Example 11 with AccessDeniedException
use of io.jmix.core.security.AccessDeniedException in project jmix by jmix-framework.
the class UserSettingServiceImpl method copySettings.
@Override
public void copySettings(UserDetails fromUser, UserDetails toUser) {
Preconditions.checkNotNullArgument(fromUser);
Preconditions.checkNotNullArgument(toUser);
MetaClass metaClass = metadata.getClass(UiSetting.class);
CrudEntityContext entityContext = new CrudEntityContext(metaClass);
accessManager.applyRegisteredConstraints(entityContext);
if (!entityContext.isCreatePermitted()) {
throw new AccessDeniedException("entity", metaClass.getName());
}
transaction.executeWithoutResult(status -> {
Query deleteSettingsQuery = entityManager.createQuery("delete from ui_Setting s where s.username = ?1");
deleteSettingsQuery.setParameter(1, toUser.getUsername());
deleteSettingsQuery.executeUpdate();
});
Map<UUID, UiTablePresentation> presentationsMap = copyPresentations(fromUser, toUser);
transaction.executeWithoutResult(status -> {
TypedQuery<UiSetting> q = entityManager.createQuery("select s from ui_Setting s where s.username = ?1", UiSetting.class);
q.setParameter(1, fromUser.getUsername());
List<UiSetting> fromUserSettings = q.getResultList();
for (UiSetting currSetting : fromUserSettings) {
UiSetting newSetting = metadata.create(UiSetting.class);
newSetting.setUsername(toUser.getUsername());
newSetting.setName(currSetting.getName());
try {
Document doc = dom4JTools.readDocument(currSetting.getValue());
List<Element> components = doc.getRootElement().element("components").elements("component");
for (Element component : components) {
Attribute presentationAttr = component.attribute("presentation");
if (presentationAttr != null) {
UUID presentationId = UuidProvider.fromString(presentationAttr.getValue());
UiTablePresentation newPresentation = presentationsMap.get(presentationId);
if (newPresentation != null) {
presentationAttr.setValue(newPresentation.getId().toString());
}
}
}
newSetting.setValue(dom4JTools.writeDocument(doc, true));
} catch (Exception e) {
newSetting.setValue(currSetting.getValue());
}
entityManager.persist(newSetting);
}
});
}
Also used :
AccessDeniedException(io.jmix.core.security.AccessDeniedException)
TypedQuery(javax.persistence.TypedQuery)
Query(javax.persistence.Query)
Attribute(org.dom4j.Attribute)
Element(org.dom4j.Element)
Document(org.dom4j.Document)
AccessDeniedException(io.jmix.core.security.AccessDeniedException)
MetaClass(io.jmix.core.metamodel.model.MetaClass)
CrudEntityContext(io.jmix.core.accesscontext.CrudEntityContext)
UiTablePresentation(io.jmix.uidata.entity.UiTablePresentation)
UiSetting(io.jmix.uidata.entity.UiSetting)
Example 12 with AccessDeniedException
use of io.jmix.core.security.AccessDeniedException in project jmix by jmix-framework.
the class ScreenNavigationHandler method createEditorScreenOptions.
@Nullable
protected Map<String, Object> createEditorScreenOptions(WindowInfo windowInfo, NavigationState requestedState, AppUI ui) {
UrlChangeHandler urlChangeHandler = ui.getUrlChangeHandler();
String idParam = MapUtils.isNotEmpty(requestedState.getParams()) ? // If no id was passed, open editor for creation
requestedState.getParams().getOrDefault("id", NEW_ENTITY_ID) : NEW_ENTITY_ID;
Class<?> entityClass = EditorTypeExtractor.extractEntityClass(windowInfo);
if (entityClass == null) {
return null;
}
MetaClass metaClass = metadata.getClass(entityClass);
UiEntityContext entityContext = new UiEntityContext(metaClass);
accessManager.applyRegisteredConstraints(entityContext);
if (!entityContext.isViewPermitted()) {
urlChangeHandler.revertNavigationState();
throw new AccessDeniedException("entity", entityClass.getSimpleName(), "read");
}
if (NEW_ENTITY_ID.equals(idParam)) {
if (!entityContext.isCreatePermitted()) {
throw new AccessDeniedException("entity", entityClass.getSimpleName(), "create");
}
return ParamsMap.of("item", metadata.create(entityClass));
}
MetaProperty primaryKeyProperty = metadataTools.getPrimaryKeyProperty(metaClass);
if (primaryKeyProperty == null) {
throw new IllegalStateException(String.format("Entity %s has no primary key", metaClass.getName()));
}
Class<?> idType = primaryKeyProperty.getJavaType();
Object id = UrlIdSerializer.deserializeId(idType, idParam);
LoadContext<?> ctx = new LoadContext(metaClass);
ctx.setId(id);
ctx.setFetchPlan(fetchPlanRepository.getFetchPlan(metaClass, FetchPlan.INSTANCE_NAME));
Object entity = dataManager.load(ctx);
if (entity == null) {
urlChangeHandler.revertNavigationState();
throw new EntityAccessException(metaClass, id);
}
return ParamsMap.of("item", entity);
}
Also used :
UiEntityContext(io.jmix.ui.accesscontext.UiEntityContext)
AccessDeniedException(io.jmix.core.security.AccessDeniedException)
MetaClass(io.jmix.core.metamodel.model.MetaClass)
MetaProperty(io.jmix.core.metamodel.model.MetaProperty)
Nullable(javax.annotation.Nullable)
Example 13 with AccessDeniedException
use of io.jmix.core.security.AccessDeniedException in project jmix by jmix-framework.
the class UrlChangeHandler method isPermittedToNavigate.
public boolean isPermittedToNavigate(NavigationState requestedState, WindowInfo windowInfo) {
UiShowScreenContext showScreenContext = new UiShowScreenContext(windowInfo.getId());
accessManager.applyRegisteredConstraints(showScreenContext);
if (!showScreenContext.isPermitted()) {
revertNavigationState();
throw new AccessDeniedException("screen", windowInfo.getId());
}
NavigationFilter.AccessCheckResult navigationAllowed = navigationAllowed(requestedState);
if (navigationAllowed.isRejected()) {
if (isNotEmpty(navigationAllowed.getMessage())) {
showNotification(navigationAllowed.getMessage());
}
revertNavigationState();
return false;
}
return true;
}
Also used :
AccessDeniedException(io.jmix.core.security.AccessDeniedException)
UiShowScreenContext(io.jmix.ui.accesscontext.UiShowScreenContext)
AccessCheckResult(io.jmix.ui.navigation.NavigationFilter.AccessCheckResult)
Example 14 with AccessDeniedException
use of io.jmix.core.security.AccessDeniedException in project jmix by jmix-framework.
the class ScreensImpl method checkPermissions.
protected void checkPermissions(OpenMode openMode, WindowInfo windowInfo) {
// ROOT windows are always permitted
if (openMode != OpenMode.ROOT) {
UiShowScreenContext showScreenContext = new UiShowScreenContext(windowInfo.getId());
accessManager.applyRegisteredConstraints(showScreenContext);
if (!showScreenContext.isPermitted()) {
throw new AccessDeniedException("screen", windowInfo.getId());
}
}
}
Also used :
AccessDeniedException(io.jmix.core.security.AccessDeniedException)
UiShowScreenContext(io.jmix.ui.accesscontext.UiShowScreenContext)
Aggregations
AccessDeniedException (io.jmix.core.security.AccessDeniedException)14
MetaClass (io.jmix.core.metamodel.model.MetaClass)8
CrudEntityContext (io.jmix.core.accesscontext.CrudEntityContext)3
AppFolder (com.haulmont.cuba.core.entity.AppFolder)2
Folder (com.haulmont.cuba.core.entity.Folder)2
SearchFolder (com.haulmont.cuba.security.entity.SearchFolder)2
InMemoryCrudEntityContext (io.jmix.core.accesscontext.InMemoryCrudEntityContext)2
MetaProperty (io.jmix.core.metamodel.model.MetaProperty)2
UiShowScreenContext (io.jmix.ui.accesscontext.UiShowScreenContext)2
UiSetting (io.jmix.uidata.entity.UiSetting)2
UiTablePresentation (io.jmix.uidata.entity.UiTablePresentation)2
Nullable (javax.annotation.Nullable)2
Query (javax.persistence.Query)2
TypedQuery (javax.persistence.TypedQuery)2
Attribute (org.dom4j.Attribute)2
Document (org.dom4j.Document)2
Element (org.dom4j.Element)2
Authentication (org.springframework.security.core.Authentication)2
UserDetails (org.springframework.security.core.userdetails.UserDetails)2
EntityManager (com.haulmont.cuba.core.EntityManager)1
