Beispiel #1
0
 @SuppressWarnings("unused")
 private void secureUpdateColumn(Object record, String column) {
   U.secure(
       canUpdateColumn(record, column), "Not enough privileges to update the column: %s!", column);
 }
Beispiel #2
0
  private void update_(long id, Object record, boolean reflectRelChanges, boolean checkSecurity) {

    failIfReadonlyTx();
    validateId(id);

    Rec old = data.data.get(id);
    Object entity = obj(old);

    if (checkSecurity) {
      secureUpdate(entity);
    }

    // Optimistic concurrency control through the "version" property
    Long oldVersion = U.or(Beany.getPropValueOfType(entity, VERSION, Long.class, null), 0L);
    Long recordVersion = U.or(Beany.getPropValueOfType(record, VERSION, Long.class, null), 0L);

    occErrorIf(
        !U.eq(oldVersion, recordVersion),
        "Concurrent modification occured while updating the object with ID=%s!",
        id);

    Beany.setId(record, id);

    if (!sudo && checkSecurity) {
      boolean canUpdate = false;
      for (Prop prop : Beany.propertiesOf(record)) {
        if (!Secure.getPropertyPermissions(username(), entity.getClass(), entity, prop.getName())
            .change) {
          prop.set(record, prop.get(entity));
        } else {
          canUpdate = true;
        }
      }
      U.secure(
          canUpdate,
          "Not enough privileges to update any column of %s!",
          entity.getClass().getSimpleName());
    }

    // Optimistic concurrency control through the "version" property
    if (Beany.hasProperty(record, VERSION)) {
      Beany.setPropValue(record, VERSION, oldVersion + 1);
    }

    if (checkSecurity) {
      secureUpdate(record);
    }

    if (Beany.hasProperty(record, LAST_UPDATED_BY)) {
      Beany.setPropValue(record, LAST_UPDATED_BY, username());
    }

    if (Beany.hasProperty(record, LAST_UPDATED_ON)) {
      Beany.setPropValue(record, LAST_UPDATED_ON, new Date());
    }

    boolean updated = data.data.replace(id, old, rec(record));

    occErrorIf(
        !updated, "Concurrent modification occured while updating the object with ID=%s!", id);

    if (data.insideTx.get()) {
      data.txChanges.putIfAbsent(id, old);
    }

    if (old == null) {
      throw new IllegalStateException("Cannot update non-existing record with ID=" + id);
    }

    if (reflectRelChanges) {
      updateChangesFromRels(record);
    }

    data.lastChangedOn.set(System.currentTimeMillis());

    Log.audit("Updated DB record", "id", id);
  }
Beispiel #3
0
 private void secureReadColumn(Object record, String column) {
   U.secure(
       canReadColumn(record, column), "Not enough privileges to read the column: %s!", column);
 }
Beispiel #4
0
 private void secureDelete(Object record) {
   U.secure(canDelete(record), "Not enough privileges to delete the record!");
 }
Beispiel #5
0
 private void secureUpdate(Object record) {
   U.secure(canUpdate(record), "Not enough privileges to update the record!");
 }
Beispiel #6
0
 private void secureInsert(Object record) {
   U.secure(canInsert(record), "Not enough privileges to insert the record!");
 }
Beispiel #7
0
 private void secureRead(Object record) {
   U.secure(canRead(record), "Not enough privileges to read the record!");
 }