From 962afa3f2ff7404269d381e1faf0abe246ec8049 Mon Sep 17 00:00:00 2001 From: Volodymyr Babak Date: Tue, 29 Dec 2020 13:13:25 +0200 Subject: [PATCH] Hide sensitive data from customer --- .../server/controller/EdgeController.java | 62 +++++++++++++++---- .../controller/EdgeEventController.java | 2 +- .../home/pages/edge/edge-tabs.component.html | 2 +- .../home/pages/edge/edge.component.html | 14 ++--- .../pages/edge/edges-table-config.resolver.ts | 2 +- 5 files changed, 61 insertions(+), 21 deletions(-) diff --git a/application/src/main/java/org/thingsboard/server/controller/EdgeController.java b/application/src/main/java/org/thingsboard/server/controller/EdgeController.java index 731aa453ff..e5da922024 100644 --- a/application/src/main/java/org/thingsboard/server/controller/EdgeController.java +++ b/application/src/main/java/org/thingsboard/server/controller/EdgeController.java @@ -44,6 +44,7 @@ import org.thingsboard.server.common.data.page.PageData; import org.thingsboard.server.common.data.page.PageLink; import org.thingsboard.server.common.data.plugin.ComponentLifecycleEvent; import org.thingsboard.server.common.data.rule.RuleChain; +import org.thingsboard.server.common.data.security.Authority; import org.thingsboard.server.dao.exception.DataValidationException; import org.thingsboard.server.dao.exception.IncorrectParameterException; import org.thingsboard.server.dao.model.ModelConstants; @@ -91,7 +92,11 @@ public class EdgeController extends BaseController { checkParameter(EDGE_ID, strEdgeId); try { EdgeId edgeId = new EdgeId(toUUID(strEdgeId)); - return checkEdgeInfoId(edgeId, Operation.READ); + EdgeInfo edgeInfo = checkEdgeInfoId(edgeId, Operation.READ); + if (Authority.CUSTOMER_USER.equals(getCurrentUser().getAuthority())) { + cleanUpSensitiveData(edgeInfo); + } + return edgeInfo; } catch (Exception e) { throw handleException(e); } @@ -380,15 +385,23 @@ public class EdgeController extends BaseController { @RequestParam(required = false) String sortOrder) throws ThingsboardException { checkParameter("customerId", strCustomerId); try { - TenantId tenantId = getCurrentUser().getTenantId(); + SecurityUser user = getCurrentUser(); + TenantId tenantId = user.getTenantId(); CustomerId customerId = new CustomerId(toUUID(strCustomerId)); checkCustomerId(customerId, Operation.READ); PageLink pageLink = createPageLink(pageSize, page, textSearch, sortProperty, sortOrder); + PageData result; if (type != null && type.trim().length() > 0) { - return checkNotNull(edgeService.findEdgesByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink)); + result = edgeService.findEdgesByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink); } else { - return checkNotNull(edgeService.findEdgesByTenantIdAndCustomerId(tenantId, customerId, pageLink)); + result = edgeService.findEdgesByTenantIdAndCustomerId(tenantId, customerId, pageLink); } + if (Authority.CUSTOMER_USER.equals(user.getAuthority())) { + for (Edge edge : result.getData()) { + cleanUpSensitiveData(edge); + } + } + return checkNotNull(result); } catch (Exception e) { throw handleException(e); } @@ -407,15 +420,23 @@ public class EdgeController extends BaseController { @RequestParam(required = false) String sortOrder) throws ThingsboardException { checkParameter("customerId", strCustomerId); try { - TenantId tenantId = getCurrentUser().getTenantId(); + SecurityUser user = getCurrentUser(); + TenantId tenantId = user.getTenantId(); CustomerId customerId = new CustomerId(toUUID(strCustomerId)); checkCustomerId(customerId, Operation.READ); PageLink pageLink = createPageLink(pageSize, page, textSearch, sortProperty, sortOrder); + PageData result; if (type != null && type.trim().length() > 0) { - return checkNotNull(edgeService.findEdgeInfosByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink)); + result = edgeService.findEdgeInfosByTenantIdAndCustomerIdAndType(tenantId, customerId, type, pageLink); } else { - return checkNotNull(edgeService.findEdgeInfosByTenantIdAndCustomerId(tenantId, customerId, pageLink)); + result = edgeService.findEdgeInfosByTenantIdAndCustomerId(tenantId, customerId, pageLink); } + if (Authority.CUSTOMER_USER.equals(user.getAuthority())) { + for (Edge edge : result.getData()) { + cleanUpSensitiveData(edge); + } + } + return checkNotNull(result); } catch (Exception e) { throw handleException(e); } @@ -435,13 +456,19 @@ public class EdgeController extends BaseController { for (String strEdgeId : strEdgeIds) { edgeIds.add(new EdgeId(toUUID(strEdgeId))); } - ListenableFuture> edges; + ListenableFuture> edgesFuture; if (customerId == null || customerId.isNullUid()) { - edges = edgeService.findEdgesByTenantIdAndIdsAsync(tenantId, edgeIds); + edgesFuture = edgeService.findEdgesByTenantIdAndIdsAsync(tenantId, edgeIds); } else { - edges = edgeService.findEdgesByTenantIdCustomerIdAndIdsAsync(tenantId, customerId, edgeIds); + edgesFuture = edgeService.findEdgesByTenantIdCustomerIdAndIdsAsync(tenantId, customerId, edgeIds); + } + List edges = edgesFuture.get(); + if (Authority.CUSTOMER_USER.equals(user.getAuthority())) { + for (Edge edge : edges) { + cleanUpSensitiveData(edge); + } } - return checkNotNull(edges.get()); + return checkNotNull(edges); } catch (Exception e) { throw handleException(e); } @@ -467,6 +494,11 @@ public class EdgeController extends BaseController { return false; } }).collect(Collectors.toList()); + if (Authority.CUSTOMER_USER.equals(user.getAuthority())) { + for (Edge edge : edges) { + cleanUpSensitiveData(edge); + } + } return edges; } catch (Exception e) { throw handleException(e); @@ -543,4 +575,12 @@ public class EdgeController extends BaseController { throw handleException(e); } } + + private void cleanUpSensitiveData(Edge edge) { + edge.setEdgeLicenseKey(null); + edge.setRoutingKey(null); + edge.setSecret(null); + edge.setCloudEndpoint(null); + edge.setRootRuleChainId(null); + } } diff --git a/application/src/main/java/org/thingsboard/server/controller/EdgeEventController.java b/application/src/main/java/org/thingsboard/server/controller/EdgeEventController.java index 2e6e9b22ce..44e0a2da0c 100644 --- a/application/src/main/java/org/thingsboard/server/controller/EdgeEventController.java +++ b/application/src/main/java/org/thingsboard/server/controller/EdgeEventController.java @@ -45,7 +45,7 @@ public class EdgeEventController extends BaseController { public static final String EDGE_ID = "edgeId"; - @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')") + @PreAuthorize("hasAuthority('TENANT_ADMIN')") @RequestMapping(value = "/edge/{edgeId}/events", method = RequestMethod.GET) @ResponseBody public PageData getEdgeEvents( diff --git a/ui-ngx/src/app/modules/home/pages/edge/edge-tabs.component.html b/ui-ngx/src/app/modules/home/pages/edge/edge-tabs.component.html index ff805df920..930dbe4f40 100644 --- a/ui-ngx/src/app/modules/home/pages/edge/edge-tabs.component.html +++ b/ui-ngx/src/app/modules/home/pages/edge/edge-tabs.component.html @@ -41,7 +41,7 @@ - diff --git a/ui-ngx/src/app/modules/home/pages/edge/edge.component.html b/ui-ngx/src/app/modules/home/pages/edge/edge.component.html index 61bd12eb7a..954707c8a0 100644 --- a/ui-ngx/src/app/modules/home/pages/edge/edge.component.html +++ b/ui-ngx/src/app/modules/home/pages/edge/edge.component.html @@ -85,7 +85,7 @@ ngxClipboard (cbOnSuccess)="onEdgeInfoCopied('key')" [cbContent]="entity?.routingKey" - [fxShow]="!isEdit"> + [fxShow]="!isEdit && edgeScope === 'tenant'"> edge.copy-edge-key @@ -93,7 +93,7 @@ ngxClipboard (cbOnSuccess)="onEdgeInfoCopied('secret')" [cbContent]="entity?.secret" - [fxShow]="!isEdit"> + [fxShow]="!isEdit && edgeScope === 'tenant'"> edge.copy-edge-secret @@ -101,7 +101,7 @@ ngxClipboard [disabled]="(isLoading$ | async)" (click)="onEntityAction($event, 'syncEdge')" - [fxShow]="!isEdit"> + [fxShow]="!isEdit && edgeScope === 'tenant'"> edge.sync @@ -132,7 +132,7 @@ [required]="true" [entityType]="entityType.EDGE"> -
+
@@ -144,7 +144,7 @@
-
+
edge.cloud-endpoint-hint
@@ -156,7 +156,7 @@
-
+
edge.edge-key @@ -169,7 +169,7 @@
-
+
edge.edge-secret diff --git a/ui-ngx/src/app/modules/home/pages/edge/edges-table-config.resolver.ts b/ui-ngx/src/app/modules/home/pages/edge/edges-table-config.resolver.ts index f26e671782..ad96fa94bd 100644 --- a/ui-ngx/src/app/modules/home/pages/edge/edges-table-config.resolver.ts +++ b/ui-ngx/src/app/modules/home/pages/edge/edges-table-config.resolver.ts @@ -173,7 +173,7 @@ export class EdgesTableConfigResolver implements Resolve - this.edgeService.getCustomerEdgeInfos(this.customerId, pageLink); + this.edgeService.getCustomerEdgeInfos(this.customerId, pageLink, this.config.componentsData.edgeType); this.config.deleteEntity = id => this.edgeService.unassignEdgeFromCustomer(id.id); } }