.where(permission.targetResourceId.eq(targetResourceId).and( actionPredicate.and(authorizedResourceIdPredicate))) .exists();
/** * This version of the query performs pretty well on all databases... except for MySql * @param dbConnection the database connection * @return the user count */ private Long runStandardQuery(final DbConnection dbConnection) { QMembership m = new QMembership("m"); QUser u = new QUser("u"); // Predicate to only include users in their canonical directory (i.e. they are not shadowed) BooleanExpression userIsNotShadowed = userIsNotShadowedPredicate(u); // Predicate to find users that are a member of one or more of the nested groups, in this directory. // Use exists() to ensure we count each user only once, even if they are a member of multiple groups BooleanExpression userIsMemberOfGroups = new SQLSubQuery() .from(m).where(m.lowerChildName.eq(u.lowerUserName) .and(m.membershipType.eq("GROUP_USER")) .and(m.directoryId.eq(directoryId)) .and(sqlPredicates.partitionedIn(m.lowerParentName, lowerCaseGroupNames))) .exists(); // Query to count active users who are not shadowed, and are a member of at least one of these groups SQLQuery query = dbConnection.newSqlQuery() .from(u).where(u.active.eq(1).and(u.directoryId.eq(directoryId)) .and(userIsNotShadowed) .and(userIsMemberOfGroups)); // SQL Server has a limit of 2000 parameters per query. If we hit that, use literals instead if (dbConfig.isSqlServer() && lowerCaseGroupNames.size() > SQL_SERVER_USE_LITERALS_THRESHOLD) { query.setUseLiterals(true); } return query.singleResult(u.lowerUserName.count()); }