Package org.openbravo.base.model

Examples of org.openbravo.base.model.Entity


          + w.getId() + "'";
      @SuppressWarnings("unchecked")
      final List<Tab> ts = SessionHandler.getInstance().createQuery(tfQryStr).list();
      for (final Tab t : ts) {
        final String tableName = t.getTable().getDBTableName();
        final Entity e = mp.getEntityByTableName(tableName);
        if (e == null) { // happens for AD_Client_Info and views
          continue;
        }

        final String accessLevel = t.getTable().getDataAccessLevel();
        if (!hasCorrectAccessLevel(userLevel, accessLevel)) {
          continue;
        }

        if (writeAccess) {
          writableEntities.add(e);
          readableEntities.add(e);
        } else {
          readableEntities.add(e);
        }
      }
    }

    // and take into account table access
    final String tafQryStr = "select ta from " + TableAccess.class.getName()
        + " ta where role.id='" + getRoleId() + "'";
    @SuppressWarnings("unchecked")
    final List<TableAccess> tas = SessionHandler.getInstance().createQuery(tafQryStr).list();
    for (final TableAccess ta : tas) {
      final String accessLevel = ta.getTable().getDataAccessLevel();
      if (!hasCorrectAccessLevel(userLevel, accessLevel)) {
        continue;
      }

      final String tableName = ta.getTable().getName();
      final Entity e = mp.getEntityByTableName(tableName);

      if (ta.isExclude()) {
        readableEntities.remove(e);
        writableEntities.remove(e);
        nonReadableEntities.add(e);
      } else if (ta.isReadOnly()) {
        writableEntities.remove(e);
      }
    }

    // and compute the derived readable
    for (final Entity e : readableEntities) {
      for (final Property p : e.getProperties()) {
        if (p.getTargetEntity() != null && !readableEntities.contains(p.getTargetEntity())) {
          derivedReadableEntities.add(p.getTargetEntity());
          addDerivedReadableIdentifierProperties(p.getTargetEntity());
        }
      }
View Full Code Here


  }

  public void checkDeleteAllowed(Object o) {
    if (!OBContext.getOBContext().isInAdministratorMode() && o instanceof BaseOBObject) {
      final BaseOBObject bob = (BaseOBObject) o;
      final Entity entity = ModelProvider.getInstance().getEntity(bob.getEntityName());
      if (!entity.isDeletable()) {
        throw new OBSecurityException("Entity " + entity.getName() + " is not deletable");
      }
    }
    checkWriteAccess(o);
  }
View Full Code Here

   * @see EntityResolver#resolve(String, String, boolean)
   */
  @Override
  public BaseOBObject resolve(String entityName, String id, boolean referenced) {

    final Entity entity = ModelProvider.getInstance().getEntity(entityName);

    BaseOBObject result = null;

    // The zero organization is in fact a system level concept, return it
    // always
View Full Code Here

    String orgId = "";
    if (obj instanceof OrganizationEnabled && ((OrganizationEnabled) obj).getOrganization() != null) {
      orgId = (String) DalUtil.getId(((OrganizationEnabled) obj).getOrganization());
    }

    final Entity entity = ((BaseOBObject) obj).getEntity();
    if (!obContext.isInAdministratorMode() && clientId.length() > 0) {
      if (obj instanceof ClientEnabled) {
        if (!obContext.getCurrentClient().getId().equals(clientId)) {
          return false;
        }
      }

      // todo can be improved by only checking if the client or
      // organization
      // actually changed...
      if (!obContext.getEntityAccessChecker().isWritable(entity)) {
        return false;
      }

      if (obj instanceof OrganizationEnabled && orgId.length() > 0) {
        if (!obContext.getWritableOrganizations().contains(orgId)) {
          return false;
        }
      }
    }

    // accesslevel check must also be done for administrators
    try {
      entity.checkAccessLevel(clientId, orgId);
    } catch (final OBSecurityException e) {
      return false;
    }
    return true;
  }
View Full Code Here

    String orgId = "";
    if (obj instanceof OrganizationEnabled && ((OrganizationEnabled) obj).getOrganization() != null) {
      orgId = (String) DalUtil.getId(((OrganizationEnabled) obj).getOrganization());
    }

    final Entity entity = ((BaseOBObject) obj).getEntity();
    if (!obContext.isInAdministratorMode() && clientId.length() > 0) {
      if (obj instanceof ClientEnabled) {
        if (!obContext.getCurrentClient().getId().equals(clientId)) {
          // TODO: maybe move rollback to exception throwing
          SessionHandler.getInstance().setDoRollback(true);
          throw new OBSecurityException("Client (" + clientId + ") of object (" + obj
              + ") is not present in ClientList " + obContext.getCurrentClient().getId());
        }
      }

      // todo can be improved by only checking if the client or
      // organization
      // actually changed...
      obContext.getEntityAccessChecker().checkWritable(entity);

      if (obj instanceof OrganizationEnabled && orgId != null && orgId.length() > 0) {
        // todo as only the id is required this can be made much more
        // efficient
        // by
        // not loading the hibernate proxy
        if (!obContext.getWritableOrganizations().contains(orgId)) {
          // TODO: maybe move rollback to exception throwing
          SessionHandler.getInstance().setDoRollback(true);
          throw new OBSecurityException("Organization " + orgId + " of object (" + obj
              + ") is not present in OrganizationList " + obContext.getWritableOrganizations());
        }
      }
    }

    // accesslevel check must also be done for administrators
    entity.checkAccessLevel(clientId, orgId);
  }
View Full Code Here

    return super.uniqueResult();
  }

  void initialize() {
    final OBContext obContext = OBContext.getOBContext();
    final Entity e = getEntity();

    OBContext.getOBContext().getEntityAccessChecker().checkReadable(e);

    if (isFilterOnReadableOrganization() && e.isOrganizationPartOfKey()) {
      add(Restrictions.in("id." + PROPERTY_ORGANIZATION + ".id", obContext
          .getReadableOrganizations()));

    } else if (isFilterOnReadableOrganization() && e.isOrganizationEnabled()) {
      add(Restrictions.in(PROPERTY_ORGANIZATION + ".id", obContext.getReadableOrganizations()));
    }

    if (isFilterOnReadableClients() && getEntity().isClientEnabled()) {
      add(Restrictions.in(PROPERTY_CLIENT + ".id", obContext.getReadableClients()));
    }

    if (isFilterOnActive() && e.isActiveEnabled()) {
      add(Restrictions.eq(Organization.PROPERTY_ACTIVE, true));
    }

    // add the order by and create a join if necessary
    for (final OrderBy ob : orderBys) {
View Full Code Here

    }
  }

  String createQueryString() {
    final OBContext obContext = OBContext.getOBContext();
    final Entity e = getEntity();

    // split the orderby and where
    final String qryStr = getWhereAndOrderBy();
    final String orderByClause;
    String whereClause;
    final int orderByIndex = qryStr.toLowerCase().indexOf("order by");
    if (orderByIndex != -1) {
      whereClause = qryStr.substring(0, orderByIndex);
      orderByClause = qryStr.substring(orderByIndex);
    } else {
      whereClause = qryStr;
      orderByClause = "";
    }

    // strip the where, is added later
    if (whereClause.trim().toLowerCase().startsWith("where")) {
      final int whereIndex = whereClause.toLowerCase().indexOf("where");
      if (whereIndex != -1) {
        whereClause = whereClause.substring(1 + whereIndex + "where".length());
      }
    }

    // the query can start with an alias to support joins
    //
    String alias = null;
    // this is a space on purpose
    String prefix = " ";
    if (whereClause.toLowerCase().trim().startsWith("as")) {
      // strip the as
      final String strippedWhereClause = whereClause.toLowerCase().trim().substring(2).trim();
      // get the next space
      final int index = strippedWhereClause.indexOf(" ");
      alias = strippedWhereClause.substring(0, index);
      prefix = alias + ".";
    }

    // The following if is there because the clauses which are added should
    // all be and-ed. Special cases which need to be handled:
    // left join a left join b where a.id is not null or b.id is not null
    // id='0' and exists (from ADModelObject as mo where mo.id=id)
    // id='0'
    boolean addWhereClause = true;
    if (whereClause.trim().length() > 0) {
      if (!whereClause.toLowerCase().contains("where")) {
        // simple case: id='0's
        whereClause = " where (" + whereClause + ")";
        addWhereClause = false;
      } else {
        // check if the where is before
        final int fromIndex = whereClause.toLowerCase().indexOf("from");
        int whereIndex = -1;
        if (fromIndex == -1) {
          // already there and no from
          // now find the place where to put the brackets
          // case: left join a left join b where a.id is not null or
          // b.id is not null

          whereIndex = whereClause.toLowerCase().indexOf("where");
          Check.isTrue(whereIndex != -1, "Where not found in string: " + whereClause);
        } else {
          // example: id='0' and exists (from ADModelObject as mo
          // where mo.id=id)
          // example: left join x where id='0' and x.id=id and exists
          // (from ADModelObject as mo where mo.id=id)

          // check if the whereClause is before the first from
          whereIndex = whereClause.toLowerCase().substring(0, fromIndex).indexOf("where");
        }

        if (whereIndex != -1) {
          // example: left join x where id='0' and x.id=id and exists
          // (from ADModelObject as mo where mo.id=id)
          addWhereClause = false;
          // now put the ( at the correct place
          final int endOfWhere = whereIndex + "where".length();
          whereClause = whereClause.substring(0, endOfWhere) + " ("
              + whereClause.substring(endOfWhere) + ")";
        } else { // no whereclause before the from
          // example: id='0' and exists (from ADModelObject as mo
          // where mo.id=id)
          whereClause = " where (" + whereClause + ")";
          addWhereClause = false;
        }
      }
    }
    OBContext.getOBContext().getEntityAccessChecker().checkReadable(e);

    if (isFilterOnReadableOrganization() && e.isOrganizationPartOfKey()) {
      whereClause = (addWhereClause ? " where " : "") + addAnd(whereClause) + prefix
          + "id.organization.id " + createInClause(obContext.getReadableOrganizations());
      if (addWhereClause) {
        addWhereClause = false;
      }
    } else if (isFilterOnReadableOrganization() && e.isOrganizationEnabled()) {
      whereClause = (addWhereClause ? " where " : "") + addAnd(whereClause) + prefix
          + "organization.id " + createInClause(obContext.getReadableOrganizations());
      if (addWhereClause) {
        addWhereClause = false;
      }
    }

    if (isFilterOnReadableClients() && getEntity().isClientEnabled()) {
      whereClause = (addWhereClause ? " where " : "") + addAnd(whereClause) + prefix + "client.id "
          + createInClause(obContext.getReadableClients());
      if (addWhereClause) {
        addWhereClause = false;
      }
    }

    if (isFilterOnActive() && e.isActiveEnabled()) {
      whereClause = (addWhereClause ? " where " : "") + addAnd(whereClause) + prefix
          + "active='Y' ";
      if (addWhereClause) {
        addWhereClause = false;
      }
View Full Code Here

   *          with the same property values for the unique constraint properties
   * @return a list of objects which match the passed obObject on the unique constraint properties
   * @see Entity#getUniqueConstraints()
   */
  public List<BaseOBObject> findUniqueConstrainedObjects(BaseOBObject obObject) {
    final Entity entity = obObject.getEntity();
    final List<BaseOBObject> result = new ArrayList<BaseOBObject>();
    final Object id = obObject.getId();
    for (final UniqueConstraint uc : entity.getUniqueConstraints()) {
      final OBCriteria<BaseOBObject> criteria = createCriteria(entity.getName());
      if (id != null) {
        criteria.add(Expression.ne("id", id));
      }
      for (final Property p : uc.getProperties()) {
        final Object value = obObject.getValue(p.getName());
View Full Code Here

    // allow read access to those, otherwise it is really
    // difficult to use querying on these very generic values
    if (entityName.equals(Client.ENTITY_NAME) || entityName.equals(Organization.ENTITY_NAME)) {
      return;
    }
    final Entity e = ModelProvider.getInstance().getEntity(entityName);
    OBContext.getOBContext().getEntityAccessChecker().checkReadable(e);
  }
View Full Code Here

      // note that embedded children are updated but non-embedded children
      // are not updated!
      final boolean preventRealUpdate = !writable
          || (hasReferenceAttribute && !bob.isNewOBObject());

      final Entity entity = ModelProvider.getInstance().getEntity(obElement.getName());
      boolean updated = false;

      // now parse the property elements
      while (true) {
        xmlReader.nextTag();

        if (isAtEndElement(xmlReader, entityName)) {
          break;
        }

        final LocalElement childElement = getElement(xmlReader);
        final Property p = entity.getProperty(childElement.getName());
        log.debug(">>> Importing property " + p.getName());

        // TODO: make this option controlled
        final boolean isNotImportableProperty = p.isTransient(bob)
            || (p.isAuditInfo() && !isOptionImportAuditInfo()) || p.isInactive();
View Full Code Here

TOP

Related Classes of org.openbravo.base.model.Entity

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.