private static <A extends Annotation> ExpressionResult checkPermission( Class<A> annotationClass, PersistentResource resource) { return resource.requestScope.getPermissionExecutor().checkPermission(annotationClass, resource); }
private <A extends Annotation> ExpressionResult checkFieldAwarePermissions(Class<A> annotationClass) { return requestScope.getPermissionExecutor().checkPermission(annotationClass, this); }
private <A extends Annotation> ExpressionResult checkFieldAwareReadPermissions(String fieldName) { return requestScope.getPermissionExecutor() .checkSpecificFieldPermissions(this, null, ReadPermission.class, fieldName); }
private <A extends Annotation> ExpressionResult checkFieldAwareReadPermissions(String fieldName) { return requestScope.getPermissionExecutor() .checkSpecificFieldPermissions(this, null, ReadPermission.class, fieldName); }
/** * Determine whether or not to skip loading a collection. * * @param resourceClass Resource class * @param annotationClass Annotation class * @param requestScope Request scope * @return True if collection should be skipped (i.e. denied access), false otherwise */ private static boolean shouldSkipCollection(Class<?> resourceClass, Class<? extends Annotation> annotationClass, RequestScope requestScope) { try { requestScope.getPermissionExecutor().checkUserPermissions(resourceClass, annotationClass); } catch (ForbiddenAccessException e) { return true; } return false; }
private static <A extends Annotation> ExpressionResult checkPermission( Class<A> annotationClass, PersistentResource resource) { return resource.requestScope.getPermissionExecutor().checkPermission(annotationClass, resource); }
/** * Determine whether or not to skip loading a collection. * * @param resourceClass Resource class * @param annotationClass Annotation class * @param requestScope Request scope * @return True if collection should be skipped (i.e. denied access), false otherwise */ private static boolean shouldSkipCollection(Class<?> resourceClass, Class<? extends Annotation> annotationClass, RequestScope requestScope) { try { requestScope.getPermissionExecutor().checkUserPermissions(resourceClass, annotationClass); } catch (ForbiddenAccessException e) { return true; } return false; }
private <A extends Annotation> ExpressionResult checkFieldAwarePermissions(Class<A> annotationClass) { return requestScope.getPermissionExecutor().checkPermission(annotationClass, this); }
/** * Get a FilterExpression parsed from FilterExpressionCheck. * * @param <T> the type parameter * @param loadClass the load class * @param requestScope the request scope * @return a FilterExpression defined by FilterExpressionCheck. */ private static <T> Optional<FilterExpression> getPermissionFilterExpression(Class<T> loadClass, RequestScope requestScope) { try { return requestScope.getPermissionExecutor().getReadPermissionFilter(loadClass); } catch (ForbiddenAccessException e) { return Optional.empty(); } }
/** * Get a FilterExpression parsed from FilterExpressionCheck. * * @param <T> the type parameter * @param loadClass the load class * @param requestScope the request scope * @return a FilterExpression defined by FilterExpressionCheck. */ private static <T> Optional<FilterExpression> getPermissionFilterExpression(Class<T> loadClass, RequestScope requestScope) { try { return requestScope.getPermissionExecutor().getReadPermissionFilter(loadClass); } catch (ForbiddenAccessException e) { return Optional.empty(); } }
private <A extends Annotation> ExpressionResult checkFieldAwareDeferPermissions(Class<A> annotationClass, String fieldName, Object modified, Object original) { ChangeSpec changeSpec = (UpdatePermission.class.isAssignableFrom(annotationClass)) ? new ChangeSpec(this, fieldName, original, modified) : null; return requestScope .getPermissionExecutor() .checkSpecificFieldPermissionsDeferred(this, changeSpec, annotationClass, fieldName); }
private <A extends Annotation> ExpressionResult checkFieldAwareDeferPermissions(Class<A> annotationClass, String fieldName, Object modified, Object original) { ChangeSpec changeSpec = (UpdatePermission.class.isAssignableFrom(annotationClass)) ? new ChangeSpec(this, fieldName, original, modified) : null; return requestScope .getPermissionExecutor() .checkSpecificFieldPermissionsDeferred(this, changeSpec, annotationClass, fieldName); }
/** * Get the global/cross-type filter expression. * @param loadClass Entity class * @return The global filter expression evaluated at the first load */ public Optional<FilterExpression> getLoadFilterExpression(Class<?> loadClass) { Optional<FilterExpression> permissionFilter; permissionFilter = getPermissionExecutor().getReadPermissionFilter(loadClass); Optional<FilterExpression> globalFilterExpressionOptional = null; if (globalFilterExpression == null) { String typeName = dictionary.getJsonAliasFor(loadClass); globalFilterExpressionOptional = getFilterExpressionByType(typeName); } else { globalFilterExpressionOptional = Optional.of(globalFilterExpression); } if (globalFilterExpressionOptional.isPresent() && permissionFilter.isPresent()) { return Optional.of(new AndFilterExpression(globalFilterExpressionOptional.get(), permissionFilter.get())); } if (globalFilterExpressionOptional.isPresent()) { return globalFilterExpressionOptional; } if (permissionFilter.isPresent()) { return permissionFilter; } return Optional.empty(); }
/** * Get the global/cross-type filter expression. * @param loadClass Entity class * @return The global filter expression evaluated at the first load */ public Optional<FilterExpression> getLoadFilterExpression(Class<?> loadClass) { Optional<FilterExpression> permissionFilter; permissionFilter = getPermissionExecutor().getReadPermissionFilter(loadClass); Optional<FilterExpression> globalFilterExpressionOptional = null; if (globalFilterExpression == null) { String typeName = dictionary.getJsonAliasFor(loadClass); globalFilterExpressionOptional = getFilterExpressionByType(typeName); } else { globalFilterExpressionOptional = Optional.of(globalFilterExpression); } if (globalFilterExpressionOptional.isPresent() && permissionFilter.isPresent()) { return Optional.of(new AndFilterExpression(globalFilterExpressionOptional.get(), permissionFilter.get())); } if (globalFilterExpressionOptional.isPresent()) { return globalFilterExpressionOptional; } if (permissionFilter.isPresent()) { return permissionFilter; } return Optional.empty(); }
this.objectEntityCache = outerRequestScope.objectEntityCache; this.newPersistentResources = outerRequestScope.newPersistentResources; this.permissionExecutor = outerRequestScope.getPermissionExecutor(); this.dirtyResources = outerRequestScope.dirtyResources; this.deletedResources = outerRequestScope.deletedResources;
this.objectEntityCache = outerRequestScope.objectEntityCache; this.newPersistentResources = outerRequestScope.newPersistentResources; this.permissionExecutor = outerRequestScope.getPermissionExecutor(); this.dirtyResources = outerRequestScope.dirtyResources; this.deletedResources = outerRequestScope.deletedResources;
HandlerResult result = handler.handle(tx, user); RequestScope requestScope = result.getRequestScope(); isVerbose = requestScope.getPermissionExecutor().isVerbose(); Supplier<Pair<Integer, JsonNode>> responder = result.getResponder(); tx.preCommit(); requestScope.runQueuedPreSecurityTriggers(); requestScope.getPermissionExecutor().executeCommitChecks(); if (!isReadOnly) { requestScope.saveOrCreateObjects(); requestScope.getPermissionExecutor().printCheckStats();
HandlerResult result = handler.handle(tx, user); RequestScope requestScope = result.getRequestScope(); isVerbose = requestScope.getPermissionExecutor().isVerbose(); Supplier<Pair<Integer, JsonNode>> responder = result.getResponder(); tx.preCommit(); requestScope.runQueuedPreSecurityTriggers(); requestScope.getPermissionExecutor().executeCommitChecks(); if (!isReadOnly) { requestScope.saveOrCreateObjects(); requestScope.getPermissionExecutor().printCheckStats();