use of eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole in project CzechIdMng by bcvsolutions.
the class RoleByRoleCatalogueEvaluator method getPredicate.
@Override
public Predicate getPredicate(Root<IdmRole> root, CriteriaQuery<?> query, CriteriaBuilder builder, AuthorizationPolicy policy, BasePermission... permission) {
// check before apply evaluator
UUID roleCatalogueId = getUuid(policy);
if (roleCatalogueId == null) {
return null;
}
// subquery to role catalogue role
Subquery<IdmRoleCatalogueRole> subquery = query.subquery(IdmRoleCatalogueRole.class);
Root<IdmRoleCatalogueRole> subRoot = subquery.from(IdmRoleCatalogueRole.class);
subquery.select(subRoot);
Subquery<IdmRoleCatalogue> subqueryRoleCatalogue = query.subquery(IdmRoleCatalogue.class);
Root<IdmRoleCatalogue> subRoleCatalogueRoot = subqueryRoleCatalogue.from(IdmRoleCatalogue.class);
subqueryRoleCatalogue.select(subRoleCatalogueRoot);
subqueryRoleCatalogue.where(builder.and(builder.equal(subRoleCatalogueRoot.get(IdmRoleCatalogue_.id), roleCatalogueId), builder.between(subRoot.get(IdmRoleCatalogueRole_.roleCatalogue).get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.lft), subRoleCatalogueRoot.get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.lft), subRoleCatalogueRoot.get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.rgt))));
subquery.where(builder.and(// correlation attr
builder.equal(subRoot.get(IdmRoleCatalogueRole_.role), root), builder.exists(subqueryRoleCatalogue)));
return builder.exists(subquery);
}
use of eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleService method toPredicates.
@Override
protected List<Predicate> toPredicates(Root<IdmRole> root, CriteriaQuery<?> query, CriteriaBuilder builder, IdmRoleFilter filter) {
List<Predicate> predicates = super.toPredicates(root, query, builder, filter);
//
// role type
RoleType roleType = filter.getRoleType();
if (roleType != null) {
predicates.add(builder.equal(root.get(IdmRole_.roleType), roleType));
}
// role catalogue by forest index
UUID roleCatalogueId = filter.getRoleCatalogueId();
if (roleCatalogueId != null) {
Subquery<IdmRoleCatalogueRole> subquery = query.subquery(IdmRoleCatalogueRole.class);
Root<IdmRoleCatalogueRole> subRoot = subquery.from(IdmRoleCatalogueRole.class);
subquery.select(subRoot);
Subquery<IdmRoleCatalogue> subqueryCatalogue = query.subquery(IdmRoleCatalogue.class);
Root<IdmRoleCatalogue> subRootCatalogue = subqueryCatalogue.from(IdmRoleCatalogue.class);
subqueryCatalogue.select(subRootCatalogue);
subqueryCatalogue.where(builder.and(builder.equal(subRootCatalogue.get(IdmRoleCatalogue_.id), roleCatalogueId), builder.between(subRoot.get(IdmRoleCatalogueRole_.roleCatalogue).get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.lft), subRootCatalogue.get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.lft), subRootCatalogue.get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.rgt))));
subquery.where(builder.and(// correlation attr
builder.equal(subRoot.get(IdmRoleCatalogueRole_.role), root), builder.exists(subqueryCatalogue)));
predicates.add(builder.exists(subquery));
}
// environment
List<String> environments = filter.getEnvironments();
if (!CollectionUtils.isEmpty(environments)) {
predicates.add(root.get(IdmRole_.environment).in(environments));
}
// baseCode
String baseCode = filter.getBaseCode();
if (StringUtils.isNotEmpty(baseCode)) {
predicates.add(builder.equal(root.get(IdmRole_.baseCode), baseCode));
}
UUID parent = filter.getParent();
if (parent != null) {
Subquery<IdmRoleComposition> subquery = query.subquery(IdmRoleComposition.class);
Root<IdmRoleComposition> subRoot = subquery.from(IdmRoleComposition.class);
subquery.select(subRoot);
subquery.where(builder.and(// correlation attr
builder.equal(subRoot.get(IdmRoleComposition_.sub), root), builder.equal(subRoot.get(IdmRoleComposition_.superior).get(IdmRole_.id), parent)));
//
predicates.add(builder.exists(subquery));
}
// form definition for role attributes
UUID definitionId = filter.getAttributeFormDefinitionId();
if (definitionId != null) {
predicates.add(builder.equal(root.get(IdmRole_.identityRoleAttributeDefinition).get(IdmFormDefinition_.id), definitionId));
}
// without role catalogue
Boolean withoutCatalogue = filter.getWithoutCatalogue();
if (withoutCatalogue != null) {
Subquery<IdmRoleCatalogueRole> subquery = query.subquery(IdmRoleCatalogueRole.class);
Root<IdmRoleCatalogueRole> subRoot = subquery.from(IdmRoleCatalogueRole.class);
subquery.select(subRoot);
subquery.where(builder.equal(subRoot.get(IdmRoleCatalogueRole_.role), root));
//
if (withoutCatalogue) {
// without
predicates.add(builder.not(builder.exists(subquery)));
} else {
// with some
predicates.add(builder.exists(subquery));
}
}
//
return predicates;
}
use of eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole in project CzechIdMng by bcvsolutions.
the class DefaultIdmIdentityRoleService method toPredicates.
@Override
protected List<Predicate> toPredicates(Root<IdmIdentityRole> root, CriteriaQuery<?> query, CriteriaBuilder builder, IdmIdentityRoleFilter filter) {
List<Predicate> predicates = super.toPredicates(root, query, builder, filter);
// quick - by identity's username
String text = filter.getText();
if (StringUtils.isNotEmpty(text)) {
text = text.toLowerCase();
predicates.add(builder.like(builder.lower(root.get(IdmIdentityRole_.identityContract).get(IdmIdentityContract_.identity).get(IdmIdentity_.username)), "%" + text + "%"));
}
// by role text
String roleText = filter.getRoleText();
if (StringUtils.isNotEmpty(roleText)) {
IdmRoleFilter subFilter = new IdmRoleFilter();
subFilter.setText(roleText);
Subquery<IdmRole> subquery = query.subquery(IdmRole.class);
Root<IdmRole> subRoot = subquery.from(IdmRole.class);
subquery.select(subRoot);
//
Predicate rolePredicate = filterManager.getBuilder(IdmRole.class, IdmRoleFilter.PARAMETER_TEXT).getPredicate(subRoot, subquery, builder, subFilter);
//
subquery.where(builder.and(// correlation attr
builder.equal(root.get(IdmIdentityRole_.role), subRoot), rolePredicate));
//
predicates.add(builder.exists(subquery));
}
List<UUID> identities = filter.getIdentities();
if (!identities.isEmpty()) {
predicates.add(root.get(IdmIdentityRole_.identityContract).get(IdmIdentityContract_.identity).get(IdmIdentity_.id).in(identities));
}
List<UUID> roles = filter.getRoles();
if (!roles.isEmpty()) {
predicates.add(root.get(IdmIdentityRole_.role).get(IdmRole_.id).in(roles));
}
List<String> roleEnvironments = filter.getRoleEnvironments();
if (CollectionUtils.isNotEmpty(roleEnvironments)) {
predicates.add(root.get(IdmIdentityRole_.role).get(IdmRole_.environment).in(roleEnvironments));
}
UUID roleCatalogueId = filter.getRoleCatalogueId();
if (roleCatalogueId != null) {
Subquery<IdmRoleCatalogueRole> roleCatalogueRoleSubquery = query.subquery(IdmRoleCatalogueRole.class);
Root<IdmRoleCatalogueRole> subRootRoleCatalogueRole = roleCatalogueRoleSubquery.from(IdmRoleCatalogueRole.class);
roleCatalogueRoleSubquery.select(subRootRoleCatalogueRole);
roleCatalogueRoleSubquery.where(builder.and(builder.equal(subRootRoleCatalogueRole.get(IdmRoleCatalogueRole_.role), root.get(IdmIdentityRole_.role)), builder.equal(subRootRoleCatalogueRole.get(IdmRoleCatalogueRole_.roleCatalogue).get(AbstractEntity_.id), roleCatalogueId)));
predicates.add(builder.exists(roleCatalogueRoleSubquery));
}
//
Boolean valid = filter.getValid();
if (valid != null) {
// Only valid identity-role include check on contract validity too
if (valid) {
final LocalDate today = LocalDate.now();
predicates.add(builder.and(RepositoryUtils.getValidPredicate(root, builder, today), RepositoryUtils.getValidPredicate(root.get(IdmIdentityRole_.identityContract), builder, today), builder.equal(root.get(IdmIdentityRole_.identityContract).get(IdmIdentityContract_.disabled), Boolean.FALSE)));
}
// Only invalid identity-role
if (!valid) {
final LocalDate today = LocalDate.now();
predicates.add(builder.or(builder.not(RepositoryUtils.getValidPredicate(root, builder, today)), builder.not(RepositoryUtils.getValidPredicate(root.get(IdmIdentityRole_.identityContract), builder, today)), builder.equal(root.get(IdmIdentityRole_.identityContract).get(IdmIdentityContract_.disabled), Boolean.TRUE)));
}
}
//
// is automatic role
Boolean automaticRole = filter.getAutomaticRole();
if (automaticRole != null) {
if (automaticRole) {
predicates.add(builder.isNotNull(root.get(IdmIdentityRole_.automaticRole)));
} else {
predicates.add(builder.isNull(root.get(IdmIdentityRole_.automaticRole)));
}
}
//
UUID automaticRoleId = filter.getAutomaticRoleId();
if (automaticRoleId != null) {
predicates.add(builder.equal(root.get(IdmIdentityRole_.automaticRole).get(IdmAutomaticRole_.id), automaticRoleId));
}
//
UUID identityContractId = filter.getIdentityContractId();
if (identityContractId != null) {
predicates.add(builder.equal(root.get(IdmIdentityRole_.identityContract).get(AbstractEntity_.id), identityContractId));
}
//
UUID contractPositionId = filter.getContractPositionId();
if (contractPositionId != null) {
predicates.add(builder.equal(root.get(IdmIdentityRole_.contractPosition).get(AbstractEntity_.id), contractPositionId));
}
//
UUID directRoleId = filter.getDirectRoleId();
if (directRoleId != null) {
predicates.add(builder.equal(root.get(IdmIdentityRole_.directRole).get(IdmIdentityRole_.id), directRoleId));
}
//
UUID roleCompositionId = filter.getRoleCompositionId();
if (roleCompositionId != null) {
predicates.add(builder.equal(root.get(IdmIdentityRole_.roleComposition).get(IdmRoleComposition_.id), roleCompositionId));
}
//
// is direct role
Boolean directRole = filter.getDirectRole();
if (directRole != null) {
if (directRole) {
predicates.add(builder.isNull(root.get(IdmIdentityRole_.directRole)));
} else {
predicates.add(builder.isNotNull(root.get(IdmIdentityRole_.directRole)));
}
}
// Role-system
UUID roleSystemId = filter.getRoleSystemId();
if (roleSystemId != null) {
predicates.add(builder.equal(root.get(IdmIdentityRole_.roleSystem), roleSystemId));
}
return predicates;
}
Aggregations