/** * Create a new session and fill it with security data. Must be called inside a transaction. * @param sessionId target session id * @param user user instance * @param locale user locale * @param system create system session * @return new session instance */ public UserSession createSession(UUID sessionId, User user, Locale locale, boolean system) { List<Role> roles = new ArrayList<>(); for (UserRole userRole : user.getUserRoles()) { if (userRole.getRole() != null) { roles.add(userRole.getRole()); } } UserSession session = new UserSession(sessionId, user, roles, locale, system); compilePermissions(session, roles); if (user.getGroup() == null) throw new IllegalStateException("User is not in a Group"); compileConstraints(session, user.getGroup()); compileSessionAttributes(session, user.getGroup()); return session; }
/** * Create a new session from existing for another user and fill it with security data for that new user. * Must be called inside a transaction. * @param src existing session * @param user another user instance * @return new session with the same ID as existing */ public UserSession createSession(UserSession src, User user) { List<Role> roles = new ArrayList<>(); for (UserRole userRole : user.getUserRoles()) { if (userRole.getRole() != null) { roles.add(userRole.getRole()); } } UserSession session = new UserSession(src, user, roles, src.getLocale()); compilePermissions(session, roles); if (user.getGroup() == null) throw new IllegalStateException("User is not in a Group"); compileConstraints(session, user.getGroup()); compileSessionAttributes(session, user.getGroup()); return session; }
if (!Objects.equals(user.getGroup(), targetAccessGroup)) { user.setGroup(targetAccessGroup); modifiedUsers++;
@Override public void setQueryParam(Query query, String paramName) { if (paramName.startsWith(CONSTRAINT_PARAM_SESSION_ATTR)) { UserSession userSession = userSessionSource.getUserSession(); String attrName = paramName.substring(CONSTRAINT_PARAM_SESSION_ATTR.length()); if (CONSTRAINT_PARAM_USER_LOGIN.equals(attrName)) { String userLogin = userSession.getSubstitutedUser() != null ? userSession.getSubstitutedUser().getLogin() : userSession.getUser().getLogin(); query.setParameter(paramName, userLogin); } else if (CONSTRAINT_PARAM_USER_ID.equals(attrName)) { UUID userId = userSession.getSubstitutedUser() != null ? userSession.getSubstitutedUser().getId() : userSession.getUser().getId(); query.setParameter(paramName, userId); } else if (CONSTRAINT_PARAM_USER_GROUP_ID.equals(attrName)) { Object groupId = userSession.getSubstitutedUser() == null ? userSession.getUser().getGroup().getId() : userSession.getSubstitutedUser().getGroup().getId(); query.setParameter(paramName, groupId); } else { Serializable value = userSession.getAttribute(attrName); query.setParameter(paramName, value); } } }
protected void createGroupField() { FieldGroup.FieldConfig groupFc = fieldGroupRight.getFieldNN("group"); PickerField<?> pickerField = uiComponents.create(PickerField.class); pickerField.setDatasource(groupFc.getTargetDatasource(), groupFc.getProperty()); pickerField.setRequired(true); pickerField.setRequiredMessage(getMessage("groupMsg")); LookupAction action = LookupAction.create(pickerField); action.setLookupScreenOpenType(OpenType.DIALOG); action.setLookupScreenParamsSupplier(() -> { if (getItem().getGroup() != null) { return ParamsMap.of("selectedGroup", getItem().getGroup()); } return Collections.emptyMap(); }); pickerField.addAction(action); groupFc.setComponent(pickerField); }
newUser.setGroup(selectedUser.getGroup()); AbstractEditor editor = openEditor("sec$User.edit", newUser, OpenType.THIS_TAB, ParamsMap.of("initCopy", true));