[New] Added privileges for viewable reports
This commit is contained in:
parent
02b959ab77
commit
84cf1471ea
|
@ -8,7 +8,6 @@ import li.strolch.model.StrolchModelConstants;
|
|||
import li.strolch.model.StrolchRootElement;
|
||||
import li.strolch.persistence.api.StrolchTransaction;
|
||||
import li.strolch.privilege.base.PrivilegeException;
|
||||
import li.strolch.privilege.model.PrivilegeContext;
|
||||
import li.strolch.privilege.model.Restrictable;
|
||||
import li.strolch.utils.dbc.DBC;
|
||||
import li.strolch.utils.helper.ExceptionHelper;
|
||||
|
@ -85,8 +84,7 @@ public abstract class StrolchSearch<T extends StrolchRootElement>
|
|||
*/
|
||||
public RootElementSearchResult<T> search(StrolchTransaction tx) {
|
||||
try {
|
||||
PrivilegeContext privilegeContext = tx.getContainer().getPrivilegeHandler().validate(tx.getCertificate());
|
||||
privilegeContext.validateAction(this);
|
||||
tx.getPrivilegeContext().validateAction(this);
|
||||
} catch (PrivilegeException e) {
|
||||
throw new StrolchAccessDeniedException(tx.getCertificate(), this, ExceptionHelper.getExceptionMessage(e),
|
||||
e);
|
||||
|
|
|
@ -32,6 +32,7 @@ import li.strolch.model.Tags;
|
|||
import li.strolch.model.parameter.StringParameter;
|
||||
import li.strolch.persistence.api.StrolchTransaction;
|
||||
import li.strolch.privilege.model.Certificate;
|
||||
import li.strolch.privilege.model.SimpleRestrictable;
|
||||
import li.strolch.report.Report;
|
||||
import li.strolch.report.ReportSearch;
|
||||
import li.strolch.rest.RestfulStrolchComponent;
|
||||
|
@ -67,12 +68,11 @@ public class ReportResource {
|
|||
realm = RestfulStrolchComponent.getInstance().getContainer().getRealm(cert).getRealm();
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, realm, getContext())) {
|
||||
|
||||
List<Resource> ids = new ReportSearch().search(tx).orderByName(false).toList();
|
||||
List<Resource> reports = new ReportSearch(tx).search(tx).orderByName(false).toList();
|
||||
|
||||
// create final array
|
||||
JsonArray array = new JsonArray();
|
||||
ids.forEach(res -> {
|
||||
reports.forEach(res -> {
|
||||
JsonObject o = new JsonObject();
|
||||
o.addProperty(Tags.Json.ID, res.getId());
|
||||
o.addProperty(Tags.Json.NAME, res.getName());
|
||||
|
@ -107,6 +107,7 @@ public class ReportResource {
|
|||
|
||||
JsonArray result = new JsonArray();
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, realm, getContext())) {
|
||||
tx.getPrivilegeContext().validateAction(new SimpleRestrictable(ReportSearch.class.getName(), id));
|
||||
|
||||
Report report = new Report(tx, id);
|
||||
|
||||
|
@ -160,6 +161,7 @@ public class ReportResource {
|
|||
}
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, realm, getContext())) {
|
||||
tx.getPrivilegeContext().validateAction(new SimpleRestrictable(ReportSearch.class.getName(), id));
|
||||
|
||||
// get report
|
||||
Report report = new Report(tx, id);
|
||||
|
@ -259,6 +261,8 @@ public class ReportResource {
|
|||
}
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, realm, getContext())) {
|
||||
tx.getPrivilegeContext().validateAction(new SimpleRestrictable(ReportSearch.class.getName(), id));
|
||||
|
||||
long start = System.nanoTime();
|
||||
|
||||
// get report
|
||||
|
@ -351,6 +355,7 @@ public class ReportResource {
|
|||
}
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, realm, getContext())) {
|
||||
tx.getPrivilegeContext().validateAction(new SimpleRestrictable(ReportSearch.class.getName(), id));
|
||||
|
||||
// get report
|
||||
Report report = new Report(tx, id);
|
||||
|
|
|
@ -2,16 +2,26 @@ package li.strolch.report;
|
|||
|
||||
import static li.strolch.report.ReportConstants.TYPE_REPORT;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
import li.strolch.persistence.api.StrolchTransaction;
|
||||
import li.strolch.privilege.model.IPrivilege;
|
||||
import li.strolch.search.ResourceSearch;
|
||||
|
||||
/**
|
||||
* Query to get report resources
|
||||
*
|
||||
* @author mvoigt
|
||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||
*/
|
||||
public class ReportSearch extends ResourceSearch {
|
||||
|
||||
public ReportSearch() {
|
||||
public ReportSearch(StrolchTransaction tx) {
|
||||
types(TYPE_REPORT);
|
||||
|
||||
IPrivilege reportPrivilege = tx.getPrivilegeContext().getPrivilege(ReportSearch.class.getName());
|
||||
if (!reportPrivilege.isAllAllowed()) {
|
||||
Set<String> allowedReportIds = reportPrivilege.getAllowList();
|
||||
where(id().isIn(allowedReportIds));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue