diff --git a/application/src/main/java/org/thingsboard/server/controller/BaseController.java b/application/src/main/java/org/thingsboard/server/controller/BaseController.java index f17185dcd0..87ddfbb088 100644 --- a/application/src/main/java/org/thingsboard/server/controller/BaseController.java +++ b/application/src/main/java/org/thingsboard/server/controller/BaseController.java @@ -431,9 +431,6 @@ public abstract class BaseController { case WIDGET_TYPE: checkWidgetTypeId(new WidgetTypeId(entityId.getId()), operation); return; - case OAUTH2_CLIENT_REGISTRATION_INFO: - case OAUTH2_CLIENT_REGISTRATION_TEMPLATE: - return; default: throw new IllegalArgumentException("Unsupported entity type: " + entityId.getEntityType()); } diff --git a/application/src/main/java/org/thingsboard/server/controller/OAuth2ConfigTemplateController.java b/application/src/main/java/org/thingsboard/server/controller/OAuth2ConfigTemplateController.java index 1cb969e9e6..35ed01f03e 100644 --- a/application/src/main/java/org/thingsboard/server/controller/OAuth2ConfigTemplateController.java +++ b/application/src/main/java/org/thingsboard/server/controller/OAuth2ConfigTemplateController.java @@ -25,6 +25,8 @@ import org.thingsboard.server.common.data.exception.ThingsboardException; import org.thingsboard.server.common.data.id.OAuth2ClientRegistrationTemplateId; import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistrationTemplate; import org.thingsboard.server.queue.util.TbCoreComponent; +import org.thingsboard.server.service.security.permission.Operation; +import org.thingsboard.server.service.security.permission.Resource; import java.util.List; @@ -40,6 +42,7 @@ public class OAuth2ConfigTemplateController extends BaseController { @ResponseStatus(value = HttpStatus.OK) public OAuth2ClientRegistrationTemplate saveClientRegistrationTemplate(@RequestBody OAuth2ClientRegistrationTemplate clientRegistrationTemplate) throws ThingsboardException { try { + accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION_TEMPLATE, Operation.WRITE); return oAuth2ConfigTemplateService.saveClientRegistrationTemplate(clientRegistrationTemplate); } catch (Exception e) { throw handleException(e); @@ -52,21 +55,10 @@ public class OAuth2ConfigTemplateController extends BaseController { public void deleteClientRegistrationTemplate(@PathVariable(CLIENT_REGISTRATION_TEMPLATE_ID) String strClientRegistrationTemplateId) throws ThingsboardException { checkParameter(CLIENT_REGISTRATION_TEMPLATE_ID, strClientRegistrationTemplateId); try { + accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION_TEMPLATE, Operation.DELETE); OAuth2ClientRegistrationTemplateId clientRegistrationTemplateId = new OAuth2ClientRegistrationTemplateId(toUUID(strClientRegistrationTemplateId)); oAuth2ConfigTemplateService.deleteClientRegistrationTemplateById(clientRegistrationTemplateId); - - logEntityAction(clientRegistrationTemplateId, - null, - null, - ActionType.DELETED, null, strClientRegistrationTemplateId); - } catch (Exception e) { - - logEntityAction(emptyId(EntityType.OAUTH2_CLIENT_REGISTRATION_TEMPLATE), - null, - null, - ActionType.DELETED, e, strClientRegistrationTemplateId); - throw handleException(e); } } @@ -76,6 +68,7 @@ public class OAuth2ConfigTemplateController extends BaseController { @ResponseBody public List getClientRegistrationTemplates() throws ThingsboardException { try { + accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION_TEMPLATE, Operation.READ); return oAuth2ConfigTemplateService.findAllClientRegistrationTemplates(); } catch (Exception e) { throw handleException(e); diff --git a/application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java b/application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java index bb3a87ef92..ecd74bef39 100644 --- a/application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java +++ b/application/src/main/java/org/thingsboard/server/controller/OAuth2Controller.java @@ -24,6 +24,8 @@ import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo; import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams; import org.thingsboard.server.common.data.oauth2.SchemeType; import org.thingsboard.server.queue.util.TbCoreComponent; +import org.thingsboard.server.service.security.permission.Operation; +import org.thingsboard.server.service.security.permission.Resource; import org.thingsboard.server.utils.MiscUtils; import javax.servlet.http.HttpServletRequest; @@ -49,6 +51,7 @@ public class OAuth2Controller extends BaseController { @ResponseBody public OAuth2ClientsParams getCurrentOAuth2Params() throws ThingsboardException { try { + accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION_INFO, Operation.READ); return oAuth2Service.findOAuth2Params(); } catch (Exception e) { throw handleException(e); @@ -60,6 +63,7 @@ public class OAuth2Controller extends BaseController { @ResponseStatus(value = HttpStatus.OK) public OAuth2ClientsParams saveOAuth2Params(@RequestBody OAuth2ClientsParams oauth2Params) throws ThingsboardException { try { + accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION_INFO, Operation.WRITE); oAuth2Service.saveOAuth2Params(oauth2Params); return oAuth2Service.findOAuth2Params(); } catch (Exception e) { diff --git a/application/src/main/java/org/thingsboard/server/service/security/permission/Resource.java b/application/src/main/java/org/thingsboard/server/service/security/permission/Resource.java index 671e0539cc..08534dc2d4 100644 --- a/application/src/main/java/org/thingsboard/server/service/security/permission/Resource.java +++ b/application/src/main/java/org/thingsboard/server/service/security/permission/Resource.java @@ -32,8 +32,8 @@ public enum Resource { USER(EntityType.USER), WIDGETS_BUNDLE(EntityType.WIDGETS_BUNDLE), WIDGET_TYPE(EntityType.WIDGET_TYPE), - OAUTH2_CONFIGURATION_INFO(EntityType.OAUTH2_CLIENT_REGISTRATION_INFO), - OAUTH2_CONFIGURATION_TEMPLATE(EntityType.OAUTH2_CLIENT_REGISTRATION_TEMPLATE), + OAUTH2_CONFIGURATION_INFO(), + OAUTH2_CONFIGURATION_TEMPLATE(), TENANT_PROFILE(EntityType.TENANT_PROFILE), DEVICE_PROFILE(EntityType.DEVICE_PROFILE); diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/id/EntityIdFactory.java b/common/data/src/main/java/org/thingsboard/server/common/data/id/EntityIdFactory.java index 8113c41945..dc1589814f 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/id/EntityIdFactory.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/id/EntityIdFactory.java @@ -62,10 +62,6 @@ public class EntityIdFactory { return new WidgetsBundleId(uuid); case WIDGET_TYPE: return new WidgetTypeId(uuid); - case OAUTH2_CLIENT_REGISTRATION_INFO: - return new OAuth2ClientRegistrationInfoId(uuid); - case OAUTH2_CLIENT_REGISTRATION_TEMPLATE: - return new OAuth2ClientRegistrationTemplateId(uuid); case DEVICE_PROFILE: return new DeviceProfileId(uuid); case TENANT_PROFILE: diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationId.java b/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationId.java index 3e4ad56f19..e87d9c7b2e 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationId.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationId.java @@ -17,11 +17,10 @@ package org.thingsboard.server.common.data.id; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.annotation.JsonProperty; -import org.thingsboard.server.common.data.EntityType; import java.util.UUID; -public class OAuth2ClientRegistrationId extends UUIDBased implements EntityId { +public class OAuth2ClientRegistrationId extends UUIDBased { @JsonCreator public OAuth2ClientRegistrationId(@JsonProperty("id") UUID id) { @@ -31,9 +30,4 @@ public class OAuth2ClientRegistrationId extends UUIDBased implements EntityId { public static OAuth2ClientRegistrationId fromString(String clientRegistrationId) { return new OAuth2ClientRegistrationId(UUID.fromString(clientRegistrationId)); } - - @Override - public EntityType getEntityType() { - return EntityType.OAUTH2_CLIENT_REGISTRATION; - } } diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationInfoId.java b/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationInfoId.java index 999f0d5816..87a2109909 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationInfoId.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationInfoId.java @@ -17,11 +17,10 @@ package org.thingsboard.server.common.data.id; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.annotation.JsonProperty; -import org.thingsboard.server.common.data.EntityType; import java.util.UUID; -public class OAuth2ClientRegistrationInfoId extends UUIDBased implements EntityId { +public class OAuth2ClientRegistrationInfoId extends UUIDBased { @JsonCreator public OAuth2ClientRegistrationInfoId(@JsonProperty("id") UUID id) { @@ -31,9 +30,4 @@ public class OAuth2ClientRegistrationInfoId extends UUIDBased implements EntityI public static OAuth2ClientRegistrationInfoId fromString(String clientRegistrationInfoId) { return new OAuth2ClientRegistrationInfoId(UUID.fromString(clientRegistrationInfoId)); } - - @Override - public EntityType getEntityType() { - return EntityType.OAUTH2_CLIENT_REGISTRATION_INFO; - } } diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationTemplateId.java b/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationTemplateId.java index 03edd5054b..cc6ee3a795 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationTemplateId.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/id/OAuth2ClientRegistrationTemplateId.java @@ -17,11 +17,10 @@ package org.thingsboard.server.common.data.id; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.annotation.JsonProperty; -import org.thingsboard.server.common.data.EntityType; import java.util.UUID; -public class OAuth2ClientRegistrationTemplateId extends UUIDBased implements EntityId { +public class OAuth2ClientRegistrationTemplateId extends UUIDBased { @JsonCreator public OAuth2ClientRegistrationTemplateId(@JsonProperty("id") UUID id) { @@ -31,9 +30,4 @@ public class OAuth2ClientRegistrationTemplateId extends UUIDBased implements Ent public static OAuth2ClientRegistrationTemplateId fromString(String clientRegistrationTemplateId) { return new OAuth2ClientRegistrationTemplateId(UUID.fromString(clientRegistrationTemplateId)); } - - @Override - public EntityType getEntityType() { - return EntityType.OAUTH2_CLIENT_REGISTRATION_TEMPLATE; - } }