test/cuba
1
0
Fork 0
mirror of https://gitee.com/jmix/cuba.git synced 2024-12-01 02:38:21 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

PL-7549 Row level security for checking entity update in memory doesn't work in the test project

Browse Source
This commit is contained in:
Andrey Subbotin 2016-07-15 18:39:27 +04:00
parent ab9d2e7239
commit 09f3cee06f
1 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
modules/core/src/com/haulmont/cuba/core/app/DataManagerBean.java
View File

@ -45,6 +45,7 @@ import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.*;
import java.util.function.Predicate;
import static org.apache.commons.lang.StringUtils.isBlank;
@ -98,7 +99,6 @@ public class DataManagerBean implements DataManager {
}
E result = null;
boolean needToApplyInMemoryConstraints = needToApplyInMemoryConstraints(context);
try (Transaction tx = persistence.createTransaction()) {
final EntityManager em = persistence.getEntityManager();
@ -120,7 +120,7 @@ public class DataManagerBean implements DataManager {
result = resultList.get(0);
}
if (result != null && needToApplyInMemoryConstraints && security.filterByConstraints(result)) {
if (result != null && needToApplyInMemoryReadConstraints(context) && security.filterByConstraints(result)) {
result = null;
}
@ -132,7 +132,7 @@ public class DataManagerBean implements DataManager {
}
if (result != null) {
if (needToApplyInMemoryConstraints) {
if (needToApplyConstraints(context)) {
security.applyConstraints(result);
}
attributeSecurity.afterLoad(result);
@ -190,7 +190,7 @@ public class DataManagerBean implements DataManager {
tx.commit();
}
if (needToApplyInMemoryConstraints(context)) {
if (needToApplyConstraints(context)) {
security.applyConstraints((Collection<Entity>) resultList);
}
@ -572,7 +572,7 @@ public class DataManagerBean implements DataManager {
View view = context.getView() != null ? context.getView() :
viewRepository.getView(metadata.getClassNN(context.getMetaClass()), View.LOCAL);
View copy = View.copy(attributeSecurity.createRestrictedView(view));
if (context.isLoadPartialEntities() && !needToApplyInMemoryConstraints(context)) {
if (context.isLoadPartialEntities() && !needToApplyInMemoryReadConstraints(context)) {
copy.setLoadPartialEntities(true);
}
return copy;
@ -585,7 +585,7 @@ public class DataManagerBean implements DataManager {
if (initialSize == 0) {
return list;
}
boolean needApplyConstraints = needToApplyInMemoryConstraints(context);
boolean needApplyConstraints = needToApplyInMemoryReadConstraints(context);
boolean filteredByConstraints = false;
if (needApplyConstraints) {
filteredByConstraints = security.filterByConstraints((Collection<Entity>) list);
@ -808,19 +808,27 @@ public class DataManagerBean implements DataManager {
return null;
}
protected boolean needToApplyInMemoryConstraints(LoadContext context) {
protected boolean needToApplyInMemoryReadConstraints(LoadContext context) {
return needToApplyConstraints(context, metaClass -> security.hasMemoryConstraints(metaClass, ConstraintOperationType.READ, ConstraintOperationType.ALL));
}
protected boolean needToApplyConstraints(LoadContext context) {
return needToApplyConstraints(context, metaClass -> security.hasConstraints(metaClass));
}
protected boolean needToApplyConstraints(LoadContext context, Predicate<MetaClass> hasConstraints) {
if (!isAuthorizationRequired() || !userSessionSource.getUserSession().hasConstraints()) {
return false;
}
if (context.getView() == null) {
MetaClass metaClass = metadata.getSession().getClassNN(context.getMetaClass());
return security.hasMemoryConstraints(metaClass, ConstraintOperationType.READ, ConstraintOperationType.ALL);
return hasConstraints.test(metaClass);
}
Session session = metadata.getSession();
for (Class aClass : collectEntityClasses(context.getView(), new HashSet<>())) {
if (security.hasMemoryConstraints(session.getClassNN(aClass), ConstraintOperationType.READ, ConstraintOperationType.ALL)) {
if (hasConstraints.test(session.getClassNN(aClass))) {
return true;
}
}