private static void setObjectFromPropertyIfVisible( final ScalarModel scalarModel, final OneToOneAssociation property, final ObjectAdapter parentAdapter) { final Where where = scalarModel.getRenderingHint().asWhere(); final Consent visibility = property.isVisible(parentAdapter, InteractionInitiatedBy.FRAMEWORK, where); final ObjectAdapter associatedAdapter; if (visibility.isAllowed()) { associatedAdapter = property.get(parentAdapter, InteractionInitiatedBy.USER); } else { associatedAdapter = null; } scalarModel.setObject(associatedAdapter); }
@Override public boolean whetherHidden(final ScalarModel scalarModel, final Where where) { final ObjectAdapter parentAdapter = scalarModel.getParentEntityModel().load(); final OneToOneAssociation property = scalarModel.getPropertyMemento().getProperty(scalarModel.getSpecificationLoader()); try { final Consent visibility = property.isVisible(parentAdapter, InteractionInitiatedBy.USER, where); return visibility.isVetoed(); } catch (final Exception ex) { return true; // will be hidden } }
private void appendPropertiesTo( final RepresentationService.Context2 rendererContext, final ObjectAdapter objectAdapter, final JsonRepresentation rootRepresentation) { final InteractionInitiatedBy interactionInitiatedBy = determineInteractionInitiatedByFrom(rendererContext); final Where where = rendererContext.getWhere(); List<OneToOneAssociation> properties = objectAdapter.getSpecification().getProperties(Contributed.INCLUDED); for (final OneToOneAssociation property : properties) { final Consent visibility = property.isVisible(objectAdapter, interactionInitiatedBy, where); if (!visibility.isAllowed()) { continue; } final JsonRepresentation propertyRepresentation = JsonRepresentation.newMap(); final ObjectPropertyReprRenderer renderer = new ObjectPropertyReprRenderer(rendererContext, null, property.getId(), propertyRepresentation) .asStandalone(); renderer.with(new ObjectAndProperty(objectAdapter, property)); final JsonRepresentation propertyValueRepresentation = renderer.render(); final String upHref = propertyValueRepresentation.getString("links[rel=up].href"); rootRepresentation.mapPut("$$href", upHref); final String upTitle = propertyValueRepresentation.getString("links[rel=up].title"); rootRepresentation.mapPut("$$title", upTitle); final String upInstanceId = upHref.substring(upHref.lastIndexOf("/")+1); rootRepresentation.mapPut("$$instanceId", upInstanceId); final JsonRepresentation value = propertyValueRepresentation.getRepresentation("value"); rootRepresentation.mapPut(property.getId(), value); } }
final String id = property.getId(); final JsonRepresentation propertyRepr = propertiesList.getRepresentation(id); final Consent visibility = property.isVisible(resourceContext.getAuthenticationSession() , objectAdapter, resourceContext.getWhere()); final Consent usability = property.isUsable(resourceContext.getAuthenticationSession() , objectAdapter, resourceContext.getWhere());
final String id = property.getId(); final JsonRepresentation propertyRepr = propertiesMap.getRepresentation(id); final Consent visibility = property.isVisible( objectAdapter, resourceContext.getInteractionInitiatedBy(),
@Test(expected = DisabledException.class) public void shouldNotBeAbleToModifyProperty() { // given final DisabledFacet disabledFacet = new DisabledFacetAbstractAlwaysEverywhere(mockPasswordMember){}; facets = Arrays.asList(disabledFacet, new PropertySetterFacetViaSetterMethod(setPasswordMethod, mockPasswordMember)); final Consent visibilityConsent = new Allow(new InteractionResult(new PropertyVisibilityEvent(employeeDO, null))); final InteractionResult usabilityInteractionResult = new InteractionResult(new PropertyUsabilityEvent(employeeDO, null)); usabilityInteractionResult.advise("disabled", disabledFacet); final Consent usabilityConsent = new Veto(usabilityInteractionResult); context.checking(new Expectations() { { allowing(mockPasswordMember).streamFacets(); will(returnValue(facets.stream())); allowing(mockPasswordMember).isVisible(mockEmployeeAdapter, InteractionInitiatedBy.USER, Where.ANYWHERE); will(returnValue(visibilityConsent)); allowing(mockPasswordMember).isUsable(mockEmployeeAdapter, InteractionInitiatedBy.USER, Where.ANYWHERE ); will(returnValue(usabilityConsent)); } }); // when employeeWO.setPassword(passwordValue); // then should throw exception }
@Test(expected = DisabledException.class) public void shouldNotBeAbleToModifyProperty() { // given final DisabledFacet disabledFacet = new DisabledFacetAbstractAlwaysEverywhere(mockPasswordMember){}; facets = Arrays.asList(disabledFacet, new PropertySetterFacetViaSetterMethod(setPasswordMethod, mockPasswordMember)); final Consent visibilityConsent = new Allow(new InteractionResult(new PropertyVisibilityEvent(employeeDO, null))); final InteractionResult usabilityInteractionResult = new InteractionResult(new PropertyUsabilityEvent(employeeDO, null)); usabilityInteractionResult.advise("disabled", disabledFacet); final Consent usabilityConsent = new Veto(usabilityInteractionResult); context.checking(new Expectations() { { allowing(mockPasswordMember).getFacets(with(any(Filter.class))); will(returnValue(facets)); allowing(mockPasswordMember).isVisible(mockEmployeeAdapter, InteractionInitiatedBy.USER, Where.ANYWHERE); will(returnValue(visibilityConsent)); allowing(mockPasswordMember).isUsable(mockEmployeeAdapter, InteractionInitiatedBy.USER, Where.ANYWHERE ); will(returnValue(usabilityConsent)); } }); // when employeeWO.setPassword(passwordValue); // then should throw exception }
allowing(mockPasswordMember).isVisible(mockEmployeeAdapter, InteractionInitiatedBy.USER, Where.ANYWHERE); will(returnValue(visibilityConsent));
allowing(mockPasswordMember).isVisible(mockEmployeeAdapter, InteractionInitiatedBy.USER, Where.ANYWHERE); will(returnValue(visibilityConsent));