thingsboard-memoizeit
Changes
application/src/main/java/org/thingsboard/server/service/security/permission/AbstractPermissions.java 32(+32 -0)
application/src/main/java/org/thingsboard/server/service/security/permission/CustomerUserPremissions.java 4(+3 -1)
application/src/main/java/org/thingsboard/server/service/security/permission/DefaultAccessControlService.java 23(+14 -9)
application/src/main/java/org/thingsboard/server/service/security/permission/Permissions.java 24(+24 -0)
Details
diff --git a/application/src/main/java/org/thingsboard/server/service/security/permission/AbstractPermissions.java b/application/src/main/java/org/thingsboard/server/service/security/permission/AbstractPermissions.java
new file mode 100644
index 0000000..eedaaba
--- /dev/null
+++ b/application/src/main/java/org/thingsboard/server/service/security/permission/AbstractPermissions.java
@@ -0,0 +1,32 @@
+/**
+ * Copyright © 2016-2018 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.service.security.permission;
+
+import java.util.HashMap;
+import java.util.Optional;
+
+public abstract class AbstractPermissions extends HashMap<Resource, PermissionChecker> implements Permissions {
+
+ public AbstractPermissions() {
+ super();
+ }
+
+ @Override
+ public Optional<PermissionChecker> getPermissionChecker(Resource resource) {
+ PermissionChecker permissionChecker = this.get(resource);
+ return Optional.ofNullable(permissionChecker);
+ }
+}
diff --git a/application/src/main/java/org/thingsboard/server/service/security/permission/CustomerUserPremissions.java b/application/src/main/java/org/thingsboard/server/service/security/permission/CustomerUserPremissions.java
index 87fe80d..355862b 100644
--- a/application/src/main/java/org/thingsboard/server/service/security/permission/CustomerUserPremissions.java
+++ b/application/src/main/java/org/thingsboard/server/service/security/permission/CustomerUserPremissions.java
@@ -15,6 +15,7 @@
*/
package org.thingsboard.server.service.security.permission;
+import org.springframework.stereotype.Component;
import org.thingsboard.server.common.data.*;
import org.thingsboard.server.common.data.id.DashboardId;
import org.thingsboard.server.common.data.id.EntityId;
@@ -25,7 +26,8 @@ import org.thingsboard.server.service.security.model.SecurityUser;
import java.util.HashMap;
-public class CustomerUserPremissions extends HashMap<Resource, PermissionChecker> {
+@Component(value="customerUserPermissions")
+public class CustomerUserPremissions extends AbstractPermissions {
public CustomerUserPremissions() {
super();
diff --git a/application/src/main/java/org/thingsboard/server/service/security/permission/DefaultAccessControlService.java b/application/src/main/java/org/thingsboard/server/service/security/permission/DefaultAccessControlService.java
index 7601891..751d375 100644
--- a/application/src/main/java/org/thingsboard/server/service/security/permission/DefaultAccessControlService.java
+++ b/application/src/main/java/org/thingsboard/server/service/security/permission/DefaultAccessControlService.java
@@ -18,6 +18,7 @@ package org.thingsboard.server.service.security.permission;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Service;
import org.thingsboard.server.common.data.Customer;
import org.thingsboard.server.common.data.EntityType;
@@ -43,11 +44,15 @@ public class DefaultAccessControlService implements AccessControlService {
private static final String INCORRECT_TENANT_ID = "Incorrect tenantId ";
private static final String YOU_DON_T_HAVE_PERMISSION_TO_PERFORM_THIS_OPERATION = "You don't have permission to perform this operation!";
- private final Map<Authority, Map<Resource, PermissionChecker>> authorityPermissions = new HashMap<>();
- {
- authorityPermissions.put(Authority.SYS_ADMIN, new SysAdminPermissions());
- authorityPermissions.put(Authority.TENANT_ADMIN, new TenantAdminPermissions());
- authorityPermissions.put(Authority.CUSTOMER_USER, new CustomerUserPremissions());
+ private final Map<Authority, Permissions> authorityPermissions = new HashMap<>();
+
+ public DefaultAccessControlService(
+ @Qualifier("sysAdminPermissions") Permissions sysAdminPermissions,
+ @Qualifier("tenantAdminPermissions") Permissions tenantAdminPermissions,
+ @Qualifier("customerUserPermissions") Permissions customerUserPermissions) {
+ authorityPermissions.put(Authority.SYS_ADMIN, sysAdminPermissions);
+ authorityPermissions.put(Authority.TENANT_ADMIN, tenantAdminPermissions);
+ authorityPermissions.put(Authority.CUSTOMER_USER, customerUserPermissions);
}
@Override
@@ -76,15 +81,15 @@ public class DefaultAccessControlService implements AccessControlService {
}
private PermissionChecker getPermissionChecker(Authority authority, Resource resource) throws ThingsboardException {
- Map<Resource, PermissionChecker> permissions = authorityPermissions.get(authority);
+ Permissions permissions = authorityPermissions.get(authority);
if (permissions == null) {
permissionDenied();
}
- PermissionChecker permissionChecker = permissions.get(resource);
- if (permissionChecker == null) {
+ Optional<PermissionChecker> permissionChecker = permissions.getPermissionChecker(resource);
+ if (!permissionChecker.isPresent()) {
permissionDenied();
}
- return permissionChecker;
+ return permissionChecker.get();
}
private void permissionDenied() throws ThingsboardException {
diff --git a/application/src/main/java/org/thingsboard/server/service/security/permission/Permissions.java b/application/src/main/java/org/thingsboard/server/service/security/permission/Permissions.java
new file mode 100644
index 0000000..29419ad
--- /dev/null
+++ b/application/src/main/java/org/thingsboard/server/service/security/permission/Permissions.java
@@ -0,0 +1,24 @@
+/**
+ * Copyright © 2016-2018 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.service.security.permission;
+
+import java.util.Optional;
+
+public interface Permissions {
+
+ Optional<PermissionChecker> getPermissionChecker(Resource resource);
+
+}
diff --git a/application/src/main/java/org/thingsboard/server/service/security/permission/SysAdminPermissions.java b/application/src/main/java/org/thingsboard/server/service/security/permission/SysAdminPermissions.java
index 285ebee..de391c2 100644
--- a/application/src/main/java/org/thingsboard/server/service/security/permission/SysAdminPermissions.java
+++ b/application/src/main/java/org/thingsboard/server/service/security/permission/SysAdminPermissions.java
@@ -15,6 +15,7 @@
*/
package org.thingsboard.server.service.security.permission;
+import org.springframework.stereotype.Component;
import org.thingsboard.server.common.data.HasTenantId;
import org.thingsboard.server.common.data.User;
import org.thingsboard.server.common.data.id.EntityId;
@@ -24,8 +25,10 @@ import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.service.security.model.SecurityUser;
import java.util.HashMap;
+import java.util.Optional;
-public class SysAdminPermissions extends HashMap<Resource, PermissionChecker> {
+@Component(value="sysAdminPermissions")
+public class SysAdminPermissions extends AbstractPermissions {
public SysAdminPermissions() {
super();
diff --git a/application/src/main/java/org/thingsboard/server/service/security/permission/TenantAdminPermissions.java b/application/src/main/java/org/thingsboard/server/service/security/permission/TenantAdminPermissions.java
index c5d9f37..2ce48f6 100644
--- a/application/src/main/java/org/thingsboard/server/service/security/permission/TenantAdminPermissions.java
+++ b/application/src/main/java/org/thingsboard/server/service/security/permission/TenantAdminPermissions.java
@@ -15,6 +15,7 @@
*/
package org.thingsboard.server.service.security.permission;
+import org.springframework.stereotype.Component;
import org.thingsboard.server.common.data.HasTenantId;
import org.thingsboard.server.common.data.User;
import org.thingsboard.server.common.data.id.EntityId;
@@ -25,7 +26,8 @@ import org.thingsboard.server.service.security.model.SecurityUser;
import java.util.HashMap;
-public class TenantAdminPermissions extends HashMap<Resource, PermissionChecker> {
+@Component(value="tenantAdminPermissions")
+public class TenantAdminPermissions extends AbstractPermissions {
public TenantAdminPermissions() {
super();