use of io.jmix.graphql.accesscontext.GraphQLAccessContext in project jmix by jmix-framework.
the class GraphQLFilesUploadController method checkFileUploadPermission.
public void checkFileUploadPermission() {
GraphQLAccessContext uploadContext = new GraphQLAccessContext(GraphQLAccessContext.GRAPHQL_FILE_UPLOAD_ENABLED);
accessManager.applyRegisteredConstraints(uploadContext);
if (!uploadContext.isPermitted()) {
throw new AccessDeniedException("File upload failed. File upload is not permitted");
}
}
use of io.jmix.graphql.accesscontext.GraphQLAccessContext in project jmix by jmix-framework.
the class SpecificPermissionInstrumentation method createState.
@Override
public InstrumentationState createState(InstrumentationCreateStateParameters parameters) {
GraphQLAccessContext accessContext = new GraphQLAccessContext(GRAPHQL_ENABLED);
accessManager.applyRegisteredConstraints(accessContext);
if (!InstrumentationUtils.isIntrospectionQuery(parameters.getExecutionInput()) && !accessContext.isPermitted()) {
throw new AbortExecutionException(messages.getMessage("io.jmix.graphql/gqlApiAccessDenied"));
}
return super.createState();
}
use of io.jmix.graphql.accesscontext.GraphQLAccessContext in project jmix by jmix-framework.
the class FilePermissionService method checkFileUploadPermission.
public void checkFileUploadPermission() {
GraphQLAccessContext uploadContext = new GraphQLAccessContext(GraphQLAccessContext.GRAPHQL_FILE_UPLOAD_ENABLED);
accessManager.applyRegisteredConstraints(uploadContext);
if (!uploadContext.isPermitted()) {
throw new AccessDeniedException("File upload failed. File upload is not permitted");
}
}
use of io.jmix.graphql.accesscontext.GraphQLAccessContext in project jmix by jmix-framework.
the class PermissionDataFetcher method getPermissions.
protected PermissionConfig getPermissions(boolean entities, boolean entityAttrs, boolean specifics) {
PermissionConfig PermissionConfig = new PermissionConfig();
List<ShortPermissionInfo> entityPermissions = new ArrayList<>();
List<ShortPermissionInfo> entityAttributePermissions = new ArrayList<>();
List<ShortPermissionInfo> specificPermissions = new ArrayList<>();
PermissionConfig.setEntities(entityPermissions);
PermissionConfig.setEntityAttributes(entityAttributePermissions);
PermissionConfig.setSpecifics(specificPermissions);
for (MetaClass metaClass : metadata.getSession().getClasses()) {
CrudEntityContext entityContext = new CrudEntityContext(metaClass);
accessManager.applyRegisteredConstraints(entityContext);
if (entities) {
if (entityContext.isCreatePermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "create"), ALLOWED_CRUD_PERMISSION));
}
if (entityContext.isReadPermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "read"), ALLOWED_CRUD_PERMISSION));
}
if (entityContext.isUpdatePermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "update"), ALLOWED_CRUD_PERMISSION));
}
if (entityContext.isDeletePermitted()) {
entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "delete"), ALLOWED_CRUD_PERMISSION));
}
}
if (entityAttrs) {
for (MetaProperty metaProperty : metaClass.getProperties()) {
EntityAttributeContext attributeContext = new EntityAttributeContext(metaClass, metaProperty.getName());
accessManager.applyRegisteredConstraints(attributeContext);
if (attributeContext.canModify()) {
entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), MODIFY_ATTRIBUTE_PERMISSION));
} else if (attributeContext.canView()) {
entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), VIEW_ATTRIBUTE_PERMISSION));
}
}
}
}
if (specifics) {
GraphQLAccessContext downloadContext = new GraphQLAccessContext(GRAPHQL_FILE_DOWNLOAD_ENABLED);
accessManager.applyRegisteredConstraints(downloadContext);
if (downloadContext.isPermitted()) {
specificPermissions.add(new ShortPermissionInfo(downloadContext.getName(), 1));
} else {
specificPermissions.add(new ShortPermissionInfo(downloadContext.getName(), 0));
}
GraphQLAccessContext uploadContext = new GraphQLAccessContext(GRAPHQL_FILE_UPLOAD_ENABLED);
accessManager.applyRegisteredConstraints(uploadContext);
if (uploadContext.isPermitted()) {
specificPermissions.add(new ShortPermissionInfo(uploadContext.getName(), 1));
} else {
specificPermissions.add(new ShortPermissionInfo(uploadContext.getName(), 0));
}
}
return PermissionConfig;
}
use of io.jmix.graphql.accesscontext.GraphQLAccessContext in project jmix by jmix-framework.
the class FilePermissionService method checkFileDownloadPermission.
public void checkFileDownloadPermission() {
GraphQLAccessContext downloadContext = new GraphQLAccessContext(GraphQLAccessContext.GRAPHQL_FILE_DOWNLOAD_ENABLED);
accessManager.applyRegisteredConstraints(downloadContext);
if (!downloadContext.isPermitted()) {
throw new GraphQLControllerException("File download failed", "File download is not permitted", HttpStatus.FORBIDDEN);
}
}
Aggregations