use of eu.bcvsolutions.idm.core.eav.entity.IdmFormDefinition in project CzechIdMng by bcvsolutions.
the class AbstractFormValueEvaluator method getPredicate.
@Override
@SuppressWarnings({ "rawtypes", "unchecked" })
public Predicate getPredicate(Root<T> root, CriteriaQuery<?> query, CriteriaBuilder builder, AuthorizationPolicy policy, BasePermission... permission) {
if (!hasPermission(policy, permission)) {
return null;
}
if (!securityService.isAuthenticated()) {
return null;
}
//
List<Predicate> predicates = new ArrayList<>();
//
// by form definition
IdmFormDefinitionDto formDefinition = getFormDefinition(policy);
if (formDefinition == null) {
// if form definition is empty ... we disable all
return builder.disjunction();
}
// prevent to generate cross joins by default
Join<T, IdmFormAttribute> eavAttr = root.join(AbstractFormValue_.formAttribute);
Join<IdmFormAttribute, IdmFormDefinition> extDef = eavAttr.join(IdmFormAttribute_.formDefinition);
//
predicates.add(builder.equal(extDef.get(IdmFormDefinition_.id), formDefinition.getId()));
//
// by form attributes
Set<String> formAttributes = getFormAttributes(policy);
if (!formAttributes.isEmpty()) {
predicates.add(eavAttr.get(IdmFormAttribute_.code).in(formAttributes));
}
// by self
if (isSelfOnly(policy)) {
predicates.add(builder.equal(root.get(FormValueService.PROPERTY_OWNER).get(BaseEntity.PROPERTY_ID), securityService.getCurrentId()));
}
// owner read or update - reuse the same subquery
if (isOwnerRead(policy) || isOwnerUpdate(policy)) {
Class<? extends FormableEntity> ownerType = getOwnerType();
Subquery subquery = query.subquery(ownerType);
Root subRoot = subquery.from(ownerType);
// TODO: select 1 or something like this
subquery.select(subRoot);
subquery.where(builder.and(authorizationManager.getPredicate(subRoot, query, builder, isOwnerRead(policy) ? IdmBasePermission.READ : null, isOwnerUpdate(policy) ? IdmBasePermission.UPDATE : null), // correlation attribute
builder.equal(root.get(FormValueService.PROPERTY_OWNER), subRoot)));
//
// predicates.add(builder.greaterThan(builder.count(subquery), 0L));
predicates.add(builder.exists(subquery));
}
//
return builder.and(predicates.toArray(new Predicate[predicates.size()]));
}
Aggregations