/** * Apply security constraints for query to select reports available by roles and screen restrictions */ public void applySecurityPolicies(LoadContext lc, @Nullable String screen, @Nullable User user) { QueryTransformer transformer = queryTransformerFactory.transformer(lc.getQuery().getQueryString()); if (screen != null) { transformer.addWhereAsIs("r.screensIdx like :screen escape '\\'"); lc.getQuery().setParameter("screen", wrapIdxParameterForSearch(screen)); } if (user != null) { List<UserRole> userRoles = user.getUserRoles(); boolean superRole = userRoles.stream().anyMatch(userRole -> userRole.getRole().getType() == RoleType.SUPER); if (!superRole) { StringBuilder roleCondition = new StringBuilder("r.rolesIdx is null"); for (int i = 0; i < userRoles.size(); i++) { UserRole ur = userRoles.get(i); String paramName = "role" + (i + 1); roleCondition.append(" or r.rolesIdx like :").append(paramName).append(" escape '\\'"); lc.getQuery().setParameter(paramName, wrapIdxParameterForSearch(ur.getRole().getId().toString())); } transformer.addWhereAsIs(roleCondition.toString()); } } lc.getQuery().setQueryString(transformer.getResult()); }
/** * Apply constraints for query to select reports which have input parameter with class matching inputValueMetaClass */ public void applyPoliciesByEntityParameters(LoadContext lc, @Nullable MetaClass inputValueMetaClass) { if (inputValueMetaClass != null) { QueryTransformer transformer = queryTransformerFactory.transformer(lc.getQuery().getQueryString()); StringBuilder parameterTypeCondition = new StringBuilder("r.inputEntityTypesIdx like :type escape '\\'"); lc.getQuery().setParameter("type", wrapIdxParameterForSearch(inputValueMetaClass.getName())); List<MetaClass> ancestors = inputValueMetaClass.getAncestors(); for (int i = 0; i < ancestors.size(); i++) { MetaClass metaClass = ancestors.get(i); String paramName = "type" + (i + 1); parameterTypeCondition.append(" or r.inputEntityTypesIdx like :").append(paramName).append(" escape '\\'"); lc.getQuery().setParameter(paramName, wrapIdxParameterForSearch(metaClass.getName())); } transformer.addWhereAsIs(String.format("(%s)", parameterTypeCondition.toString())); lc.getQuery().setQueryString(transformer.getResult()); } }
protected void setSortDirection(LoadContext.Query q) { boolean asc = Sortable.Order.ASC.equals(sortInfos[0].getOrder()); MetaPropertyPath propertyPath = sortInfos[0].getPropertyPath(); String[] sortProperties = null; if (metadata.getTools().isPersistent(propertyPath)) { sortProperties = getSortPropertiesForPersistentAttribute(propertyPath); } else { // a non-persistent attribute List<String> relProperties = metadata.getTools().getRelatedProperties(propertyPath.getMetaProperty()); if (!relProperties.isEmpty()) { List<String> sortPropertiesList = new ArrayList<>(relProperties.size()); for (String relProp : relProperties) { String[] ppCopy = Arrays.copyOf(propertyPath.getPath(), propertyPath.getPath().length); ppCopy[ppCopy.length - 1] = relProp; MetaPropertyPath relPropertyPath = propertyPath.getMetaProperties()[0].getDomain().getPropertyPath(Joiner.on(".").join(ppCopy)); String[] sortPropertiesForRelProperty = getSortPropertiesForPersistentAttribute(relPropertyPath); if (sortPropertiesForRelProperty != null) Collections.addAll(sortPropertiesList, sortPropertiesForRelProperty); } if (!sortPropertiesList.isEmpty()) sortProperties = sortPropertiesList.toArray(new String[sortPropertiesList.size()]); } } if (sortProperties != null && sortProperties.length != 0) { QueryTransformer transformer = QueryTransformerFactory.createTransformer(q.getQueryString()); transformer.replaceOrderBy(!asc, sortProperties); String jpqlQuery = transformer.getResult(); q.setQueryString(jpqlQuery); } }
ensureDistinct = transformer.removeDistinct(); if (ensureDistinct) { context.getQuery().setQueryString(transformer.getResult());
context.getQuery().setQueryString("select e from " + metaClass.getName() + " e"); ensureDistinct = transformer.removeDistinct(); if (ensureDistinct) { context.getQuery().setQueryString(transformer.getResult()); QueryTransformer transformer = QueryTransformerFactory.createTransformer(context.getQuery().getQueryString()); transformer.replaceWithCount(); context.getQuery().setQueryString(transformer.getResult());