protected boolean attrPermitted(MetaClass metaClass, String property, EntityAttrAccess entityAttrAccess) { return security.isEntityAttrPermitted(metaClass, property, entityAttrAccess); }
protected boolean attrPermitted(MetaClass metaClass, String property, EntityAttrAccess entityAttrAccess) { Security security = AppBeans.get(Security.NAME); return security.isEntityAttrPermitted(metaClass, property, entityAttrAccess); }
private static boolean attrPermitted(MetaClass metaClass, String property, EntityAttrAccess entityAttrAccess) { Security security = AppBeans.get(Security.NAME); return security.isEntityAttrPermitted(metaClass, property, entityAttrAccess); }
protected boolean attrPermitted(MetaClass metaClass, String property, EntityAttrAccess entityAttrAccess) { Security security = AppBeans.get(Security.NAME); return security.isEntityAttrPermitted(metaClass, property, entityAttrAccess); }
protected boolean attrPermitted(MetaClass metaClass, String property, EntityAttrAccess entityAttrAccess) { Security security = AppBeans.get(Security.NAME); return security.isEntityAttrPermitted(metaClass, property, entityAttrAccess); }
protected boolean isPermitted(MetaClass metaClass, MetaProperty metaProperty) { return security.isEntityAttrPermitted(metaClass, metaProperty.getName(), EntityAttrAccess.MODIFY); }
protected boolean isPermitted(MetaClass metaClass, MetaProperty metaProperty) { return security.isEntityAttrPermitted(metaClass, metaProperty.getName(), EntityAttrAccess.VIEW); }
protected boolean isManagedDynamicAttribute(MetaClass metaClass, MetaProperty metaProperty) { if (!security.isEntityAttrPermitted(metaClass, metaProperty.getName(), EntityAttrAccess.MODIFY)) { return false; } if (!isRangeClassPermitted(metaProperty)) { return false; } return !(excludeRegex != null && excludeRegex.matcher(metaProperty.getName()).matches()); }
protected void checkPermission() { Security security = AppBeans.get(Security.NAME); MetaClass parentMetaClass = masterDs.getMetaClass(); if (!security.isEntityAttrPermitted(parentMetaClass, metaProperty.getName(), EntityAttrAccess.MODIFY)) { throw new AccessDeniedException(PermissionType.ENTITY_ATTR, parentMetaClass + "." + metaProperty.getName()); } }
protected boolean isPropertyAllowed(MetaClass metaClass, MetaProperty property) { return security.isEntityAttrPermitted(metaClass, property.getName(), EntityAttrAccess.VIEW) && !metadataTools.isSystemLevel(property) // exclude system level attributes && (metadataTools.isPersistent(property) // exclude transient properties || (metadataTools.getCrossDataStoreReferenceIdProperty(storeName, property) != null)) && !defaultExcludedProps.contains(property.getName()) && !(byte[].class.equals(property.getJavaType())) && !property.getRange().getCardinality().isMany(); // exclude ToMany }
@Override protected boolean checkRemovePermission() { CollectionDatasource ds = target.getDatasource(); if (ds instanceof PropertyDatasource) { PropertyDatasource propertyDatasource = (PropertyDatasource) ds; MetaClass parentMetaClass = propertyDatasource.getMaster().getMetaClass(); MetaProperty metaProperty = propertyDatasource.getProperty(); boolean attrPermitted = security.isEntityAttrPermitted(parentMetaClass, metaProperty.getName(), EntityAttrAccess.MODIFY); if (!attrPermitted) { return false; } } return true; }
public static boolean isSuitableProperty(MetaProperty metaProperty, MetaClass effectiveMetaClass) { if (metaProperty.getRange().isClass() && !Category.class.isAssignableFrom(metaProperty.getJavaType())) { Security security = AppBeans.get(Security.NAME); // check security if (security.isEntityAttrPermitted(effectiveMetaClass, metaProperty.getName(), EntityAttrAccess.VIEW) && security.isEntityOpPermitted(metaProperty.getRange().asClass(), EntityOp.READ)) { return true; } } return false; } }
protected Collection<T> getCollection() { Security security = AppBeans.get(Security.NAME); MetaClass parentMetaClass = masterDs.getMetaClass(); MetaClass propertyMetaClass = metaProperty.getRange().asClass(); if (!security.isEntityOpPermitted(propertyMetaClass, EntityOp.READ) || !security.isEntityAttrPermitted(parentMetaClass, metaProperty.getName(), EntityAttrAccess.VIEW)) { return new ArrayList<>(); // Don't use Collections.emptyList() to avoid confusing UnsupportedOperationExceptions } else { final Instance master = masterDs.getItem(); //noinspection unchecked return master == null ? null : (Collection<T>) master.getValue(metaProperty.getName()); } }
@Override protected boolean isPermitted() { if (target == null || target.getDatasource() == null) { return false; } CollectionDatasource ownerDs = target.getDatasource(); if (ownerDs instanceof PropertyDatasource) { PropertyDatasource datasource = (PropertyDatasource) ownerDs; MetaClass parentMetaClass = datasource.getMaster().getMetaClass(); MetaProperty metaProperty = datasource.getProperty(); boolean attrPermitted = security.isEntityAttrPermitted(parentMetaClass, metaProperty.getName(), EntityAttrAccess.MODIFY); if (!attrPermitted) { return false; } } return super.isPermitted(); }
/** * Check permissions for Action */ @Override protected boolean isPermitted() { if (target == null || target.getDatasource() == null) { return false; } CollectionDatasource ownerDatasource = target.getDatasource(); MetaClass metaClass = ownerDatasource.getMetaClass(); boolean createPermitted = security.isEntityOpPermitted(metaClass, EntityOp.CREATE); if (!createPermitted) { return false; } if (ownerDatasource instanceof PropertyDatasource) { PropertyDatasource propertyDatasource = (PropertyDatasource) ownerDatasource; MetaClass parentMetaClass = propertyDatasource.getMaster().getMetaClass(); MetaProperty metaProperty = propertyDatasource.getProperty(); boolean attrPermitted = security.isEntityAttrPermitted(parentMetaClass, metaProperty.getName(), EntityAttrAccess.MODIFY); if (!attrPermitted) { return false; } } return super.isPermitted(); }
protected boolean checkRemovePermission() { CollectionDatasource ds = target.getDatasource(); if (ds instanceof PropertyDatasource) { PropertyDatasource propertyDatasource = (PropertyDatasource) ds; MetaClass parentMetaClass = propertyDatasource.getMaster().getMetaClass(); MetaProperty metaProperty = propertyDatasource.getProperty(); boolean modifyPermitted = security.isEntityAttrPermitted(parentMetaClass, metaProperty.getName(), EntityAttrAccess.MODIFY); if (!modifyPermitted) { return false; } if (metaProperty.getRange().getCardinality() != Range.Cardinality.MANY_TO_MANY) { boolean deletePermitted = security.isEntityOpPermitted(ds.getMetaClass(), EntityOp.DELETE); if (!deletePermitted) { return false; } } } else { boolean entityOpPermitted = security.isEntityOpPermitted(ds.getMetaClass(), EntityOp.DELETE); if (!entityOpPermitted) { return false; } } return true; }
MetaClass propMetaClass = metadata.getClassNN(propertyDiff.getMetaClassName()); if (!security.isEntityOpPermitted(propMetaClass, EntityOp.READ) || !security.isEntityAttrPermitted(propMetaClass, propertyDiff.getPropertyName(), EntityAttrAccess.VIEW)) { return null;