protected List<O> extractEntriesWithSelectAccess(final List<O> origList) { final List<O> result = new ArrayList<O>(); for (final O obj : origList) { if ((TenantChecker.isSuperAdmin(ThreadLocalUserContext.getUser()) == true || tenantChecker.isPartOfCurrentTenant(obj) == true) && hasLoggedInUserSelectAccess(obj, false) == true) { result.add(obj); afterLoad(obj); } } return result; }
protected <ENT extends ExtendedBaseDO<Integer>> List<ENT> extractEntriesWithSelectAccess(List<ENT> origList, Class<ENT> entClazz, BaseDao<ENT> baseDao) { final List<ENT> result = new ArrayList<ENT>(); for (final ENT obj : origList) { if ((tenantChecker.isSuperAdmin(ThreadLocalUserContext.getUser()) == true || tenantChecker.isPartOfCurrentTenant(obj) == true) && baseDao.hasLoggedInUserSelectAccess(obj, false) == true) { result.add(obj); baseDao.afterLoad(obj); } } return result; }
/** * If the user has select access then the object will be returned. If not, the hibernate proxy object will be get via * getSession().load(); * * @param id * @return */ @Transactional(readOnly = true, propagation = Propagation.SUPPORTS) public O getOrLoad(final Integer id) { if (isIdValid(id) == false) { return null; } else { final O obj = internalGetById(id); if (obj == null) { //throw new RuntimeException("Object with id " + id + " not found for class " + clazz); return null; } if (tenantChecker.isPartOfCurrentTenant(obj) == true && hasLoggedInUserSelectAccess(obj, false) == true) { return obj; } } final O result = getSession().load(clazz, id); return result; }
public void checkPartOfCurrentTenant(final BaseDO<?> obj) { if (tenantService.isMultiTenancyAvailable() == false) { return; } if (isPartOfCurrentTenant(obj) == false) { final TenantDO currentTenant = getCurrentTenant(); final String currentTenantString = currentTenant != null ? currentTenant.getName() : ThreadLocalUserContext .getLocalizedString("multitenancy.defaultTenant"); final TenantDO objectTenant = obj.getTenant(); final String objectTenantString = objectTenant != null ? objectTenant.getName() : ThreadLocalUserContext .getLocalizedString("multitenancy.defaultTenant"); throw new AccessException(ThreadLocalUserContext.getUser(), "access.exception.usersCurrentTenantDoesNotMatch", currentTenantString, objectTenantString); } }