Example 11 with AdWindowId
use of org.adempiere.ad.element.api.AdWindowId in project metasfresh-webui-api by metasfresh.
the class DocumentPermissionsHelper method assertCanView.
public static void assertCanView(@NonNull final Document document, @NonNull final IUserRolePermissions permissions) {
// In case document type is not Window, return OK because we cannot validate
if (document.getDocumentPath().getDocumentType() != DocumentType.Window) {
// OK
return;
}
// Check if we have window read permission
final AdWindowId adWindowId = document.getDocumentPath().getWindowId().toAdWindowIdOrNull();
if (adWindowId != null && !permissions.checkWindowPermission(adWindowId).hasReadAccess()) {
throw DocumentPermissionException.of(DocumentPermission.View, "no window read permission");
}
final int adTableId = getAdTableId(document);
if (adTableId <= 0) {
// cannot apply security because this is not table based
return;
}
final int recordId = getRecordId(document);
final OrgId orgId = document.getOrgId();
if (orgId == null) {
// the user cleared the field; field is flagged as mandatory; until the user set the field, don't make a fuss.
return;
}
final String errmsg = permissions.checkCanView(document.getClientId(), orgId, adTableId, recordId);
if (errmsg != null) {
throw DocumentPermissionException.of(DocumentPermission.View, errmsg);
}
}
Also used :
OrgId(de.metas.organization.OrgId)
AdWindowId(org.adempiere.ad.element.api.AdWindowId)
Example 12 with AdWindowId
use of org.adempiere.ad.element.api.AdWindowId in project metasfresh-webui-api by metasfresh.
the class DocumentPermissionsHelper method checkCanEdit.
private static String checkCanEdit(@NonNull final Document document, @NonNull final IUserRolePermissions permissions) {
// In case document type is not Window, return OK because we cannot validate
final DocumentPath documentPath = document.getDocumentPath();
if (documentPath.getDocumentType() != DocumentType.Window) {
// OK
return null;
}
// Check if we have window write permission
final AdWindowId adWindowId = documentPath.getWindowId().toAdWindowIdOrNull();
if (adWindowId != null && !permissions.checkWindowPermission(adWindowId).hasWriteAccess()) {
return "no window edit permission";
}
final int adTableId = getAdTableId(document);
if (adTableId <= 0) {
// not table based => OK
return null;
}
final int recordId = getRecordId(document);
final ClientId adClientId = document.getClientId();
final OrgId adOrgId = document.getOrgId();
if (adOrgId == null) {
// the user cleared the field; field is flagged as mandatory; until user set the field, don't make a fuss.
return null;
}
return permissions.checkCanUpdate(adClientId, adOrgId, adTableId, recordId);
}
Also used :
OrgId(de.metas.organization.OrgId)
DocumentPath(de.metas.ui.web.window.datatypes.DocumentPath)
ClientId(org.adempiere.service.ClientId)
AdWindowId(org.adempiere.ad.element.api.AdWindowId)
Aggregations
AdWindowId (org.adempiere.ad.element.api.AdWindowId)12
DocumentPath (de.metas.ui.web.window.datatypes.DocumentPath)4
AdempiereException (org.adempiere.exceptions.AdempiereException)4
EntityNotFoundException (de.metas.ui.web.exceptions.EntityNotFoundException)3
CCache (de.metas.cache.CCache)2
IModelTranslationMap (de.metas.i18n.IModelTranslationMap)2
LogManager (de.metas.logging.LogManager)2
OrgId (de.metas.organization.OrgId)2
ElementPermission (de.metas.security.permissions.ElementPermission)2
DocumentId (de.metas.ui.web.window.datatypes.DocumentId)2
LookupValue (de.metas.ui.web.window.datatypes.LookupValue)2
WindowId (de.metas.ui.web.window.datatypes.WindowId)2
DocumentEntityDescriptor (de.metas.ui.web.window.descriptor.DocumentEntityDescriptor)2
RecordZoomWindowFinder (org.adempiere.model.RecordZoomWindowFinder)2
Joiner (com.google.common.base.Joiner)1
Preconditions (com.google.common.base.Preconditions)1
ImmutableList (com.google.common.collect.ImmutableList)1
ImmutableSet (com.google.common.collect.ImmutableSet)1
Amount (de.metas.currency.Amount)1
CurrencyCode (de.metas.currency.CurrencyCode)1
