Examples with GraphQLAccessContext io.jmix.graphql.accesscontext.GraphQLAccessContext used on opensource projects

Search in sources :

Example 1 with GraphQLAccessContext

use of io.jmix.graphql.accesscontext.GraphQLAccessContext in project jmix by jmix-framework.

the class GraphQLFilesUploadController method checkFileUploadPermission.

public void checkFileUploadPermission() {
    GraphQLAccessContext uploadContext = new GraphQLAccessContext(GraphQLAccessContext.GRAPHQL_FILE_UPLOAD_ENABLED);
    accessManager.applyRegisteredConstraints(uploadContext);
    if (!uploadContext.isPermitted()) {
        throw new AccessDeniedException("File upload failed. File upload is not permitted");
    }
}
Also used : AccessDeniedException(org.springframework.security.access.AccessDeniedException) GraphQLAccessContext(io.jmix.graphql.accesscontext.GraphQLAccessContext)

Example 2 with GraphQLAccessContext

use of io.jmix.graphql.accesscontext.GraphQLAccessContext in project jmix by jmix-framework.

the class SpecificPermissionInstrumentation method createState.

@Override
public InstrumentationState createState(InstrumentationCreateStateParameters parameters) {
    GraphQLAccessContext accessContext = new GraphQLAccessContext(GRAPHQL_ENABLED);
    accessManager.applyRegisteredConstraints(accessContext);
    if (!InstrumentationUtils.isIntrospectionQuery(parameters.getExecutionInput()) && !accessContext.isPermitted()) {
        throw new AbortExecutionException(messages.getMessage("io.jmix.graphql/gqlApiAccessDenied"));
    }
    return super.createState();
}
Also used : GraphQLAccessContext(io.jmix.graphql.accesscontext.GraphQLAccessContext) AbortExecutionException(graphql.execution.AbortExecutionException)

Example 3 with GraphQLAccessContext

use of io.jmix.graphql.accesscontext.GraphQLAccessContext in project jmix by jmix-framework.

the class FilePermissionService method checkFileUploadPermission.

public void checkFileUploadPermission() {
    GraphQLAccessContext uploadContext = new GraphQLAccessContext(GraphQLAccessContext.GRAPHQL_FILE_UPLOAD_ENABLED);
    accessManager.applyRegisteredConstraints(uploadContext);
    if (!uploadContext.isPermitted()) {
        throw new AccessDeniedException("File upload failed. File upload is not permitted");
    }
}
Also used : AccessDeniedException(org.springframework.security.access.AccessDeniedException) GraphQLAccessContext(io.jmix.graphql.accesscontext.GraphQLAccessContext)

Example 4 with GraphQLAccessContext

use of io.jmix.graphql.accesscontext.GraphQLAccessContext in project jmix by jmix-framework.

the class PermissionDataFetcher method getPermissions.

protected PermissionConfig getPermissions(boolean entities, boolean entityAttrs, boolean specifics) {
    PermissionConfig PermissionConfig = new PermissionConfig();
    List<ShortPermissionInfo> entityPermissions = new ArrayList<>();
    List<ShortPermissionInfo> entityAttributePermissions = new ArrayList<>();
    List<ShortPermissionInfo> specificPermissions = new ArrayList<>();
    PermissionConfig.setEntities(entityPermissions);
    PermissionConfig.setEntityAttributes(entityAttributePermissions);
    PermissionConfig.setSpecifics(specificPermissions);
    for (MetaClass metaClass : metadata.getSession().getClasses()) {
        CrudEntityContext entityContext = new CrudEntityContext(metaClass);
        accessManager.applyRegisteredConstraints(entityContext);
        if (entities) {
            if (entityContext.isCreatePermitted()) {
                entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "create"), ALLOWED_CRUD_PERMISSION));
            }
            if (entityContext.isReadPermitted()) {
                entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "read"), ALLOWED_CRUD_PERMISSION));
            }
            if (entityContext.isUpdatePermitted()) {
                entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "update"), ALLOWED_CRUD_PERMISSION));
            }
            if (entityContext.isDeletePermitted()) {
                entityPermissions.add(new ShortPermissionInfo(getEntityTarget(metaClass, "delete"), ALLOWED_CRUD_PERMISSION));
            }
        }
        if (entityAttrs) {
            for (MetaProperty metaProperty : metaClass.getProperties()) {
                EntityAttributeContext attributeContext = new EntityAttributeContext(metaClass, metaProperty.getName());
                accessManager.applyRegisteredConstraints(attributeContext);
                if (attributeContext.canModify()) {
                    entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), MODIFY_ATTRIBUTE_PERMISSION));
                } else if (attributeContext.canView()) {
                    entityAttributePermissions.add(new ShortPermissionInfo(getEntityAttributeTarget(metaClass, metaProperty), VIEW_ATTRIBUTE_PERMISSION));
                }
            }
        }
    }
    if (specifics) {
        GraphQLAccessContext downloadContext = new GraphQLAccessContext(GRAPHQL_FILE_DOWNLOAD_ENABLED);
        accessManager.applyRegisteredConstraints(downloadContext);
        if (downloadContext.isPermitted()) {
            specificPermissions.add(new ShortPermissionInfo(downloadContext.getName(), 1));
        } else {
            specificPermissions.add(new ShortPermissionInfo(downloadContext.getName(), 0));
        }
        GraphQLAccessContext uploadContext = new GraphQLAccessContext(GRAPHQL_FILE_UPLOAD_ENABLED);
        accessManager.applyRegisteredConstraints(uploadContext);
        if (uploadContext.isPermitted()) {
            specificPermissions.add(new ShortPermissionInfo(uploadContext.getName(), 1));
        } else {
            specificPermissions.add(new ShortPermissionInfo(uploadContext.getName(), 0));
        }
    }
    return PermissionConfig;
}
Also used : PermissionConfig(io.jmix.graphql.schema.permission.PermissionConfig) MetaClass(io.jmix.core.metamodel.model.MetaClass) CrudEntityContext(io.jmix.core.accesscontext.CrudEntityContext) GraphQLAccessContext(io.jmix.graphql.accesscontext.GraphQLAccessContext) EntityAttributeContext(io.jmix.core.accesscontext.EntityAttributeContext) ArrayList(java.util.ArrayList) ShortPermissionInfo(io.jmix.graphql.schema.permission.ShortPermissionInfo) MetaProperty(io.jmix.core.metamodel.model.MetaProperty)

Example 5 with GraphQLAccessContext

use of io.jmix.graphql.accesscontext.GraphQLAccessContext in project jmix by jmix-framework.

the class FilePermissionService method checkFileDownloadPermission.

public void checkFileDownloadPermission() {
    GraphQLAccessContext downloadContext = new GraphQLAccessContext(GraphQLAccessContext.GRAPHQL_FILE_DOWNLOAD_ENABLED);
    accessManager.applyRegisteredConstraints(downloadContext);
    if (!downloadContext.isPermitted()) {
        throw new GraphQLControllerException("File download failed", "File download is not permitted", HttpStatus.FORBIDDEN);
    }
}
Also used : GraphQLAccessContext(io.jmix.graphql.accesscontext.GraphQLAccessContext) GraphQLControllerException(io.jmix.graphql.controller.GraphQLControllerException)

Aggregations

GraphQLAccessContext (io.jmix.graphql.accesscontext.GraphQLAccessContext)5 AccessDeniedException (org.springframework.security.access.AccessDeniedException)2 AbortExecutionException (graphql.execution.AbortExecutionException)1 CrudEntityContext (io.jmix.core.accesscontext.CrudEntityContext)1 EntityAttributeContext (io.jmix.core.accesscontext.EntityAttributeContext)1 MetaClass (io.jmix.core.metamodel.model.MetaClass)1 MetaProperty (io.jmix.core.metamodel.model.MetaProperty)1 GraphQLControllerException (io.jmix.graphql.controller.GraphQLControllerException)1 PermissionConfig (io.jmix.graphql.schema.permission.PermissionConfig)1 ShortPermissionInfo (io.jmix.graphql.schema.permission.ShortPermissionInfo)1 ArrayList (java.util.ArrayList)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial