TSK-1909: optimize authorization in db2 query
This commit is contained in:
ryzheboka
Elena Mokeeva
parent
48fa1fb031
commit
8d87d15e7c
|
|
@ -149,6 +149,15 @@ class TaskQueryImplAccTest {
|
||||||
taskSummary1, taskSummary2, taskSummary3, taskSummary4, taskSummary5);
|
taskSummary1, taskSummary2, taskSummary3, taskSummary4, taskSummary5);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "admin")
|
||||||
|
@Test
|
||||||
|
void should_CountAllTasksFromWorkbasketAsAdmin_When_NoAccessItemForWorkbasketExists() {
|
||||||
|
long result =
|
||||||
|
taskService.createTaskQuery().workbasketIdIn(wbWithoutPermissions.getId()).count();
|
||||||
|
|
||||||
|
assertThat(result).isEqualTo(3);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
@Test
|
@Test
|
||||||
void should_OnlyReturnTasksFromCorrectWorkbaskets_When_UserHasNoPermissionToOneWorkbasket() {
|
void should_OnlyReturnTasksFromCorrectWorkbaskets_When_UserHasNoPermissionToOneWorkbasket() {
|
||||||
|
|
|
||||||
|
|
@ -102,13 +102,32 @@ public class TaskQuerySqlProvider {
|
||||||
+ "LEFT JOIN USER_INFO AS u ON t.owner = u.USER_ID "
|
+ "LEFT JOIN USER_INFO AS u ON t.owner = u.USER_ID "
|
||||||
+ "</if>"
|
+ "</if>"
|
||||||
+ OPENING_WHERE_TAG
|
+ OPENING_WHERE_TAG
|
||||||
+ checkForAuthorization()
|
|
||||||
+ commonTaskWhereStatement()
|
+ commonTaskWhereStatement()
|
||||||
+ CLOSING_WHERE_TAG
|
+ CLOSING_WHERE_TAG
|
||||||
+ ")"
|
+ "), Y ("
|
||||||
|
+ db2selectFields()
|
||||||
|
+ ", FLAG ) AS ("
|
||||||
+ "SELECT "
|
+ "SELECT "
|
||||||
+ db2selectFields()
|
+ db2selectFields()
|
||||||
+ "FROM X "
|
+ ", ("
|
||||||
|
+ "<if test='accessIdIn != null'> "
|
||||||
|
+ "SELECT 1 "
|
||||||
|
+ "FROM WORKBASKET_ACCESS_LIST s "
|
||||||
|
+ "WHERE "
|
||||||
|
+ "s.ACCESS_ID IN "
|
||||||
|
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
|
||||||
|
+ "and "
|
||||||
|
+ "s.WORKBASKET_ID = X.WORKBASKET_ID AND s.perm_read = 1 fetch first 1 rows only"
|
||||||
|
+ "</if>"
|
||||||
|
+ "<if test='accessIdIn == null'> "
|
||||||
|
+ "VALUES(1)"
|
||||||
|
+ "</if>"
|
||||||
|
+ " ) "
|
||||||
|
+ "FROM X )"
|
||||||
|
+ "SELECT "
|
||||||
|
+ db2selectFields()
|
||||||
|
+ "FROM Y "
|
||||||
|
+ "WHERE FLAG = 1 "
|
||||||
+ "<if test='!orderBy.isEmpty()'>"
|
+ "<if test='!orderBy.isEmpty()'>"
|
||||||
+ "ORDER BY <foreach item='item' collection='orderBy' separator=',' >${item}</foreach>"
|
+ "ORDER BY <foreach item='item' collection='orderBy' separator=',' >${item}</foreach>"
|
||||||
+ "</if> "
|
+ "</if> "
|
||||||
|
|
@ -168,12 +187,23 @@ public class TaskQuerySqlProvider {
|
||||||
+ "LEFT JOIN USER_INFO AS u ON t.owner = u.USER_ID "
|
+ "LEFT JOIN USER_INFO AS u ON t.owner = u.USER_ID "
|
||||||
+ "</if>"
|
+ "</if>"
|
||||||
+ OPENING_WHERE_TAG
|
+ OPENING_WHERE_TAG
|
||||||
+ checkForAuthorization()
|
|
||||||
+ commonTaskWhereStatement()
|
+ commonTaskWhereStatement()
|
||||||
+ CLOSING_WHERE_TAG
|
+ CLOSING_WHERE_TAG
|
||||||
+ ")"
|
+ "), Y (ID, FLAG) AS ("
|
||||||
+ "SELECT COUNT(*) "
|
+ "SELECT ID, ("
|
||||||
+ "FROM X with UR"
|
+ "<if test='accessIdIn != null'>"
|
||||||
|
+ "SELECT 1 FROM WORKBASKET_ACCESS_LIST s "
|
||||||
|
+ "WHERE s.ACCESS_ID IN "
|
||||||
|
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
|
||||||
|
+ "and "
|
||||||
|
+ "s.WORKBASKET_ID = X.WORKBASKET_ID AND s.perm_read = 1 fetch first 1 rows only "
|
||||||
|
+ "</if> "
|
||||||
|
+ "<if test='accessIdIn == null'>"
|
||||||
|
+ "VALUES(1)"
|
||||||
|
+ "</if> "
|
||||||
|
+ ") "
|
||||||
|
+ "FROM X ) SELECT COUNT(*) "
|
||||||
|
+ "FROM Y WHERE FLAG = 1 with UR"
|
||||||
+ CLOSING_SCRIPT_TAG;
|
+ CLOSING_SCRIPT_TAG;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue