Search in sources :

Example 1 with ConstraintData

use of com.haulmont.cuba.security.global.ConstraintData in project cuba by cuba-platform.

the class SecurityImpl method getConstraints.

protected List<ConstraintData> getConstraints(MetaClass metaClass) {
    UserSession userSession = userSessionSource.getUserSession();
    MetaClass mainMetaClass = extendedEntities.getOriginalOrThisMetaClass(metaClass);
    List<ConstraintData> constraints = new ArrayList<>();
    constraints.addAll(userSession.getConstraints(mainMetaClass.getName()));
    for (MetaClass parent : mainMetaClass.getAncestors()) {
        constraints.addAll(userSession.getConstraints(parent.getName()));
    }
    return constraints;
}
Also used : ConstraintData(com.haulmont.cuba.security.global.ConstraintData) MetaClass(com.haulmont.chile.core.model.MetaClass) UserSession(com.haulmont.cuba.security.global.UserSession)

Example 2 with ConstraintData

use of com.haulmont.cuba.security.global.ConstraintData in project cuba by cuba-platform.

the class PersistenceSecurityImpl method applyConstraints.

@Override
public boolean applyConstraints(Query query) {
    QueryParser parser = QueryTransformerFactory.createParser(query.getQueryString());
    String entityName = parser.getEntityName();
    List<ConstraintData> constraints = getConstraints(metadata.getClassNN(entityName), constraint -> constraint.getCheckType().database() && (constraint.getOperationType() == ConstraintOperationType.READ || constraint.getOperationType() == ConstraintOperationType.ALL));
    if (constraints.isEmpty())
        return false;
    QueryTransformer transformer = QueryTransformerFactory.createTransformer(query.getQueryString());
    for (ConstraintData constraint : constraints) {
        processConstraint(transformer, constraint, entityName);
    }
    query.setQueryString(transformer.getResult());
    for (String paramName : transformer.getAddedParams()) {
        setQueryParam(query, paramName);
    }
    return true;
}
Also used : ConstraintData(com.haulmont.cuba.security.global.ConstraintData)

Example 3 with ConstraintData

use of com.haulmont.cuba.security.global.ConstraintData in project cuba by cuba-platform.

the class ConstraintTest method test.

@Test
public void test() throws LoginException {
    LoginWorker lw = AppBeans.get(LoginWorker.NAME);
    UserSession userSession = lw.login(USER_LOGIN, passwordEncryption.getPlainHash(USER_PASSW), Locale.getDefault());
    assertNotNull(userSession);
    List<ConstraintData> constraints = userSession.getConstraints("sys$Server");
    assertEquals(2, constraints.size());
    List<ConstraintData> roleConstraints = userSession.getConstraints("sec$UserRole");
    assertEquals(1, roleConstraints.size());
    UserSessionSource uss = AppBeans.get(UserSessionSource.class);
    UserSession savedUserSession = uss.getUserSession();
    ((TestUserSessionSource) uss).setUserSession(userSession);
    try {
        DataManager dm = AppBeans.get(DataManager.NAME);
        LoadContext loadContext = new LoadContext(Server.class).setQuery(new LoadContext.Query("select s from sys$Server s"));
        List<Server> list = dm.loadList(loadContext);
        for (Server server : list) {
            if (server.getId().equals(serverId))
                fail("Constraints have not taken effect for some reason");
        }
        // test constraint that contains session parameter
        loadContext = new LoadContext(UserRole.class).setQuery(new LoadContext.Query("select ur from sec$UserRole ur"));
        List<UserRole> userRoles = dm.loadList(loadContext);
        if (!userRoles.isEmpty()) {
            fail("Constraint with session attribute failed");
        }
    } finally {
        ((TestUserSessionSource) uss).setUserSession(savedUserSession);
    }
}
Also used : ConstraintData(com.haulmont.cuba.security.global.ConstraintData) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) Server(com.haulmont.cuba.core.entity.Server) TestUserSessionSource(com.haulmont.cuba.testsupport.TestUserSessionSource) LoginWorker(com.haulmont.cuba.security.app.LoginWorker) UserSession(com.haulmont.cuba.security.global.UserSession) Test(org.junit.Test)

Aggregations

ConstraintData (com.haulmont.cuba.security.global.ConstraintData)3 UserSession (com.haulmont.cuba.security.global.UserSession)2 MetaClass (com.haulmont.chile.core.model.MetaClass)1 Server (com.haulmont.cuba.core.entity.Server)1 LoginWorker (com.haulmont.cuba.security.app.LoginWorker)1 TestUserSessionSource (com.haulmont.cuba.testsupport.TestUserSessionSource)1 Test (org.junit.Test)1