Example 1 with EntityFormModifierRequest
use of org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierRequest in project BroadleafCommerce by BroadleafCommerce.
the class FormBuilderServiceImpl method buildCollectionListGrid.
@Override
public ListGrid buildCollectionListGrid(String containingEntityId, DynamicResultSet drs, Property field, String sectionKey, List<SectionCrumb> sectionCrumbs) throws ServiceException {
FieldMetadata fmd = field.getMetadata();
// Get the class metadata for this particular field
PersistencePackageRequest ppr = PersistencePackageRequest.fromMetadata(fmd, sectionCrumbs);
if (field != null) {
ppr.setSectionEntityField(field.getName());
}
ClassMetadata cmd = adminEntityService.getClassMetadata(ppr).getDynamicResultSet().getClassMetaData();
List<Field> headerFields = new ArrayList<>();
ListGrid.Type type = null;
boolean editable = false;
boolean sortable = false;
boolean readOnly = false;
boolean hideIdColumn = false;
boolean canFilterAndSort = true;
boolean modalSingleSelectable = false;
boolean modalMultiSelectable = false;
boolean selectize = false;
boolean isMedia = false;
boolean isLookup = false;
String sortProperty = null;
FieldWrapper wrapper = new FieldWrapper();
ArrayList<FieldDTO> defaultWrapperFields = new ArrayList<>();
String idProperty = "id";
for (Property property : cmd.getProperties()) {
if (property.getMetadata() instanceof BasicFieldMetadata && SupportedFieldType.ID == ((BasicFieldMetadata) property.getMetadata()).getFieldType() && // make sure it's a property for this entity - not an association
!property.getName().contains(".")) {
idProperty = property.getName();
break;
}
}
// kind of field this is.
if (fmd instanceof BasicFieldMetadata) {
readOnly = ((BasicFieldMetadata) fmd).getReadOnly();
modalSingleSelectable = true;
for (Property p : cmd.getProperties()) {
if (p.getMetadata() instanceof BasicFieldMetadata) {
BasicFieldMetadata md = (BasicFieldMetadata) p.getMetadata();
if (SupportedFieldType.ID.equals(md.getFieldType())) {
idProperty = md.getName();
}
if (md.isProminent() != null && md.isProminent() && !ArrayUtils.contains(getGridHiddenVisibilities(), md.getVisibility())) {
Field hf = createHeaderField(p, md);
headerFields.add(hf);
defaultWrapperFields.add(constructFieldDTOFromFieldData(hf, md));
}
if (md.getIsFilter() != null && md.getIsFilter()) {
Field f = createHeaderField(p, md);
wrapper.getFields().add(constructFieldDTOFromFieldData(f, md));
}
}
}
type = ListGrid.Type.TO_ONE;
} else if (fmd instanceof BasicCollectionMetadata) {
BasicCollectionMetadata bcm = (BasicCollectionMetadata) fmd;
readOnly = !bcm.isMutable();
if (AddMethodType.LOOKUP.equals(bcm.getAddMethodType())) {
isLookup = true;
}
if (AddMethodType.SELECTIZE_LOOKUP.equals(bcm.getAddMethodType())) {
Property p = cmd.getPMap().get(bcm.getSelectizeVisibleField());
if (p != null) {
BasicFieldMetadata md = (BasicFieldMetadata) p.getMetadata();
Field hf = createHeaderField(p, md);
headerFields.add(hf);
wrapper.getFields().add(constructFieldDTOFromFieldData(hf, md));
}
} else {
for (Property p : cmd.getProperties()) {
if (p.getMetadata() instanceof BasicFieldMetadata) {
BasicFieldMetadata md = (BasicFieldMetadata) p.getMetadata();
if (md.isProminent() != null && md.isProminent() && !ArrayUtils.contains(getGridHiddenVisibilities(), md.getVisibility())) {
Field hf = createHeaderField(p, md);
headerFields.add(hf);
defaultWrapperFields.add(constructFieldDTOFromFieldData(hf, md));
}
if (md.getIsFilter() != null && md.getIsFilter()) {
Field f = createHeaderField(p, md);
wrapper.getFields().add(constructFieldDTOFromFieldData(f, md));
}
}
}
}
type = ListGrid.Type.BASIC;
if (AddMethodType.PERSIST.equals(bcm.getAddMethodType()) || AddMethodType.PERSIST_EMPTY.equals(bcm.getAddMethodType())) {
editable = true;
} else if (AddMethodType.SELECTIZE_LOOKUP.equals(bcm.getAddMethodType())) {
selectize = true;
modalSingleSelectable = true;
} else {
modalSingleSelectable = true;
}
sortable = StringUtils.isNotBlank(bcm.getSortProperty());
if (sortable) {
sortProperty = bcm.getSortProperty();
}
} else if (fmd instanceof AdornedTargetCollectionMetadata) {
modalSingleSelectable = true;
readOnly = !((AdornedTargetCollectionMetadata) fmd).isMutable();
AdornedTargetCollectionMetadata atcmd = (AdornedTargetCollectionMetadata) fmd;
if (AdornedTargetAddMethodType.LOOKUP.equals(atcmd.getAdornedTargetAddMethodType())) {
isLookup = true;
}
if (AdornedTargetAddMethodType.SELECTIZE_LOOKUP.equals(atcmd.getAdornedTargetAddMethodType())) {
selectize = true;
Property p = cmd.getPMap().get(atcmd.getSelectizeVisibleField());
if (p != null) {
BasicFieldMetadata md = (BasicFieldMetadata) p.getMetadata();
Field hf = createHeaderField(p, md);
headerFields.add(hf);
wrapper.getFields().add(constructFieldDTOFromFieldData(hf, md));
}
} else {
for (String fieldName : atcmd.getGridVisibleFields()) {
Property p = cmd.getPMap().get(fieldName);
if (p != null) {
BasicFieldMetadata md = (BasicFieldMetadata) p.getMetadata();
Field hf = createHeaderField(p, md);
headerFields.add(hf);
wrapper.getFields().add(constructFieldDTOFromFieldData(hf, md));
}
}
}
type = ListGrid.Type.ADORNED;
if (atcmd.getMaintainedAdornedTargetFields().length > 0) {
editable = true;
}
AdornedTargetList adornedList = (AdornedTargetList) atcmd.getPersistencePerspective().getPersistencePerspectiveItems().get(PersistencePerspectiveItemType.ADORNEDTARGETLIST);
sortable = StringUtils.isNotBlank(adornedList.getSortField());
if (sortable) {
sortProperty = adornedList.getSortField();
}
} else if (fmd instanceof MapMetadata) {
readOnly = !((MapMetadata) fmd).isMutable();
MapMetadata mmd = (MapMetadata) fmd;
Property p2 = cmd.getPMap().get("key");
BasicFieldMetadata keyMd = (BasicFieldMetadata) p2.getMetadata();
keyMd.setFriendlyName(getMapKeyFriendlyName(p2));
Field hf = createHeaderField(p2, keyMd);
headerFields.add(hf);
wrapper.getFields().add(constructFieldDTOFromFieldData(hf, keyMd));
if (mmd.isSimpleValue()) {
Property valueProperty = cmd.getPMap().get("value");
BasicFieldMetadata valueMd = (BasicFieldMetadata) valueProperty.getMetadata();
valueMd.setFriendlyName("Value");
hf = createHeaderField(valueProperty, valueMd);
headerFields.add(hf);
wrapper.getFields().add(constructFieldDTOFromFieldData(hf, valueMd));
idProperty = "key";
hideIdColumn = true;
} else {
for (Property p : cmd.getProperties()) {
if (p.getMetadata() instanceof BasicFieldMetadata) {
BasicFieldMetadata md = (BasicFieldMetadata) p.getMetadata();
String valueClassName = mmd.getValueClassName();
if (!StringUtils.isEmpty(mmd.getToOneTargetProperty())) {
Class<?> clazz;
try {
clazz = Class.forName(mmd.getValueClassName());
} catch (ClassNotFoundException e) {
throw ExceptionHelper.refineException(e);
}
java.lang.reflect.Field nestedField = FieldManager.getSingleField(clazz, mmd.getToOneTargetProperty());
ManyToOne manyToOne = nestedField.getAnnotation(ManyToOne.class);
if (manyToOne != null && !manyToOne.targetEntity().getName().equals(void.class.getName())) {
valueClassName = manyToOne.targetEntity().getName();
} else {
OneToOne oneToOne = nestedField.getAnnotation(OneToOne.class);
if (oneToOne != null && !oneToOne.targetEntity().getName().equals(void.class.getName())) {
valueClassName = oneToOne.targetEntity().getName();
}
}
}
if (md.getTargetClass().equals(valueClassName)) {
if (md.isProminent() != null && md.isProminent() && !ArrayUtils.contains(getGridHiddenVisibilities(), md.getVisibility())) {
hf = createHeaderField(p, md);
headerFields.add(hf);
defaultWrapperFields.add(constructFieldDTOFromFieldData(hf, md));
// Is this a media listgrid
if (hf.getFieldType().equals("ASSET_LOOKUP")) {
isMedia = true;
}
}
if (md.getIsFilter() != null && md.getIsFilter()) {
wrapper.getFields().add(constructFieldDTOFromFieldData(hf, md));
}
}
}
}
}
type = ListGrid.Type.MAP;
editable = true;
canFilterAndSort = false;
}
String ceilingType = "";
if (fmd instanceof BasicFieldMetadata) {
ceilingType = cmd.getCeilingType();
} else if (fmd instanceof CollectionMetadata) {
ceilingType = ((CollectionMetadata) fmd).getCollectionCeilingEntity();
}
if (CollectionUtils.isEmpty(headerFields)) {
String message = "There are no listgrid header fields configured for the class " + ceilingType + " and property '" + StringUtil.sanitize(field.getName()) + "'.";
if (selectize && (type == ListGrid.Type.ADORNED || type == ListGrid.Type.ADORNED_WITH_FORM)) {
message += " Please configure 'selectizeVisibleField' in your @AdminPresentationAdornedTargetCollection configuration";
} else if (type == ListGrid.Type.ADORNED || type == ListGrid.Type.ADORNED_WITH_FORM) {
message += " Please configure 'gridVisibleFields' in your @AdminPresentationAdornedTargetCollection configuration";
} else if (selectize && type == ListGrid.Type.BASIC) {
message += " Please configure 'selectizeVisibleField' in your @AdminPresentationCollection configuration";
} else {
message += " Please mark some @AdminPresentation fields with 'prominent = true'";
}
LOG.error(message);
}
ListGrid listGrid = createListGrid(ceilingType, headerFields, type, drs, sectionKey, fmd.getOrder(), idProperty, sectionCrumbs, sortProperty);
listGrid.setSubCollectionFieldName(field.getName());
listGrid.setFriendlyName(field.getMetadata().getFriendlyName());
if (StringUtils.isEmpty(listGrid.getFriendlyName())) {
listGrid.setFriendlyName(field.getName());
}
listGrid.setContainingEntityId(containingEntityId);
listGrid.setIsReadOnly(readOnly);
listGrid.setHideIdColumn(hideIdColumn);
listGrid.setCanFilterAndSort(canFilterAndSort);
// Set up the filter builder params
Date c = new Date();
String friendlyName = field.getMetadata().getFriendlyName();
String jsonFriendlyName = friendlyName.replaceAll(" ", "_");
listGrid.setJsonFieldName(jsonFriendlyName + c.getTime() + "Json");
listGrid.setFriendlyName(friendlyName);
listGrid.setFieldBuilder("RULE_SIMPLE");
if (CollectionUtils.isEmpty(wrapper.getFields())) {
wrapper.setFields(defaultWrapperFields);
}
listGrid.setFieldWrapper(wrapper);
String blankJsonString = "{\"data\":[]}";
listGrid.setJson(blankJsonString);
DataWrapper dw = convertJsonToDataWrapper(blankJsonString);
if (dw != null) {
listGrid.setDataWrapper(dw);
}
if (editable) {
listGrid.getRowActions().add(DefaultListGridActions.UPDATE);
}
if (readOnly) {
listGrid.getRowActions().add(DefaultListGridActions.VIEW);
}
if (sortable) {
listGrid.setCanFilterAndSort(false);
listGrid.setIsSortable(true);
}
if (modalSingleSelectable) {
if (readOnly) {
listGrid.addModalRowAction(DefaultListGridActions.SINGLE_SELECT.clone().withForListGridReadOnly(true));
} else {
listGrid.addModalRowAction(DefaultListGridActions.SINGLE_SELECT);
}
}
listGrid.setSelectType(ListGrid.SelectType.SINGLE_SELECT);
if (selectize) {
listGrid.setSelectizeUrl(buildSelectizeUrl(listGrid));
listGrid.setSelectType(ListGrid.SelectType.SELECTIZE);
}
if (modalMultiSelectable) {
listGrid.addModalRowAction(DefaultListGridActions.MULTI_SELECT);
listGrid.setSelectType(ListGrid.SelectType.MULTI_SELECT);
}
listGrid.getRowActions().add(DefaultListGridActions.REMOVE);
if (fmd.getManualFetch()) {
listGrid.setManualFetch(true);
listGrid.getToolbarActions().add(DefaultListGridActions.MANUAL_FETCH);
}
if (isMedia) {
listGrid.setListGridType(ListGrid.Type.ASSET_GRID);
}
extensionManager.getProxy().modifyListGrid(listGrid.getClassName(), listGrid);
// If someone has replaced RowLevelSecurityService, check here to make sure the replacement implements the expected interface
if (rowLevelSecurityService instanceof ExceptionAwareRowLevelSecurityProvider) {
EntityFormModifierConfiguration entityFormModifierConfiguration = ((ExceptionAwareRowLevelSecurityProvider) rowLevelSecurityService).getUpdateDenialExceptions();
for (EntityFormModifierData<EntityFormModifierDataPoint> data : entityFormModifierConfiguration.getData()) {
for (EntityFormModifier modifier : entityFormModifierConfiguration.getModifier()) {
if (modifier.isQualified(data.getModifierType())) {
modifier.modifyListGrid(new EntityFormModifierRequest().withListGrid(listGrid).withConfiguration(data).withCurrentUser(adminRemoteSecurityService.getPersistentAdminUser()).withRowLevelSecurityService(rowLevelSecurityService));
}
}
}
}
return listGrid;
}
Also used :
ClassMetadata(org.broadleafcommerce.openadmin.dto.ClassMetadata)
FieldMetadata(org.broadleafcommerce.openadmin.dto.FieldMetadata)
BasicFieldMetadata(org.broadleafcommerce.openadmin.dto.BasicFieldMetadata)
ArrayList(java.util.ArrayList)
PersistencePackageRequest(org.broadleafcommerce.openadmin.server.domain.PersistencePackageRequest)
EntityFormModifier(org.broadleafcommerce.openadmin.server.security.service.EntityFormModifier)
ManyToOne(javax.persistence.ManyToOne)
EntityFormModifierConfiguration(org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierConfiguration)
DataWrapper(org.broadleafcommerce.openadmin.web.rulebuilder.dto.DataWrapper)
CodeField(org.broadleafcommerce.openadmin.web.form.entity.CodeField)
RuleBuilderField(org.broadleafcommerce.openadmin.web.form.component.RuleBuilderField)
Field(org.broadleafcommerce.openadmin.web.form.entity.Field)
ComboField(org.broadleafcommerce.openadmin.web.form.entity.ComboField)
MediaField(org.broadleafcommerce.openadmin.web.form.component.MediaField)
OneToOne(javax.persistence.OneToOne)
FieldWrapper(org.broadleafcommerce.openadmin.web.rulebuilder.dto.FieldWrapper)
Property(org.broadleafcommerce.openadmin.dto.Property)
AdornedTargetList(org.broadleafcommerce.openadmin.dto.AdornedTargetList)
MapMetadata(org.broadleafcommerce.openadmin.dto.MapMetadata)
FieldDTO(org.broadleafcommerce.openadmin.web.rulebuilder.dto.FieldDTO)
BasicCollectionMetadata(org.broadleafcommerce.openadmin.dto.BasicCollectionMetadata)
AdornedTargetCollectionMetadata(org.broadleafcommerce.openadmin.dto.AdornedTargetCollectionMetadata)
CollectionMetadata(org.broadleafcommerce.openadmin.dto.CollectionMetadata)
EntityFormModifierDataPoint(org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierDataPoint)
ListGrid(org.broadleafcommerce.openadmin.web.form.component.ListGrid)
Date(java.util.Date)
BasicFieldMetadata(org.broadleafcommerce.openadmin.dto.BasicFieldMetadata)
EntityFormModifierRequest(org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierRequest)
ExceptionAwareRowLevelSecurityProvider(org.broadleafcommerce.openadmin.server.security.service.ExceptionAwareRowLevelSecurityProvider)
BasicCollectionMetadata(org.broadleafcommerce.openadmin.dto.BasicCollectionMetadata)
AdornedTargetCollectionMetadata(org.broadleafcommerce.openadmin.dto.AdornedTargetCollectionMetadata)
Example 2 with EntityFormModifierRequest
use of org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierRequest in project BroadleafCommerce by BroadleafCommerce.
the class FormBuilderServiceImpl method setReadOnlyState.
/**
* The given <b>entityForm</b> is marked as readonly for the following cases:
* <ol>
* <li>All of the properties from <b>cmd</b> are readonly</b></li>
* <li>The user does not have the security to {@link EntityOperationType#UPDATE} the given class name represented by
* the <b>entityForm</b> (determined by {@link #getSecurityClassname(EntityForm, ClassMetadata)})</li>
* <li>The user does not have the security necessary to modify the given <b>entity</b> according to the
* {@link RowLevelSecurityService#canUpdate(AdminUser, Entity)}</li>
* </ol>
*
* @param entityForm the form being generated
* @param cmd the metatadata used to build the <b>entityForm</b> for the <b>entity</b>
* @param entity the entity being edited
* @see {@link SecurityVerifier#securityCheck(String, EntityOperationType)}
* @see {@link #getSecurityClassname(EntityForm, ClassMetadata)}
* @see {@link RowLevelSecurityService#canUpdate(AdminUser, Entity)}
*/
protected void setReadOnlyState(EntityForm entityForm, ClassMetadata cmd, Entity entity) {
boolean readOnly = true;
// If all of the fields are read only, we'll mark the form as such
for (Property property : cmd.getProperties()) {
FieldMetadata fieldMetadata = property.getMetadata();
if (fieldMetadata instanceof BasicFieldMetadata) {
readOnly = ((BasicFieldMetadata) fieldMetadata).getReadOnly() != null && ((BasicFieldMetadata) fieldMetadata).getReadOnly();
if (!readOnly) {
break;
}
} else {
readOnly = ((CollectionMetadata) fieldMetadata).isMutable();
if (!readOnly) {
break;
}
}
}
if (!readOnly) {
// If the user does not have edit permissions, we will go ahead and make the form read only to prevent confusion
try {
String securityEntityClassname = getSecurityClassname(entityForm, cmd);
adminRemoteSecurityService.securityCheck(securityEntityClassname, EntityOperationType.UPDATE);
} catch (ServiceException e) {
if (e instanceof SecurityServiceException) {
readOnly = true;
}
}
}
// are not readonly, then check the row-level security
if (!readOnly) {
readOnly = !rowLevelSecurityService.canUpdate(adminRemoteSecurityService.getPersistentAdminUser(), entity);
}
if (readOnly) {
entityForm.setReadOnly();
// If someone has replaced RowLevelSecurityService, check here to make sure the replacement implements the expected interface
if (rowLevelSecurityService instanceof ExceptionAwareRowLevelSecurityProvider) {
EntityFormModifierConfiguration entityFormModifierConfiguration = ((ExceptionAwareRowLevelSecurityProvider) rowLevelSecurityService).getUpdateDenialExceptions();
for (EntityFormModifierData<EntityFormModifierDataPoint> data : entityFormModifierConfiguration.getData()) {
for (EntityFormModifier modifier : entityFormModifierConfiguration.getModifier()) {
if (modifier.isQualified(data.getModifierType())) {
modifier.modifyEntityForm(new EntityFormModifierRequest().withEntityForm(entityForm).withConfiguration(data).withCurrentUser(adminRemoteSecurityService.getPersistentAdminUser()).withEntity(entity).withRowLevelSecurityService(rowLevelSecurityService));
}
}
}
}
}
}
Also used :
SecurityServiceException(org.broadleafcommerce.common.exception.SecurityServiceException)
FieldMetadata(org.broadleafcommerce.openadmin.dto.FieldMetadata)
BasicFieldMetadata(org.broadleafcommerce.openadmin.dto.BasicFieldMetadata)
EntityFormModifierDataPoint(org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierDataPoint)
EntityFormModifier(org.broadleafcommerce.openadmin.server.security.service.EntityFormModifier)
EntityFormModifierConfiguration(org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierConfiguration)
ServiceException(org.broadleafcommerce.common.exception.ServiceException)
SecurityServiceException(org.broadleafcommerce.common.exception.SecurityServiceException)
BasicFieldMetadata(org.broadleafcommerce.openadmin.dto.BasicFieldMetadata)
EntityFormModifierRequest(org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierRequest)
ExceptionAwareRowLevelSecurityProvider(org.broadleafcommerce.openadmin.server.security.service.ExceptionAwareRowLevelSecurityProvider)
Property(org.broadleafcommerce.openadmin.dto.Property)
Aggregations
BasicFieldMetadata (org.broadleafcommerce.openadmin.dto.BasicFieldMetadata)2
FieldMetadata (org.broadleafcommerce.openadmin.dto.FieldMetadata)2
Property (org.broadleafcommerce.openadmin.dto.Property)2
EntityFormModifier (org.broadleafcommerce.openadmin.server.security.service.EntityFormModifier)2
EntityFormModifierConfiguration (org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierConfiguration)2
EntityFormModifierDataPoint (org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierDataPoint)2
EntityFormModifierRequest (org.broadleafcommerce.openadmin.server.security.service.EntityFormModifierRequest)2
ExceptionAwareRowLevelSecurityProvider (org.broadleafcommerce.openadmin.server.security.service.ExceptionAwareRowLevelSecurityProvider)2
ArrayList (java.util.ArrayList)1
Date (java.util.Date)1
ManyToOne (javax.persistence.ManyToOne)1
OneToOne (javax.persistence.OneToOne)1
SecurityServiceException (org.broadleafcommerce.common.exception.SecurityServiceException)1
ServiceException (org.broadleafcommerce.common.exception.ServiceException)1
AdornedTargetCollectionMetadata (org.broadleafcommerce.openadmin.dto.AdornedTargetCollectionMetadata)1
AdornedTargetList (org.broadleafcommerce.openadmin.dto.AdornedTargetList)1
BasicCollectionMetadata (org.broadleafcommerce.openadmin.dto.BasicCollectionMetadata)1
ClassMetadata (org.broadleafcommerce.openadmin.dto.ClassMetadata)1
CollectionMetadata (org.broadleafcommerce.openadmin.dto.CollectionMetadata)1
MapMetadata (org.broadleafcommerce.openadmin.dto.MapMetadata)1
