@Override public void checkSpecificPermission(String name) { if (!isSpecificPermitted(name)) throw new AccessDeniedException(PermissionType.SPECIFIC, name); }
protected void checkPermission(MetaClass metaClass, EntityOp operation) { if (!isEntityOpPermitted(metaClass, operation)) throw new AccessDeniedException(PermissionType.ENTITY_OP, operation, metaClass.getName()); }
protected void checkImportPermissions(Folder folder) { UserSession userSession = userSessionSource.getUserSession(); if (folder instanceof SearchFolder) { SearchFolder searchFolder = (SearchFolder) folder; User currentUser = userSession.getCurrentOrSubstitutedUser(); if (searchFolder.getUser() != null && !currentUser.equals(searchFolder.getUser())) { throw new AccessDeniedException(PermissionType.ENTITY_OP, Folder.class.getSimpleName()); } if (searchFolder.getUser() == null && !userSession.isSpecificPermitted("cuba.gui.searchFolder.global")) { throw new AccessDeniedException(PermissionType.ENTITY_OP, Folder.class.getSimpleName()); } } if (folder instanceof AppFolder) { if (!userSession.isSpecificPermitted("cuba.gui.appFolder.global")) { throw new AccessDeniedException(PermissionType.ENTITY_OP, Folder.class.getSimpleName()); } } }
protected void checkPermissions(LaunchMode launchMode, WindowInfo windowInfo) { // ROOT windows are always permitted if (launchMode != OpenMode.ROOT) { boolean permitted = security.isScreenPermitted(windowInfo.getId()); if (!permitted) { throw new AccessDeniedException(PermissionType.SCREEN, windowInfo.getId()); } } }
protected void checkPermission(Class entityClass, EntityOp op) { MetaClass metaClass = metadata.getClassNN(entityClass); if (!security.isEntityOpPermitted(metaClass, op)) { throw new AccessDeniedException(PermissionType.ENTITY_OP, metaClass.getName()); } }
protected void checkPermission(Report report) { if (entityStates.isNew(report)) { if (!security.isEntityOpPermitted(metadata.getClassNN(Report.class), EntityOp.CREATE)) throw new AccessDeniedException(PermissionType.ENTITY_OP, EntityOp.CREATE, metadata.getClassNN(Report.class).getName()); } else { if (!security.isEntityOpPermitted(metadata.getClassNN(Report.class), EntityOp.UPDATE)) throw new AccessDeniedException(PermissionType.ENTITY_OP, EntityOp.UPDATE, metadata.getClassNN(Report.class).getName()); } }
protected void checkPermission() { Security security = AppBeans.get(Security.NAME); MetaClass parentMetaClass = masterDs.getMetaClass(); if (!security.isEntityAttrPermitted(parentMetaClass, metaProperty.getName(), EntityAttrAccess.MODIFY)) { throw new AccessDeniedException(PermissionType.ENTITY_ATTR, parentMetaClass + "." + metaProperty.getName()); } }
protected Map<String, Object> createEditorScreenOptions(WindowInfo windowInfo, NavigationState requestedState) { Type screenSuperclass = windowInfo.getControllerClass().getGenericSuperclass(); if (!(screenSuperclass instanceof ParameterizedType)) { return Collections.emptyMap(); } String idParam = requestedState.getParams().get("id"); if (StringUtils.isEmpty(idParam)) { return Collections.emptyMap(); } ParameterizedType parameterizedEditor = (ParameterizedType) screenSuperclass; //noinspection unchecked Class<? extends Entity> entityClass = (Class<? extends Entity>) parameterizedEditor.getActualTypeArguments()[0]; MetaClass metaClass = metadata.getClassNN(entityClass); if (!security.isEntityOpPermitted(metaClass, EntityOp.READ)) { revertNavigationState(); throw new AccessDeniedException(PermissionType.ENTITY_OP, EntityOp.READ, entityClass.getSimpleName()); } Class<?> idType = metaClass.getPropertyNN("id").getJavaType(); Object id = UrlIdSerializer.deserializeId(idType, idParam); LoadContext<?> ctx = new LoadContext(metaClass); ctx.setId(id); ctx.setView(View.MINIMAL); Entity entity = dataManager.load(ctx); if (entity == null) { return Collections.emptyMap(); } return ParamsMap.of(WindowParams.ITEM.name(), entity); }
throw new AccessDeniedException(PermissionType.ENTITY_ATTR, metaClass + "." + path.getFullPath());
@Override public Folder importFolder(Folder parentFolder, byte[] bytes) throws IOException { if (!security.isEntityOpPermitted(Folder.class, EntityOp.CREATE)) { throw new AccessDeniedException(PermissionType.ENTITY_OP, EntityOp.CREATE, Folder.class.getSimpleName());
throw new AccessDeniedException(PermissionType.ENTITY_OP, metaClass.getName());
if (!screenPermitted) { revertNavigationState(); throw new AccessDeniedException(PermissionType.SCREEN, windowInfo.getId());
.withHandler(event -> { if (!security.isEntityOpPermitted(FileDescriptor.class, EntityOp.READ)) { throw new AccessDeniedException(PermissionType.ENTITY_OP, FileDescriptor.class.getSimpleName());