test/cuba
1
0
Fork 0
mirror of https://gitee.com/jmix/cuba.git synced 2024-12-01 10:47:37 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

PL-7549 Row level security for checking entity update in memory doesn't work in the test project

Browse Source
This commit is contained in:
Andrey Subbotin 2016-07-15 18:39:27 +04:00
parent ab9d2e7239
commit 09f3cee06f
1 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
modules/core/src/com/haulmont/cuba/core/app/DataManagerBean.java
View File

@ -45,6 +45,7 @@ import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method; import java.lang.reflect.Method;
import java.lang.reflect.Proxy; import java.lang.reflect.Proxy;
import java.util.*; import java.util.*;
import java.util.function.Predicate;
import static org.apache.commons.lang.StringUtils.isBlank; import static org.apache.commons.lang.StringUtils.isBlank;
@ -98,7 +99,6 @@ public class DataManagerBean implements DataManager {
} }
E result = null; E result = null;
boolean needToApplyInMemoryConstraints = needToApplyInMemoryConstraints(context);
try (Transaction tx = persistence.createTransaction()) { try (Transaction tx = persistence.createTransaction()) {
final EntityManager em = persistence.getEntityManager(); final EntityManager em = persistence.getEntityManager();
@ -120,7 +120,7 @@ public class DataManagerBean implements DataManager {
result = resultList.get(0); result = resultList.get(0);
} }
if (result != null && needToApplyInMemoryConstraints && security.filterByConstraints(result)) { if (result != null && needToApplyInMemoryReadConstraints(context) && security.filterByConstraints(result)) {
result = null; result = null;
} }
@ -132,7 +132,7 @@ public class DataManagerBean implements DataManager {
} }
if (result != null) { if (result != null) {
if (needToApplyInMemoryConstraints) { if (needToApplyConstraints(context)) {
security.applyConstraints(result); security.applyConstraints(result);
} }
attributeSecurity.afterLoad(result); attributeSecurity.afterLoad(result);
@ -190,7 +190,7 @@ public class DataManagerBean implements DataManager {
tx.commit(); tx.commit();
} }
if (needToApplyInMemoryConstraints(context)) { if (needToApplyConstraints(context)) {
security.applyConstraints((Collection<Entity>) resultList); security.applyConstraints((Collection<Entity>) resultList);
} }
@ -572,7 +572,7 @@ public class DataManagerBean implements DataManager {
View view = context.getView() != null ? context.getView() : View view = context.getView() != null ? context.getView() :
viewRepository.getView(metadata.getClassNN(context.getMetaClass()), View.LOCAL); viewRepository.getView(metadata.getClassNN(context.getMetaClass()), View.LOCAL);
View copy = View.copy(attributeSecurity.createRestrictedView(view)); View copy = View.copy(attributeSecurity.createRestrictedView(view));
if (context.isLoadPartialEntities() && !needToApplyInMemoryConstraints(context)) { if (context.isLoadPartialEntities() && !needToApplyInMemoryReadConstraints(context)) {
copy.setLoadPartialEntities(true); copy.setLoadPartialEntities(true);
} }
return copy; return copy;
@ -585,7 +585,7 @@ public class DataManagerBean implements DataManager {
if (initialSize == 0) { if (initialSize == 0) {
return list; return list;
} }
boolean needApplyConstraints = needToApplyInMemoryConstraints(context); boolean needApplyConstraints = needToApplyInMemoryReadConstraints(context);
boolean filteredByConstraints = false; boolean filteredByConstraints = false;
if (needApplyConstraints) { if (needApplyConstraints) {
filteredByConstraints = security.filterByConstraints((Collection<Entity>) list); filteredByConstraints = security.filterByConstraints((Collection<Entity>) list);
@ -808,19 +808,27 @@ public class DataManagerBean implements DataManager {
return null; return null;
} }
protected boolean needToApplyInMemoryConstraints(LoadContext context) { protected boolean needToApplyInMemoryReadConstraints(LoadContext context) {
return needToApplyConstraints(context, metaClass -> security.hasMemoryConstraints(metaClass, ConstraintOperationType.READ, ConstraintOperationType.ALL));
}
protected boolean needToApplyConstraints(LoadContext context) {
return needToApplyConstraints(context, metaClass -> security.hasConstraints(metaClass));
}
protected boolean needToApplyConstraints(LoadContext context, Predicate<MetaClass> hasConstraints) {
if (!isAuthorizationRequired() || !userSessionSource.getUserSession().hasConstraints()) { if (!isAuthorizationRequired() || !userSessionSource.getUserSession().hasConstraints()) {
return false; return false;
} }
if (context.getView() == null) { if (context.getView() == null) {
MetaClass metaClass = metadata.getSession().getClassNN(context.getMetaClass()); MetaClass metaClass = metadata.getSession().getClassNN(context.getMetaClass());
return security.hasMemoryConstraints(metaClass, ConstraintOperationType.READ, ConstraintOperationType.ALL); return hasConstraints.test(metaClass);
} }
Session session = metadata.getSession(); Session session = metadata.getSession();
for (Class aClass : collectEntityClasses(context.getView(), new HashSet<>())) { for (Class aClass : collectEntityClasses(context.getView(), new HashSet<>())) {
if (security.hasMemoryConstraints(session.getClassNN(aClass), ConstraintOperationType.READ, ConstraintOperationType.ALL)) { if (hasConstraints.test(session.getClassNN(aClass))) {
return true; return true;
} }
} }