private void validateCredentialsForReading(EntityDto entity) {
boolean authorized = false;
SecurityMode securityMode = entity.getSecurityMode();
SecurityMode readOnlySecurityMode = entity.getReadOnlySecurityMode();
if (securityMode != null) {
Set<String> securityMembers = entity.getSecurityMembers();
authorized = entity.hasAccessToEntityFromSecurityMode(securityMode, securityMembers);
if (!authorized) {
if (readOnlySecurityMode != null) {
Set<String> readOnlySecurityMembers = entity.getReadOnlySecurityMembers();
authorized =
entity.hasAccessToEntityFromSecurityMode(
readOnlySecurityMode, readOnlySecurityMembers);
if (isAuthorizedByReadAccessOrIsInstanceRestriction(
authorized, readOnlySecurityMode, securityMode)) {
throw new SecurityException();
}
}
}
}
if (!authorized && readOnlySecurityMode != null) {
Set<String> readOnlySecurityMembers = entity.getReadOnlySecurityMembers();
authorized =
entity.hasAccessToEntityFromSecurityMode(readOnlySecurityMode, readOnlySecurityMembers);
if (!authorized && !readOnlySecurityMode.isInstanceRestriction()) {
throw new SecurityException();
}
}
}
private void processAnnotationScanningResults(
List<EntityProcessorOutput> entityProcessorOutput,
Map<String, List<LookupDto>> lookupProcessingResult) {
Map<String, Long> entityIdMappings = new HashMap<>();
for (EntityProcessorOutput result : entityProcessorOutput) {
EntityDto processedEntity = result.getEntityProcessingResult();
EntityDto entity = entityService.getEntityByClassName(processedEntity.getClassName());
if (entity == null) {
entity = entityService.createEntity(processedEntity);
}
entityIdMappings.put(entity.getClassName(), entity.getId());
entityService.updateRestOptions(entity.getId(), result.getRestProcessingResult());
entityService.updateTracking(entity.getId(), result.getTrackingProcessingResult());
entityService.addFields(entity, result.getFieldProcessingResult());
entityService.addFilterableFields(entity, result.getUiFilterableProcessingResult());
entityService.addDisplayedFields(entity, result.getUiDisplayableProcessingResult());
entityService.updateSecurityOptions(
entity.getId(), processedEntity.getSecurityMode(), processedEntity.getSecurityMembers());
entityService.updateMaxFetchDepth(entity.getId(), processedEntity.getMaxFetchDepth());
entityService.addNonEditableFields(entity, result.getNonEditableProcessingResult());
}
for (Map.Entry<String, List<LookupDto>> entry : lookupProcessingResult.entrySet()) {
entityService.addLookups(entityIdMappings.get(entry.getKey()), entry.getValue());
}
}
private void validateCredentials(EntityDto entity) {
boolean authorized;
SecurityMode securityMode = entity.getSecurityMode();
if (securityMode != null) {
Set<String> securityMembers = entity.getSecurityMembers();
authorized = entity.hasAccessToEntityFromSecurityMode(securityMode, securityMembers);
if (!authorized && !securityMode.isInstanceRestriction()) {
throw new SecurityException();
}
}
}