Package ch.tocco.nice2.persist.security.impl.hibernate.query

Class SecureQueryInterceptor

java.lang.Object

ch.tocco.nice2.persist.security.impl.hibernate.query.SecureQueryInterceptor

All Implemented Interfaces:

QueryBuilderInterceptor

@Component
public class SecureQueryInterceptor
extends Object
implements QueryBuilderInterceptor

An implementation of QueryBuilderInterceptor which adds predicates based on the ACL rules of the current user.

Nested Class Summary

Nested classes/interfaces inherited from interface ch.tocco.nice2.persist.core.api.hibernate.query.QueryBuilderInterceptor

QueryBuilderInterceptor.QueryBuilderSituation, QueryBuilderInterceptor.QueryBuilderType, QueryBuilderInterceptor.SelectionInterceptor

Constructor Summary

Constructors

Constructor	Description
SecureQueryInterceptor(SecureTreeQuery secureTreeQuery, SecurityManager securityManager, Context context)

Method Summary

Modifier and Type	Method	Description
<T> List<Node>	buildConditionFor(Class<T> modelClass, boolean isInsecure, QueryBuilderInterceptor.QueryBuilderType queryBuilderType, QueryBuilderInterceptor.QueryBuilderSituation queryBuilderSituation)
QueryBuilderInterceptor.SelectionInterceptor	createSelectionInterceptor(EntityModel root, String basePath, List<Path> fields)	Called for each 'base path' (a path without a field) that is selected in CriteriaQueryBuilder query that uses a custom selection.
List<Node>	fieldUsedInQueryCondition(Class<?> modelClass, String field, boolean isInsecure)	Called for every field that is used in a condition.
void	setInterceptJoins(boolean interceptJoins)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecureQueryInterceptor

public SecureQueryInterceptor(@Lazy
 SecureTreeQuery secureTreeQuery,
 @Lazy
 SecurityManager securityManager,
 @Lazy
 Context context)

Method Details

setInterceptJoins

@Value("${persist.security.enableSecurityOnJoins}")
public void setInterceptJoins(boolean interceptJoins)

buildConditionFor

public <T> List<Node> buildConditionFor(Class<T> modelClass,
 boolean isInsecure,
 QueryBuilderInterceptor.QueryBuilderType queryBuilderType,
 QueryBuilderInterceptor.QueryBuilderSituation queryBuilderSituation)

Specified by:

buildConditionFor in interface QueryBuilderInterceptor

createSelectionInterceptor

public QueryBuilderInterceptor.SelectionInterceptor createSelectionInterceptor(EntityModel root,
 String basePath,
 List<Path> fields)

Description copied from interface: QueryBuilderInterceptor

Called for each 'base path' (a path without a field) that is selected in CriteriaQueryBuilder query that uses a custom selection. The returned interceptor may add additional query paths and inspect / modify the results.

Specified by:

createSelectionInterceptor in interface QueryBuilderInterceptor

Returns:

the QueryBuilderInterceptor.SelectionInterceptor that should be applied or null

fieldUsedInQueryCondition

public List<Node> fieldUsedInQueryCondition(Class<?> modelClass,
 String field,
 boolean isInsecure)

Description copied from interface: QueryBuilderInterceptor

Called for every field that is used in a condition. For example the condition 'find User where relAddress.value = "xy"' would result in 2 calls: ["User", "relAddress"] and ["Address", "value"]. The nodes returned from this method will be added to the query.

Specified by:

fieldUsedInQueryCondition in interface QueryBuilderInterceptor