private boolean entityOpPermitted(MetaClass metaClass, EntityOp entityOp) { return security.isEntityOpPermitted(metaClass, entityOp); } }
protected boolean entityOpPermitted(MetaClass metaClass, EntityOp entityOp) { return security.isEntityOpPermitted(metaClass, entityOp); } }
protected boolean entityOpPermitted(MetaClass metaClass, EntityOp entityOp) { Security security = AppBeans.get(Security.NAME); return security.isEntityOpPermitted(metaClass, entityOp); }
protected boolean entityOpPermitted(MetaClass metaClass, EntityOp entityOp) { Security security = AppBeans.get(Security.NAME); return security.isEntityOpPermitted(metaClass, entityOp); }
protected boolean entityOpPermitted(MetaClass metaClass, EntityOp entityOp) { Security security = AppBeans.get(Security.NAME); return security.isEntityOpPermitted(metaClass, entityOp); }
private boolean readPermitted(MetaClass metaClass) { Security security = AppBeans.get(Security.NAME); return security.isEntityOpPermitted(metaClass, EntityOp.READ); }
protected boolean isUpdatePermitted() { return security.isEntityOpPermitted(metadata.getClassNN(Report.class), EntityOp.UPDATE); }
private static boolean entityOpPermitted(MetaClass metaClass, EntityOp entityOp) { Security security = AppBeans.get(Security.NAME); return security.isEntityOpPermitted(metaClass, entityOp); }
protected void checkCanUpdateEntity(MetaClass metaClass) { if (!security.isEntityOpPermitted(metaClass, EntityOp.UPDATE)) { throw new RestAPIException("Updating forbidden", String.format("Updating of the %s is forbidden", metaClass.getName()), HttpStatus.FORBIDDEN); } }
protected void checkCanReadEntity(MetaClass metaClass) { if (!security.isEntityOpPermitted(metaClass, EntityOp.READ)) { throw new RestAPIException("Reading forbidden", String.format("Reading of the %s is forbidden", metaClass.getName()), HttpStatus.FORBIDDEN); } }
protected void checkCanReadEntity(MetaClass metaClass) { if (!security.isEntityOpPermitted(metaClass, EntityOp.READ)) { throw new RestAPIException("Reading forbidden", String.format("Reading of the %s is forbidden", metaClass.getName()), HttpStatus.FORBIDDEN); } }
protected void checkCanCreateEntity(MetaClass metaClass) { if (!security.isEntityOpPermitted(metaClass, EntityOp.CREATE)) { throw new RestAPIException("Creation forbidden", String.format("Creation of the %s is forbidden", metaClass.getName()), HttpStatus.FORBIDDEN); } }
protected void checkCanDeleteEntity(MetaClass metaClass) { if (!security.isEntityOpPermitted(metaClass, EntityOp.DELETE)) { throw new RestAPIException("Deletion forbidden", String.format("Deletion of the %s is forbidden", metaClass.getName()), HttpStatus.FORBIDDEN); } }
protected void checkCanReadEntity(MetaClass metaClass) { if (!security.isEntityOpPermitted(metaClass, EntityOp.READ)) { throw new RestAPIException("Reading forbidden", String.format("Reading of the %s is forbidden", metaClass.getName()), HttpStatus.FORBIDDEN); } }
protected void checkPermission(Class entityClass, EntityOp op) { MetaClass metaClass = metadata.getClassNN(entityClass); if (!security.isEntityOpPermitted(metaClass, op)) { throw new AccessDeniedException(PermissionType.ENTITY_OP, metaClass.getName()); } }
@Override protected boolean isPermitted() { CollectionDatasource ownerDatasource = target.getDatasource(); boolean entityOpPermitted = security.isEntityOpPermitted(ownerDatasource.getMetaClass(), EntityOp.UPDATE); if (!entityOpPermitted) { return false; } return super.isPermitted(); } });
protected boolean isRangeClassPermitted(MetaProperty metaProperty) { if (metaProperty.getRange().isClass()) { MetaClass propertyMetaClass = metaProperty.getRange().asClass(); if (metadataTools.isSystemLevel(propertyMetaClass)) { return false; } if (!security.isEntityOpPermitted(propertyMetaClass, EntityOp.READ)) { return false; } } return true; }
public static boolean isSuitableProperty(MetaProperty metaProperty, MetaClass effectiveMetaClass) { if (metaProperty.getRange().isClass() && !Category.class.isAssignableFrom(metaProperty.getJavaType())) { Security security = AppBeans.get(Security.NAME); // check security if (security.isEntityAttrPermitted(effectiveMetaClass, metaProperty.getName(), EntityAttrAccess.VIEW) && security.isEntityOpPermitted(metaProperty.getRange().asClass(), EntityOp.READ)) { return true; } } return false; } }
protected Collection<T> getCollection() { Security security = AppBeans.get(Security.NAME); MetaClass parentMetaClass = masterDs.getMetaClass(); MetaClass propertyMetaClass = metaProperty.getRange().asClass(); if (!security.isEntityOpPermitted(propertyMetaClass, EntityOp.READ) || !security.isEntityAttrPermitted(parentMetaClass, metaProperty.getName(), EntityAttrAccess.VIEW)) { return new ArrayList<>(); // Don't use Collections.emptyList() to avoid confusing UnsupportedOperationExceptions } else { final Instance master = masterDs.getItem(); //noinspection unchecked return master == null ? null : (Collection<T>) master.getValue(metaProperty.getName()); } }
@Override public void refreshState() { super.refreshState(); if (target == null || target.getDatasource() == null) return; if (!captionInitialized) { Messages messages = AppBeans.get(Messages.NAME); if (security.isEntityOpPermitted(target.getDatasource().getMetaClass(), EntityOp.UPDATE)) { setCaption(messages.getMainMessage("actions.Edit")); } else { setCaption(messages.getMainMessage("actions.View")); } } }