Examples of org.openbravo.dal.core.OBContext

• org.openbravo.dal.core.OBContext
  Models the context in which Data Access Layer actions are executed. Contains the user, the client and the allowed organizations. This class contains specific logic to compute the allowed organizations and clients for both read and write access. The OBContext instance is made available to other threads through the static ThreadLocal and the getInstance method. The OBContext can be serialized as part of the Tomcat persistent session mechanism. @author mtaal

    purgeCache();
    if (ce != null) {
      ce.setLastUsed(System.currentTimeMillis());
      return ce.getObContext();
    }
    final OBContext obContext = OBContext.createOBContext(userId);
    ce = new CacheEntry();
    ce.setLastUsed(System.currentTimeMillis());
    ce.setObContext(obContext);
    ce.setUserId(userId);
    cache.put(userId, ce);

   */
  public void execute(ProcessBundle bundle) throws Exception {
    final ProcessContext processContext = bundle.getContext();

    boolean errorOccured = true;
    final OBContext currentOBContext = OBContext.getOBContext();
    try {
      String userId = processContext.getUser();
      String roleId = processContext.getRole();
      String clientId = processContext.getClient();
      String orgId = processContext.getOrganization();

    // user_client and user_org
    // TODO: throw specific and translated exception, for more info:
    // Utility.translateError(this, vars, vars.getLanguage(),
    // Utility.messageBD(this, "NoWriteAccess", vars.getLanguage()))

    final OBContext obContext = OBContext.getOBContext();

    String clientId = "";
    if (obj instanceof ClientEnabled && ((ClientEnabled) obj).getClient() != null) {
      clientId = (String) DalUtil.getId(((ClientEnabled) obj).getClient());
    }
    String orgId = "";
    if (obj instanceof OrganizationEnabled && ((OrganizationEnabled) obj).getOrganization() != null) {
      orgId = (String) DalUtil.getId(((OrganizationEnabled) obj).getOrganization());
    }

    final Entity entity = ((BaseOBObject) obj).getEntity();
    if (!obContext.isInAdministratorMode() && clientId.length() > 0) {
      if (obj instanceof ClientEnabled) {
        if (!obContext.getCurrentClient().getId().equals(clientId)) {
          return false;
        }
      }

      // todo can be improved by only checking if the client or
      // organization
      // actually changed...
      if (!obContext.getEntityAccessChecker().isWritable(entity)) {
        return false;
      }

      if (obj instanceof OrganizationEnabled && orgId.length() > 0) {
        if (!obContext.getWritableOrganizations().contains(orgId)) {
          return false;
        }
      }
    }

    // check that the client id and organization id are resp. in the list of
    // user_client and user_org
    // TODO: throw specific and translated exception, for more info:
    // Utility.translateError(this, vars, vars.getLanguage(),
    // Utility.messageBD(this, "NoWriteAccess", vars.getLanguage()))
    final OBContext obContext = OBContext.getOBContext();

    String clientId = "";
    if (obj instanceof ClientEnabled && ((ClientEnabled) obj).getClient() != null) {
      clientId = (String) DalUtil.getId(((ClientEnabled) obj).getClient());
    }
    String orgId = "";
    if (obj instanceof OrganizationEnabled && ((OrganizationEnabled) obj).getOrganization() != null) {
      orgId = (String) DalUtil.getId(((OrganizationEnabled) obj).getOrganization());
    }

    final Entity entity = ((BaseOBObject) obj).getEntity();
    if (!obContext.isInAdministratorMode() && clientId.length() > 0) {
      if (obj instanceof ClientEnabled) {
        if (!obContext.getCurrentClient().getId().equals(clientId)) {
          // TODO: maybe move rollback to exception throwing
          SessionHandler.getInstance().setDoRollback(true);
          throw new OBSecurityException("Client (" + clientId + ") of object (" + obj
              + ") is not present in ClientList " + obContext.getCurrentClient().getId());
        }
      }

      // todo can be improved by only checking if the client or
      // organization
      // actually changed...
      obContext.getEntityAccessChecker().checkWritable(entity);

      if (obj instanceof OrganizationEnabled && orgId != null && orgId.length() > 0) {
        // todo as only the id is required this can be made much more
        // efficient
        // by
        // not loading the hibernate proxy
        if (!obContext.getWritableOrganizations().contains(orgId)) {
          // TODO: maybe move rollback to exception throwing
          SessionHandler.getInstance().setDoRollback(true);
          throw new OBSecurityException("Organization " + orgId + " of object (" + obj
              + ") is not present in OrganizationList " + obContext.getWritableOrganizations());
        }
      }
    }

    // accesslevel check must also be done for administrators

    initialize();
    return super.uniqueResult();
  }

  void initialize() {
    final OBContext obContext = OBContext.getOBContext();
    final Entity e = getEntity();

    OBContext.getOBContext().getEntityAccessChecker().checkReadable(e);

    if (isFilterOnReadableOrganization() && e.isOrganizationPartOfKey()) {
      add(Restrictions.in("id." + PROPERTY_ORGANIZATION + ".id", obContext
          .getReadableOrganizations()));

    } else if (isFilterOnReadableOrganization() && e.isOrganizationEnabled()) {
      add(Restrictions.in(PROPERTY_ORGANIZATION + ".id", obContext.getReadableOrganizations()));
    }

    if (isFilterOnReadableClients() && getEntity().isClientEnabled()) {
      add(Restrictions.in(PROPERTY_CLIENT + ".id", obContext.getReadableClients()));
    }

    if (isFilterOnActive() && e.isActiveEnabled()) {
      add(Restrictions.eq(Organization.PROPERTY_ACTIVE, true));
    }

      throw new OBException("Exception when creating query " + qryStr, e);
    }
  }

  String createQueryString() {
    final OBContext obContext = OBContext.getOBContext();
    final Entity e = getEntity();

    // split the orderby and where
    final String qryStr = getWhereAndOrderBy();
    final String orderByClause;
    String whereClause;
    final int orderByIndex = qryStr.toLowerCase().indexOf("order by");
    if (orderByIndex != -1) {
      whereClause = qryStr.substring(0, orderByIndex);
      orderByClause = qryStr.substring(orderByIndex);
    } else {
      whereClause = qryStr;
      orderByClause = "";
    }

    // strip the where, is added later
    if (whereClause.trim().toLowerCase().startsWith("where")) {
      final int whereIndex = whereClause.toLowerCase().indexOf("where");
      if (whereIndex != -1) {
        whereClause = whereClause.substring(1 + whereIndex + "where".length());
      }
    }

    // the query can start with an alias to support joins
    //
    String alias = null;
    // this is a space on purpose
    String prefix = " ";
    if (whereClause.toLowerCase().trim().startsWith("as")) {
      // strip the as
      final String strippedWhereClause = whereClause.toLowerCase().trim().substring(2).trim();
      // get the next space
      final int index = strippedWhereClause.indexOf(" ");
      alias = strippedWhereClause.substring(0, index);
      prefix = alias + ".";
    }

    // The following if is there because the clauses which are added should
    // all be and-ed. Special cases which need to be handled:
    // left join a left join b where a.id is not null or b.id is not null
    // id='0' and exists (from ADModelObject as mo where mo.id=id)
    // id='0'
    boolean addWhereClause = true;
    if (whereClause.trim().length() > 0) {
      if (!whereClause.toLowerCase().contains("where")) {
        // simple case: id='0's
        whereClause = " where (" + whereClause + ")";
        addWhereClause = false;
      } else {
        // check if the where is before
        final int fromIndex = whereClause.toLowerCase().indexOf("from");
        int whereIndex = -1;
        if (fromIndex == -1) {
          // already there and no from
          // now find the place where to put the brackets
          // case: left join a left join b where a.id is not null or
          // b.id is not null

          whereIndex = whereClause.toLowerCase().indexOf("where");
          Check.isTrue(whereIndex != -1, "Where not found in string: " + whereClause);
        } else {
          // example: id='0' and exists (from ADModelObject as mo
          // where mo.id=id)
          // example: left join x where id='0' and x.id=id and exists
          // (from ADModelObject as mo where mo.id=id)

          // check if the whereClause is before the first from
          whereIndex = whereClause.toLowerCase().substring(0, fromIndex).indexOf("where");
        }

        if (whereIndex != -1) {
          // example: left join x where id='0' and x.id=id and exists
          // (from ADModelObject as mo where mo.id=id)
          addWhereClause = false;
          // now put the ( at the correct place
          final int endOfWhere = whereIndex + "where".length();
          whereClause = whereClause.substring(0, endOfWhere) + " ("
              + whereClause.substring(endOfWhere) + ")";
        } else { // no whereclause before the from
          // example: id='0' and exists (from ADModelObject as mo
          // where mo.id=id)
          whereClause = " where (" + whereClause + ")";
          addWhereClause = false;
        }
      }
    }
    OBContext.getOBContext().getEntityAccessChecker().checkReadable(e);

    if (isFilterOnReadableOrganization() && e.isOrganizationPartOfKey()) {
      whereClause = (addWhereClause ? " where " : "") + addAnd(whereClause) + prefix
          + "id.organization.id " + createInClause(obContext.getReadableOrganizations());
      if (addWhereClause) {
        addWhereClause = false;
      }
    } else if (isFilterOnReadableOrganization() && e.isOrganizationEnabled()) {
      whereClause = (addWhereClause ? " where " : "") + addAnd(whereClause) + prefix
          + "organization.id " + createInClause(obContext.getReadableOrganizations());
      if (addWhereClause) {
        addWhereClause = false;
      }
    }

    if (isFilterOnReadableClients() && getEntity().isClientEnabled()) {
      whereClause = (addWhereClause ? " where " : "") + addAnd(whereClause) + prefix + "client.id "
          + createInClause(obContext.getReadableClients());
      if (addWhereClause) {
        addWhereClause = false;
      }
    }

    return result;
  }

  // TODO: this is maybe not the best location for this functionality??
  protected void setClientOrganization(Object o) {
    final OBContext obContext = OBContext.getOBContext();
    if (o instanceof ClientEnabled) {
      final ClientEnabled ce = (ClientEnabled) o;
      // reread the client
      if (ce.getClient() == null) {
        final Client client = SessionHandler.getInstance().find(Client.class,
            obContext.getCurrentClient().getId());
        ce.setClient(client);
      }
    }
    if (o instanceof OrganizationEnabled) {
      final OrganizationEnabled oe = (OrganizationEnabled) o;
      // reread the client and organization
      if (oe.getOrganization() == null) {
        final Organization org = SessionHandler.getInstance().find(Organization.class,
            obContext.getCurrentOrganization().getId());
        oe.setOrganization(org);
      }
    }
  }

    p.checkIsWritable();
    setValue(propName, value);
  }

  protected void checkDerivedReadable(Property p) {
    final OBContext obContext = OBContext.getOBContext();
    // obContext can be null in the OBContext initialize method
    if (obContext != null && obContext.isInitialized() && !obContext.isInAdministratorMode()) {
      if (isDerivedReadable == null) {
        isDerivedReadable = obContext.getEntityAccessChecker().isDerivedReadable(getEntity());
      }

      if (isDerivedReadable && !p.allowDerivedRead()) {
        throw new OBSecurityException(
            "Entity "

    setBigBazaarUserContext();
    doCheckUser();
  }

  private void doCheckUser() {
    final OBContext obContext = OBContext.getOBContext();
    final Set<String> writOrgs = obContext.getWritableOrganizations();
    final String[] readOrgs = obContext.getReadableOrganizations();
    final StringBuilder sb = new StringBuilder();
    for (final String s : readOrgs) {
      sb.append("," + s);
    }

   *
   * @see OBContext#getReadableClients()
   * @see OBContext#getCurrentClient()
   */
  public void testClient() {
    final OBContext obContext = OBContext.getOBContext();
    final String[] cs = obContext.getReadableClients();
    final String cid = obContext.getCurrentClient().getId();
    boolean found = false;
    final StringBuilder sb = new StringBuilder();
    for (final String s : cs) {
      sb.append("," + s);
    }