Search in sources :

Example 1 with EntityAttributeContext

use of io.jmix.core.accesscontext.EntityAttributeContext in project jmix by jmix-framework.

the class MessagesDataFetcher method getEntityMessages.

protected List<MessageDetail> getEntityMessages(MetaClass metaClass, Locale locale) {
    List<MessageDetail> messages = new ArrayList<>();
    CrudEntityContext entityContext = new CrudEntityContext(metaClass);
    accessManager.applyRegisteredConstraints(entityContext);
    String metaClassName = metaClass.getName();
    if (entityContext.isReadPermitted()) {
        String entityCaption = messageTools.getEntityCaption(metaClass, locale);
        messages.add(new MessageDetail(metaClassName, entityCaption));
    }
    for (MetaProperty metaProperty : metaClass.getProperties()) {
        EntityAttributeContext attributeContext = new EntityAttributeContext(metaClass, metaProperty.getName());
        accessManager.applyRegisteredConstraints(attributeContext);
        if (attributeContext.canView()) {
            String propertyCaption = messageTools.getPropertyCaption(metaProperty, locale);
            messages.add(new MessageDetail(metaClassName + "." + metaProperty.getName(), propertyCaption));
        }
    }
    return messages;
}
Also used : CrudEntityContext(io.jmix.core.accesscontext.CrudEntityContext) EntityAttributeContext(io.jmix.core.accesscontext.EntityAttributeContext) ArrayList(java.util.ArrayList) MessageDetail(io.jmix.graphql.schema.messages.MessageDetail) MetaProperty(io.jmix.core.metamodel.model.MetaProperty)

Example 2 with EntityAttributeContext

use of io.jmix.core.accesscontext.EntityAttributeContext in project jmix by jmix-framework.

the class PermissionDataFetcher method getPermissions.

protected PermissionConfig getPermissions(boolean entities, boolean entityAttrs, boolean specifics) {
    PermissionConfig PermissionConfig = new PermissionConfig();
    List<ShortPermissionInfo> entityPermissions = new ArrayList<>();
    List<ShortPermissionInfo> entityAttributePermissions = new ArrayList<>();
    List<ShortPermissionInfo> specificPermissions = new ArrayList<>();
    PermissionConfig.setEntities(entityPermissions);
    PermissionConfig.setEntityAttributes(entityAttributePermissions);
    PermissionConfig.setSpecifics(specificPermissions);
    for (MetaClass metaClass : metadata.getSession().getClasses()) {
        CrudEntityContext entityContext = new CrudEntityContext(metaClass);
        accessManager.applyRegisteredConstraints(entityContext);
        if (entities) {
            if (entityContext.isCreatePermitted()) {
                entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "create"), ALLOWED_CRUD_PERMISSION));
            }
            if (entityContext.isReadPermitted()) {
                entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "read"), ALLOWED_CRUD_PERMISSION));
            }
            if (entityContext.isUpdatePermitted()) {
                entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "update"), ALLOWED_CRUD_PERMISSION));
            }
            if (entityContext.isDeletePermitted()) {
                entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "delete"), ALLOWED_CRUD_PERMISSION));
            }
        }
        if (entityAttrs) {
            for (MetaProperty metaProperty : metaClass.getProperties()) {
                EntityAttributeContext attributeContext = new EntityAttributeContext(metaClass, metaProperty.getName());
                accessManager.applyRegisteredConstraints(attributeContext);
                if (attributeContext.canModify()) {
                    entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), MODIFY_ATTRIBUTE_PERMISSION));
                } else if (attributeContext.canView()) {
                    entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), VIEW_ATTRIBUTE_PERMISSION));
                }
            }
        }
    }
    if (specifics) {
        GraphQLAccessContext downloadContext = new GraphQLAccessContext(GRAPHQL_FILE_DOWNLOAD_ENABLED);
        accessManager.applyRegisteredConstraints(downloadContext);
        if (downloadContext.isPermitted()) {
            specificPermissions.add(new ShortPermissionInfo(downloadContext.getName(), 1));
        } else {
            specificPermissions.add(new ShortPermissionInfo(downloadContext.getName(), 0));
        }
        GraphQLAccessContext uploadContext = new GraphQLAccessContext(GRAPHQL_FILE_UPLOAD_ENABLED);
        accessManager.applyRegisteredConstraints(uploadContext);
        if (uploadContext.isPermitted()) {
            specificPermissions.add(new ShortPermissionInfo(uploadContext.getName(), 1));
        } else {
            specificPermissions.add(new ShortPermissionInfo(uploadContext.getName(), 0));
        }
    }
    return PermissionConfig;
}
Also used : PermissionConfig(io.jmix.graphql.schema.permission.PermissionConfig) MetaClass(io.jmix.core.metamodel.model.MetaClass) CrudEntityContext(io.jmix.core.accesscontext.CrudEntityContext) GraphQLAccessContext(io.jmix.graphql.accesscontext.GraphQLAccessContext) EntityAttributeContext(io.jmix.core.accesscontext.EntityAttributeContext) ArrayList(java.util.ArrayList) ShortPermissionInfo(io.jmix.graphql.schema.permission.ShortPermissionInfo) MetaProperty(io.jmix.core.metamodel.model.MetaProperty)

Example 3 with EntityAttributeContext

use of io.jmix.core.accesscontext.EntityAttributeContext in project jmix by jmix-framework.

the class DataFetcherPlanBuilder method excludeForbiddenProperties.

private List<String> excludeForbiddenProperties(MetaClass metaClass, Collection<String> properties) {
    List<String> result = new ArrayList<>();
    properties.forEach(property -> {
        EntityAttributeContext attributeContext = new EntityAttributeContext(metaClass, property);
        accessManager.applyRegisteredConstraints(attributeContext);
        if (attributeContext.canView()) {
            result.add(property);
        }
    });
    return result;
}
Also used : EntityAttributeContext(io.jmix.core.accesscontext.EntityAttributeContext) ArrayList(java.util.ArrayList)

Example 4 with EntityAttributeContext

use of io.jmix.core.accesscontext.EntityAttributeContext in project jmix by jmix-framework.

the class SnapshotDiffViewer method loadPropertyDiff.

private EntityPropertyDifferenceModel loadPropertyDiff(EntityPropertyDifferenceModel propertyDiff, List<EntityPropertyDifferenceModel> entityPropertyDifferenceModels) {
    if (propertyDiff == null) {
        return null;
    }
    MetaClass propMetaClass = metadata.getClass(propertyDiff.getMetaClassName());
    CrudEntityContext entityContext = new CrudEntityContext(propMetaClass);
    accessManager.applyRegisteredConstraints(entityContext);
    EntityAttributeContext attributeContext = new EntityAttributeContext(propMetaClass, propertyDiff.getPropertyName());
    accessManager.applyRegisteredConstraints(attributeContext);
    if (!entityContext.isReadPermitted() || !attributeContext.canView()) {
        return null;
    }
    if (propertyDiff instanceof EntityClassPropertyDifferenceModel) {
        EntityClassPropertyDifferenceModel classPropertyDiff = (EntityClassPropertyDifferenceModel) propertyDiff;
        for (EntityPropertyDifferenceModel childPropertyDiff : classPropertyDiff.getPropertyDiffs()) {
            EntityPropertyDifferenceModel entityPropertyDifferenceModel = loadPropertyDiff(childPropertyDiff, entityPropertyDifferenceModels);
            if (entityPropertyDifferenceModel != null) {
                entityPropertyDifferenceModels.add(entityPropertyDifferenceModel);
                entityPropertyDifferenceModel.setParentProperty(propertyDiff);
            }
        }
    } else if (propertyDiff instanceof EntityCollectionPropertyDifferenceModel) {
        EntityCollectionPropertyDifferenceModel collectionPropertyDiff = (EntityCollectionPropertyDifferenceModel) propertyDiff;
        for (EntityPropertyDifferenceModel childPropertyDiff : collectionPropertyDiff.getAddedEntities()) {
            EntityPropertyDifferenceModel entityPropertyDifferenceModel = loadPropertyDiff(childPropertyDiff, entityPropertyDifferenceModels);
            if (entityPropertyDifferenceModel != null) {
                entityPropertyDifferenceModels.add(entityPropertyDifferenceModel);
                entityPropertyDifferenceModel.setParentProperty(propertyDiff);
            }
        }
        for (EntityPropertyDifferenceModel childPropertyDiff : collectionPropertyDiff.getModifiedEntities()) {
            EntityPropertyDifferenceModel entityPropertyDifferenceModel = loadPropertyDiff(childPropertyDiff, entityPropertyDifferenceModels);
            if (entityPropertyDifferenceModel != null) {
                entityPropertyDifferenceModels.add(entityPropertyDifferenceModel);
                entityPropertyDifferenceModel.setParentProperty(propertyDiff);
            }
        }
        for (EntityPropertyDifferenceModel childPropertyDiff : collectionPropertyDiff.getRemovedEntities()) {
            EntityPropertyDifferenceModel entityPropertyDifferenceModel = loadPropertyDiff(childPropertyDiff, entityPropertyDifferenceModels);
            if (entityPropertyDifferenceModel != null) {
                entityPropertyDifferenceModels.add(entityPropertyDifferenceModel);
                entityPropertyDifferenceModel.setParentProperty(propertyDiff);
            }
        }
    }
    return propertyDiff;
}
Also used : MetaClass(io.jmix.core.metamodel.model.MetaClass) CrudEntityContext(io.jmix.core.accesscontext.CrudEntityContext) EntityAttributeContext(io.jmix.core.accesscontext.EntityAttributeContext)

Example 5 with EntityAttributeContext

use of io.jmix.core.accesscontext.EntityAttributeContext in project jmix by jmix-framework.

the class PermissionsControllerManager method getPermissions.

public PermissionsInfo getPermissions() {
    PermissionsInfo permissionsInfo = new PermissionsInfo();
    List<String> authorities = currentUserSubstitution.getEffectiveUser().getAuthorities().stream().map(GrantedAuthority::getAuthority).filter(Objects::nonNull).collect(Collectors.toList());
    permissionsInfo.setAuthorities(authorities);
    List<ShortPermissionInfo> entityPermissions = new ArrayList<>();
    List<ShortPermissionInfo> entityAttributePermissions = new ArrayList<>();
    permissionsInfo.setEntities(entityPermissions);
    permissionsInfo.setEntityAttributes(entityAttributePermissions);
    for (MetaClass metaClass : metadata.getSession().getClasses()) {
        CrudEntityContext entityContext = new CrudEntityContext(metaClass);
        accessManager.applyRegisteredConstraints(entityContext);
        if (entityContext.isCreatePermitted()) {
            entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "create"), ALLOWED_CRUD_PERMISSION));
        }
        if (entityContext.isReadPermitted()) {
            entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "read"), ALLOWED_CRUD_PERMISSION));
        }
        if (entityContext.isUpdatePermitted()) {
            entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "update"), ALLOWED_CRUD_PERMISSION));
        }
        if (entityContext.isDeletePermitted()) {
            entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "delete"), ALLOWED_CRUD_PERMISSION));
        }
        for (MetaProperty metaProperty : metaClass.getProperties()) {
            EntityAttributeContext attributeContext = new EntityAttributeContext(metaClass, metaProperty.getName());
            accessManager.applyRegisteredConstraints(attributeContext);
            if (attributeContext.canModify()) {
                entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), MODIFY_ATTRIBUTE_PERMISSION));
            } else if (attributeContext.canView()) {
                entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), VIEW_ATTRIBUTE_PERMISSION));
            }
        }
    }
    List<ShortPermissionInfo> grantedSpecificPolicies = specificPolicyInfoRegistry.getSpecificPolicyInfos().stream().map(SpecificPolicyInfoRegistry.SpecificPolicyInfo::getName).filter(specificPolicyName -> {
        SpecificOperationAccessContext accessContext = new SpecificOperationAccessContext(specificPolicyName);
        accessManager.applyRegisteredConstraints(accessContext);
        return accessContext.isPermitted();
    }).map(specificPolicyName -> new ShortPermissionInfo(specificPolicyName, 1)).collect(Collectors.toList());
    permissionsInfo.setSpecifics(grantedSpecificPolicies);
    return permissionsInfo;
}
Also used : PermissionsInfo(io.jmix.rest.impl.service.filter.data.PermissionsInfo) PermissionsController(io.jmix.rest.impl.controller.PermissionsController) MetaClass(io.jmix.core.metamodel.model.MetaClass) PermissionsInfo(io.jmix.rest.impl.service.filter.data.PermissionsInfo) EntityAttributeContext(io.jmix.core.accesscontext.EntityAttributeContext) AccessManager(io.jmix.core.AccessManager) SpecificOperationAccessContext(io.jmix.core.accesscontext.SpecificOperationAccessContext) Autowired(org.springframework.beans.factory.annotation.Autowired) Metadata(io.jmix.core.Metadata) CrudEntityContext(io.jmix.core.accesscontext.CrudEntityContext) Collectors(java.util.stream.Collectors) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) Objects(java.util.Objects) Component(org.springframework.stereotype.Component) List(java.util.List) MetaProperty(io.jmix.core.metamodel.model.MetaProperty) CurrentUserSubstitution(io.jmix.core.usersubstitution.CurrentUserSubstitution) SpecificPolicyInfoRegistry(io.jmix.core.security.SpecificPolicyInfoRegistry) ShortPermissionInfo(io.jmix.rest.impl.service.filter.data.ShortPermissionInfo) SpecificOperationAccessContext(io.jmix.core.accesscontext.SpecificOperationAccessContext) EntityAttributeContext(io.jmix.core.accesscontext.EntityAttributeContext) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) ShortPermissionInfo(io.jmix.rest.impl.service.filter.data.ShortPermissionInfo) SpecificPolicyInfoRegistry(io.jmix.core.security.SpecificPolicyInfoRegistry) MetaClass(io.jmix.core.metamodel.model.MetaClass) CrudEntityContext(io.jmix.core.accesscontext.CrudEntityContext) MetaProperty(io.jmix.core.metamodel.model.MetaProperty)

Aggregations

EntityAttributeContext (io.jmix.core.accesscontext.EntityAttributeContext)5 CrudEntityContext (io.jmix.core.accesscontext.CrudEntityContext)4 ArrayList (java.util.ArrayList)4 MetaClass (io.jmix.core.metamodel.model.MetaClass)3 MetaProperty (io.jmix.core.metamodel.model.MetaProperty)3 AccessManager (io.jmix.core.AccessManager)1 Metadata (io.jmix.core.Metadata)1 SpecificOperationAccessContext (io.jmix.core.accesscontext.SpecificOperationAccessContext)1 SpecificPolicyInfoRegistry (io.jmix.core.security.SpecificPolicyInfoRegistry)1 CurrentUserSubstitution (io.jmix.core.usersubstitution.CurrentUserSubstitution)1 GraphQLAccessContext (io.jmix.graphql.accesscontext.GraphQLAccessContext)1 MessageDetail (io.jmix.graphql.schema.messages.MessageDetail)1 PermissionConfig (io.jmix.graphql.schema.permission.PermissionConfig)1 ShortPermissionInfo (io.jmix.graphql.schema.permission.ShortPermissionInfo)1 PermissionsController (io.jmix.rest.impl.controller.PermissionsController)1 PermissionsInfo (io.jmix.rest.impl.service.filter.data.PermissionsInfo)1 ShortPermissionInfo (io.jmix.rest.impl.service.filter.data.ShortPermissionInfo)1 List (java.util.List)1 Objects (java.util.Objects)1 Collectors (java.util.stream.Collectors)1