strEdgeId);
try {
EdgeId edgeId = new EdgeId(toUUID(strEdgeId));
return checkEdgeInfoId(edgeId, Operation.READ);
EdgeInfo edgeInfo = checkEdgeInfoId(edgeId, Operation.READ);
if (Authority.CUSTOMER_USER.equals(getCurrentUser().getAuthority())) {
cleanUpSensitiveData(edgeInfo);
}
return edgeInfo;
} catch (Exception e) {
throw handleException(e);
}
@ -380,15 +385,23 @@ public class EdgeController extends BaseController {
@RequestParam(required = false) String sortOrder) throws ThingsboardException {
checkParameter("customerId", strCustomerId);
try {
TenantId tenantId = getCurrentUser().getTenantId();
SecurityUser user = getCurrentUser();
TenantId tenantId = user.getTenantId();
CustomerId customerId = new CustomerId(toUUID(strCustomerId));
checkCustomerId(customerId, Operation.READ);
PageLink pageLink = createPageLink(pageSize, page, textSearch, sortProperty, sortOrder);
PageData<Edge> result;
if (type != null && type.trim().length() > 0) {
return checkNotNull(edgeService.findEdgesByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink));
result = edgeService.findEdgesByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink);
} else {
return checkNotNull(edgeService.findEdgesByTenantIdAndCustomerId(tenantId, customerId, pageLink));
result = edgeService.findEdgesByTenantIdAndCustomerId(tenantId, customerId, pageLink);
}
if (Authority.CUSTOMER_USER.equals(user.getAuthority())) {
for (Edge edge : result.getData()) {
cleanUpSensitiveData(edge);
}
}
return checkNotNull(result);
} catch (Exception e) {
throw handleException(e);
}
@ -407,15 +420,23 @@ public class EdgeController extends BaseController {
@RequestParam(required = false) String sortOrder) throws ThingsboardException {
checkParameter("customerId", strCustomerId);
try {
TenantId tenantId = getCurrentUser().getTenantId();
SecurityUser user = getCurrentUser();
TenantId tenantId = user.getTenantId();
CustomerId customerId = new CustomerId(toUUID(strCustomerId));
checkCustomerId(customerId, Operation.READ);
PageLink pageLink = createPageLink(pageSize, page, textSearch, sortProperty, sortOrder);
PageData<EdgeInfo> result;
if (type != null && type.trim().length() > 0) {
return checkNotNull(edgeService.findEdgeInfosByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink));
result = edgeService.findEdgeInfosByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink);
} else {
return checkNotNull(edgeService.findEdgeInfosByTenantIdAndCustomerId(tenantId, customerId, pageLink));
result = edgeService.findEdgeInfosByTenantIdAndCustomerId(tenantId, customerId, pageLink);
}
if (Authority.CUSTOMER_USER.equals(user.getAuthority())) {
for (Edge edge : result.getData()) {
cleanUpSensitiveData(edge);
}
}
return checkNotNull(result);
} catch (Exception e) {
throw handleException(e);
}
@ -435,13 +456,19 @@ public class EdgeController extends BaseController {
for (String strEdgeId : strEdgeIds) {
edgeIds.add(new EdgeId(toUUID(strEdgeId)));
}
ListenableFuture<List<Edge>> edges;
ListenableFuture<List<Edge>> edgesFuture;
if (customerId == null || customerId.isNullUid()) {
edges = edgeService.findEdgesByTenantIdAndIdsAsync(tenantId, edgeIds);
edgesFuture = edgeService.findEdgesByTenantIdAndIdsAsync(tenantId, edgeIds);
} else {
edges = edgeService.findEdgesByTenantIdCustomerIdAndIdsAsync(tenantId, customerId, edgeIds);
edgesFuture = edgeService.findEdgesByTenantIdCustomerIdAndIdsAsync(tenantId, customerId, edgeIds);
}
List<Edge> edges = edgesFuture.get();
if (Authority.CUSTOMER_USER.equals(user.getAuthority())) {
for (Edge edge : edges) {
cleanUpSensitiveData(edge);
}
}
return checkNotNull(edges.get());
return checkNotNull(edges);
} catch (Exception e) {
throw handleException(e);
}
@ -467,6 +494,11 @@ public class EdgeController extends BaseController {
return false;
}
}).collect(Collectors.toList());
if (Authority.CUSTOMER_USER.equals(user.getAuthority())) {
for (Edge edge : edges) {
cleanUpSensitiveData(edge);
}
}
return edges;
} catch (Exception e) {
throw handleException(e);
@ -543,4 +575,12 @@ public class EdgeController extends BaseController {
throw handleException(e);
}
}
private void cleanUpSensitiveData(Edge edge) {
edge.setEdgeLicenseKey(null);
edge.setRoutingKey(null);
edge.setSecret(null);
edge.setCloudEndpoint(null);
edge.setRootRuleChainId(null);
}
}

2
application/src/main/java/org/thingsboard/server/controller/EdgeEventController.java
View File

@ -45,7 +45,7 @@ public class EdgeEventController extends BaseController {
public static final String EDGE_ID = "edgeId";
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
@PreAuthorize("hasAuthority('TENANT_ADMIN')")
@RequestMapping(value = "/edge/{edgeId}/events", method = RequestMethod.GET)
@ResponseBody
public PageData<EdgeEvent> getEdgeEvents(

2
ui-ngx/src/app/modules/home/pages/edge/edge-tabs.component.html
View File

@ -41,7 +41,7 @@
<tb-event-table [defaultEventType]="eventTypes.ERROR" [active]="eventsTab.isActive" [tenantId]="entity.tenantId.id"
[entityId]="entity.id"></tb-event-table>
</mat-tab>
<mat-tab *ngIf="entity"
<mat-tab *ngIf="entity && authUser.authority === authorities.TENANT_ADMIN"
label="{{ 'edge.downlinks' | translate }}" #downLinksTab="matTab">
<tb-edge-downlink-table [active]="downLinksTab.isActive" [tenantId]="entity.tenantId.id"
[entityId]="entity.id"></tb-edge-downlink-table>

14
ui-ngx/src/app/modules/home/pages/edge/edge.component.html
View File

@ -85,7 +85,7 @@
ngxClipboard
(cbOnSuccess)="onEdgeInfoCopied('key')"
[cbContent]="entity?.routingKey"
[fxShow]="!isEdit">
[fxShow]="!isEdit && edgeScope === 'tenant'">
<mat-icon svgIcon="mdi:clipboard-arrow-left"></mat-icon>
<span translate>edge.copy-edge-key</span>
</button>
@ -93,7 +93,7 @@
ngxClipboard
(cbOnSuccess)="onEdgeInfoCopied('secret')"
[cbContent]="entity?.secret"
[fxShow]="!isEdit">
[fxShow]="!isEdit && edgeScope === 'tenant'">
<mat-icon svgIcon="mdi:clipboard-arrow-left"></mat-icon>
<span translate>edge.copy-edge-secret</span>
</button>
@ -101,7 +101,7 @@
ngxClipboard
[disabled]="(isLoading$ | async)"
(click)="onEntityAction($event, 'syncEdge')"
[fxShow]="!isEdit">
[fxShow]="!isEdit && edgeScope === 'tenant'">
<mat-icon svgIcon="mdi:sync"></mat-icon>
<span translate>edge.sync</span>
</button>
@ -132,7 +132,7 @@
[required]="true"
[entityType]="entityType.EDGE">
</tb-entity-subtype-autocomplete>
<div fxLayout="row">
<div fxLayout="row" [fxShow]="edgeScope === 'tenant'">
<fieldset fxFlex>
<div class="tb-hint" [innerHTML]="'edge.edge-license-key-hint' | translate"></div>
<mat-form-field class="mat-block">
@ -144,7 +144,7 @@
</mat-form-field>
</fieldset>
</div>
<div fxLayout="row">
<div fxLayout="row" [fxShow]="edgeScope === 'tenant'">
<fieldset fxFlex>
<div translate class="tb-hint">edge.cloud-endpoint-hint</div>
<mat-form-field class="mat-block">
@ -156,7 +156,7 @@
</mat-form-field>
</fieldset>
</div>
<div fxLayout="row">
<div fxLayout="row" [fxShow]="edgeScope === 'tenant'">
<fieldset fxFlex disabled>
<mat-form-field class="mat-block" fxFlex>
<mat-label translate>edge.edge-key</mat-label>
@ -169,7 +169,7 @@
<mat-icon svgIcon="mdi:clipboard-arrow-left"></mat-icon>
</button>
</div>
<div fxLayout="row">
<div fxLayout="row" [fxShow]="edgeScope === 'tenant'">
<fieldset fxFlex disabled>
<mat-form-field class="mat-block" fxFlex>
<mat-label translate>edge.edge-secret</mat-label>

2
ui-ngx/src/app/modules/home/pages/edge/edges-table-config.resolver.ts
View File

@ -173,7 +173,7 @@ export class EdgesTableConfigResolver implements Resolve<EntityTableConfig<EdgeI
}
if (edgeScope === 'customer_user') {
this.config.entitiesFetchFunction = pageLink =>
this.edgeService.getCustomerEdgeInfos(this.customerId, pageLink);
this.edgeService.getCustomerEdgeInfos(this.customerId, pageLink, this.config.componentsData.edgeType);
this.config.deleteEntity = id => this.edgeService.unassignEdgeFromCustomer(id.id);
}
}

Write Preview
Loading…
Cancel
Save