@Override public boolean hasInMemoryConstraints(MetaClass metaClass, ConstraintOperationType... operationTypes) { List<ConstraintData> constraints = getConstraints(metaClass, constraint -> constraint.getCheckType().memory() && constraint.getOperationType() != null && Arrays.asList(operationTypes).contains(constraint.getOperationType()) ); return !constraints.isEmpty(); }
@Override public boolean isPermitted(Entity entity, String customCode) { return isPermitted(entity, constraint -> customCode.equals(constraint.getCode()) && constraint.getCheckType().memory()); }
@Override public boolean isPermitted(Entity entity, ConstraintOperationType targetOperationType) { return isPermitted(entity, constraint -> { ConstraintOperationType operationType = constraint.getOperationType(); return constraint.getCheckType().memory() && ( (targetOperationType == ALL && operationType != CUSTOM) || operationType == targetOperationType || operationType == ALL ); }); }
protected boolean isPermitted(Entity entity, ConstraintData constraint) { String metaClassName = entity.getMetaClass().getName(); String groovyScript = constraint.getGroovyScript(); if (constraint.getCheckType().memory() && StringUtils.isNotBlank(groovyScript)) { try { Object o = evaluateConstraintScript(entity, groovyScript); if (Boolean.FALSE.equals(o)) { log.trace("Entity does not match security constraint. Entity class [{}]. Entity [{}]. Constraint [{}].", metaClassName, entity.getId(), constraint.getCheckType()); return false; } } catch (Exception e) { log.error("An error occurred while applying constraint's Groovy script. The entity has been filtered out." + "Entity class [{}]. Entity [{}].", metaClassName, entity.getId(), e); return false; } } return true; }
protected boolean isPermittedInMemory(Entity entity) { return isPermitted(entity, constraint -> constraint.getCheckType().memory() && (constraint.getOperationType() == ConstraintOperationType.READ || constraint.getOperationType() == ConstraintOperationType.ALL)); }
@Override public boolean applyConstraints(Query query) { QueryParser parser = QueryTransformerFactory.createParser(query.getQueryString()); String entityName = parser.getEntityName(); List<ConstraintData> constraints = getConstraints(metadata.getClassNN(entityName), constraint -> constraint.getCheckType().database() && (constraint.getOperationType() == ConstraintOperationType.READ || constraint.getOperationType() == ConstraintOperationType.ALL)); if (constraints.isEmpty()) return false; QueryTransformer transformer = QueryTransformerFactory.createTransformer(query.getQueryString()); for (ConstraintData constraint : constraints) { processConstraint(transformer, constraint, entityName); } query.setQueryString(transformer.getResult()); for (String paramName : transformer.getAddedParams()) { setQueryParam(query, paramName); } return true; }