@SuppressWarnings("unused")
private void secureUpdateColumn(Object record, String column) {
U.secure(
canUpdateColumn(record, column), "Not enough privileges to update the column: %s!", column);
}
private void update_(long id, Object record, boolean reflectRelChanges, boolean checkSecurity) {
failIfReadonlyTx();
validateId(id);
Rec old = data.data.get(id);
Object entity = obj(old);
if (checkSecurity) {
secureUpdate(entity);
}
// Optimistic concurrency control through the "version" property
Long oldVersion = U.or(Beany.getPropValueOfType(entity, VERSION, Long.class, null), 0L);
Long recordVersion = U.or(Beany.getPropValueOfType(record, VERSION, Long.class, null), 0L);
occErrorIf(
!U.eq(oldVersion, recordVersion),
"Concurrent modification occured while updating the object with ID=%s!",
id);
Beany.setId(record, id);
if (!sudo && checkSecurity) {
boolean canUpdate = false;
for (Prop prop : Beany.propertiesOf(record)) {
if (!Secure.getPropertyPermissions(username(), entity.getClass(), entity, prop.getName())
.change) {
prop.set(record, prop.get(entity));
} else {
canUpdate = true;
}
}
U.secure(
canUpdate,
"Not enough privileges to update any column of %s!",
entity.getClass().getSimpleName());
}
// Optimistic concurrency control through the "version" property
if (Beany.hasProperty(record, VERSION)) {
Beany.setPropValue(record, VERSION, oldVersion + 1);
}
if (checkSecurity) {
secureUpdate(record);
}
if (Beany.hasProperty(record, LAST_UPDATED_BY)) {
Beany.setPropValue(record, LAST_UPDATED_BY, username());
}
if (Beany.hasProperty(record, LAST_UPDATED_ON)) {
Beany.setPropValue(record, LAST_UPDATED_ON, new Date());
}
boolean updated = data.data.replace(id, old, rec(record));
occErrorIf(
!updated, "Concurrent modification occured while updating the object with ID=%s!", id);
if (data.insideTx.get()) {
data.txChanges.putIfAbsent(id, old);
}
if (old == null) {
throw new IllegalStateException("Cannot update non-existing record with ID=" + id);
}
if (reflectRelChanges) {
updateChangesFromRels(record);
}
data.lastChangedOn.set(System.currentTimeMillis());
Log.audit("Updated DB record", "id", id);
}
private void secureReadColumn(Object record, String column) {
U.secure(
canReadColumn(record, column), "Not enough privileges to read the column: %s!", column);
}
private void secureDelete(Object record) {
U.secure(canDelete(record), "Not enough privileges to delete the record!");
}
private void secureUpdate(Object record) {
U.secure(canUpdate(record), "Not enough privileges to update the record!");
}
private void secureInsert(Object record) {
U.secure(canInsert(record), "Not enough privileges to insert the record!");
}
private void secureRead(Object record) {
U.secure(canRead(record), "Not enough privileges to read the record!");
}