Search in sources :

Example 1 with IdmRoleCatalogueRole

use of eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole in project CzechIdMng by bcvsolutions.

the class RoleByRoleCatalogueEvaluator method getPredicate.

@Override
public Predicate getPredicate(Root<IdmRole> root, CriteriaQuery<?> query, CriteriaBuilder builder, AuthorizationPolicy policy, BasePermission... permission) {
    // check before apply evaluator
    UUID roleCatalogueId = getUuid(policy);
    if (roleCatalogueId == null) {
        return null;
    }
    // subquery to role catalogue role
    Subquery<IdmRoleCatalogueRole> subquery = query.subquery(IdmRoleCatalogueRole.class);
    Root<IdmRoleCatalogueRole> subRoot = subquery.from(IdmRoleCatalogueRole.class);
    subquery.select(subRoot);
    Subquery<IdmRoleCatalogue> subqueryRoleCatalogue = query.subquery(IdmRoleCatalogue.class);
    Root<IdmRoleCatalogue> subRoleCatalogueRoot = subqueryRoleCatalogue.from(IdmRoleCatalogue.class);
    subqueryRoleCatalogue.select(subRoleCatalogueRoot);
    subqueryRoleCatalogue.where(builder.and(builder.equal(subRoleCatalogueRoot.get(IdmRoleCatalogue_.id), roleCatalogueId), builder.between(subRoot.get(IdmRoleCatalogueRole_.roleCatalogue).get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.lft), subRoleCatalogueRoot.get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.lft), subRoleCatalogueRoot.get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.rgt))));
    subquery.where(builder.and(// correlation attr
    builder.equal(subRoot.get(IdmRoleCatalogueRole_.role), root), builder.exists(subqueryRoleCatalogue)));
    return builder.exists(subquery);
}
Also used : IdmRoleCatalogue(eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogue) UUID(java.util.UUID) IdmRoleCatalogueRole(eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole)

Example 2 with IdmRoleCatalogueRole

use of eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleService method toPredicates.

@Override
protected List<Predicate> toPredicates(Root<IdmRole> root, CriteriaQuery<?> query, CriteriaBuilder builder, IdmRoleFilter filter) {
    List<Predicate> predicates = super.toPredicates(root, query, builder, filter);
    // 
    // role type
    RoleType roleType = filter.getRoleType();
    if (roleType != null) {
        predicates.add(builder.equal(root.get(IdmRole_.roleType), roleType));
    }
    // role catalogue by forest index
    UUID roleCatalogueId = filter.getRoleCatalogueId();
    if (roleCatalogueId != null) {
        Subquery<IdmRoleCatalogueRole> subquery = query.subquery(IdmRoleCatalogueRole.class);
        Root<IdmRoleCatalogueRole> subRoot = subquery.from(IdmRoleCatalogueRole.class);
        subquery.select(subRoot);
        Subquery<IdmRoleCatalogue> subqueryCatalogue = query.subquery(IdmRoleCatalogue.class);
        Root<IdmRoleCatalogue> subRootCatalogue = subqueryCatalogue.from(IdmRoleCatalogue.class);
        subqueryCatalogue.select(subRootCatalogue);
        subqueryCatalogue.where(builder.and(builder.equal(subRootCatalogue.get(IdmRoleCatalogue_.id), roleCatalogueId), builder.between(subRoot.get(IdmRoleCatalogueRole_.roleCatalogue).get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.lft), subRootCatalogue.get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.lft), subRootCatalogue.get(IdmRoleCatalogue_.forestIndex).get(IdmForestIndexEntity_.rgt))));
        subquery.where(builder.and(// correlation attr
        builder.equal(subRoot.get(IdmRoleCatalogueRole_.role), root), builder.exists(subqueryCatalogue)));
        predicates.add(builder.exists(subquery));
    }
    // environment
    List<String> environments = filter.getEnvironments();
    if (!CollectionUtils.isEmpty(environments)) {
        predicates.add(root.get(IdmRole_.environment).in(environments));
    }
    // baseCode
    String baseCode = filter.getBaseCode();
    if (StringUtils.isNotEmpty(baseCode)) {
        predicates.add(builder.equal(root.get(IdmRole_.baseCode), baseCode));
    }
    UUID parent = filter.getParent();
    if (parent != null) {
        Subquery<IdmRoleComposition> subquery = query.subquery(IdmRoleComposition.class);
        Root<IdmRoleComposition> subRoot = subquery.from(IdmRoleComposition.class);
        subquery.select(subRoot);
        subquery.where(builder.and(// correlation attr
        builder.equal(subRoot.get(IdmRoleComposition_.sub), root), builder.equal(subRoot.get(IdmRoleComposition_.superior).get(IdmRole_.id), parent)));
        // 
        predicates.add(builder.exists(subquery));
    }
    // form definition for role attributes
    UUID definitionId = filter.getAttributeFormDefinitionId();
    if (definitionId != null) {
        predicates.add(builder.equal(root.get(IdmRole_.identityRoleAttributeDefinition).get(IdmFormDefinition_.id), definitionId));
    }
    // without role catalogue
    Boolean withoutCatalogue = filter.getWithoutCatalogue();
    if (withoutCatalogue != null) {
        Subquery<IdmRoleCatalogueRole> subquery = query.subquery(IdmRoleCatalogueRole.class);
        Root<IdmRoleCatalogueRole> subRoot = subquery.from(IdmRoleCatalogueRole.class);
        subquery.select(subRoot);
        subquery.where(builder.equal(subRoot.get(IdmRoleCatalogueRole_.role), root));
        // 
        if (withoutCatalogue) {
            // without
            predicates.add(builder.not(builder.exists(subquery)));
        } else {
            // with some
            predicates.add(builder.exists(subquery));
        }
    }
    // 
    return predicates;
}
Also used : IdmRoleComposition(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition) RoleType(eu.bcvsolutions.idm.core.api.domain.RoleType) IdmRoleCatalogue(eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogue) IdmRoleCatalogueRole(eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole) Predicate(javax.persistence.criteria.Predicate) UUID(java.util.UUID)

Example 3 with IdmRoleCatalogueRole

use of eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole in project CzechIdMng by bcvsolutions.

the class DefaultIdmIdentityRoleService method toPredicates.

@Override
protected List<Predicate> toPredicates(Root<IdmIdentityRole> root, CriteriaQuery<?> query, CriteriaBuilder builder, IdmIdentityRoleFilter filter) {
    List<Predicate> predicates = super.toPredicates(root, query, builder, filter);
    // quick - by identity's username
    String text = filter.getText();
    if (StringUtils.isNotEmpty(text)) {
        text = text.toLowerCase();
        predicates.add(builder.like(builder.lower(root.get(IdmIdentityRole_.identityContract).get(IdmIdentityContract_.identity).get(IdmIdentity_.username)), "%" + text + "%"));
    }
    // by role text
    String roleText = filter.getRoleText();
    if (StringUtils.isNotEmpty(roleText)) {
        IdmRoleFilter subFilter = new IdmRoleFilter();
        subFilter.setText(roleText);
        Subquery<IdmRole> subquery = query.subquery(IdmRole.class);
        Root<IdmRole> subRoot = subquery.from(IdmRole.class);
        subquery.select(subRoot);
        // 
        Predicate rolePredicate = filterManager.getBuilder(IdmRole.class, IdmRoleFilter.PARAMETER_TEXT).getPredicate(subRoot, subquery, builder, subFilter);
        // 
        subquery.where(builder.and(// correlation attr
        builder.equal(root.get(IdmIdentityRole_.role), subRoot), rolePredicate));
        // 
        predicates.add(builder.exists(subquery));
    }
    List<UUID> identities = filter.getIdentities();
    if (!identities.isEmpty()) {
        predicates.add(root.get(IdmIdentityRole_.identityContract).get(IdmIdentityContract_.identity).get(IdmIdentity_.id).in(identities));
    }
    List<UUID> roles = filter.getRoles();
    if (!roles.isEmpty()) {
        predicates.add(root.get(IdmIdentityRole_.role).get(IdmRole_.id).in(roles));
    }
    List<String> roleEnvironments = filter.getRoleEnvironments();
    if (CollectionUtils.isNotEmpty(roleEnvironments)) {
        predicates.add(root.get(IdmIdentityRole_.role).get(IdmRole_.environment).in(roleEnvironments));
    }
    UUID roleCatalogueId = filter.getRoleCatalogueId();
    if (roleCatalogueId != null) {
        Subquery<IdmRoleCatalogueRole> roleCatalogueRoleSubquery = query.subquery(IdmRoleCatalogueRole.class);
        Root<IdmRoleCatalogueRole> subRootRoleCatalogueRole = roleCatalogueRoleSubquery.from(IdmRoleCatalogueRole.class);
        roleCatalogueRoleSubquery.select(subRootRoleCatalogueRole);
        roleCatalogueRoleSubquery.where(builder.and(builder.equal(subRootRoleCatalogueRole.get(IdmRoleCatalogueRole_.role), root.get(IdmIdentityRole_.role)), builder.equal(subRootRoleCatalogueRole.get(IdmRoleCatalogueRole_.roleCatalogue).get(AbstractEntity_.id), roleCatalogueId)));
        predicates.add(builder.exists(roleCatalogueRoleSubquery));
    }
    // 
    Boolean valid = filter.getValid();
    if (valid != null) {
        // Only valid identity-role include check on contract validity too
        if (valid) {
            final LocalDate today = LocalDate.now();
            predicates.add(builder.and(RepositoryUtils.getValidPredicate(root, builder, today), RepositoryUtils.getValidPredicate(root.get(IdmIdentityRole_.identityContract), builder, today), builder.equal(root.get(IdmIdentityRole_.identityContract).get(IdmIdentityContract_.disabled), Boolean.FALSE)));
        }
        // Only invalid identity-role
        if (!valid) {
            final LocalDate today = LocalDate.now();
            predicates.add(builder.or(builder.not(RepositoryUtils.getValidPredicate(root, builder, today)), builder.not(RepositoryUtils.getValidPredicate(root.get(IdmIdentityRole_.identityContract), builder, today)), builder.equal(root.get(IdmIdentityRole_.identityContract).get(IdmIdentityContract_.disabled), Boolean.TRUE)));
        }
    }
    // 
    // is automatic role
    Boolean automaticRole = filter.getAutomaticRole();
    if (automaticRole != null) {
        if (automaticRole) {
            predicates.add(builder.isNotNull(root.get(IdmIdentityRole_.automaticRole)));
        } else {
            predicates.add(builder.isNull(root.get(IdmIdentityRole_.automaticRole)));
        }
    }
    // 
    UUID automaticRoleId = filter.getAutomaticRoleId();
    if (automaticRoleId != null) {
        predicates.add(builder.equal(root.get(IdmIdentityRole_.automaticRole).get(IdmAutomaticRole_.id), automaticRoleId));
    }
    // 
    UUID identityContractId = filter.getIdentityContractId();
    if (identityContractId != null) {
        predicates.add(builder.equal(root.get(IdmIdentityRole_.identityContract).get(AbstractEntity_.id), identityContractId));
    }
    // 
    UUID contractPositionId = filter.getContractPositionId();
    if (contractPositionId != null) {
        predicates.add(builder.equal(root.get(IdmIdentityRole_.contractPosition).get(AbstractEntity_.id), contractPositionId));
    }
    // 
    UUID directRoleId = filter.getDirectRoleId();
    if (directRoleId != null) {
        predicates.add(builder.equal(root.get(IdmIdentityRole_.directRole).get(IdmIdentityRole_.id), directRoleId));
    }
    // 
    UUID roleCompositionId = filter.getRoleCompositionId();
    if (roleCompositionId != null) {
        predicates.add(builder.equal(root.get(IdmIdentityRole_.roleComposition).get(IdmRoleComposition_.id), roleCompositionId));
    }
    // 
    // is direct role
    Boolean directRole = filter.getDirectRole();
    if (directRole != null) {
        if (directRole) {
            predicates.add(builder.isNull(root.get(IdmIdentityRole_.directRole)));
        } else {
            predicates.add(builder.isNotNull(root.get(IdmIdentityRole_.directRole)));
        }
    }
    // Role-system
    UUID roleSystemId = filter.getRoleSystemId();
    if (roleSystemId != null) {
        predicates.add(builder.equal(root.get(IdmIdentityRole_.roleSystem), roleSystemId));
    }
    return predicates;
}
Also used : IdmRoleCatalogueRole(eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole) LocalDate(java.time.LocalDate) Predicate(javax.persistence.criteria.Predicate) IdmRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFilter) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) UUID(java.util.UUID)

Aggregations

IdmRoleCatalogueRole (eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole)3 UUID (java.util.UUID)3 IdmRoleCatalogue (eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogue)2 Predicate (javax.persistence.criteria.Predicate)2 RoleType (eu.bcvsolutions.idm.core.api.domain.RoleType)1 IdmRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFilter)1 IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)1 IdmRoleComposition (eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition)1 LocalDate (java.time.LocalDate)1