94 lines
3.4 KiB
Java
94 lines
3.4 KiB
Java
package eu.eudat.data;
|
|
|
|
import eu.eudat.authorization.Permission;
|
|
import eu.eudat.commons.scope.tenant.TenantScope;
|
|
import eu.eudat.commons.scope.tenant.TenantScoped;
|
|
import gr.cite.commons.web.authz.service.AuthorizationService;
|
|
import gr.cite.commons.web.oidc.principal.CurrentPrincipalResolver;
|
|
import gr.cite.commons.web.oidc.principal.extractor.ClaimExtractor;
|
|
import gr.cite.tools.exception.MyForbiddenException;
|
|
|
|
import jakarta.persistence.*;
|
|
import org.springframework.stereotype.Service;
|
|
import org.springframework.web.context.annotation.RequestScope;
|
|
|
|
import javax.management.InvalidApplicationException;
|
|
|
|
import java.util.UUID;
|
|
|
|
@Service
|
|
@RequestScope
|
|
public class TenantEntityManager {
|
|
@PersistenceContext
|
|
private EntityManager entityManager;
|
|
// private final CurrentPrincipalResolver currentPrincipalResolver;
|
|
// private final ClaimExtractor claimExtractor;
|
|
// private final AuthorizationService authorizationService;
|
|
private final TenantScope tenantScope;
|
|
|
|
public TenantEntityManager(TenantScope tenantScope) {
|
|
this.tenantScope = tenantScope;
|
|
}
|
|
|
|
|
|
public void persist(Object entity) {
|
|
this.entityManager.persist(entity);
|
|
}
|
|
|
|
public <T> T merge(T entity) throws InvalidApplicationException {
|
|
if (tenantScope.isMultitenant() && (entity instanceof TenantScoped)) {
|
|
// this.currentPrincipalResolver.currentPrincipal().isAuthenticated();
|
|
// this.claimExtractor.subjectUUID(this.currentPrincipalResolver.currentPrincipal());
|
|
// boolean isAllowedNoTenant = authorizationService.authorize(Permission.AllowNoTenant);
|
|
|
|
boolean isAllowedNoTenant = ((TenantScoped) entity).allowNullTenant();
|
|
final UUID tenantId = !isAllowedNoTenant ? tenantScope.getTenant() : null;
|
|
if (!isAllowedNoTenant && !tenantId.equals(((TenantScoped) entity).getTenantId())) throw new MyForbiddenException("tenant tampering");
|
|
}
|
|
return this.entityManager.merge(entity);
|
|
}
|
|
|
|
public void remove(Object entity) throws InvalidApplicationException {
|
|
if (tenantScope.isMultitenant() && (entity instanceof TenantScoped)) {
|
|
boolean isAllowedNoTenant = ((TenantScoped) entity).allowNullTenant();
|
|
final UUID tenantId = !isAllowedNoTenant ? tenantScope.getTenant() : null;
|
|
if (!isAllowedNoTenant && !tenantId.equals(((TenantScoped) entity).getTenantId())) throw new MyForbiddenException("tenant tampering");
|
|
}
|
|
this.entityManager.remove(entity);
|
|
}
|
|
|
|
public <T> T find(Class<T> entityClass, Object primaryKey) throws InvalidApplicationException {
|
|
T entity = this.entityManager.find(entityClass, primaryKey);
|
|
|
|
if (tenantScope.isMultitenant() && (entity instanceof TenantScoped)) {
|
|
// this.currentPrincipalResolver.currentPrincipal().isAuthenticated();
|
|
// this.claimExtractor.subjectUUID(this.currentPrincipalResolver.currentPrincipal());
|
|
// boolean isAllowedNoTenant = authorizationService.authorize(Permission.AllowNoTenant);
|
|
|
|
boolean isAllowedNoTenant = ((TenantScoped) entity).allowNullTenant();
|
|
final UUID tenantId = !isAllowedNoTenant ? tenantScope.getTenant() : null;
|
|
if (!isAllowedNoTenant && !tenantId.equals(((TenantScoped) entity).getTenantId())) return null;
|
|
}
|
|
return entity;
|
|
}
|
|
|
|
public void flush() {
|
|
this.entityManager.flush();
|
|
}
|
|
|
|
|
|
public void setFlushMode(FlushModeType flushMode) {
|
|
this.entityManager.setFlushMode(flushMode);
|
|
|
|
}
|
|
|
|
public FlushModeType getFlushMode() {
|
|
return this.entityManager.getFlushMode();
|
|
}
|
|
|
|
public void clear() {
|
|
this.entityManager.clear();
|
|
}
|
|
|
|
}
|