fix description authz
This commit is contained in:
parent
388857cdce
commit
65d62b2849
|
@ -41,7 +41,7 @@ public class DescriptionReferenceCensor extends BaseCensor {
|
|||
if (fields == null || fields.isEmpty())
|
||||
return;
|
||||
|
||||
this.authService.authorizeForce(Permission.BrowseDescriptionReference);
|
||||
this.authService.authorizeForce(Permission.BrowseDescriptionReference, Permission.DeferredAffiliation);
|
||||
FieldSet descriptionFields = fields.extractPrefixed(this.asIndexerPrefix(DescriptionReference._description));
|
||||
this.censorFactory.censor(DescriptionCensor.class).censor(descriptionFields, userId);
|
||||
FieldSet referenceFields = fields.extractPrefixed(this.asIndexerPrefix(DescriptionReference._reference));
|
||||
|
|
|
@ -41,7 +41,7 @@ public class DescriptionTagCensor extends BaseCensor {
|
|||
if (fields == null || fields.isEmpty())
|
||||
return;
|
||||
|
||||
this.authService.authorizeForce(Permission.BrowseDescriptionTag);
|
||||
this.authService.authorizeForce(Permission.BrowseDescriptionTag, Permission.DeferredAffiliation);
|
||||
FieldSet descriptionFields = fields.extractPrefixed(this.asIndexerPrefix(DescriptionTag._description));
|
||||
this.censorFactory.censor(DescriptionCensor.class).censor(descriptionFields, userId);
|
||||
FieldSet tagFields = fields.extractPrefixed(this.asIndexerPrefix(DescriptionTag._tag));
|
||||
|
|
|
@ -33,7 +33,7 @@ public class FieldCensor extends BaseCensor {
|
|||
if (fields == null || fields.isEmpty())
|
||||
return;
|
||||
|
||||
this.authService.authorizeForce(Permission.BrowseDescription);
|
||||
this.authService.authorizeForce(Permission.BrowseDescription, Permission.DeferredAffiliation);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -41,7 +41,7 @@ public class PropertyDefinitionCensor extends BaseCensor {
|
|||
if (fields == null || fields.isEmpty())
|
||||
return;
|
||||
|
||||
this.authService.authorizeForce(Permission.BrowseDescription);
|
||||
this.authService.authorizeForce(Permission.BrowseDescription, Permission.DeferredAffiliation);
|
||||
FieldSet fieldSetFields = fields.extractPrefixed(this.asIndexerPrefix(PropertyDefinition._fieldSets));
|
||||
this.censorFactory.censor(PropertyDefinitionFieldSetCensor.class).censor(fieldSetFields, userId);
|
||||
}
|
||||
|
|
|
@ -39,7 +39,7 @@ public class PropertyDefinitionFieldSetCensor extends BaseCensor {
|
|||
if (fields == null || fields.isEmpty())
|
||||
return;
|
||||
|
||||
this.authService.authorizeForce(Permission.BrowseDescription);
|
||||
this.authService.authorizeForce(Permission.BrowseDescription, Permission.DeferredAffiliation);
|
||||
FieldSet itemsFields = fields.extractPrefixed(this.asIndexerPrefix(PropertyDefinitionFieldSet._items));
|
||||
this.censorFactory.censor(PropertyDefinitionFieldSetItemCensor.class).censor(itemsFields, userId);
|
||||
}
|
||||
|
|
|
@ -39,7 +39,7 @@ public class PropertyDefinitionFieldSetItemCensor extends BaseCensor {
|
|||
if (fields == null || fields.isEmpty())
|
||||
return;
|
||||
|
||||
this.authService.authorizeForce(Permission.BrowseDescription);
|
||||
this.authService.authorizeForce(Permission.BrowseDescription, Permission.DeferredAffiliation);
|
||||
FieldSet fieldFields = fields.extractPrefixed(this.asIndexerPrefix(PropertyDefinitionFieldSetItem._fields));
|
||||
this.censorFactory.censor(FieldCensor.class).censor(fieldFields, userId);
|
||||
}
|
||||
|
|
|
@ -154,14 +154,16 @@ public class DescriptionReferenceQuery extends QueryBase<DescriptionReferenceEnt
|
|||
boolean usePublic = this.authorize.contains(AuthorizationFlags.Public);
|
||||
if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe();
|
||||
else userId = null;
|
||||
if (this.authorize.contains(AuthorizationFlags.Owner)) userId = this.userScope.getUserIdSafe();
|
||||
|
||||
List<Predicate> predicates = new ArrayList<>();
|
||||
if (userId != null || usePublic ) {
|
||||
UUID finalUserId = userId;
|
||||
Subquery<UUID> descriptionSubquery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>(
|
||||
new BuildSubQueryInput.Builder<>(DescriptionEntity.class, UUID.class, queryContext)
|
||||
.keyPathFunc((subQueryRoot) -> subQueryRoot.get(DescriptionEntity._id))
|
||||
.filterFunc((subQueryRoot, cb) ->
|
||||
cb.in(subQueryRoot.get(DescriptionEntity._dmpDescriptionTemplateId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId, usePublic))
|
||||
cb.in(subQueryRoot.get(DescriptionEntity._dmpDescriptionTemplateId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, finalUserId, usePublic))
|
||||
)
|
||||
));
|
||||
predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(DescriptionReferenceEntity._descriptionId)).value(descriptionSubquery));
|
||||
|
|
|
@ -152,14 +152,16 @@ public class DescriptionTagQuery extends QueryBase<DescriptionTagEntity> {
|
|||
boolean usePublic = this.authorize.contains(AuthorizationFlags.Public);
|
||||
if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe();
|
||||
else userId = null;
|
||||
if (this.authorize.contains(AuthorizationFlags.Owner)) userId = this.userScope.getUserIdSafe();
|
||||
|
||||
List<Predicate> predicates = new ArrayList<>();
|
||||
if (userId != null || usePublic ) {
|
||||
UUID finalUserId = userId;
|
||||
Subquery<UUID> descriptionSubquery = queryUtilsService.buildSubQuery(new BuildSubQueryInput<>(
|
||||
new BuildSubQueryInput.Builder<>(DescriptionEntity.class, UUID.class, queryContext)
|
||||
.keyPathFunc((subQueryRoot) -> subQueryRoot.get(DescriptionEntity._id))
|
||||
.filterFunc((subQueryRoot, cb) ->
|
||||
cb.in(subQueryRoot.get(DescriptionEntity._dmpDescriptionTemplateId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, userId, usePublic))
|
||||
cb.in(subQueryRoot.get(DescriptionEntity._dmpDescriptionTemplateId)).value(queryUtilsService.buildDmpAuthZSubQuery(queryContext.Query, queryContext.CriteriaBuilder, finalUserId, usePublic))
|
||||
)
|
||||
));
|
||||
predicates.add(queryContext.CriteriaBuilder.in(queryContext.Root.get(DescriptionTagEntity._descriptionId)).value(descriptionSubquery));
|
||||
|
|
Loading…
Reference in New Issue