use of com.haulmont.cuba.security.global.ConstraintData in project cuba by cuba-platform.
the class SecurityImpl method getConstraints.
protected List<ConstraintData> getConstraints(MetaClass metaClass) {
UserSession userSession = userSessionSource.getUserSession();
MetaClass mainMetaClass = extendedEntities.getOriginalOrThisMetaClass(metaClass);
List<ConstraintData> constraints = new ArrayList<>();
constraints.addAll(userSession.getConstraints(mainMetaClass.getName()));
for (MetaClass parent : mainMetaClass.getAncestors()) {
constraints.addAll(userSession.getConstraints(parent.getName()));
}
return constraints;
}
use of com.haulmont.cuba.security.global.ConstraintData in project cuba by cuba-platform.
the class PersistenceSecurityImpl method applyConstraints.
@Override
public boolean applyConstraints(Query query) {
QueryParser parser = QueryTransformerFactory.createParser(query.getQueryString());
String entityName = parser.getEntityName();
List<ConstraintData> constraints = getConstraints(metadata.getClassNN(entityName), constraint -> constraint.getCheckType().database() && (constraint.getOperationType() == ConstraintOperationType.READ || constraint.getOperationType() == ConstraintOperationType.ALL));
if (constraints.isEmpty())
return false;
QueryTransformer transformer = QueryTransformerFactory.createTransformer(query.getQueryString());
for (ConstraintData constraint : constraints) {
processConstraint(transformer, constraint, entityName);
}
query.setQueryString(transformer.getResult());
for (String paramName : transformer.getAddedParams()) {
setQueryParam(query, paramName);
}
return true;
}
use of com.haulmont.cuba.security.global.ConstraintData in project cuba by cuba-platform.
the class ConstraintTest method test.
@Test
public void test() throws LoginException {
LoginWorker lw = AppBeans.get(LoginWorker.NAME);
UserSession userSession = lw.login(USER_LOGIN, passwordEncryption.getPlainHash(USER_PASSW), Locale.getDefault());
assertNotNull(userSession);
List<ConstraintData> constraints = userSession.getConstraints("sys$Server");
assertEquals(2, constraints.size());
List<ConstraintData> roleConstraints = userSession.getConstraints("sec$UserRole");
assertEquals(1, roleConstraints.size());
UserSessionSource uss = AppBeans.get(UserSessionSource.class);
UserSession savedUserSession = uss.getUserSession();
((TestUserSessionSource) uss).setUserSession(userSession);
try {
DataManager dm = AppBeans.get(DataManager.NAME);
LoadContext loadContext = new LoadContext(Server.class).setQuery(new LoadContext.Query("select s from sys$Server s"));
List<Server> list = dm.loadList(loadContext);
for (Server server : list) {
if (server.getId().equals(serverId))
fail("Constraints have not taken effect for some reason");
}
// test constraint that contains session parameter
loadContext = new LoadContext(UserRole.class).setQuery(new LoadContext.Query("select ur from sec$UserRole ur"));
List<UserRole> userRoles = dm.loadList(loadContext);
if (!userRoles.isEmpty()) {
fail("Constraint with session attribute failed");
}
} finally {
((TestUserSessionSource) uss).setUserSession(savedUserSession);
}
}
Aggregations