@SuppressWarnings("unused") private void secureUpdateColumn(Object record, String column) { U.secure( canUpdateColumn(record, column), "Not enough privileges to update the column: %s!", column); }
private void update_(long id, Object record, boolean reflectRelChanges, boolean checkSecurity) { failIfReadonlyTx(); validateId(id); Rec old = data.data.get(id); Object entity = obj(old); if (checkSecurity) { secureUpdate(entity); } // Optimistic concurrency control through the "version" property Long oldVersion = U.or(Beany.getPropValueOfType(entity, VERSION, Long.class, null), 0L); Long recordVersion = U.or(Beany.getPropValueOfType(record, VERSION, Long.class, null), 0L); occErrorIf( !U.eq(oldVersion, recordVersion), "Concurrent modification occured while updating the object with ID=%s!", id); Beany.setId(record, id); if (!sudo && checkSecurity) { boolean canUpdate = false; for (Prop prop : Beany.propertiesOf(record)) { if (!Secure.getPropertyPermissions(username(), entity.getClass(), entity, prop.getName()) .change) { prop.set(record, prop.get(entity)); } else { canUpdate = true; } } U.secure( canUpdate, "Not enough privileges to update any column of %s!", entity.getClass().getSimpleName()); } // Optimistic concurrency control through the "version" property if (Beany.hasProperty(record, VERSION)) { Beany.setPropValue(record, VERSION, oldVersion + 1); } if (checkSecurity) { secureUpdate(record); } if (Beany.hasProperty(record, LAST_UPDATED_BY)) { Beany.setPropValue(record, LAST_UPDATED_BY, username()); } if (Beany.hasProperty(record, LAST_UPDATED_ON)) { Beany.setPropValue(record, LAST_UPDATED_ON, new Date()); } boolean updated = data.data.replace(id, old, rec(record)); occErrorIf( !updated, "Concurrent modification occured while updating the object with ID=%s!", id); if (data.insideTx.get()) { data.txChanges.putIfAbsent(id, old); } if (old == null) { throw new IllegalStateException("Cannot update non-existing record with ID=" + id); } if (reflectRelChanges) { updateChangesFromRels(record); } data.lastChangedOn.set(System.currentTimeMillis()); Log.audit("Updated DB record", "id", id); }
private void secureReadColumn(Object record, String column) { U.secure( canReadColumn(record, column), "Not enough privileges to read the column: %s!", column); }
private void secureDelete(Object record) { U.secure(canDelete(record), "Not enough privileges to delete the record!"); }
private void secureUpdate(Object record) { U.secure(canUpdate(record), "Not enough privileges to update the record!"); }
private void secureInsert(Object record) { U.secure(canInsert(record), "Not enough privileges to insert the record!"); }
private void secureRead(Object record) { U.secure(canRead(record), "Not enough privileges to read the record!"); }